Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] How brute scripts and UN/PW scripts interact with creds
From: Brendan Byrd <sineswiper () gmail com>
Date: Thu, 29 Dec 2011 14:42:30 -0500

On Thu, Dec 29, 2011 at 1:12 PM, David Fifield <david () bamsoftware com> wrote:
Are you sure about this? The pcap bindings have been designed not to
have the problem you describe. I did a test with two scripts that
capture all packets using a filter string of "ip", and both the scripts
see the same packets, even when run at the same time.

I attached the scripts. I ran them like this:
$ sudo ./nmap -e eth0 --script=test-a,test-b -d2

Does the same thing happen when you do 20 simultaneous hosts, rather
than 128? I can more easily imagine that is is caused by a limit on the
number of BPF handles or something like that.

I'll have to try it again, but I did confirm it with Wireshark using
the snmp-brute script (with cond threading).  All kinds of responses
went whizzing by as it was detecting the community string for a single
host.  Now that I have snmp-brute and creds-db completely working, I
can try it again to see if it was something else in the code I was
editing or not.

Brendan Byrd/SineSwiper <SineSwiper () GMail com>
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]