mailing list archives
Hani's status report #8 of #17
From: Hani Benhabiles <kroosec () gmail com>
Date: Tue, 19 Jun 2012 03:58:20 +0100
- I have added IPv6 support to firewall-bypass FTP helper. This is very
interesting because, unlike in IPv4, there is no Real path filter
routing-based implementation in Linux for IPv6 and it is available as a
module for netfilter only since Linux 3.3 and iptables 1.4.13. Just some
last polishes and tests before posting the script to the list.
- While working on IPv6 support in firewall-bypass, I have fixed a
subtle bug in packet.lua library that caused the tcp_data_length in IPv6
to be miscalculated due to the IPv6 payload length field and IPv4 packet
length being treated the same way.
- I have Updated ssl fingerprints database to use the latest version
from littleblackbox which has newer fingerprints.
- I have looked into tls-nextprotoneg, we may not be able to add it as
support for tls NPN extension was added to Openssl in version 1.0.0h
while we are currently shipping an older version in mswin32.
- I have researched the SIP protocol to see what we could add to Nmap
(spoofing invite requests, using options for enumeration, tracerouting
with max-forwards header...).
- I have added intensive mode scan to http-waf-fingerprint, at the
moment only Naxsi WAF has one.
- Finish any remaining work with firewall-bypass and http-waf-fingerprint.
- Research the feasibility of tls-nextprotoneg and work on it.
- Work on SIP related scripts.
- See with some work already done by Patrik on ospf and check what to add.
- Checking / Working on other ideas from scripts ideas wiki page.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- Hani's status report #8 of #17 Hani Benhabiles (Jun 19)