mailing list archives
Re: [NSE] Interface info of raw IPv4 sockets
From: Djalal Harouni <tixxdz () opendz org>
Date: Wed, 22 Jun 2011 15:14:15 +0100
On Wed, Jun 22, 2011 at 03:15:44PM +0200, Gorjan Petrovski wrote:
It was suggested that I use the new nmap.get_interface() function, but
that returns nil no matter how I run it (hostrule, prerule). Has
anyone else encountered this? Any suggestions on how to debug it, or
is running gdb the only option?
If you run Nmap with the '-e' or '-S' options then nmap.get_interface()
will return the correct interface that will be used.
o nmap.get_interface(): is for prerule scripts, when we do not know the
targets, routes, etc. We let the user to specify the appropriate
o host.interface: is for hostrule and portrule scripts, since the
interface can change based on the targets and their routes.
Note: host.interface is set with the deviceName() function, this will
ignore aliases, using deviceFullName() would be better.
I suppose a better alternative would be a dnet:get_interface()
function which returns info on the interface of an open IP socket,
since we have no way of specifying which interface the IP socket opens
on. Better yet, an optional argument to the dnet:ip_open(interface),
to let us specify the interface for the IP socket and a fix for the
Normally nmap.get_interface() and nmap.get_interface_info() should cover
all the situations, at least for the broadcast and pcap stuff, but for
dnet I don't know. After a first look it seems that the info
(device, and routes, etc) are built during the dnet:ip_send() call.
BTW I don't think that we should fix nmap.get_interface() since it only
returns the interface that was specified with '-e' option when running
Nmap, instead I think that NSE code must respect that choice, and deal
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
Re: [NSE] Interface info of raw IPv4 sockets David Fifield (Jun 22)