Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Draft - targets-sniffer.nse
From: Djalal Harouni <tixxdz () opendz org>
Date: Tue, 29 Mar 2011 23:41:09 +0100

On 2011-03-28 18:41:43 +0100, Nick Nikolaou wrote:
Good idea, thanks.

I made all the changes.
Thanks again for your help.
target.add() will return some info, you can use it to print how many
targets where added.

Since this kind of scripts can be very powerful, here are more ideas:

* Add a new argument targets-sniffer.bpf: a Berkeley Packet Filter
  expression, which will be passed to pcap_open(), this way users
  can choose their targets, if this argument is not present then default
  to "ip".

* If the 'newtargets' argument is not specified, then the script should
  print some info taken from the captured packets.

* Perhaps we should add a regular expression to search in packets, or
  turn this script in a fully capable ngrep [1]. This can be useful like
  sniff some clear text protocols, find some useful strings and pass them
  to the brute force scripts. I think that we can find different
  scenarios, not just strings but even protocols and their _fields_.
  There are some machines which like to share their OS type, version ...
  when broadcasting, and this data can be very helpful to Nmap, to sum
  it up: consider the old passive techniques.

* Turn Nmap into Vi or Emacs ...

[1] http://ngrep.sourceforge.net/

-- 
tixxdz
http://opendz.org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]