Dropbox (https://www.dropbox.com/) is a free service providing users with software, when installed allows the sharing of files from their computers, tablets, phones, etc. with other persons. Because of the risk associated with this application and the potential for misuse, many organizations may prohibit it.

The following custom script may be used to to identify systems running Dropbox on the local network subnet.

Steps for use:

  1. Login to Pwn Pulse, select Scripts from the main drop-down menu.
  2. Select Add a script, provide an indicative name, for example Custom - ArpScan and select Bash.
  3. In the scripting window, type the following lines and click the Save button.

    nmap --script=broadcast-dropbox-listener

  4. Next, select Tasks from the main drop-down menu, then select Add a task.
  5. On the New Task page, provide an indicative name for the task, for example Scan for Dropbox Systems, select the newly created script from the Script drop-down menu.
  6. For the Add to parameter, choose to run the task specific to a single sensor selected from the drop-down menu, or to a group of sensors.
  7. Next, select a Start Time and choose a Frequency how often the task should be run (***).  Afterward, click the Save button.
  8. After the task has completed and assuming the targets were accessible at the time the task was run, the results of the task may be viewed by returning to the Tasks page, then selecting the Results button.

​​​​Provided below is an example of what the Results of the task may look like:

Starting Nmap 6.47 ( http://nmap.org ) at 2015-03-04 11:24 EST
Pre-scan script results:
| broadcast-dropbox-listener:
| displayname  ip        port   version  host_int   namespaces
|_     17500  1.8      280116429  111930495
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 40.75 seconds