Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Openflow info #711

wants to merge 9 commits into from

Openflow info #711

wants to merge 9 commits into from


Copy link

@JaySmithWpg JaySmithWpg commented Feb 27, 2017
Script for gathering information from openflow controllers and a service probe for all versions.

Unfortunately, all of the really interesting information gathering packets in openflow, such as feature request or description request, are designed to be sent from the openflow controller to the switch (played here by nmap) rather than the other way around. For newer versions of openflow (>= 1.3), we are able to at least enumerate all supported versions of the protocol spoken by the controller.

Copy link

@dmiller-nmap dmiller-nmap left a comment

This is really good. Fix up the one call to comm.tryssl and we'll call it good. I'd do it myself before merging but I'd like for you to verify that it still works against the service.

-- Earlier versions either say hello without the bitmap.
-- Some implementations are shy and don't make the first move, so we'll say
-- hello first. We'll pretend to be a switch using version 1.0 of the protocol
local socket, response = comm.tryssl(host, port, hello, {recv_first = false, bytes = OPENFLOW_HEADER_SIZE})

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The option to comm.tryssl should be recv_before and for this protocol it should be true. I've updated the docs for that function since I've had trouble understanding it in the past as well. recv_before means "if it's plaintext, you'll get a banner" essentially.

Copy link

@mogigoma mogigoma commented Mar 3, 2017

Thanks for the review. We'll get the updated version tested and back to you in about 3 weeks, since @JaySmithWpg and the test environment are inaccessible until then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet

Successfully merging this pull request may close these issues.

None yet

3 participants