Nmap Development mailing list archives
Re: Bug report, error in documentation
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 1 Feb 2017 08:06:32 -0600
This is not an error in documentation: the script will run just fine on port 443 as in the example, since that port is a "known SSL port." There are 19 such ports and 14 service names that get this special treatment. For other services, it's recommended that you use -sV to perform version scanning, since this will detect a simple SSL tunnel in the vast majority of cases. There are only a small handful of times where "+" is needed (user knows SSL is present and wants to skip version scan, etc.), and a good many times where it would be useless or result in a ton of extra probing, so we keep the documentation light on that feature: https://nmap.org/book/nse-usage.html#nse-cmd-line-args and https://nmap.org/book/man-nse.html I've added a recommendation to use -sV to the documentation. Hopefully this will clear up the confusion. Dan On Tue, Jan 31, 2017 at 2:23 PM, ToddAndMargo <ToddAndMargo () zoho com> wrote:
Dear NMap Bugs, On your web page https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html You show a sample run string Example Usage nmap --script ssl-enum-ciphers -p 443 <host> with a sample result: Script Output PORT STATE SERVICE REASON 443/tcp open https syn-ack | ssl-enum-ciphers: | TLSv1.0: | ciphers: | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A and on and so forth that shows the various ciphers. Bug: to actually get this output (report), you need to add a plus sign "+" in front of the name of the script. The correct example should be: nmap --script *+*ssl-enum-ciphers -p 443 <host> I pulled some hair out trying to get this report before I realized the missing plus sign. Many thanks, -T -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Computers are like air conditioners. They malfunction when you open windows ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bug report, error in documentation ToddAndMargo (Jan 31)
- Re: Bug report, error in documentation Daniel Miller (Feb 01)
- Re: Bug report, error in documentation ToddAndMargo (Feb 02)
- Re: Bug report, error in documentation Robin Wood (Feb 02)
- Re: Bug report, error in documentation ToddAndMargo (Feb 02)
- <Possible follow-ups>
- Re: Bug report, error in documentation Varunram Ganesh (Jan 31)
- Re: Bug report, error in documentation ToddAndMargo (Feb 01)
- Re: Bug report, error in documentation Daniel Miller (Feb 01)