Nmap Development mailing list archives
Re: ipv6-node-info script
From: David Fifield <david () bamsoftware com>
Date: Mon, 31 Oct 2011 13:28:38 -0700
On Mon, Oct 31, 2011 at 08:00:11PM +0100, Patrik Karlsson wrote:
On Sat, Oct 29, 2011 at 9:48 PM, David Fifield <david () bamsoftware com>wrote:Hi, I have just committed a new script, ipv6-node-info. This script gets hostnames, IPv4 and IPv6 addresses using Node Information queries from RFC 4620. Sample output looks like this: | ipv6-node-info: | Hostnames: mac-mini.local | IPv6 addresses: fe80::a8bb:ccff:fedd:eeff, 2001:db8:1234:1234::3 |_ IPv4 addresses: (actually hostnames) mac-mini.local Luis and I discovered Node Information queries while developing the IPv6 OS engine (one of the OS probes is a NI query). I have only been able to get this script to work against Mac OS X on a link-local address. It doesn't seem to work when run against a routed address. The fingerprints we've gotten so far indicate that it should also work against some versions of OpenBSD and Apple iOS. The "actually hostnames" above is because of an apparent bug where OS X returns a list of host names instead of a list of IPv4 addresses. The script checks for this and inserts "actually hostnames" when it detects that. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/I've tested this script from OS X 10.7.2 against OS X 10.7.2. I'm seeing "sendmsg: No route to host" from the script, however Nmap show some open ports. I've tried supplying %en0 at the end of the address and setting -e en0 as argument.
This is because of a bug in the send_ip function. It extracts the destination address from the packet buffer, which does not contain enough information to recover the IPv6 scope_id. Nmap's internal packet sending functions used to work this way too, and I had to overhaul them in r26621 so that they take an explicit destination sockaddr. ip_send needs to work the same way. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ipv6-node-info script David Fifield (Oct 29)
- Re: ipv6-node-info script Patrik Karlsson (Oct 31)
- Re: ipv6-node-info script David Fifield (Oct 31)
- Re: ipv6-node-info script Patrik Karlsson (Oct 31)