Nmap Announce mailing list archives
additions to nmap
From: ajax <ajax () main mobis com>
Date: Mon, 28 Dec 1998 12:33:34 -0600 (CST)
Hi, me and a friend have partially written vulnerability scanning functionality into nmap, and wanted to know if anyone was interested in working on this project with me. When its completed, I'd like to make it part of nmap. The config file parser is complete, and the main function is complete. There is a lot of work (mostly socket stuff) that needs to be done. It uses the standard nmap stuct's and functions. The code is located at www.mobis.com/ajax/code/nmap and is called vulnscan.c, vulnscan.h and nmap.c.diff which is in unified diff format of the changes which where made to nmap.c ... The config file (exploit.dat), represents a configurable database of what to look for and classify as vulnerable, based on operating system. This was created so when new exploits are discovered, rather than manually writing C code for each new exploit, you define an entry in the config file on what to look for and how to look for it. It uses the tcp fingerprinting function (-O). The structure of the config file is like so: /* Format of exploit.dat: * OSTYPE,PORT,PROT,PROT_FLAGS,SEND_DATA,WAIT_DATA,SEND_DATA,WAIT_DATA,COMMENT * * Definitions: * OSTYPE=LINUX,FREEBSD,AIX,BSDI21,BSDI30,BSDI40,OSF1,HPJETDIRECT,HPUX,IRIX * NETBSD,NEXT,OPENBSD,SCO,UNIXWARE,SOLARIS24,SOLARIS25,SOLARIS26, * ULTRIX,WIN32,WINNT5,OPENVMS,VMS,UNKNOWN,ALL * PORT=[0-65536] * PROT=TCP,UDP * PROT_FLAGS=U,S,A,P,R,F,1,2 * URG,SYN,ACK,PUSH,RST,FIN,UNUSED_FLAG1(0x40),UNUSED_FLAG2(0x80) * SEND_DATA=data to send at beginning of connection * WAIT_DATA=data to expect to recieve to compare if vulnerable * SEND_DATA=data to send (if null just use ',') * WAIT_DATA=data to expect (if null ',') * COMMENTS=comments to log if vulnerable */ Regards, Ajax (ajax () mobis com)
Current thread:
- additions to nmap ajax (Dec 28)
- Re: additions to nmap ...from nowhere to the end (Dec 28)