Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Hackers: Wireless Nmap

Wireless Nmap

From: Jeremy Sanders <jsanders_at_pomeroy.com>
Date: Thu, 18 Jan 2001 10:20:23 -0500

I whipped this up several months ago right after I got my Samsung 8500 w/ wireless web. It's just two files. nmap.wml and nmap.php3. Nothing fancy just redirects the output to your phone display. Can make for interesting meetings w/ customers. "Let me port scan your web server right quick :)"... Of course depending on what user you run your web server as you only have access to that level of commands, unless you run suexec which might not be a good idea since wap isn't all that secure(cookies being stored on providers wap gateways and all that). Anyway here are the two files:

nmap.wml
<?xml version="1.0"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">

<wml>
        <card id="Nmap">
                <p>
                Enter host:
                <br/>
                <input type="text" name="Host" size="30"/>
                </p>
                <do type="accept" label="Scan">
                        <go href="nmap.php3" method="post">
                                <postfield name="Host" value="$Host"/>
                        </go>
                </do>
        </card>
</wml>

nmap.php3
<?
     header("Content-type: text/vnd.wap.wml"); // set the correct MIME type
     header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // expires in the past
     header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // Last modified, right now
     header("Cache-Control: no-cache, must-revalidate"); // Prevent caching, HTTP/1.1
     header("Pragma: no-cache"); // Prevent caching, HTTP/1.0
     echo("<?xml version=\"1.0\"?>\n");
     echo("<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\" \"ttp://www.wapforum.org/DTD/wml_1.1.xml\">\n\n");
?>

<wml>

  <head>
    <meta forua="true" http-equiv="Cache-Control" content="max-age=0"/>
  </head>
        <template>
                <do type="options" label="Home">
                        <go href="/"/>
                </do>
        </template>
        <card id="Result">
        <p>
        <?
                $cmd="/usr/bin/nmap $Host";
                exec(EscapeShellCmd($cmd),$result);
                $cnt=0;
                $rcnt=count($result);
                while ($cnt<$rcnt) {
                                print htmlspecialchars($result[$cnt]);
                                print "<br/>";
                        $cnt++;
                }
         ?>
        </p>
        <do type="accept">
                <go href="/nmap.wml"/>
        </do>
        </card>
</wml>

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Jan 18 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]