vmap lets you remotely ident the version of a daemon. It currently works for ftp, smtp, pop3, imap and http.
Version 0.7
- Code cleanup
- Fixed lots of bugs
- Added support for nmap and amap logs
- Added a "make install" (public dir is /usr/local/share/vmap)
- Got rid of that damn /r/n-stuff, now every line ends just with /n
How does it work?
Every daemon has it’s own reply on commands. For example, the HELP command sends different replies on different FTP daemons.
This can be used to fingerprint the service. vmap connects to a host’s service and sends a list of commands from the directory commands/ to the daemon. Each reply is compared to a database, the fingerprint with most matches is displayed. You can run vmap with or without a valid login given for the remote service.
More information: here
