Re: [RFC] Output file option for capturing service and os fingerprints

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 19 Jun 2008 20:47:45 -0400
"Michael Pattrick" <mpattrick () rhinovirus org> wrote:

> Hey tom,
>
> I just noticed that Brandon already posted a script for this, but I
> wrote one too! lol
>
> It lists all unidentified OS fingerprints(or all fingerprints if the
> scan was -v or -d) and all unidentified services.
> It requires the latest Nmap::Parser[1] and the output is like this:

This is good because mine doesn't handle OS fingerprints.

It occurs to me that if people are seriously using the servicefp=
attribute we should probably expand the buffer beyond 2k.  When I
patched Nmap to include the the fingerprint I limited xml_sf_convert()
routine to 2035 bytes.

I don't have my head wrapped around all the output.cc code anymore so I
can't remember what buffers are where but at only 2k, many fingerprints
will be truncated in XML.  Someone should probably look into removing
that limitation so that XML provides the same quality of output
service_fp that "normal" does.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkhbAokACgkQqaGPzAsl94JuGACfS0p/0NJNjga7HwCYAg/qW489
1GIAn3npN9NzQ/ntw4TdjdG4gWh9x9FX
=TCN2
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org