Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: dns-fuzz script is not working with example usage command
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 31 Jan 2014 09:37:20 -0600

On 01/27/2014 10:23 AM, Fabian Bräunlein wrote:
I figured out that the rule for this script is:
>portrule = shortport.portnumber(53, "udp")
which only takes UDP into account. However, the example usage command
solely performs a TCP scan, so the script's action will never be executed.
Nevertheless, the DNS standard also requires TCP support (
http://tools.ietf.org/search/rfc5966) for large messages and zone
transfers, so it may be good to run the script likewise when an open
TCP-port 53 was encountered.

I think, there are a few options to resolve this issue:
- by updating the doc page (+ comments in the script)
- e.g. changing the example usage command to something like nmap -sU -p53
--script dns-fuzz --script-args timelimit=2h <target>
- clarify, that an UDP scan on port 53 is necessary

I think I have addressed these issues in r32688 and r32689. With John Bond's added TCP support in dns.lua, I was able to add TCP support fairly easily, though it could stand some additional testing. For clarity, I changed the usage statement to suggest -sU, since that is what the script was designed for. Thanks for reporting this issue!

Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]