nmap ignoring --script parameter

Bill Sempf picture Bill Sempf · Jun 18, 2013 · Viewed 9.1k times · Source

I have installed nmap 6.25 on an Ubuntu 12.04 server, and am trying to use the redis-info script. I have downloaded the script and put it in my home directory. When I run:

nmap -p 6379 -Pn my.ip.num.ber --script redis-info.nse

it just does a normal scan, without even checking the script at all.

Host is up.
PORT     STATE    SERVICE
6379/tcp filtered unknown

That's it. It's a totally fresh install, I have changed nothing at all other than downloading the script. What am I missing?

Answer

bonsaiviking picture bonsaiviking · Jun 18, 2013

Nmap's NSE scripts have (at least) two conditions which are required be true before they will run:

  1. The script must be selected. In your case, you selected it with --script redis-info, but it could also be selected by category (e.g. --script discovery).
  2. The script's rule function must return true.

In the case of redis-info, as with most scripts, the rule requires that a specific port be open. Here's the rule in its entirety:

portrule = shortport.port_or_service(6379, "redis-server")

In your case, port 6379 is filtered, which means that it is not open, so the script will not run. This is expected, since running on a port that is not open would not be useful. You can force the script to run regardless of the return value of its rule, but this is rarely useful. To do so, prefix the script's name with +, like so: --script +redis-info. Note that this means it will run on every port scanned, so don't use it lightly!