Nmap Development mailing list archives
Re: POC Payloader dat
From: Jay Fink <jay.fink () gmail com>
Date: Sat, 19 Dec 2009 12:16:59 -0500
On Mon, Dec 14, 2009 at 7:38 PM, Jay Fink <jay.fink () gmail com> wrote:
On Sun, Dec 13, 2009 at 5:32 PM, David Fifield <david () bamsoftware com> wrote:That looks pretty good, but if we're not going to be 100% compatible with Unicornscan's file, then there's no need for ours to look like theirs. The braces and semicolon can be removed. I'm thinking about a format more like we have in nmap-service-probes, with named fields instead of positional values. /* comment */ payload udp 1604,1645,1812 "\x1e\x00\x01\x30\x02\xfd\xa8\xe3\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" source 100
Attached is a sample of this; I guess the only question I have is do we really need the payload label? Wouldn't it be simpler with just: /* payload_citrix */ udp 1604,1645,1812 "\x1e\x00\x01\x30\x02\xfd\xa8\xe3\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" source 100 So basically - pending that first label - I am about ready to jump off. I will need to do some more mining to figure out which payloads can share dports and who might need a non-magic sport but at least with the format down I can get started.. I *don't* want to start without a final format :-) thanks, j
Attachment:
payloads
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- POC Payloader dat Jay Fink (Nov 23)
- Re: POC Payloader dat Jay Fink (Nov 24)
- Re: POC Payloader dat David Fifield (Nov 25)
- Re: POC Payloader dat Jay Fink (Nov 25)
- Re: POC Payloader dat Jay Fink (Nov 30)
- Re: POC Payloader dat Jay Fink (Dec 04)
- Re: POC Payloader dat Jay Fink (Dec 09)
- Re: POC Payloader dat David Fifield (Dec 13)
- Re: POC Payloader dat Jay Fink (Dec 14)
- Re: POC Payloader dat Jay Fink (Dec 19)
- Re: POC Payloader dat David Fifield (Dec 21)
- Re: POC Payloader dat Jay Fink (Dec 22)
- Re: POC Payloader dat Jay Fink (Dec 26)
- Re: POC Payloader dat David Fifield (Dec 27)
- Re: POC Payloader dat Jay Fink (Dec 28)
- Re: POC Payloader dat Jay Fink (Dec 30)
- Re: POC Payloader dat David Fifield (Dec 30)
- Re: POC Payloader dat Jay Fink (Dec 30)