Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [BUG] Nmap host specification parsing
From: David Fifield <david () bamsoftware com>
Date: Sun, 14 Jun 2009 11:13:56 -0600

On Sun, Jun 14, 2009 at 03:43:12AM +0300, ithilgore wrote:
It applies to the latest svn version and the problem is that when
you put an extra comma ',' after any host, then Nmap adds an
additional target to the list. The target is the IP that corresponds
to 0 for the least significant byte and for the rest of the bytes to
the same class network as the host before the comma.

$ nmap -sL -n 10.0.0.1, 10.0.0.2

Starting Nmap 4.85BETA10 ( http://nmap.org ) at 2009-06-14 03:33 EEST

Host 10.0.0.1 not scanned
Host 10.0.0.0 not scanned
Host 10.0.0.2 not scanned
Nmap done: 3 IP addresses (0 hosts up) scanned in 0.00 seconds

I found some other undocumented syntax supported by Nmap a while ago.

http://seclists.org/nmap-dev/2009/q1/0451.html

We talked about having Nmap use the Ncat code a little bit, because the
Ncat code has tests and fewer quirks. Ncat's addrset code doesn't
support host enumeration, but there's nothing in the design to keep that
from being implemented.

http://seclists.org/nmap-dev/2009/q1/0494.html
http://nmap.org/svn/ncat/test/test-addrset.sh

So if it helps, you could use the Ncat code in Ncrack, or just port the
Ncat code into TargetGroup.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]