Nmap Development mailing list archives
Re: NSEC Enumeration script
From: John Bond <john.r.bond () gmail com>
Date: Mon, 16 May 2011 23:22:01 +0200
On 16 May 2011 23:12, John Bond <john.r.bond () gmail com> wrote:
The best thing i can think of is using something like the following subdomain = base32.enc(openssl.rand_bytes(20),true)
Another idea could be to do something like the following. request a.domain.com this lets us know that the next label after a.domain.com is hash(secret.a) we then request b.domain.com this lets us know that the next label after b.domain.com is hash(secret.b) if hash(secret.a) == hash(secret.b) then nextdomain = "c.domain.com" else nextdomain = "am.domain.com" end the above example assumes just 26 valid where m would be char 13 and therefore the one in the middle. however i have to admit that this level of sorting algorithm is well beyond my level of coding. its also worth mentioning that the subdomain logic for this script is a bit more difficult then nsec _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: NSEC Enumeration script David Fifield (Apr 04)
- Re: NSEC Enumeration script Rajendra Pondel (Apr 04)
- Re: NSEC Enumeration script John Bond (Apr 05)
- Re: NSEC Enumeration script John Bond (Apr 07)
- Re: NSEC Enumeration script David Fifield (Apr 18)
- Re: NSEC Enumeration script John Bond (Apr 19)
- Re: NSEC Enumeration script John Bond (May 16)
- Re: NSEC Enumeration script John Bond (May 16)
- Re: NSEC Enumeration script John Bond (Apr 07)