Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: nmap issue
From: "Gianluca Varenni" <gianluca.varenni () gmail com>
Date: Fri, 16 May 2008 16:16:19 -0700


----- Original Message ----- 
From: "Brandon Enright" <bmenrigh () ucsd edu>
To: "Mike pattrick" <mpattrick () rhinovirus org>
Cc: <nmap-dev () insecure org>; <bmenrigh () ucsd edu>
Sent: Friday, May 16, 2008 3:38 PM
Subject: Re: nmap issue


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 16 May 2008 18:36:20 -0400
"Mike pattrick" <mpattrick () rhinovirus org> wrote:

Oops, I sent the previous copy of this to Fyodor only instead of the
nmap-dev list.

I guess this is a completely loaded suggestion as implementation would
be difficult, but you could bypass UAC if nmap's scanner was
implemented as a service.

Sincerely,
Michael Patrick


Correct me if I'm wrong (Gianluca?), but you don't need to make Nmap a
service as long as WinPCAP is installed and running as a service.

Strictly speaking, WinPcap is *not* a service. The component that requires 
admin privileges to be started is the kernel driver npf.sys, which is 
managed almost exactly as a service by Windows (as all the non-PnP kernel 
drivers). In any case, if you set the driver npf.sys to start at boot time, 
you solve the issue, as the driver is already up and running when nmap needs 
even with non fully elevated privileges (and I think this is what Wireshark 
does upon installation on Vista). Otherwise, you can simply embed a manifest 
in the executable to ask for privilege elevation, but the user needs to 
authorize nmap to run at every single execution.

Have a nice day
GV


Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkguDO0ACgkQqaGPzAsl94JReQCgrF4cb/FLBkV9AyV0S+azNm3J
PIsAn2gdJdeGLAxdElLd/YcGO6V7H2VJ
=c95T
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org 


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]