Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Output File Bug
From: David Fifield <david () bamsoftware com>
Date: Sun, 24 May 2009 20:12:31 -0600

On Fri, May 22, 2009 at 03:33:38PM +0100, Sebastien J. wrote:
I've been running conficker scans for a client and discovered
something that is part user-error part bug.

The command I've been running (using nmap 4.85BETA9) is:

nmap -PN -T4 -p139,445 -n -v -oN [filename] --script=smb-check-vulns --script-args safe=1 [targetnetworks]

At some point during my scans I wanted to stop writing out to a file,
so I removed the file name without being careful to remove -oN. This
resulted in a file being written called "--script", and the scan
completing but not running the scripts correctly (since nmap didn't
register --script as an actual option).

Instead I would probably expect nmap to do one of two things: a) write
out a file anyway with some kind of default name (nmap_date_time), or
b) quit and demand a file name. Since almost nobody would begin a
filename with a '-', it may be safe to check for this in the string
that follows -oN (or -oSomething), and do one of the two above if this
is the case.

Thank you for reporting this. It does seem to be an easy mistake to
make. My first impression is that nothing should be changed. Most
command-line programs work the way Nmap does here. Option (a) is not
possible in general because there's no reliable way to guess whether the
thing that follows -oN is a file name or not. Option (b) is reasonable,
but it would have to be a warning not an error. Things like this are
nice for interative use but they increase the burden on writers of
programs and libraries that run Nmap.

David Fifield

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
  • Output File Bug Sebastien J. (May 23)
    • Re: Output File Bug David Fifield (May 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]