Nmap Development mailing list archives
Re: [RFC] Output file option for capturing service and os fingerprints
From: "Michael Pattrick" <mpattrick () rhinovirus org>
Date: Thu, 19 Jun 2008 20:47:45 -0400
Hey tom, I just noticed that Brandon already posted a script for this, but I wrote one too! lol It lists all unidentified OS fingerprints(or all fingerprints if the scan was -v or -d) and all unidentified services. It requires the latest Nmap::Parser[1] and the output is like this:
perl getOS.pl scan.xml
IP: 10.0.0.2 SCAN(V=4.65%D=6/19%OT=14334%CT=%CU=42336%PV=Y%DS=1%G=N%M=0016D3%TM=485AFC95%P=x86_64-unknown-linux-gnu) SEQ(SP=FA%GCD=1%ISR=103%TI=I%II=I%SS=S%TS=0) OPS(O1=M5B4NW0NNT00NNS%O2=M5B4NW0NNT00NNS%O3=M5B4NW0NNT00%O4=M5B4NW0NNT00NNS%O5=M5B4NW0NNT00NNS%O6=M5B4NNT00NNS) ...snip... IE(R=Y%DFI=S%T=80%TOSI=Z%CD=Z%SI=S%DLI=S) Unidentified service, TCP port 14334: SF-Port14334-TCP:V=4.65%I=7%D=6/19%Time=485AFC82%P=x86_64-unknown-linux-gnu%r(GetRequest,20,"\xbf\x13\xde ...snip... SF:r\x88\x97a\x0c")%r(SIPOptions,20,"\xfc\xac\|\xf8\xa9\x04\x07\xa5\x20\x1 SF:c\x88\xbc7k\]\xd1\xf3\xa7\xa8\x90\xb3qE\?\x8d\xa4\ I hope this is what you were thinking of. Cheers, Michael [1] http://nmapparser.wordpress.com/ On Thu, Jun 19, 2008 at 6:25 PM, Tom Sellers <nmap () fadedcode net> wrote:
I have concept for a patch that I might try my hand at writing. Before I do this I want to make sure that the change is something that others would find useful and has a chance of being accepted. What I would like to do is add the ability to specify an output file on the command line that would be used to capture service and os fingerprints. It would need to work in addition is any other requested output formats. In short what I have in mind is using a command like this: nmap -sV -O -R -oFP fingerprints.txt --append-output 192.168.1.1/24 nmap -sV -O -R -oFP fingerprints.txt --append-output 192.168.2.1/24 The goal would be to be able to scan multiple large network segments and then check the files for unidentified services and devices. I have some very basic c skills and looking at the code this change looks like something I might be able to do. For the service portion I think most of the changes would be in the program argument handling section in nmap.cc, the output header file, some changes around 822 in output.cc, and then making sure the file is closed properly. Any thoughts on this? Oh, if there is already a simple way to do this please break out the clue stick and fill me in. Thanks, Tom _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Attachment:
getOS.pl
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [RFC] Output file option for capturing service and os fingerprints Tom Sellers (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints David Fifield (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints Tom Sellers (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints Brandon Enright (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints Michael Pattrick (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints Brandon Enright (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints Michael Pattrick (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints Brandon Enright (Jun 20)
- Re: [RFC] Output file option for capturing service and os fingerprints Michael Pattrick (Jun 20)
- Re: [RFC] Output file option for capturing service and os fingerprints Brandon Enright (Jun 20)
- Re: [RFC] Output file option for capturing service and os fingerprints Brandon Enright (Jun 20)
- Re: [RFC] Output file option for capturing service and os fingerprints Brandon Enright (Jun 19)
- Re: [RFC] Output file option for capturing service and os fingerprints David Fifield (Jun 19)