Nmap Development mailing list archives

Re: NSE PJL proof of concept

From: David Fifield <david () bamsoftware com>
Date: Mon, 13 Jul 2009 14:30:35 -0600

On Mon, Jul 13, 2009 at 01:14:16PM -0700, Aaron Leininger wrote:

Are you remembering to end each command with "\r\n"? That's all I can
think of. If it works in Ncat there's no reason it shouldn't work in
NSE.


Yes. I am sending the same probe regardless of the specified target. I
still can't figure out why the 5si doesn't seem to respond to NSE when
it does respond to the same probe from ncat.


Maybe try a plain "\n" then. That's what Ncat sends without the -C
option. Other than that I have no guess. You can try a packet capture
and see if there are any tiny differences in what's being sent. Also try
running
        ncat --hex-dump ncat.txt
        nmap --version-trace
Those will give you hex dumps of what is sent and received.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: NSE PJL proof of concept, (continued)
- Re: NSE PJL proof of concept jah (Jul 10)
  - RE: NSE PJL proof of concept Aaron Leininger (Jul 10)
    - RE: NSE PJL proof of concept Aaron Leininger (Jul 10)
    - Re: NSE PJL proof of concept David Fifield (Jul 10)
    - RE: NSE PJL proof of concept Aaron Leininger (Jul 10)
    - Re: NSE PJL proof of concept Fyodor (Jul 11)
    - Re: NSE PJL proof of concept Fyodor (Jul 11)
    - RE: NSE PJL proof of concept Aaron Leininger (Jul 13)
    - Re: NSE PJL proof of concept David Fifield (Jul 13)
    - RE: NSE PJL proof of concept Aaron Leininger (Jul 13)
    - Re: NSE PJL proof of concept David Fifield (Jul 13)
- Re: NSE PJL proof of concept David Fifield (Jul 10)
- Re: NSE PJL proof of concept luis reyes (Jul 10)