On Skylake and Kabilake systems (Intel ME version 11.x), the HTTP response header contains only the string AMT. the current script wont check the vulnerability on these systems and falsely report the system is not vulnerable.
Port 16994 and 16995 are used for Intel AMT redirection and KVM protocol. So no point to send an HTTP request to these 2 TCP ports
There may be configurations were Intel AMT Web interface is disabled. Therefore you should probably run the test on /wsman uri.
In addition to "AMT", "Intel(R) Con. Management Engine 5.0.1" (and 5.0.2) could also be vulnerable. Supposedly < 6.0 is safe, but you never know until you try yourself. Maybe just check for Intel(R) or AMT in the early check?
I think a simpler way to check would be to run the script only on port Intel AMT web server ports: 16992, 16993, 623 and 664 without checking the HTTP response server header field contains AMT or Intel Active management technology string.
Remote ports can't be changed. The only thing that can change are the following:
If AMT is configured in SSL, it will listen to port 16993 (both WS-MAN and Web interface) and 664 (WS-MAN only, DASH standard)
AMT can be comfigured to support both HTTP and HTTPS at same time. In such configuration, it will listen to the following port: 16992, 16993, 623 and 624.
Redirection ports 16994 (tcp) and 16995 (tls) can be enabled or not depending on the configuration.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.