Re: Some hints for nmap scripts

[majek04 <majek04 () gmail com>]

On Tue, Dec 2, 2008 at 14:49, jah <jah () zadkiel plus com> wrote:
> (this script has a commented-out section between --[[ and ]]-- which is
> not the correct way [3] - it should be --[[ and --]], but for some
> reason the script still works as expected and considers the improperly
> commented section as a properly commented section - v. odd.)

Sorry about the comment messup :)

> You can receive raw packets and send ethernet frames in scripts using
> the Raw packet network I/O API [1].
>
> The only script currently using this stuff is one named promiscuous.nse
> in Nmap versions up to 4.76 (now named sniffer-detect.nse)

There's [1] an example of the simplest possible use.

There are some other scripts that use raw sockets in lua, but are not
included in the official sources, because need some extensions for
nmap like sending ip packets (rather than ethernet frames). Maybe it's
time to commit this extensions to main line.

Some bunch of my stuff is here [3] (wow, it's year old now).

Here's [4] implementation of nmap's active os detection in Lua. It's
not exactly working. I shall fix it one day.


[1] - http://ai.pjwstk.edu.pl/~majek/private/nmap/nse-pcap-u2/partial/pcap-example.nse
[2] - http://ai.pjwstk.edu.pl/~majek/private/nmap/nse-pcap-u2/partial/nsepcap-sendip.diff
[3] - http://ai.pjwstk.edu.pl/~majek/private/nmap/nse-pcap-u2/partial/
[4] - http://ai.pjwstk.edu.pl/~majek/dump/os.nse

  Marek Majkowski

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org