Nmap Development mailing list archives
Re: Summer of Code Script Ideas
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Thu, 27 Mar 2008 00:22:00 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Nelson, I think this post gets down to an underlying need for solid math and cryptographic routines in order to interact with many network protocols. I do most of my network work in perl and I regularly find myself doing at least one of: use Crypt::OpenSSL::Bignum; use Digest::MD5 qw(md5); use Digest::HMAC qw(hmac); use Crypt::Random qw(makerandom); use String::CRC; Now I don't know if lacking these routines is really holding up any script writing, but at some point it is going to. I don't know enough about how IPSEC/IKE is implemented to know if large numbers and crypto routines are needed or not but I suspect that they are. Since the focus of NSE is manipulating networking protocols, I suspect most script writers find themselves searching for the same things. Here are a list of questions I suspect many had or still have: * How does one manipulate binary strings in Lua? Can "\x00" be done? How about for octal and decimal? * How does one easily go from network byte to host byte order? Does it even matter? If I have the string "\x00\x80" how do I turn that into the number -32768? * Is there the equivalent of perl's pack() and unpack() routines? * Is a C-like byte array preferred to a perl-like packed scalar? It would really be neat to see a SoC project put together "A network and protocol hacker's guide to NSE/Lua". This could be a series of Lua FAQs like the one above and sample scripts that demonstrate techniques and how do do things in Lua. The Lua documentation is out there for this sort of thing but it isn't targeted at any one task. A documentation roundup with a focus on bits and bytes on the network would be really valuable. Brandon On Wed, 26 Mar 2008 16:31:56 -0500 Nelson <komseh () gmail com> wrote:
I'd like to see a script that attempts to fingerprint VPN devices based on their handshake and vendor ID responses from the IKE service(port 500/udp). As we all know it is difficult to identify most UDP services ports as "open", so this service often goes unnoticed in pentests. I would even be happy with a script that confirms that an IKE service is responding on the host. Here are some responses from common VPN devices: http://www.nta-monitor.com/wiki/index.php/IKE_Implementation_Analysis I'm also interested in a script that would identify if a DNS server is vulnerable to cache snooping. I also second the ideas for SMB/Netbios and SNMP. On Fri, Mar 21, 2008 at 1:11 AM, Z <shasbot () gmail com> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey, I am planning on applying to Nmap's summer of code project, specifically to develop NSE scripts. I was wondering what scripts people would find useful that are not currently out there, so I figure this would be a good place to get in touch with. I will likely ask around on some ethical hacking forums and the like too, just checking around to see what the demand is from the users. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH41F6cbq6yPGNLfMRAmijAJwN/z8b+hnhanFRxjQMTjW9Oq5tGwCdGvRN jNSPPboR4Cs6MvN8I0cK0es= =feV7 -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFH6uivqaGPzAsl94IRAnOAAKCpp0ta6lWukqq3ILHQ37g8LOzE9QCfelfa B1BQWgzEs3lgKwohwhpxOio= =da/y -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Summer of Code Script Ideas Z (Mar 20)
- Re: Summer of Code Script Ideas Kris Katterjohn (Mar 24)
- Re: Summer of Code Script Ideas Shas bot (Mar 24)
- Re: Summer of Code Script Ideas Brandon Enright (Mar 24)
- Re: Summer of Code Script Ideas Arturo 'Buanzo' Busleiman (Mar 24)
- Re: Summer of Code Script Ideas Eddie Bell (Mar 24)
- Re: Summer of Code Script Ideas Arturo 'Buanzo' Busleiman (Mar 24)
- Re: Summer of Code Script Ideas Eddie Bell (Mar 24)
- Re: Summer of Code Script Ideas Arturo 'Buanzo' Busleiman (Mar 24)
- Re: Summer of Code Script Ideas Kris Katterjohn (Mar 24)
- Re: Summer of Code Script Ideas Brandon Enright (Mar 26)