Home page logo

nmap-dev logo Nmap Development mailing list archives

Hani's status report #8 of #17
From: Hani Benhabiles <kroosec () gmail com>
Date: Tue, 19 Jun 2012 03:58:20 +0100

Hi list,

- I have added IPv6 support to firewall-bypass FTP helper. This is very interesting because, unlike in IPv4, there is no Real path filter routing-based implementation in Linux for IPv6 and it is available as a module for netfilter only since Linux 3.3 and iptables 1.4.13. Just some last polishes and tests before posting the script to the list.

- While working on IPv6 support in firewall-bypass, I have fixed a subtle bug in packet.lua library that caused the tcp_data_length in IPv6 to be miscalculated due to the IPv6 payload length field and IPv4 packet length being treated the same way.

- I have Updated ssl fingerprints database to use the latest version from littleblackbox which has newer fingerprints.

- I have looked into tls-nextprotoneg, we may not be able to add it as support for tls NPN extension was added to Openssl in version 1.0.0h while we are currently shipping an older version in mswin32.

- I have researched the SIP protocol to see what we could add to Nmap (spoofing invite requests, using options for enumeration, tracerouting with max-forwards header...).

- I have added intensive mode scan to http-waf-fingerprint, at the moment only Naxsi WAF has one.

- Finish any remaining work with firewall-bypass and http-waf-fingerprint.
- Research the feasibility of tls-nextprotoneg and work on it.
- Work on SIP related scripts.
- See with some work already done by Patrik on ospf and check what to add.
- Checking / Working on other ideas from scripts ideas wiki page.


Hani Benhabiles

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • Hani's status report #8 of #17 Hani Benhabiles (Jun 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]