Re: Ncrack discussion

[doug () hcsw org]

On Thu, May 14, 2009 at 09:46:38PM +0100 or thereabouts, jah wrote:
> On 14/05/2009 21:27, ithilgore wrote:
> > However, using brackets will involve having to escape them in most shells. Since
> > we want to avoid that, another character might be more appropriate. What about
> > using slashes?
> I suggested brackets because Nmap allows their use in port specification:
> nmap -p [-1024]
> to mean (in this case) TCP ports listed in nmap-services up-to and
> including port 1024.

How the [] modifiers interact with --top-ports and --port-ratio
is described in this message:

http://seclists.org/nmap-dev/2007/q2/0224.html

To the best of my knowledge it is accurate to the current version
of Nmap (except for "PROPOSED FURTHER EXTENSION"). Although mostly
obsoleted by port ratios, the square bracket syntax is still
necessary to implement -F on systems with only /etc/services
(and not a recent nmap-services).

>  I wasn't aware that they might need to be escaped.

In bash and ksh square brackets don't usually need to be escaped.
The only cases I can think of involve the test operator:

doug@eclipse:~$ if [ 1 == 1 ] ; then echo hi ; fi
hi
doug@eclipse:~$ if [ 1 == 0 ] ; then echo hi ; fi
doug@eclipse:~$

But this only takes effect if [ is written by itself and only in certain
contexts. TRIVIA: on many older unix systems /bin/[ was a symlink to
/bin/test for this purpose.

I can't remember tcsh well enough to say what the conflicts are but
it looks like escaping IS necessary there:

eclipse:~> ls [-1024]
ls: No match.
eclipse:~> ls \[-1024\]
ls: cannot access [-1024]: No such file or directory

Please forgive my spotty shell scripting knowledge but I switched
to perl and never looked back. ;)

Best,

Doug

Attachment: _bin
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org