mailing list archives
Re: [NSE] How brute scripts and UN/PW scripts interact with creds
From: Brendan Byrd <sineswiper () gmail com>
Date: Thu, 29 Dec 2011 14:42:30 -0500
On Thu, Dec 29, 2011 at 1:12 PM, David Fifield <david () bamsoftware com> wrote:
Are you sure about this? The pcap bindings have been designed not to
have the problem you describe. I did a test with two scripts that
capture all packets using a filter string of "ip", and both the scripts
see the same packets, even when run at the same time.
I attached the scripts. I ran them like this:
$ sudo ./nmap -e eth0 --script=test-a,test-b -d2
Does the same thing happen when you do 20 simultaneous hosts, rather
than 128? I can more easily imagine that is is caused by a limit on the
number of BPF handles or something like that.
I'll have to try it again, but I did confirm it with Wireshark using
the snmp-brute script (with cond threading). All kinds of responses
went whizzing by as it was detecting the community string for a single
host. Now that I have snmp-brute and creds-db completely working, I
can try it again to see if it was something else in the code I was
editing or not.
Brendan Byrd/SineSwiper <SineSwiper () GMail com>
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/