mailing list archives
Re: Ncrack discussion
From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Fri, 15 May 2009 00:42:21 +0300
On 14/05/2009 21:27, ithilgore wrote:
However, using brackets will involve having to escape them in most shells. Since
we want to avoid that, another character might be more appropriate. What about
I suggested brackets because Nmap allows their use in port specification:
nmap -p [-1024]
It does, but that doesn't mean that it is safe to do so. Nmap's man page
"Ranges of ports can be surrounded by square brackets to indicate ports inside
that range that appear in nmap-services. For example, the following will scan
all ports in nmap-services equal to or below 1024: -p [-1024]. Be careful with
shell expansions and quote the argument to -p if unsure."
Brackets are used in most shells as character-class regular expression matchers.
to mean (in this case) TCP ports listed in nmap-services up-to and
including port 1024. I wasn't aware that they might need to be escaped.
Slashes do indeed look ugly and it also looks like a path separator.
or perhaps not even enclosing the proto:port list:
ncrack scanme.nmap.org:21,22,ftp:9000 foo.bar.com:telnet:9000,ssh:9001
and maybe allow a few variations on the separator between the host and
it's ports/services - such as : or + or % or @
Perhaps offering a few variations including / and < > is the way to go.
Brackets may also be supported but the user will be warned to escape them if
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
Re: Ncrack discussion Lionel Cons (May 15)