Re: how to look about the receive data of p acket from destinational host

["Joshua D. Abraham" <jabra () ccs neu edu>]

On 11.May.2006 08:01AM +0000, Brandon Enright wrote:

> On Thu, 2006-05-11 at 15:08 +0800, zf81811 wrote:
> > hello  every one
> >
> > how to look about the receive data of packet from destinational host?
> >
> > the receive data is the data used to compare to the fingerprinting.
> >
> > thanks,good luck!
>
> It sounds like you may want the banner information like what Amap would
> provide.  Check out Joshua Abraham's (jabra () ccs neu edu) banner printing
> patch available at
> <http://www.ccs.neu.edu/home/jabra/dstudy/nmap-4.01-banner-xmlfix.tar.bz2>.  You'll probably want to check the 
> archives for more information.
>
> If you are looking for the raw un-sanitized data received from a service
> fingerprint probe something like that doesn't really exist. The data is
> there internally but it isn't clear if there is a good way to present
> the information to the user.  It's something that either Joshua or
> myself may be interested in coding up in the future.

The raw data could easily be extracted with a modification to my
patch. However, the data could be several lines long. My patch
truncates the response to a single line and therefore maybe what
you are looking for.

If you have any suggestions please feel free to let me know.

http://www.ccs.neu.edu/home/jabra/dstudy/nmap-4.01-banner-xmlfix.tar.bz2

Regards,
Josh

-- 
Joshua D. Abraham
Northeastern University
College of Computer and Information Science
www.ccs.neu.edu/home/jabra


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev