Nmap Development mailing list archives
Re: dns-fuzz script is not working with example usage command
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 31 Jan 2014 09:37:20 -0600
On 01/27/2014 10:23 AM, Fabian Bräunlein wrote:
I figured out that the rule for this script is:>portrule = shortport.portnumber(53, "udp")which only takes UDP into account. However, the example usage command solely performs a TCP scan, so the script's action will never be executed. Nevertheless, the DNS standard also requires TCP support ( http://tools.ietf.org/search/rfc5966) for large messages and zone transfers, so it may be good to run the script likewise when an open TCP-port 53 was encountered. I think, there are a few options to resolve this issue: - by updating the doc page (+ comments in the script) - e.g. changing the example usage command to something like nmap -sU -p53 --script dns-fuzz --script-args timelimit=2h <target> - clarify, that an UDP scan on port 53 is necessary
Fabian,I think I have addressed these issues in r32688 and r32689. With John Bond's added TCP support in dns.lua, I was able to add TCP support fairly easily, though it could stand some additional testing. For clarity, I changed the usage statement to suggest -sU, since that is what the script was designed for. Thanks for reporting this issue!
Dan _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- dns-fuzz script is not working with example usage command Fabian Bräunlein (Jan 27)
- Re: dns-fuzz script is not working with example usage command John Bond (Jan 28)
- Re: dns-fuzz script is not working with example usage command John Bond (Jan 29)
- Re: dns-fuzz script is not working with example usage command Daniel Miller (Jan 31)
- Re: dns-fuzz script is not working with example usage command John Bond (Feb 10)
- Re: dns-fuzz script is not working with example usage command Daniel Miller (Feb 10)
- Re: dns-fuzz script is not working with example usage command John Bond (Feb 10)
- Re: dns-fuzz script is not working with example usage command John Bond (Feb 11)
- Re: dns-fuzz script is not working with example usage command John Bond (Feb 11)
- Re: dns-fuzz script is not working with example usage command John Bond (Jan 29)
- Re: dns-fuzz script is not working with example usage command John Bond (Jan 28)