Nmap Development mailing list archives
Re: [NSE] hostmap.nse, hostnames discovery
From: Gutek <ange.gutek () gmail com>
Date: Sun, 03 Oct 2010 17:05:51 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Le 15/09/2010 22:54, Gutek a écrit :
Further developpement: o Besides hostmap.nse creates a target-list file if such an argument is provided, I'm very interested in the new "target-add" feature. I think it will also be invoqued via an arg. I will keep the file creation because its first goal is to be usable with other security tools like, say, a web vulnerability scanner.
Hi list, This update adds the target-add feature. Every target found is added to the scan queue, which is very interesting if the script is called along with other web-oriented scripts. For example the primary target may look safe, but another co-hosted vhost could show a flaw which could lead to the whole server compromission. This script is also now a prerule script. This gives the ability to gather informations passively without having to actually scan the target (user just have to omit the newtargets argument). Here is an example output : linux-pb94:/home/Gutek # nmap -p80 -PN -n --script=hostmap.nse,html-title.nse --script-args newtargets,hostmap.host="nmap.org",hostmap.file="a_famous_scanner_hostmap.nmap" Starting Nmap 5.35DC18 ( http://nmap.org ) at 2010-10-03 16:35 CEST Pre-scan script results: | hostmap: (results from bfk.de database) | insecure.org | download.insecure.org | images.insecure.org | www.insecure.org | nmap.org | www.nmap.org | sectools.org | mirror.sectools.org | www.sectools.org | seclists.org |_(file created: a_famous_scanner_hostmap.nmap) Nmap scan report for insecure.org (74.207.254.18) Host is up (0.19s latency). PORT STATE SERVICE 80/tcp open http |_html-title: Insecure.Org - Nmap Free Security Scanner, Tools & Hacking res... (...) Nmap scan report for sectools.org (74.207.254.18) Host is up (0.19s latency). PORT STATE SERVICE 80/tcp open http |_html-title: Top 100 Network Security Tools Nmap scan report for seclists.org (74.207.254.18) Host is up (0.19s latency). PORT STATE SERVICE 80/tcp open http |_html-title: SecLists.Org Security Mailing List Archive Thanks for those new prerule and target add features :) A.G. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkyom88ACgkQ3aDTTO0ha7gFtQCdGSGPzxdPbMyh5QZCBR76KXpE xGsAn0bg8FZ4eisf/kY1G8byp9n8DJ5f =NsIY -----END PGP SIGNATURE-----
Attachment:
hostmap.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] hostmap.nse, hostnames discovery Gutek (Oct 03)
- Re: [NSE] hostmap.nse, hostnames discovery David Fifield (Oct 15)
- Re: [NSE] hostmap.nse, hostnames discovery Gutek (Oct 16)
- Re: [NSE] hostmap.nse, hostnames discovery David Fifield (Oct 15)