Nmap Development mailing list archives
Re: [NSE] Draft - targets-sniffer.nse
From: Nick Nikolaou <nikolasnikolaou1 () gmail com>
Date: Sat, 26 Mar 2011 15:16:48 +0000
Hey guys, I made some changes to the script: 1. Added support for Djalal's interface patch. The user can now select the interface using -e. If an interface is not specified the script falls back to eth0. If that doesn't work it prints an error message. 2. The script now gets the local IP address using the get_interface_info() function and makes sure that it's never added to newtargets. 3. Since nmap checks for duplicates when adding the IP addresses to newtargets, there no reason for the script to do it. 4. The script now prints an error message when not ran as root. Thanks for your feedback. I still couldn't get the socket to timeout properly which seems to be the main problem at the moment. I'm also having some trouble getting the IP addresses using the packet library. Once again, I appreciate any feedback. Cheers, Nick On 24 March 2011 21:49, Nick Nikolaou <nikolasnikolaou1 () gmail com> wrote:
On 22 March 2011 23:32, Djalal Harouni <tixxdz () opendz org> wrote:In your script I see that you have a check for duplicates new targets, you can drop it. Nmap internals already do this check, and if you want to see it just use -d3.Hey Djalal, I suspected that but forgot to confirm it. Thanks. You can do this: target.add(unpack(array_of_targets)) Thanks, made the changes. Please use the second version of the patch [1] and let us know if thereare any bugs, and with that patch you can choose the network interface to use: * For prerule scripts: Nmap -e or -S options. * For hostrule/portrule: just use the host table (host.interface).e.g: ./nmap -sL --script targets-sniffer.nse --script-args=newtargets -e eth0I just applied the patch. I 'll report back once I get some spare time to make the changes to the script. Nick On 22 March 2011 23:32, Djalal Harouni <tixxdz () opendz org> wrote:On 2011-03-22 11:56:19 -0700, David Fifield wrote:On Tue, Mar 22, 2011 at 06:44:03PM +0000, Nick Nikolaou wrote:Hello everyone, Attached is a draft of a targets-sniffer script. The script sniffs foraconfigured amount of a time and adds addresses from packets it sees in newtargets. (https://secwiki.org/w/Nmap_Script_Ideas#targets-sniffer)In your script I see that you have a check for duplicates new targets, you can drop it. Nmap internals already do this check, and if you want to see it just use -d3. You can do this: target.add(unpack(array_of_targets))*Issues that need to be resolved:* 1) The sniffing interface is hard-coded at the moment. Is there a wayto getthe active interface in a prerule script? Alternatively I could changetherule to a hostrule. (and maybe a high enough runlevel to ensure thescriptruns first?)We don't have a way for scripts to get the list of interfaces, but Djalal has a patch to do it: http://seclists.org/nmap-dev/2011/q1/291. It hasn't been added yet because there isn't a script to use it, but you can make it a part of your patch if it helps.Please use the second version of the patch [1] and let us know if there are any bugs, and with that patch you can choose the network interface to use: * For prerule scripts: Nmap -e or -S options. * For hostrule/portrule: just use the host table (host.interface). e.g: ./nmap -sL --script targets-sniffer.nse --script-args=newtargets -e eth0 You can also check the type of the interface to report errors ... etc David just a note: The get_interface_info() function of the network interfaces patch should replace the nmap.get_interface_link() function. [1] http://seclists.org/nmap-dev/2011/q1/734 -- tixxdz http://opendz.org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Kris Katterjohn (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse David Fifield (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 24)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Toni Ruottu (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Abuse007 (Mar 30)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 22)