Nmap Development mailing list archives
Re: help dhcp-discover.nse
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Wed, 7 Apr 2010 21:59:26 +0000
On Wed, 7 Apr 2010 15:27:21 -0500 Ron <ron () skullsecurity net> wrote: [...]
So I tried scanning the router which is a DHCP helper/relay but I got: NSE: dhcp-discover against 132.239.181.1:67 threw an error! ./scripts/dhcp-discover.nse:557: variable 'value' is not declared stack traceback: [C]: in function 'error' ./nselib/strict.lua:68: in function <./nselib/strict.lua:59> ./scripts/dhcp-discover.nse:557: in function 'dhcp_parse' ./scripts/dhcp-discover.nse:695: in function 'go' ./scripts/dhcp-discover.nse:710: in function <./scripts/dhcp-discover.nse:709> (tail call): ? So I think this script needs a bit of work. Assuming everything was working, you'd do something like: $ sudo ./nmap -sU -p 67 -v -d -PN --script=dhcp-discover <target(s)> BrandonBrandon is correct, that's the command you would use. I've requested having one-time scripts that do broadcasts in the past, and I think it's made its way into the TODO list, but we don't have it yet. So dhcp-discover has to be against a specific host. As for it not working, thanks for the report! I don't have a dhcp server at work to test against, but I'll figure out what's going on as soon as I get home.
Ron fixed this in r17229. Our server returns a boatload of stuff: 67/udp open dhcps script-set | dhcp-discover: | IP Offered: (not hard to figure out) | DHCP Message Type: DHCPOFFER | Server Identifier: (our DHCP server) | IP Address Lease Time: 0 days, 0:05:00 | Subnet Mask: 255.255.255.0 | Time Offset: 4294938496 | Router: (a long sequence of gateways) | Time Server: 132.239.1.5 | Domain Name Server: 132.239.0.252, 128.54.16.2 | Hostname: gamma | Domain Name: ucsd.edu | IP Forwarding: false | Perform Router Discovery: false | NetBIOS Name Server: (I can't believe we use this crap) | NetBIOS Node Type: 8 | Renewal Time Value: 0 days, 0:02:30 |_ Rebinding Time Value: 0 days, 0:04:22 Ron figured out that "IP Forwarding: false" was causing the boolean value check code to choke. With support like this I'm getting spoiled! Thanks Ron. Brandon
Attachment:
signature.asc
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- help dhcp-discover.nse Norris Carden (Apr 07)
- Re: help dhcp-discover.nse Brandon Enright (Apr 07)
- Re: help dhcp-discover.nse Ron (Apr 07)
- Re: help dhcp-discover.nse Brandon Enright (Apr 07)
- Re: help dhcp-discover.nse Ron (Apr 07)
- Re: help dhcp-discover.nse Brandon Enright (Apr 07)