Nmap Development mailing list archives
Scanning through socks proxy
From: Wolfric <wolfric1 () gmail com>
Date: Wed, 15 Dec 2010 23:53:05 +0000
I'm sure this has been brought up already before although I can't seem to follow exactly what happened or what went wrong. Is there any chance someone can clarify if it is foreseeable to have proxy support in nmap or if not, why not. I've found what seems to be a patch implementing HTTP proxy, however it doesn't seem to be in the current build and there's no mention of it being dismissed: http://seclists.org/nmap-dev/2009/q1/644 Tom also mentioned on irc chan this explanation: 12:30 < TomS> If I remember correctly there has been some discussion about that on the list.. It seems that, at one point, basic socks support was built it.. I *think* what it boils down to is that nmap does some... um.. creative.. manipulation of the packets and any proxy would have to be custom written to replicate this .. manipulation.. or the results would be bad and, worse yet, you would not know it What i perceive to be the problem if there is one is that it restricts the usage of other features that are very often used since modes that require writing anything underneath raw tcp won't work. Just as modes conflict with each other, why not just have a basic connect scan with service scanning available with proxy and just return an error if you the user tries to use something that requires raw frames. I realise you can hijack the connect() function and tunnel it that way with another program (such as proxychains) however it would seem like reasonably useful feature to include in nmap itself. Can anyone shed some light Wolfric _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Scanning through socks proxy Wolfric (Dec 15)
- Re: Scanning through socks proxy Fyodor (Dec 15)