Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: EXPERT IPv6 network scaning
From: niteesh kumar <niteesh3 () gmail com>
Date: Sat, 7 Apr 2012 09:55:39 +0530

e

On Sat, Apr 7, 2012 at 5:44 AM, Patrik Karlsson <patrik () cqure net> wrote:



On Sat, Apr 7, 2012 at 12:19 AM, niteesh kumar <niteesh3 () gmail com> wrote:

Please have a look at the script

there might be some problem printing the results though i can see MLD
reports comming on wireshark
129 nodes out of 179 present did responded to this query

further improvement can be to add some fuzziness to scan by sending
specific queries to each group to find further nodes.
-
-Niteesh


On Thu, Mar 29, 2012 at 7:08 AM, David Fifield <david () bamsoftware com
wrote:

On Wed, Mar 28, 2012 at 12:01:56AM +0530, niteesh kumar wrote:
On Tue, Mar 27, 2012 at 10:30 PM, David Fifield <
david () bamsoftware com
wrote:

On Tue, Mar 27, 2012 at 10:17:56PM +0530, niteesh kumar wrote:
On Tue, Mar 27, 2012 at 4:42 AM, David Fifield <
david () bamsoftware com
wrote:
I'm interested in what you were able to find using MLD probes.
Can
you
share the tools or commands that you used to run this test?

I did not use any specific tool, i wrote c code to generate  these
packets
and send.I I found that these messages canbe used to scan LAN to
get
knowledge of  present hosts in the network with only single probe.

That's what I'm asking, is your source code online somewhere?

PFA contains the c function i used to send the MLD probes
i observed the responses in wireshark

Thanks for sending this. We added a new entry on our script ideas page
for it.

https://secwiki.org/w/Nmap/Script_Ideas#targets-ipv6-mld

What do you think about trying to write this as an NSE script? You can
use the other targets-ipv6 scripts as a template.

http://nmap.org/nsedoc/scripts/targets-ipv6-multicast-echo.html
http://nmap.org/nsedoc/scripts/targets-ipv6-multicast-invalid-dst.html
http://nmap.org/nsedoc/scripts/targets-ipv6-multicast-slaac.html

David Fifield


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Hi Ninteesh,

Great work. I was able to do some minor changes and get it working in my
LAN.
It found all of my the hosts that were currently online. I'm attaching the
patch.
Could you try it against your network?


Cheers,
Patrik
--
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77



Thanx patrik for that great patch. but still i cannot see the scanning
result on screen though i could see the packets coming in wireshark. I am
running ubuntu in Vmware. Can you please test it your system once again.
  Please  find the new script attached which include patch given by Patrik
and also some parameter changes that improve the result further.

Niteesh
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault