Nmap Development mailing list archives
Re: Ncrack discussion
From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Fri, 15 May 2009 00:42:21 +0300
jah wrote:
On 14/05/2009 21:27, ithilgore wrote:However, using brackets will involve having to escape them in most shells. Since we want to avoid that, another character might be more appropriate. What about using slashes?I suggested brackets because Nmap allows their use in port specification: nmap -p [-1024]
It does, but that doesn't mean that it is safe to do so. Nmap's man page mentions that: "Ranges of ports can be surrounded by square brackets to indicate ports inside that range that appear in nmap-services. For example, the following will scan all ports in nmap-services equal to or below 1024: -p [-1024]. Be careful with shell expansions and quote the argument to -p if unsure." Brackets are used in most shells as character-class regular expression matchers.
to mean (in this case) TCP ports listed in nmap-services up-to and including port 1024. I wasn't aware that they might need to be escaped. Slashes do indeed look ugly and it also looks like a path separator. How about: ncrack scanme.nmap.org<ftp:9000> or perhaps not even enclosing the proto:port list: ncrack scanme.nmap.org:21,22,ftp:9000 foo.bar.com:telnet:9000,ssh:9001 and maybe allow a few variations on the separator between the host and it's ports/services - such as : or + or % or @
Perhaps offering a few variations including / and < > is the way to go. Brackets may also be supported but the user will be warned to escape them if need be.
jah
-- ithilgore _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ncrack discussion ithilgore (May 14)
- Re: Ncrack discussion Kris Katterjohn (May 14)
- Re: Ncrack discussion Arturo 'Buanzo' Busleiman (May 14)
- Re: Ncrack discussion sara fink (May 16)
- Re: Ncrack discussion ithilgore (May 16)
- Re: Ncrack discussion Arturo 'Buanzo' Busleiman (May 14)
- Re: Ncrack discussion Kris Katterjohn (May 14)
- Re: Ncrack discussion jah (May 14)
- Re: Ncrack discussion ithilgore (May 14)
- Re: Ncrack discussion jah (May 14)
- Re: Ncrack discussion ithilgore (May 14)
- Re: Ncrack discussion doug (May 14)
- Re: Ncrack discussion Dnucna (May 15)
- Re: Ncrack discussion ithilgore (May 14)
- What is this error? Jones, David H (May 15)
- RE: What is this error? Aaron Leininger (May 15)
- Re: What is this error? Michael Pattrick (May 15)