Nmap Development mailing list archives
Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...)
From: Kris Katterjohn <katterjohn () gmail com>
Date: Wed, 17 Feb 2010 21:09:46 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/17/2010 07:16 PM, David Fifield wrote:
I tested out the branch and the script, and it looks good when run along with OS detection. IP ID Sequence Generation: Randomized Host script results: |_ipidseq: Randomized [used port 22] I like the overall look and interface of the new functions.
Great!
About Windows support: Have you (or anyone) tested raw sending to a non-Target? How are you testing this generally? If you have even just a short script snippet, that is fine.
I use ipidseq and just occasionally overwrite and hardcode to google.com:80 and use my router as the Nmap target (similar to kx's response): local port = 80 host.bin_ip = packet.iptobin("74.125.65.105")
I was thinking that the code should check for the option PACKET_SEND_ETH_STRONG and refuse to fall back to a raw socket in the case, but I can't find anywhere else where that is enforced.
Actually, I did this same thing.
In the C-Lua functions, I recommend including the strerror and perhaps errno in error strings.
This sounds good.
In the scripting.xml documentation, I think that the raw IP sending should be given primary coverage, with Ethernet sending mentioned at the end as an alternative for special situations (the opposite precedence that is there now). What do you think, and would you make that change if you agree?
Sure, this makes sense to me.
The nmap.is_privileged function I have no objection to. All the above is fine with me. One thing deserves some further design discussion, which is the nmap.get_ports function. I think it would be better to wrap PortList::nextPort more directly, giving scripts one-at-a-time access to port tables (and avoiding creating a potentially large table of tables, most of which won't be used by many scripts). A script that needs the full port list can easily create it by doing just what your C function does, looping with nextPort. Scripts like ipidseq.nse that need just any old port wouldn't need to allocate as much memory.
OK, this is good too. I'll give it a go.
I think the ipidseq script is a great idea. I know it's something I've wanted before.
Awesome.
David Fifield
Thanks! Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJLfK95AAoJEEQxgFs5kUfu5kkQAMhBdfDPkHjPQVXVpSYB5fns IH8IyEN7c1pg06C6jz8aBUQLbfzZmDLorN1AUsdipTBmg6CrfSLuocgknvSrKbZ1 WDgVzevG+sazWB9ZIBcXyQgfLAz+fOdhdELfmERI0kzxz6qcQEeXmy9P92E+L6We 4e4G9tem68Mq/JhMYeB2a0E+jcB/tndWaf8RFCfgOBUVQIMQrQVqHcVmK0WkrV7o 8FXG5wpnbJCpmhB+Loox7gHMJAzYw0VI5MjDf8R/xiJrb2QQnvPmKz1rXrL8Hq2X UikmGY8O9TWoW5C9FH7fLXHQXZGU/psiMPiy/14eyxmRhy8WmdnBOQ3jRwLlbOAd pvzcDl2sglP5FXU5uRHFUO/TvLtb0n8FUKXR1m+RJNP27mfcuk4A7mr8vFbHewsL faOY6Vh9iQ+OJu3FdBi/HSUd+h+cHTzEIU4sfa9SB3cwyEp0xNCzQbUj+MFGPO2D HqCAhN5s9t5wIKOKuRCMIayNa2Fsj8fbyu1KRq9lJKbx3Tow+IVy3rd+7BO+9aYa Rl9iGgXWCMfKy6o9K319XBUDeLxZAXctO3QP6aTsWYgMYYg5+bjqPmuczzeFuhhV NxQNK2+NKXUDV/EG/DfYDbAsodNDSEicbxZKCxhJ/ZlmOiGvV5wLmMQoTcmEULeR zy9v+csU2/jxOxIi/Z++ =6S1s -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...), (continued)
- Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Patrick Donnelly (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 12)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 16)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) David Fifield (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kurt (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) David Fifield (Feb 18)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 17)
- error compiling 5.21 Mike Calmus (Feb 20)
- Re: error compiling 5.21 David Fifield (Feb 22)
- Re: error compiling 5.21 Mike Calmus (Feb 23)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Patrick Donnelly (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 17)
- Re: Raw IP NSE Functionality David Fifield (Feb 23)
- Re: Raw IP NSE Functionality Patrick Donnelly (Feb 23)
- Re: Raw IP NSE Functionality Patrick Donnelly (Feb 23)
- Re: Raw IP NSE Functionality Kris Katterjohn (Feb 23)
- Re: Raw IP NSE Functionality David Fifield (Feb 23)