Nmap Development mailing list archives
Re: dev Digest, Vol 124, Issue 30
From: ryan chou <jkryanchou () gmail com>
Date: Fri, 17 Jul 2015 10:26:38 +0800
I think it was pretty cool that we could use nmap through Tor. It will do help to our penetration now. And I hope Nmap's performances and stability will become better and better. 2015-07-16 3:58 GMT+08:00 <dev-request () nmap org>:
Send dev mailing list submissions to dev () nmap org To subscribe or unsubscribe via the World Wide Web, visit https://nmap.org/mailman/listinfo/dev or, via email, send a message with subject or body 'help' to dev-request () nmap org You can reach the person managing the list at dev-owner () nmap org When replying, please edit your Subject line so it is more specific than "Re: Contents of dev digest..." Today's Topics: 1. Re: Scanning trough proxy, including Tor: Ethical consideration (Daniel Miller) 2. problem with --spoof-mac option? (amine debbah) 3. Re: Nmap 6.49BETA4 on Android (Vlatko Kosturjak) 4. Re: Bug: nmap doesn't run on Windows XP anymore (Vlatko Kosturjak) 5. Re: Bug: nmap doesn't run on Windows XP anymore (Gisle Vanem) ---------------------------------------------------------------------- Message: 1 Date: Tue, 14 Jul 2015 14:13:51 -0500 From: Daniel Miller <bonsaiviking () gmail com> To: "Fabio Pietrosanti (naif) - lists" <lists () infosecurity ch> Cc: Andrew Jason Farabee <afarabee () uci edu>, Jacek Wielemborek <d33tah () gmail com>, Nmap-dev <dev () nmap org> Subject: Re: Scanning trough proxy, including Tor: Ethical consideration Message-ID: < CABmvJnM0Y2k-SryuEkjL3Sxk_Ze96os-qJBSJCV+4bYeuapRNg () mail gmail com> Content-Type: text/plain; charset="utf-8" On Tue, Jul 14, 2015 at 6:44 AM, Fabio Pietrosanti (naif) - lists < lists () infosecurity ch> wrote:Regarding the high-performance scanning trough proxy, including and especially Tor, did you considered the ethical aspects of such implementation? Up to now there are no point'n'click high-performance ports canning tool to work well behind Tor, this means that the Tor network abuse for ports canning exists, but it's not yet a major problem for Tor Exit Node operators. Whenever nmap will support scanning trough Tor with high-performance and high-accuracy, we will see a strong increase in amount of abuses of the Tor network. This will lead to problems to Tor Exit Node operators that on a volunteer basis support the Tor anonymity network. I'd suggest to keep the patch for scanning trough Tor, off nmap official software releases. I know it's a controversial topic, but consider the possible impact it will have on a public, free, volunteer run Tor network.Fabio, Thanks for this interesting perspective. I think that there are a few critical points here to keep in mind, which should help ease your mind and guide our progress. First, the goal of Andrew Farabee's GSOC project should not be stated as "implement scanning through Tor" or even "scanning of Tor hidden services." The actual capability we are seeking is "extend Nsock proxy support to allow connect-by-name." This is a basic capability of many existing proxy-aware programs like proxychains, Firefox, etc. We have gotten focused on Tor because connect-by-name is the *only* way to access hidden services. For this reason, they provide a nice way to test our capability. But the capability has much broader application. Imagine being able to SSH into a network, add a dynamic port forward, and scan the network with a local copy of Nmap. Additionally, the focus is not just Nmap and port scanning; The Nsock library is used by Ncat as well, so an example use case for the capability would be connecting to an Ncat --chat server hosted as a hidden service. Second, it is unlikely that any port scanning capability through Tor will ever be considered "high-performance" or "high-accuracy." The tunneled nature of Tor, coupled with the network's notoriously low bandwidth, means that scans will have to be very slow indeed to preserve accuracy. Nmap's automatic timing adjustments will probably require considerable tuning for this type of scenario to avoid grinding to a halt. Third, the capability to do port scanning through Tor already exists. It would take me all of 2 minutes to write a one-line command to looping proxychains-wrapped netcat over a list of servers and ports. There are guides to combining Nmap with proxychains that work to varying degrees of success. If exit node operators are not dealing with this now, then either they are not paying attention or it is not an issue. Exit policies provide a simple way to lock down an exit node, and the default exit policy is quite restrictive compared to the "needs" of someone looking to anonymize their port scanning activities. I hope this helped address some of your concerns. Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: < https://nmap.org/mailman/private/dev/attachments/20150714/41d4673c/attachment.html------------------------------ Message: 2 Date: Wed, 15 Jul 2015 01:46:55 +0200 From: amine debbah <debbah_amin () hotmail fr> To: "dev () nmap org" <dev () nmap org> Subject: problem with --spoof-mac option? Message-ID: <DUB121-W478AF079303FE9ACB42C61E69B0 () phx gbl> Content-Type: text/plain; charset="windows-1256" hi,i'm aminei'm new in nmap today i try to use an Firewall/IDS Evasion and Spoofing option wich is --spoof-macto scan a machine in my own home networkso i put these commandes => root@kali:~# nmap -sT -PN --spoof-mac 0 192.168.1.38& also this one root@kali:~# nmap -sT -PN --spoof-mac 11:22:33:44:55:66 192.168.1.38but when i analyze the packets with " Wireshark " i quickly realized my real mac addr is shown !i am using => Nmap 6.47 didn't found any post on the internet who deals with mac adresse spoofingmaybe people dont check their command on nmap :) Best regards -------------- next part -------------- An HTML attachment was scrubbed... URL: < https://nmap.org/mailman/private/dev/attachments/20150715/ea4fb6af/attachment.html------------------------------ Message: 3 Date: Wed, 15 Jul 2015 13:17:37 +0200 From: Vlatko Kosturjak <kost () linux hr> To: Vlatko Kosturjak <kost () linux hr> Cc: dev () nmap org Subject: Re: Nmap 6.49BETA4 on Android Message-ID: <20150715111737.GB15453 () griffin linux hr> Content-Type: text/plain; charset=utf-8 Hello! Forgot to add gist link with run_pie.c. On Mon, Jul 13, 2015 at 07:17:07AM +0200, Vlatko Kosturjak wrote:= Running binaries on previous Android versions Since new binaries are compiled with PIE support and Android versionsprior to version 4 did not support PIE ? does that mean there?s no way to run these binaries on older systems? It?s not completely true. There is a way to run these binaries, but the process involves of compiling small snippet available at gist:This small executable helps in running PIE executables where the linkerdoesn?t support PIE. So, for previous Android versions, you need to compile above gist and run nmap binary as following: https://gist.github.com/kost/5fd4628f45a4995bec28 Hope it helps, -- Vlatko Kosturjak - KoSt ------------------------------ Message: 4 Date: Wed, 15 Jul 2015 13:21:06 +0200 From: Vlatko Kosturjak <kost () linux hr> To: Gisle Vanem <gvanem () yahoo no> Cc: dev () nmap org Subject: Re: Bug: nmap doesn't run on Windows XP anymore Message-ID: <20150715112106.GC15453 () griffin linux hr> Content-Type: text/plain; charset=us-ascii On Sat, Jul 11, 2015 at 01:02:29PM +0200, Gisle Vanem wrote:Vlatko Kosturjak wrote:Nmap download page should be updated then: https://nmap.org/download.htmlIn my private build, I did use GetProcAddress() on these and use the newest API if available. Otherwise a fallback to GetIpForwardTable() for Win-XP. Vlatko, contact me off-list if you want a patch and is able to compile Nmap yourself.Gisle, Thanks on your info. I don't have a need of having Nmap on Windows XP. But could you provide your patch publicly somewhere (gist, github, etc), so other people can have benefit of it? Thanks in advance, -- Vlatko Kosturjak - KoSt ------------------------------ Message: 5 Date: Wed, 15 Jul 2015 21:56:35 +0200 From: Gisle Vanem <gvanem () yahoo no> To: dev () nmap org Subject: Re: Bug: nmap doesn't run on Windows XP anymore Message-ID: <55A6BAF3.9020405 () yahoo no> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Vlatko Kosturjak wrote:I don't have a need of having Nmap on Windows XP. But could you provide your patch publicly somewhere (gist, github, etc), so other people can have benefit of it?Here you go: https://gist.github.com/gvanem/2a0915e13f208fd150b8 Please comment. -- --gv ------------------------------ Subject: Digest Footer _______________________________________________ dev mailing list dev () nmap org https://nmap.org/mailman/listinfo/dev ------------------------------ End of dev Digest, Vol 124, Issue 30 ************************************
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: dev Digest, Vol 124, Issue 30 ryan chou (Jul 16)