Last script was flawed.
----SNIP
if(description)
{
script_id();
name["english"] = "Dlink fingerprint";
script_name(english:name["english"]);
desc["english"] = "
The remote server seems to be a DLINK Ethernet Broadband Router/firewall
The DLINK gives away it's presence by:
1) having every port filtered except for 113 (which is closed) and
2) responding to port 113 probes with a RST wherein the TCP Window size is
equal
to the window size of the probing packet
Risk factor : Low";
script_description(english:desc["english"]);
summary["english"] = "Determines if the remote server is a DLINK";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2003 John Lampe");
family["english"] = "General";
script_family(english:family["english"]);
exit(0);
}
port = 113;
dstaddr=get_host_ip();
srcaddr=this_host();
IPH = 20;
IP_LEN = IPH;
ip = forge_ip_packet( ip_v : 4,
ip_hl : 5,
ip_tos : 0,
ip_len : IP_LEN,
ip_id : 0xABA,
ip_p : IPPROTO_TCP,
ip_ttl : 255,
ip_off : 0,
ip_src : srcaddr);
tcpip = forge_tcp_packet( ip : ip,
th_sport : 31337,
th_dport : port,
th_flags : TH_SYN,
th_seq : 0xF1C,
th_ack : 0,
th_x2 : 0,
th_off : 5,
th_win : 0xD,
th_urp : 0);
filter = string("src port 113");
result = send_packet(tcpip, pcap_active:TRUE, pcap_filter:filter);
if (result) {
if ( (ord(result[35])) == 13) security_hole(port);
}
---SNIP
John W. Lampe
https://f00dikator.aceryder.com/
