local http = require "http"
local nmap = require "nmap"
local shortport = require "shortport"
local stdnse = require "stdnse"
local string = require "string"
local table = require "table"
local target = require "target"
description = [[
Retrieves information from Flume master HTTP pages.
Information gathered:
* Flume version
* Flume server id
* Zookeeper/Hbase master servers present in configured flows
* Java information
* OS information
* various other local configurations.
If this script is run wth -v, it will output lots more info.
Use the newtargets
script argument to add discovered hosts to the
Namp scan queue.
]]
---
-- @usage
-- nmap --script flume-master-info -p 35871 host
--
-- @output
-- PORT STATE SERVICE REASON
-- 35871/tcp open flume-master syn-ack
--| flume-master-info:
--| Version: 0.9.4-cdh3u3
--| ServerID: 0
--| Flume nodes:
--| node1.example.com
--| node2.example.com
--| node5.example.com
--| node6.example.com
--| node3.example.com
--| node4.example.com
--| Zookeeper Master:
--| master1.example.com
--| Hbase Master Master:
--| hdfs://master1.example.com:8020/hbase
--| Enviroment:
--| java.runtime.name: Java(TM) SE Runtime Environment
--| java.runtime.version: 1.6.0_36-a01
--| java.version: 1.6.0_36
--| java.vm.name: Java HotSpot(TM) 64-Bit Server VM
--| java.vm.vendor: Sun Microsystems Inc.
--| java.vm.version: 14.0-b12
--| os.arch: amd64
--| os.name: Linux
--| os.version: 2.6.32-220.4.2.el6.x86_64
--| user.country: US
--| user.name: flume
--| Config:
--| dfs.datanode.address: 0.0.0.0:50010
--| dfs.datanode.http.address: 0.0.0.0:50075
--| dfs.datanode.https.address: 0.0.0.0:50475
--| dfs.datanode.ipc.address: 0.0.0.0:50020
--| dfs.http.address: master1.example.com:50070
--| dfs.https.address: 0.0.0.0:50470
--| dfs.secondary.http.address: 0.0.0.0:50090
--| flume.collector.dfs.dir: hdfs://master1.example.com/user/flume/collected
--| flume.collector.event.host: node1.example.com
--| flume.master.servers: master1.example.com
--| fs.default.name: hdfs://master1.example.com:8020
--| mapred.job.tracker: master1.example.com:9001
--| mapred.job.tracker.handler.count: 10
--| mapred.job.tracker.http.address: 0.0.0.0:50030
--| mapred.job.tracker.http.address: 0.0.0.0:50030
--| mapred.job.tracker.jobhistory.lru.cache.size: 5
--| mapred.job.tracker.persist.jobstatus.active: false
--| mapred.job.tracker.persist.jobstatus.dir: /jobtracker/jobsInfo
--| mapred.job.tracker.persist.jobstatus.hours: 0
--| mapred.job.tracker.retiredjobs.cache.size: 1000
--| mapred.task.tracker.http.address: 0.0.0.0:50060
--|_ mapred.task.tracker.report.address: 127.0.0.1:0
author = "John R. Bond"
license = "Simplified (2-clause) BSD license--See http://nmap.org/svn/docs/licenses/BSD-simplified"
categories = {"default", "discovery", "safe"}
portrule = function(host, port)
-- Run for the special port number, or for any HTTP-like service that is
-- not on a usual HTTP port.
return shortport.port_or_service ({35871}, "flume-master")(host, port)
or (shortport.service(shortport.LIKELY_HTTP_SERVICES)(host, port) and not shortport.portnumber(shortport.LIKELY_HTTP_PORTS)(host, port))
end
function add_target(hostname)
if target.ALLOW_NEW_TARGETS then
stdnse.print_debug(1, ("%s: Added target: %s"):format(SCRIPT_NAME, hostname))
local status,err = target.add(hostname)
end
end
-- ref: http://lua-users.org/wiki/TableUtils
function table_count(tt, item)
local count
count = 0
for ii,xx in pairs(tt) do
if item == xx then count = count + 1 end
end
return count
end
parse_page = function( host, port, uri, intresting_keys )
local result = {}
local response = http.get( host, port, uri )
stdnse.print_debug(1, ("%s: Status %s"):format(SCRIPT_NAME,response['status-line'] or "No Response" ))
if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then
local body = response['body']:gsub("%%","%%%%")
for name,value in string.gmatch(body,"