Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

R: [SCRIPT] NetBIOS name and MAC query script

From: "Speziale Daniele" <daniele.speziale () telecomitalia it>
Date: Tue, 27 Mar 2007 08:59:12 +0200
Hi Brandon,
it is possible get info about user logged and windows domain in another
update script, because for me that have a very large network (>100K
nodes) it is important get that info once.

Thank you
Daniele


-----Messaggio originale-----
Da: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org]
Per conto di Brandon Enright
Inviato: sabato 24 marzo 2007 22.31
A: Eddie Bell
Cc: nmap-dev () insecure org; bmenrigh () ucsd edu
Oggetto: Re: [SCRIPT] NetBIOS name and MAC query script

Hey Eddie, All,

After reading the NSE documentation (why didn't I look for this in the
first place?) I've updated/enhanced this NBSTAT script (attached):

* When data is received from port U137 the state is changed to open.

* Only hosts that have 135|139|445|U137 open are queried.  This should
cut down on the number of hosts that timeout.

* Comments that revealed a lack of understanding of NSE on my part have
been updated.

* I've added the script to the "safe" category.

* A couple more error conditions are checked.


In updating this script, I noticed the NSE documentation doesn't talk
about scripts that use hostrule at all.  It doesn't make sense to me for
host based scripts to pass the port parameter to either hostrule() or
action().
The ripeQuery script is the only example though and it does specify the
port parameter on both.

Brandon


On Sat, 24 Mar 2007 14:49:37 +0000
"Eddie Bell" <ejlbell () gmail com> wrote:


Hi brandon,

I tested it over on a couple of thousand host and it seemed to work

great.


Host script results:
|_ NBSTAT: NetBIOS name: WM_ADMINISTRAT2, NetBIOS MAC: 
|..:..:38:76:B9:53

thanks
- eddie


--------------------------------------------------------------------

CONFIDENTIALITY NOTICE

This message and its attachments are addressed solely to the persons above and may contain confidential information. If 
you have received the message in error, be informed that any use of the content hereof is prohibited. Please return it 
immediately to the sender and delete the message. Should you have any questions, please contact us by replying to 
webmaster () telecomitalia it.

        Thank you

                                        www.telecomitalia.it

--------------------------------------------------------------------
                        

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: