Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Nmap Development: Nmap Redundancy and Script Question

Nmap Redundancy and Script Question

From: Alan Jones <alan_at_ajsquared.us>
Date: Wed, 28 Nov 2007 21:45:04 -0600

Ok I must confess that I am still new at dealing with Nmap scripts so I
have a few questions that have come up. This is with
nmap-4.23RC3-setup.exe (have not had a chance to test the zip version yet).

On fresh install of Nmap my \Nmap\ directory has the following
directories in it (excluding files):
11/28/2007 09:04 PM <DIR> mswin32
11/28/2007 09:04 PM <DIR> nselib
11/28/2007 09:04 PM <DIR> nselib-bin
11/28/2007 09:04 PM <DIR> scripts
11/28/2007 09:04 PM <DIR> zenmap
The "scripts" folder has most of the scripts in it.
The folder nselib has a few library scripts in it.

Then the inside "\mswin32\" there are the following directories
(excluding files):
11/28/2007 09:04 PM <DIR> nmap-4.22SOC7
11/28/2007 09:04 PM <DIR> nmap-4.22SOC8
11/28/2007 09:04 PM <DIR> nmap-4.23RC1
11/28/2007 09:04 PM <DIR> nmap-4.23RC2
11/28/2007 09:04 PM <DIR> nmap-4.23RC3
11/28/2007 09:04 PM <DIR> Release

Each of these directories including the "release" directory has a
"scripts" folder and a copy of all the scripts for that release in it.

I suspect we don't need all the scripts in all the spots in the mswin32
sub directories, but not sure what are needed where.

Also inside the \nmap\scripts\ directory is a directory called .svn with
the following files/directories and stuff in the directories.
11/27/2007 06:30 PM 5,346 entries
10/11/2007 03:01 AM 2 format
11/28/2007 09:04 PM <DIR> prop-base
11/28/2007 09:04 PM <DIR> props
11/28/2007 09:04 PM <DIR> text-base
11/28/2007 09:04 PM <DIR> tmp

I am guessing/hoping there is build/make error somewhere with several of
the above items.

Also in the 4.23RC3 release notes it was mentioned that promiscuous.nse
was in the "demo category" for now. In looking at the NSE Usage
http://insecure.org/nmap/nse/nse-usage.html I did not see a demo
category listed.

When I checked the script itself it was said it was in the discovery
category. What am I missing?

What is the easiest way if you want to run "all" scripts?

I see an option -sC equivalent to --script=safe,intrusive. Is there a
-sA for all scripts or do you just do -script <directory>?

I hope the questions will help others or are good enough that they may
be used to clarify the instructions.

thanks

Alan

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Nov 28 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]