Home page logo

nmap-dev logo Nmap Development mailing list archives

Sonar project
From: red0x <red0x () users sourceforge net>
Date: Fri, 05 Dec 2003 22:54:39 -0800

Hello all,

  I am working on a project called "sonar." Its a subproject of the
Automated Security Tools project on sourceforge (http://autosec.sf.net
or http://sf.net/projects/autosec).  Someone  asked me to send an email
describing the who's, what's, and where's of sonar.

 First of all, what is sonar?  Have you ever heard of nmap
(http://insecure.org, fyodor's genius port scanner).  Sonar aims to be a
pluggable "clone" of nmap.  As of right now, I have a working plugin
API, with support for input plugins, output plugins, and network
plugins.  Sonar is entirely driven by these plugins.  No network
communication is handled in the actually sonar binary itself.  The sonar
binary handles the common options that any plugin might ask for (whether
to fork, verbosity, randomness, timing options, which plugins to load,
etc.) while I have a pretty lame way of passing options to the plugins
(explained later in the todo section).   Input plugins handle getting
ip-address for sonar to scan, and output plugins handle the log.  by
default, sonar uses no input/output plugins (although it comes with a
few), instead getting its input on the command line, and outputting to
stdout (like nmap, of course). The network plugins handle the scans
themselves.  they are executing in sequential order, and can be looped
as many times as you want via command line options.

Who created sonar?  well, I did.  At first, some of the code was
borrowed from early versions of nmap and xine (yes, the movie player). 
However, I have long since re-written it to be (mostly) original. It
is/was written mainly for automated (penetration, connectivity, you name
it) testing of remote hosts.  You can have sonar execute a command if a
remote host is online (I know this could be a security hole, but since
sonar does not listen on any remote interface, it should be OK(tm)). 

Sonar can be download from the sourceforge project page, at this link:

My latest list of things ToDo on sonar (not in any obvious order):
 1. Passing options to the plugins in done in a crappy way, it needs
 2. Test/debug the input plugins, they are behaving strangely.
 3. Daemon mode closes the output plugins file descriptors (I have since
commented the line of code that does this, but it would be nice to have
a work-around).
 4. Implement some file-locking stuff while checking permissions.
 5. All sorts of error/signal handling code needs fixing/writing, and my
plugins (and the sonar engine) don't do anything productive with error
 6. Logging to syslog in daemon mode when trying to print a floating
point number hangs, which is quite odd.... (I commented that line too).

Thank you for your time.
You can reach me at irc.freenode.net #autosec, or email me here any
time. Keep your eye out for 1.2.1 in a few days.  CVS is more stable
than 1.2.0 at the moment.  ;)


For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
  • Sonar project red0x (Dec 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]