Re: [Patch] Send comment in scan packet data

[Daniel Miller <bonsaiviking () gmail com>]

Jay,

This patch looks good and tests out. Please commit it, then write up some
documentation for the features in docs/refguide.xml. You can probably copy
it mostly from nping/docs/nping-man.xml, since the syntax is identical.

We discussed moving the hex-parsing code to nbase so that both Nping and
Nmap use the same function, but I'm not really sure it's a good idea, now.
There's a possibility that Nmap and Nping could diverge in their use of the
function, and it doesn't seem like a good fit for libnbase, a "library of
base (often compatibility) routines."

Dan


On Fri, May 23, 2014 at 7:11 AM, Jay Bosamiya <jaybosamiya () gmail com> wrote:

> Dan, List,
>
> I took into account point number 1 and modified my patch. I think the
> feature makes much more sense now.
>
> I was able to trace Nping's hex conversion to nping/utils.* and I have
> modified it and put it in utils.* (the ones directly in the nmap
> directory). The modifications are the size of the auxiliary buffer used by
> the code and the name of the function itself.
>
> I needed to change the size of auxbuff so that we can send larger payloads
> than allowed by the implementation in nping.
>
> As for point number 2, as you said, that could be done later as a followup
> to this feature.
>
> I have tested this patch and it seems to work fine.
>
> I would appreciate feedback on how I should've gone about the hex
> conversion thing if I shouldn't have added the code to utils.*. I
> personally think that using almost the same code in two places
> (nping/utils.* and utils.*) is an "evil" thing to do, but I couldn't see
> any other less "evil" way. If there was some very easy way to do it, it
> probably slipped my mind. :)
>
> Actually, feedback on the rest of the patch is welcome too. :P
>
> Cheers,
> Jay
>
> Patch: Attached
>
>
> On Wednesday 21 May 2014 06:42 AM, Daniel Miller wrote:
>
> > From a design standpoint, I have a couple comments:
> >
> > 1. Using "--comment" seems like a limitation of this feature. Compare
> > Nping's options:
> >
> >   --data <hex string>              : Include a custom payload.
> >   --data-string <text>             : Include a custom ASCII text.
> >   --data-length <len>              : Include len random bytes as payload.
> >
> > The --data-length option is the same. Is there any reason why Nmap can't
> > also support --data-string and --data? (Though I would prefer --data-hex,
> > it might be nice to keep the same syntax.)
> >
> > 2. As a follow-up to this feature being added, we should probably do some
> > testing with IPv6, especially given the warning about data length > 1400
> > which is based on IPv4. This may require some coding to add support for
> > Jumbograms.
> >
> > Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/