Nmap Development mailing list archives
Re: New patch for XML output
From: doug () hcsw org
Date: Sun, 20 Jan 2008 15:56:39 -0800
On Fri, Jan 18, 2008 at 05:20:51PM -0800 or thereabouts, Fyodor wrote:
Yeah, it sounds reasonable to me for the XML output to give the same version as the normal output (G=Y if the fingerprint really is good, G=N and uncompressed format otherwise). This might be helpful for Zenmap and other tools which read Nmap XML output.
OK I just checked this into SVN. If normal output would report this as an acceptable fingerprint, this will be in the XML (Notice G=Y and that this is an encoded, compressed version designed for sending to the submitter): <osfingerprint fingerprint="OS:SCAN(V=4.53%D=1/20%OT=22%CT=23%CU=33251%PV=N%DS=0%G=Y%TM=4793DDCE%P=i686
OS:-pc-linux-gnu)SEQ(SP=CB%GCD=1%ISR=D1%TI=Z%II=I%TS=8)SEQ(SP=CB%GCD=4%ISR=
OS:D1%TI=Z%II=I%TS=8)OPS(O1=M400CST11NW2%O2=M400CST11NW2%O3=M400CNNT11NW2%O
OS:4=M400CST11NW2%O5=M400CST11NW2%O6=M400CST11)WIN(W1=8000%W2=8000%W3=8000%
OS:W4=8000%W5=8000%W6=8000)ECN(R=Y%DF=Y%T=40%W=8018%O=M400CNNSNW2%CC=N%Q=)T
OS:1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=Y%DF=Y%T=40%W=8000%S=O
OS:%A=S+%F=AS%O=M400CST11NW2%RD=0%Q=)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD
OS:=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0
OS:%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1
OS:(R=Y%DF=N%T=40%TOS=C0%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD
OS:=G)IE(R=Y%DFI=N%T=40%TOSI=S%CD=S%SI=S%DLI=S)
" /> However, if the FP was not good, the XML output is as before (G=N and uncompressed, unsubmittable version): <osfingerprint fingerprint="SCAN(V=4.53%D=1/20%OT=22%CT=%CU=41254%PV=N%DS=0%G=N%TM=4793DEF6%P=i686-pc-linux-gnu)
SEQ(SP=C2%GCD=1%ISR=C3%TI=Z%II=I%TS=8)
SEQ(SP=C3%GCD=1%ISR=C2%TI=Z%II=I%TS=8)
OPS(O1=M400CST11NW2%O2=M400CST11NW2%O3=M400CNNT11NW2%O4=M400CST11NW2%O5=M400CST11NW2%O6=M400CST11)
WIN(W1=8000%W2=8000%W3=8000%W4=8000%W5=8000%W6=8000)
ECN(R=Y%DF=Y%T=40%W=8018%O=M400CNNSNW2%CC=N%Q=)
T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)
T2(R=N)
T3(R=Y%DF=Y%T=40%W=8000%S=O%A=S+%F=AS%O=M400CST11NW2%RD=0%Q=)
T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
U1(R=Y%DF=N%T=40%TOS=C0%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)
IE(R=Y%DFI=N%T=40%TOSI=S%CD=S%SI=S%DLI=S)
" /> Best, Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: New patch for XML output Fyodor (Jan 13)
- Re: New patch for XML output doug (Jan 18)
- Re: New patch for XML output Fyodor (Jan 18)
- Re: New patch for XML output doug (Jan 20)
- Re: New patch for XML output Fyodor (Jan 18)
- Re: New patch for XML output doug (Jan 18)