mailing list archives
Nmap for Win32!
From: Fyodor <fyodor () insecure org>
Date: Thu, 7 Dec 2000 02:49:32 -0800 (PST)
One of the guiding goals of the Nmap project has been portability. Nmap
is well supported on Linux, Free/Net/OpenBSD, Solaris, BSDI, and IRIX.
People have also reported success on HP-UX, SunOS, AIX, Mac OS X, and many
Now that we are comfortable on many UNIX flavors, I think the next step
forward is to attack another major platform: Windows. While my response
to Windows users used to be "install Linux or FreeBSD and try again", But
this approach isn't very effective. Often they don't seem to understand
the benefits free software/operating systems and open source community
development. Maybe if we provide them with a high quality open source
scanner for Windows, they will see that "free" does not neccessarily mean
In addition, Windows is the most popular operating system on Earth. With
the Win32 port, all of those boxes become potential Nmap base stations!
One effective way to bypass firewalls is to walk right into the company
building as if you were an employee, then grab the first unattended
computer you find, stick in a floppy, start a couple commands running, and
then get the hell out of there! Of course, you should only do this with
permission (eg a penetration test). There is a good chance that the first
computer you find will be a Windows box (they are often unattended in
conference rooms, lobby receptionist desks, etc). Having to hop from
computer to computer looking for Windows boxes could be a disaster.
And there is another great reason for Win32 Nmap: Most of the work has
already been done! A while back, Ryan Permeh from eEye Digital Security (
ryan () eEye com ) ported Nmap 2.53 to WinNT/2K and released the results as
NmapNT ( http://www.eeye.com/html/Databases/Software/nmapnt.html ).
NmapNT has become pretty popular. More recently, Windows Networking guru
Andy Lutomirski ( Luto () mailandnews com ) made some dramatic improvements
to NmapNT. He created a powerful WinIP library for the low level packet
routines and adapter/route discovery. He also ported it to Win95/98 and
eliminated the need for iphlpapi.lib .
I have merged these changes into the latest version of Nmap. You can
obtain the merged souce code at:
I also have placed binaries at:
Note that this is NOT an official release. So please don't go submitting
it to Freshmeat or anything :). I am only sending this to nmap-dev right
now. Note that both of the files above contain a README-WIN32 which
describes how to compile and use/install Nmap on that platform.
Please try it out and let me know how it works for you or if you have
problems. The reason that there hasn't been any Nmap release in months is
that I have been working on this. I had a bit of learning curve to
conquer. But I still am not very familiar with Windows programming and I
don't use that OS on a regular basis. So I will have to rely on the
Windows experts on this list for many of the improvements and fixes. For
those of you who have been wanting Nmap on Windows for a long time -- now
is your chance to help make it happen!
Note that NmapFE (the GUI front end) has not yet been ported. But I don't
think that will be particularly hard. GTK is well supported under
Windows and NmapFE is a relatively simple GTK app. I might give it a try
soon, but I am kindof hoping someone beats me to it :).
PS: My 'Net connection is very flaky this evening (erm ... morning). So
if you have problems downloading this new beta, please try again in 15
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
- Nmap for Win32! Fyodor (Dec 08)