Nmap Development mailing list archives
adding this option?
From: mike <dmciscobgp () hotmail com>
Date: Mon, 14 Jan 2008 03:31:58 +0000
i mentioned this to Fyodor but never got a reply. i have used nmap for years and love the options it features and i am glad people are always looking for him to add more. right now it is the ultimate port scanner as far as i am concerned, for it pretty much has everything BUT...an option for pushing your OWN packet payload data via your own way instead of NSE scripting. i am not a fan of NSE/lua scripting, it is cumbersome and for the newbie, a bit cryptic. the same goes for adding version triggers. i have a hard time parsing those lines as well. for a few years i have done this as a test for port knocking and payload triggers---running netcat like this: nc -v -u (ip) (port) < (file i create in hex to push payload string/data). i would then run ethereal with the -X option for full disection of the protocol or just a simple running windump to see what i get back. i asked fyodor since he already has the option --data-length, which only sends RANDOM data in bytes, why not allow us, the users to point to our OWN files to send what we would like to trigger? anyone else agree with this idea? setting an option like --local-file that would point to your "payload.foo" file and you could send this to a target range for say RIP or BGP, ie: a payload that is not handled yet by nmap for triggers. i wrote out a simple 24 byte RIP1 packet to pull the remote route table on request with an AF of 0 as the RFC specifies. i have given him the idea, i do not code so i can only add my input in terms of what i would like to see as a user of nmap. any of you guys think that option could be added and would it be something you would also wish to see? Mike _________________________________________________________________ Share life as it happens with the new Windows Live. http://www.windowslive.com/share.html?ocid=TXT_TAGHM_Wave2_sharelife_012008 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- adding this option? mike (Jan 13)
- Re: adding this option? DePriest, Jason R. (Jan 13)
- Re: adding this option? Eddie Bell (Jan 15)
- Re: adding this option? Brandon Enright (Jan 15)
- Re: adding this option? Eddie Bell (Jan 15)
- Re: adding this option? Diman Todorov (Feb 01)
- Re: adding this option? Eddie Bell (Jan 15)
- Re: adding this option? DePriest, Jason R. (Jan 13)