Nmap Development mailing list archives
RRe: RFC on Ncrack, A new network authentication cracker
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 1 May 2009 08:21:55 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 1 May 2009 17:31:50 +1000 or thereabouts Professor 0110 <professor0110 () gmail com> wrote:
I think this is a great idea. I was also wondering if Nmap will ever integrate Nessus and Metasploit like capabilities into it. Maybe not necessarily put as part of the Nmap Framework - like Ncrack - but developed by the Nmap team.
I'd say that with NSE Nmap has the capability. Not only does it take a lot of hard work to develop exploits and checks for security vulnerabilities, it takes people with talent specific in those areas. The thing Nessus and Metasploit really have going for them is the developer talent to come up with and implement so many complicated checks and exploits. I think scripts like Ron's smb-* are a perfect example of how Nmap can be used to do Nessus and Metasploit-like things. We need to change the perception that the best way to code up exploits, PoC code, and checks it to turn to Python+scapy or a Metasploit module. We need anybody thinking about writing a stand-alone scanner for some vulnerability (like the Conficker scanner) to think of Nmap as the fastest, easiest, and most portable way to bring a tool to the masses. We're already starting to change people's perceptions. I think a lot of people had no idea NSE existed until Ron ported the Conficker scanning routines to NSE. We can help this along by porting any open code that could 1) benefit from NSE's inherent parallelism and 2) benefit from Nmap's exceptional ability to quickly find services on lots of hosts. At the risk of being too long-winded, here is an example from my own experience: When the RealVNC Auth Bypass vulnerability was discovered I wrote a check using TCL+Expect+Bash and it was so slow it was barely useful. My boss then wrote the same check in Java using a bunch of threads. This was about 10 times faster but used about 100 times as much memory. I then wrote the check in perl and had about the same speed as the Java scanner but wasted far less memory. I finally ported the check to a NSE script. The NSE script uses about the same memory as the perl check (amortized over many hosts) but is at least 10 times faster in a default scan and can be made to be hundreds of times faster with a few Nmap options. And it is the most accurate of all of the checks. The more people that have this sort of experience or hear about things like this from others the more people will think of Nmap+NSE as a Nessus/Metasploit alternative/competitor. In short: we're on the right track. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEARECAAYFAkn6sSoACgkQqaGPzAsl94JhwwCfZpYaguXB/NDHK9GqfgpMrhLB TI4An2I5dVbVqlxmw85GmSUsbNt6lf1L =g4MX -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- RFC on Ncrack, A new network authentication cracker Fyodor (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Luis M. (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker ithilgore (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Lionel Cons (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Michael Pattrick (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Arturo 'Buanzo' Busleiman (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Justin Knox (Apr 29)
- Re: RFC on Ncrack, A new network authentication cracker Professor 0110 (May 01)
- RRe: RFC on Ncrack, A new network authentication cracker Brandon Enright (May 01)
- Re: RFC on Ncrack, A new network authentication cracker Justin Knox (Apr 29)
- Re: RFC on Ncrack, A new network authentication cracker Kris Katterjohn (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Corey Chandler (Apr 28)
- RE: RFC on Ncrack, A new network authentication cracker Aaron Leininger (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker jah (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Corey Chandler (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Joao Correa (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker Henri Salo (Apr 29)
- Re: RFC on Ncrack, A new network authentication cracker Corey Chandler (Apr 28)
- Re: RFC on Ncrack, A new network authentication cracker DePriest, Jason R. (May 03)