Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Hackers: Re: nmap..... via web

Re: nmap..... via web

From: Andrew Brown <atatat_at_atatdot.net>
Date: Thu, 18 Feb 1999 23:08:16 -0500

>Make the CGI a perl script that is running SUID perl so it runs as
>root. Make the perl check to see where they are coming from and that
>the host they want to scan is inside your network before allowing to
>continue with the scan.
>
>That would be a bit risky if the script isn't written properly, but it
>should be fairly easy to do.

risky, yes. especially with the buffer overflow problems perl has had
in the past. my recommendation would be to make a suid copy of nmap
that *only* the web server id can get to. and hack it (nmap) so that
only the web server id is allowed to run it. simple enough to do.

        if (getuid() != webserveruid) exit(1); 

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior_at_daemon.org             * "ah!  i see you have the internet
twofsonet_at_graffiti.com (Andrew Brown)                that goes *ping*!"
andrew_at_crossbar.com       * "information is power -- share the wealth."
Received on Feb 18 1999
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos