Home page logo

nmap-dev logo Nmap Development mailing list archives

Output File Bug
From: "Sebastien J." <s.j () mac com>
Date: Fri, 22 May 2009 15:33:38 +0100

Hi Devs,

I've been running conficker scans for a client and discovered something that is part user-error part bug.

The command I've been running (using nmap 4.85BETA9) is:

nmap -PN -T4 -p139,445 -n -v -oN [filename] --script=smb-check-vulns --script-args safe=1 [targetnetworks]

At some point during my scans I wanted to stop writing out to a file, so I removed the file name without being careful 
to remove -oN. This resulted in a file being written called "--script", and the scan completing but not running the 
scripts correctly (since nmap didn't register --script as an actual option).

Instead I would probably expect nmap to do one of two things: a) write out a file anyway with some kind of default name 
(nmap_date_time), or b) quit and demand a file name. Since almost nobody would begin a filename with a '-', it may be 
safe to check for this in the string that follows -oN (or -oSomething), and do one of the two above if this is the case.

Hope this helps, and thanks in advance.


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]