Nmap Development mailing list archives

Re: Qscan in NSE: qscan.nse

From: Ron <ron () skullsecurity net>
Date: Thu, 18 Mar 2010 01:59:04 -0500

Ahh, I wasn't running it as root -- I don't have root on that system. I'll try it properly tomorrow. 

I blame St Patrick's day. :)

On Wed, 17 Mar 2010 21:29:22 -0500 Kris Katterjohn
<katterjohn () gmail com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/17/2010 09:20 PM, Ron wrote:

From a quick look, it doesn't appear to work (nothing is output,
including errors) against my domain (Skullsecurity.org). There
should be a few different groups on it -- ports 22, 23, and 902 all
point at different machines here.


You were running as root and doing some type of raw scan?  qscan.nse
and ipidseq.nse both need a meaningful host.interface for pcap or
they will silently return false from hostrule().

Oh, did you port scan or just try to -sP --script qscan ?  Nmap has
to find ports open or closed for it to work.  Again it will silently
return if not.

These are the first things to come to mind.

Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJLoZABAAoJEEQxgFs5kUfuSPAQAMNA39aUlINmuSxiZ4nC8NRq
qenK7QQ6J5pbsircRwuoonITnUzD6fSMfAp1SRWLBFVcU6szdRWtDBL+8ofas/Eb
rxDsW1w1s5qkS84cbQdYZBDJVoSpkxupR1IIPRlepkh+64CybYYZdSrIO/QDYyVD
dw00NqxSu0lE2IAr+LVm3hMBFukdM1LOg9WUJqFzSBqtpbGvrcQOWcB3MrSyfQ2A
MkIEVADXHs8SKk3FODkJKFsHAg+0uxGXr1UUYL/MhbRrQQyNMz/FvxAX1y1fLImw
qNrSa/WoAgZRz3mF8UxqhjyZk+McmmkHIcxoWoNvY/6I9bcgwuoiK/8TNDvECKWT
J86CQdg6NsYmRjB4KFzoztc26owTXZ0hiWh1kS89b9Au4J+fUtiLF3zaxGvwITW9
/pfbC1WeLcKsv8dKH4TlCTi4n6rinuNin2A9VFabA0wDNOY8PaKknvPIU8p7+wDN
xaSFuJLGBRJg9aIvSGRnYZyWOZRsVrGs7y3EBjks5+6uU5BKoBIf+hW6XfLPdnwi
plT2SIo1GHO/NLtqg9iU6c/dJtD0KgAkihXejAuiFXBAhQUt8BbKK1riaDIAyzDk
NQdomkzvT1KROZP+Qqi6Yy8xQzvvlPRXkGHTWjUXwb80RX+gL0KAxooTFH43aSjh
Teo0smD5hLeUZbhF/F2p
=hnTJ
-----END PGP SIGNATURE-----



-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] script idea: identify ports behind a NAT Ron (Mar 17)
- Re: [NSE] script idea: identify ports behind a NAT jah (Mar 17)
  - Re: [NSE] script idea: identify ports behind a NAT DePriest, Jason R. (Mar 17)
  - Re: [NSE] script idea: identify ports behind a NAT David Fifield (Mar 17)
    - Re: [NSE] script idea: identify ports behind a NAT Kris Katterjohn (Mar 17)
    - Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
    - Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
    - Re: Qscan in NSE: qscan.nse Ron (Mar 17)
    - Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
    - Re: Qscan in NSE: qscan.nse Ron (Mar 18)
    - Re: Qscan in NSE: qscan.nse Fyodor (Mar 20)
    - Re: Qscan in NSE: qscan.nse Ron (Mar 19)
    - Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 19)
    - Re: Qscan in NSE: qscan.nse David Fifield (Mar 20)
    - Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 21)
    - Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 20)
    - Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 18)
    - Re: Qscan in NSE: qscan.nse doug (Mar 20)
    - Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 20)
    - Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 21)

(Thread continues...)