Re: Output File Bug

[David Fifield <david () bamsoftware com>]

On Fri, May 22, 2009 at 03:33:38PM +0100, Sebastien J. wrote:
> I've been running conficker scans for a client and discovered
> something that is part user-error part bug.
>
> The command I've been running (using nmap 4.85BETA9) is:
>
> nmap -PN -T4 -p139,445 -n -v -oN [filename] --script=smb-check-vulns --script-args safe=1 [targetnetworks]
>
> At some point during my scans I wanted to stop writing out to a file,
> so I removed the file name without being careful to remove -oN. This
> resulted in a file being written called "--script", and the scan
> completing but not running the scripts correctly (since nmap didn't
> register --script as an actual option).
>
> Instead I would probably expect nmap to do one of two things: a) write
> out a file anyway with some kind of default name (nmap_date_time), or
> b) quit and demand a file name. Since almost nobody would begin a
> filename with a '-', it may be safe to check for this in the string
> that follows -oN (or -oSomething), and do one of the two above if this
> is the case.

Thank you for reporting this. It does seem to be an easy mistake to
make. My first impression is that nothing should be changed. Most
command-line programs work the way Nmap does here. Option (a) is not
possible in general because there's no reliable way to guess whether the
thing that follows -oN is a file name or not. Option (b) is reasonable,
but it would have to be a warning not an error. Things like this are
nice for interative use but they increase the burden on writers of
programs and libraries that run Nmap.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org