Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Draft - targets-sniffer.nse
From: Nick Nikolaou <nikolasnikolaou1 () gmail com>
Date: Mon, 28 Mar 2011 13:48:51 +0100

Hello everyone once again,

I made some further changes to the script:

1. Removed the simple *.*.*.255 broadcast check since it wouldn't do
anything on a VLSM network. The script now gets the broadcast address
using Djalal's patch and iface_info.broadcast.

2. Changed the way IP addresses are extracted from packets. That is now done
using the packet library.

3. Timeout works as it should.

4. As per Henri's suggestion most of the initializations are now inside
functions (with a couple of exceptions) and code should be easier to follow.
 I also checked that variables and functions have the correct scope.

5. The script doesn't default to eth0 if no interface is specified but
prints an error message.

As you know by now, the script relies heavily on Djalal's interface patch so
the patch needs to be added first in order to use the script.

I hope you find this useful.


On 26 March 2011 16:13, Henri Doreau <henri.doreau () greenbone net> wrote:

2011/3/26 Nick Nikolaou <nikolasnikolaou1 () gmail com>:
Hey guys,

I made some changes to the script:

1. Added support for Djalal's interface patch. The user can now select
interface using -e. If an interface is not specified the script falls
to eth0. If that doesn't work it prints an error message.

2. The script now gets the local IP address using the
function and makes sure that it's never added to newtargets.

3. Since nmap checks for duplicates when adding the IP addresses to
newtargets, there no reason for the script to do it.

4. The script now prints an error message when not ran as root.

Thanks for your feedback.

Hi Nick,

thanks for working on this script! Here is some feedback after I have
quickly read the code.

- I am not so fan of having code out of functions, you can hardly know
when it will exactly be executed...  You should refactor this and
initialize things from whithin the rule/action functions.

- The indentation makes it difficult to read!

I still couldn't get the socket to timeout properly which seems to be the
main problem at the moment. I'm also having some trouble getting the IP
addresses using the packet library.

As Kris and I already suggested, you should have a look at
firewalk.nse, ipidseq.nse, path-mtu.nse, qscan.nse or
sniffer-detect.nse that make use of the packet library to build packet
objects from pcap (look for packet.Packet:new()). These scripts might
help you to fix both problems.

Once again, I appreciate any feedback.



Henri Doreau |  Greenbone Networks GmbH  |  http://www.greenbone.net
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner

Attachment: targets-sniffer.nse

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]