Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: port snipe functionality
From: m k <mpmab1 () gmail com>
Date: Mon, 31 Jan 2011 01:04:02 +1100

HI

Maybe my understanding of the problem is incorrect but is it not possible to
store the results obtained in the registry and have another *new* script
access these values and start a new scan separate of the original target
specification ?

With respect to including this in the original port scanning script - if the
situation you described in your email is very frequent then it is worth it.

Hopefully this makes sense, let me know.
Cheers
Mehdi

On Sun, Jan 30, 2011 at 12:49 AM, Toni Ruottu <toni.ruottu () iki fi> wrote:

hey,

I am still trying to snipe ports outside the current target
specification. This is particularly useful for scanning distributed
systems that do not have a standard port, but rather provide a
discovery service that return (host, port) pairs for the involved
nodes. In such cases it is natural to add discovery services as scan
targets, and use port scripts to retrieve lists of (host, port) pairs
from the service and store them into the registry.

Problems arise when one goes on to write follow-up scripts that read
the stored (host, port) pairs from the registry in order to scan them.
Scanning the nodes would require an nmap.snipe(host, port) function
that would allow scanning a port outside the original target
specification. When combined with postrule scripts, sniping could be
used to scan complex systems consisting of multiple nodes.

As far as I've been able to find out such snipe function does not
currently exist. Implementing one on the NSE side would require
reimplementing big parts of the port scanning functionality on the NSE
side. Also it seems to be currently impossible to reports port state
and version information outside the original target specification. My
impression is. Thus implementing a snipe function on the NSE does not
seem feasible. How much effort would it take to implement this on the
C side?

 --Toni
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]