Nmap Development mailing list archives
Re: Extending NMap UDP Payloads
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 4 Jan 2017 21:42:46 -0600
Tim, You can definitely do this, but only one payload will be sent during the port scan phase. If you want to change that payload, which is used to elicit an application response to determine if the port is open, then make the change to the nmap-payloads file. If you want to leave that probe, but use a different one for version detection (which can confirm that a port is open instead of just open|filtered), then add a Probe line to nmap-service-probes. Supporting multiple payloads would be an interesting idea. We'd have to decide whether to send additional ones after a full timeout of the first probe or after a shorter time, and whether to increase the number of retries based on the number of payloads available. Dan On Wed, Jan 4, 2017 at 8:24 AM, Tim Tim <projectgithub007 () gmail com> wrote:
Hi All, I have a theoretical question I was hoping someone could assist me with. If I wanted to add my own UDP probes into NMap for ports that already have a payloads associated with them e.g. DNS UDP 53. Is this currently possible within NMap - is it as simple as adding a new entry within the nmap-payloads file, or will NMap only test a single payload? Apologies if this is clear and I am being foolish. Many Thanks TW _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Extending NMap UDP Payloads Tim Tim (Jan 04)
- Re: Extending NMap UDP Payloads Daniel Miller (Jan 04)