Nmap Development mailing list archives
Re: Two NSE questions
From: Ron <ron () skullsecurity net>
Date: Mon, 31 Aug 2009 20:39:21 -0500
On 08/30/2009 12:57 AM, Fyodor wrote:
On Sat, Aug 29, 2009 at 08:46:39PM -0500, Ron wrote:First, I need to set my source port to UDP/68 for these transactions. I don't see any way to do that using the connect() function. I realize that UDP/68 is reserved so r00t is required, but -sU requires root anyways.This is supported by Nsock, but there may not currently be an NSE binding for using this feature. Ncat supports this (try ncat -u -p 68 scanme.nmap.org). In Nsock, I think you basically just call this function: /* Sets the local address to bind to before connect() */ int nsi_set_localaddr(nsock_iod nsi, struct sockaddr_storage *ss, size_t sslen); The local address and/or port number can be specified in the sockaddr_storage. Here is how ncat does it: if (srcport != -1) { if (o.listen) bye("-l and -p are incompatible. Specify the address and port to bind to like you would a host to connect to."); if (srcaddr.storage.ss_family == AF_UNSPEC) srcaddr.storage.ss_family = o.af; if (o.af == AF_INET) { srcaddr.in.sin_port = htons((unsigned short) srcport); if (!srcaddrlen) srcaddrlen = sizeof(srcaddr.in); } #ifdef HAVE_IPV6 else { srcaddr.in6.sin6_port = htons((unsigned short) srcport); if (!srcaddrlen) srcaddrlen = sizeof(srcaddr.in6); } #endif } Cheers, -F
Hey, would somebody mind adding this? It'd be nice to have, and I don't really want to muck around in the bindings myself.
On a related topic, it'd also be nice to have some method of creating a listening socket. That'd make it easier to port exploits to NSE from their original Perl/Python/whatever. It'd be fun implementing exploits in Nmap :). I don't think Nsock has that capability, though, so it might be a lot of work?
Ron -- Ron Bowes http://www.skullsecurity.org/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Two NSE questions Ron (Aug 29)
- Re: Two NSE questions Patrick Donnelly (Aug 29)
- Re: Two NSE questions Ron (Aug 29)
- Re: Two NSE questions Fyodor (Aug 29)
- Re: Two NSE questions Ron (Aug 31)
- Re: Two NSE questions David Fifield (Sep 01)
- Re: Two NSE questions Kris Katterjohn (Sep 01)
- Re: Two NSE questions Kris Katterjohn (Sep 01)
- Re: Two NSE questions David Fifield (Sep 29)
- Re: Two NSE questions Ron (Sep 29)
- Re: Two NSE questions David Fifield (Sep 30)
- Re: Two NSE questions Kris Katterjohn (Sep 30)
- Re: Two NSE questions Ron (Aug 31)
- Re: Two NSE questions Patrick Donnelly (Aug 29)