Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Ncrack discussion
From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 14 May 2009 14:13:36 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ithilgore wrote:
What happens if the user knows that the above hosts' services listen on
non-default ports? He should be able to specify that like this:

Ex2: $ ncrack 10.0.0.*, 192.168.1.1, www.google.com -p399, 4531 -s ftp, svn

This means that the user knows that the targets all have an ftp service that
listens on port 339 (non-default) and an svn service that listens on port
4531(non-default). The port list -p option and the -s service-name option should
be 1-1.


I don't like the idea of using two different options to specify the same
information.  This may be OK if every port is a non-default, but if you're
specifying more than a couple of ports with most of them being the defaults
for services, then will end up being a pain having to specify the same
information twice.  Like this:

ncrack -p 21,22,23,80,666 -s ftp,ssh,telnet,http,ftp

All that extra stuff to say that ftp is also listening on port 666.  Unless
I'm just missing something here?

Off the top of my head, what about something like "proto:port" being supported
by -p instead of using -s like this?  Then the previous example turns out like
this:

ncrack -p 21,22,23,80,ftp:666

I haven't given these a lot of thought because I'm quite busy, so this is kind
of a quick brain-dump on the topic.

Cheers,
 ithilgore


Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJKDG1gAAoJEEQxgFs5kUfuRzYP/ijgLl1w3ObzX/4cZbJMUI8O
glyfAaTMMfqi2LRu36e1M2UWtcd615nuhGRKR4VL+fdx9L6VCBCGx8vk1mkJhcWZ
Qt8lrJgmx3CxgSYn8kyUOKgI6zYt0ieq0hpswK4GVEw68L1DzRBl9wrmvov0lxv5
Q2HjR+5gC6ESz/WzTsMhAD7VHRU8YIDi2oqNDtRgflP03jVYh0IzeeJjw7FCzxcM
cOjsP1gLmySv+MEucQXbscs5gIPajphJuEkDVZXJy0hyA660DrIlJAF2dNQEMznW
RFDYdmmCnkkDpyx7YQBqjchRtzZCSDGm/ePQg2Dqc8mznpVe9LWCtvIkiU9nyEZt
WHnlFPgraalXl9Mc3orz160jXscJx5Azn02O0RXDEf8KyDPtMP0L20s5W1OOCU3q
vMrHFyQkunUyYmmZEqYWXDMa6pk6pUfg4TTKm3fIrbQo373C1OXVr160stno6Ylx
ctfW0RGh9/NQxwcknqM8W4ZThPCWtBL33kDUTrmpnFl/tccX0euFn3NYkKoieUCw
OCEptazELoh6eSPdDpuYmlllnbUrdjgixYoacO6drNXl9TSTD8sEub4OGy2+rIZF
du17lYeeS+MDzq2QNOrYpbE9bQ3bYTT9OpAC4r3jxsE5lMRyw1Z3e8FC3NgGrzvW
/yGJeyVB/P+Ry5rtiUHH
=MeZe
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault