Nmap Development mailing list archives
Re: POC Payloader dat
From: Jay Fink <jay.fink () gmail com>
Date: Wed, 30 Dec 2009 20:50:54 -0500
On Wed, Dec 30, 2009 at 6:20 PM, David Fifield <david () bamsoftware com> wrote:
I don't know what you mean. What is the ports problem? I also don't understand the distinction between "service" and "port" here. We're not concerned at all with "service" in terms of -sV at this point in the scan.
multiple destination ports for the same payload.
Having a name for each payload is fine, as it's a reasonable way to distinguish multiple payloads for the same port. But don't stress out about that too much. The internal API doesn't even have to be aware of it as we would have no way to use it yet.I think we can definitely do the following: - use a keyword to share payloads - have multiple ports per service (already planning on it)I don't understand what you mean by "share payloads." Isn't that what we're already doing with the "1645,1812" in
yes - I was just reiterating tha :).
radius udp 1645,1812 "\x01\x00\x00\x14" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"The questions I have now are: - is there a chicken and egg problem? We know for instance if a host does not reply to the pre-ping we just move on but what if the scan is a full tcp-connect/port? Do we still iterate through every payload or shut it off in that case or shut it off by default but allow user override?If I undertand you correctly, you want to know, if there are mutiple payloads for a port, whether all of them should be tried or just the first one. Let's forget that complexity for now. I'm fine with the data format being extensible to allow multiple payloads per port but at the moment we don't need it and don't even know how it should work.
That works!
I think it's reasonable to load them into memory in advance. I mean, they're in memory now, being part of the executable.
Excellent - well looks like were good to go ... again :) thanks David, j _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: POC Payloader dat, (continued)
- Re: POC Payloader dat David Fifield (Dec 13)
- Re: POC Payloader dat Jay Fink (Dec 14)
- Re: POC Payloader dat Jay Fink (Dec 19)
- Re: POC Payloader dat David Fifield (Dec 21)
- Re: POC Payloader dat Jay Fink (Dec 22)
- Re: POC Payloader dat Jay Fink (Dec 26)
- Re: POC Payloader dat David Fifield (Dec 27)
- Re: POC Payloader dat Jay Fink (Dec 28)
- Re: POC Payloader dat Jay Fink (Dec 30)
- Re: POC Payloader dat David Fifield (Dec 30)
- Re: POC Payloader dat Jay Fink (Dec 30)