Re: Uniquely identifying an Nmap install from NSE?

[Ron <ron () skullsecurity net>]

On 08/07/2009 05:10 PM, jah wrote:
> On 07/08/2009 22:41, Ron wrote:
> > So, the two obvious choices are:
> > 1. Leave it the way it is, and accept that it's going to have a race
> > condition
> > 2. Randomize the name, making it difficult to clean up
> If you have sufficient permission to create a service on the remote
> machine then would it be true to say that you can query for running
> services?
> If so, could you store a file on the client containing the random names
> of deployed services and the machines to which they've been deployed
> (removing them from the file when successfully uninstalled).  Then the
> script could check this file at start-up and perform any necessary
> clean-up - or just connect back to the same service.
>
> Just a thought.  Failing that, add documentation to the script to the
> effect that it's a good idea to change the SERVICE constant in the
> script to something likely to be unique.
>
> jah

Those are definite possibilities. Enumerating services is something I'm 
not doing yet, but it's something I *can* do. Finding a service or 
storing a list of services seems like too much overhead to me, though.

Adding the documentation I like, because I don't really have to do 
anything, but I feel I can do better than that. :)

Ron


--
Ron Bowes
http://www.skullsecurity.org/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org