Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: nmap issue
From: David Fifield <david () bamsoftware com>
Date: Fri, 16 May 2008 22:14:59 -0600

On Fri, May 16, 2008 at 02:52:36PM -0700, Fyodor wrote:
Here is one idea for potentially fixing this:

1) We can compile Nmap with a "manifest" embedded with the
   requestedExecutionLevel set to 'highestAvailable' so that UAC
   confirmation will be requested at startup if the user is an admin.

2) We need to then test if the user has proper admin privileges.  If
   so, we go forward as normal.  If not, we set o.isr00t to 0 just as
   we would do if run with --unprivileged.  Maybe we should print a
   warning in this case (at least in verbose mode) because Nmap really
   is crippled in this situation.

It would be cool to have a general intelligent check for admin
privileges. Then the same mechanism could check for read/write of
/dev/bpf* devices and enforce --send-eth if necessary on BSDs.


David Fifield

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]