Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Feature request: scanning an AS
From: John Bond <john.r.bond () gmail com>
Date: Thu, 28 Apr 2011 10:03:25 +0200

On 28 April 2011 05:17, David Fifield <david () bamsoftware com> wrote:
On Mon, Apr 18, 2011 at 09:12:56PM +0200, John Bond wrote:
On 15 March 2011 20:52, John Bond <john.r.bond () gmail com> wrote:
On 15 March 2011 00:13, John Bond <john.r.bond () gmail com> wrote:
On 14 March 2011 21:45, John Bond <john.r.bond () gmail com> wrote:
I noticed this script on the todo list in the wiki and i wasn't really
doing nse last year.  anyway i have written a very small script which
does this.  It relies on the whois server oliver day mentioned.  see

-- @usage
-- nmap --script asn-to-prefix --script-args
-- @output
-- 53/udp open  domain  udp-response
-- | asn-to-prefix:
-- |_

another update as per the comments on secwiki to add newtargets functionality

-- @args asn-to-prefix.asn The asn number to search
-- @args asn-to-prefix.whois_server whois server to use default is
-- @args asn-to-prefix.whois_port whois port to conect to default is 43
-- @args newtargets prefixes discovered will be added to the nmap scan
-- @usage
-- nmap --script asn-to-prefix --script-args
-- @output
-- 53/udp open  domain  udp-response
-- | asn-to-prefix:
-- |_

I was originally skeptical about how useful this script would be but i
have been using it at least every week so look forward to seeing it in
current :)

Okay, I think this is a nice script. Here are a few things I'd like to

We should get permission from the operators of the whois server, like we
did for the asn-query script. We just don't want them to be mad if the
script being distributed with Nmap causes them a lot of extra load.
Would you email them and ask if they object to the script.
I have already emailed them and they are happy for us to use the
service, i can forward you the thread if needed.

The script needs to go into the "external" category.

I think this is unnecessary:
       newtargets = stdnse.get_script_args('asn-to-prefix.newtargets')
Just plain "newtarget" already sets target.ALLOW_NEW_TARGETS.
no problem

Instead of doing socket:receive_lines(1000000), do
socket:receive_lines(1) in a loop. That way you can limit how much you
will read and not stall forever if the server gives you a lot of data.
You still need to split on newlines because receive_lines(1) may return
more than one line.
Ok ill take a look at this in a bit
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]