Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Override port rule for a script from the command line?
From: Marcus Haebler <haebler () gmail com>
Date: Mon, 13 Jun 2011 17:30:10 -0400

Dan,

thanks for the quick answer. This worked except for --version-light.
Turns out --version-light is an alias for "--version-intensity 2", SSL
handshake attempts start at "--version-intensity 3".

Using this command line I was able to see the supported ciphers:

nmap -sV --version-intensity 3 --script ssl-enum-ciphers -p 80 <target>

Thanks,

Marcus


On Mon, Jun 13, 2011 at 4:47 PM, Daniel Miller <bonsaiviking () gmail com> wrote:
You can use version detection (-sV) to detect the SSL, which will satisfy
shortport.ssl. Use --version-light to avoid sending too many probes: it
should be detected just fine with that.

Dan

On Mon, Jun 13, 2011 at 3:04 PM, Marcus Haebler <haebler () gmail com> wrote:

-All,

is there a general way to override the portrule setting in a script
from the nmap command line? I was trying to run ssl-enum-ciphers

http://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html

on TCP port 80 because someone put an HTTPS server there.
Unfortunately, the script has a port rule of:

portrule = shortport.ssl

That seems to make it impossible to get the ciphers enumerated with
Nmap unless I either change the script - make portrule more general
like all TCP or add a script specific parameter - or have a general
way to override the portrule line.

The latter does not seem to exist or I did not see the forest for the
trees.

Thoughts?

Thanks,

Marcus
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault