Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: IPv6 Support on Windows
From: doug () hcsw org
Date: Sun, 11 May 2008 19:19:16 -0700

On Mon, May 12, 2008 at 12:27:26AM +0000 or thereabouts, Brandon Enright wrote:
v6 is awesome but makes our job as Nmap developers quite a bit harder.

Heh yes a lot harder. This is a great feature of IPv6: creating worms that
randomly scan for victims is mostly infeasible. However, there are still
some possible heuristics:

* Only check allocated blocks (duh)
* Obvious addresses like 2001:ABCD::1, 2001:ABCD::2, etc
* IPv4 mapped addrs will probably be popular for quite a while:
  http://en.wikipedia.org/wiki/IPv4_mapped_address
* IPv6 addrs use DNS for reverse lookups in the ip6.arpa domain and
  DNS servers can of course be misconfigured to transfer entire zones
  to anyone who asks.
* People love vanity addresses like 2001:ABCD::1337:DEAD:BEEF:CAFE :)

Doug

PS. If you're parsing IPv6 targets that can include a port number, remember
that such strings can contain [ and ]. For instance, the IPv6 equivalent of
127.0.0.1:8080 is [::1]:8080 . Also remember that IPv6 addresses can contain
dots ("." characters). See the wiki link above.

PPS. Here is a badass regexp from PCRE's test suite:
/-- This tests for an IPv6 address in the form where it can have up to --/
/-- eight components, one and only one of which is empty. This must be --/
/-- an internal component. --/

/^(?!:)                       # colon disallowed at start
  (?:                         # start of item
    (?: [0-9a-f]{1,4} |       # 1-4 hex digits or
    (?(1)0 | () ) )           # if null previously matched, fail; else null
    :                         # followed by colon
  ){1,7}                      # end item; 1-7 of them required
  [0-9a-f]{1,4} $             # final hex number at end of string
  (?(1)|.)                    # check that there was an empty component
  /xi

Attachment: signature.asc
Description: Digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]