Nmap knx-gateway-discover NSE Script


This page contains detailed information about how to use the knx-gateway-discover NSE script. For list of all NSE scripts, visit the Nmap NSE Library.

Select:
Overview
Error Messages

Script Overview

Script source code: https://github.com/nmap/nmap/tree/master/scripts/knx-gateway-discover.nse
Script categories: discovery, safe, broadcast
Target service / protocol: -
Target network port(s): -
List of CVEs: -

Script Description

The knx-gateway-discover.nse script discovers KNX gateways by sending a KNX Search Request to the multicast address 224.0.23.12 including a UDP payload with destination port 3671. KNX gateways will respond with a KNX Search Response including various information about the gateway, such as KNX address and supported services.

Further information:

Knx-gateway-discover NSE Script Arguments

This is a full list of arguments supported by the knx-gateway-discover.nse script:

timeout

Max time to wait for a response. (default 3s)

max-newtargets

Sets the number of the maximum allowed new targets. If set to 0 or less then there is no limit. The default value is 0.

newtargets

If specified, lets NSE scripts add new targets.

- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:

nmap --script=knx-gateway-discover --script-args timeout=value,max-newtargets=value <target>

Knx-gateway-discover NSE Script Example Usage

Here's an example of how to use the knx-gateway-discover.nse script:

nmap --script knx-gateway-discover -e eth0

Knx-gateway-discover NSE Script Example Output

Here's a sample output from the knx-gateway-discover.nse script:

Pre-scan script results:
| knx-gateway-discover:
|   192.168.178.11:
|     Body:
|       HPAI:
|         Port: 3671
|       DIB_DEV_INFO:
|         KNX address: 15.15.255
|         Decive serial: 00ef2650065c
|         Multicast address: 0.0.0.0
|         Device MAC address: 00:05:26:50:06:5c
|         Device friendly name: IP-Viewer
|       DIB_SUPP_SVC_FAMILIES:
|         KNXnet/IP Core version 1
|         KNXnet/IP Device Management version 1
|         KNXnet/IP Tunnelling version 1
|_        KNXnet/IP Object Server version 1

Knx-gateway-discover NSE Script Example XML Output

There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.

Authors

References

See Also

Related NSE scripts to the knx-gateway-discover.nse script:

Visit Nmap NSE Library for more scripts.

The knx-gateway-discover.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.

KNX header error: %s

Here is a relevant code snippet related to the "KNX header error: %s" error message:

86:	-- @param knxMessage Payload of captures UDP packet
87:	local knxParseSearchResponse = function(ips, results, knxMessage)
88:	  local knx_header_length, knx_protocol_version, knx_service_type, knx_total_length, pos = knx.parseHeader(knxMessage)
89:	
90:	  if not knx_header_length then
91:	    stdnse.debug1("KNX header error: %s", knx_protocol_version)
92:	    return
93:	  end
94:	
95:	  local message_format = '>B c1 c4 I2 BBB c1 I2 c2 c6 c4 c6 c30 BB'
96:	  if #knxMessage - pos + 1 < string.packlen(message_format) then

n ERROR: Couldn't get interface for %s

Here is a relevant code snippet related to the "n ERROR: Couldn't get interface for %s" error message:

259:	    interface = nmap.get_interface_info(interface)
260:	  else
261:	    interface = getInterface(mcast)
262:	  end
263:	  if not interface then
264:	    return ("\n ERROR: Couldn't get interface for %s"):format(mcast)
265:	  end
266:	
267:	  -- Launch listener thread
268:	  stdnse.new_thread(knxListen, interface, timeout, ips, results)
269:	  -- Craft raw query

Version

This page has been created based on Nmap version 7.92.

Go back to menu.