Nmap Development mailing list archives
Re: GSoC: Nmap on Android
From: Duarte Silva <duartejcsilva () gmail com>
Date: Tue, 6 Apr 2010 09:49:25 +0100
Sorry, too late on the response. I didn't notice that some of the points have already been addressed. On Tue, Apr 6, 2010 at 9:47 AM, Duarte Silva <duartejcsilva () gmail com> wrote:
Hi, Since I'm getting pretty acquainted with the Android platform in my job, I think I can shed a light on this issue. The main development in Android is made in Java. The GUI is designed by editing XML files with a specific schema. So porting the Zenmap GUI is really porting it all (Zenmap is Python if I'm not mistaken). Even though the main development of Android is based on Java, there is the possibility of developing in native code. I don't know which level of freedom one has with the Android NDK (never had the need to use it) but if the existing code of nmap could be compiled and executed based on the NDK, it would be a big plus (reinventing the wheel, no thanks, especially when talking of nmap). I'm thinking that this isn't a fairly linear thing do to. Taking into accounts the environmental needs of nmap. Regards, Duarte On Tue, Apr 6, 2010 at 7:52 AM, luke jeter <luke.jeter () gmail com> wrote:Because I'm interested in helping to bring Nmap to Android, I've spent a little time contemplating the following question: If I were a network security professional, how could Zenmap and my fancy new phone help me do my job? Since I'm merely an *aspiring* network security professional I'd like to throw the following little fictitious scenario out to the community for an assessment of just how accurate it might be: Cartman is an executive at a local bank branch and considers himself very tech-savvy (by bank branch executive standards). He has been personally involved in setting up a wireless network at the branch and has also managed to sync his phone's contact database with the branch's client list. One of Cartman's friends, Kenny, is a local CS grad student who recently helped the branch implement a user-authentication system that uses customers' phone's NFC capabilities at the teller window (a bit vague and very contrived, I know, but the details and usefulness aren't important to the storyline). I arrive, for whatever reason you'd like, to conduct a network security audit of the branch. I pull out my shiny new Nexus One, and tap the Zenmap icon. I then tap the 'target' combo box and up pops a list of all of the wifi access points and devices within range of my phone's antenna. I scroll down and discover a listening Bluetooth device that I can identify as Cartman's phone. Because I'm familiar with what's been happening within the branch, I've positioned myself at the teller window and can also detect the bank's available NFC device. At this point I can select any of the discovered targets, or designate my own, and I can select an appropriate profile from the corresponding drop-down and proceed to conduct my scans. Assertions, assumptions, and questions: As far as I know, Nmap does not have any wifi, Bluetooth, or NFC detection capabilities - please correct me if I'm mistaken. I know there are a number of other tools that perform these functions quite well, but after two years of working with a 7" netbook screen and a few weeks with an Android device I've become a big proponent of all-in-one gui solutions rather than trying to switch between applications. Just to confirm, I'm assuming that this type of device detection is frequently done when one is also doing Nmap scans? More importantly, would it fall within the scope of the Nmap/Zenmap project? The next obvious step would be to implement scans for these protocols, and again the primary question is whether or not it would fall inline with Nmap's goals. Rather than create the discovery and scanning code from scratch, would a better implementation alternative be to create Zenmap plug-ins? (A Kismet plug-in for Zenmap, for example.) Thanks, in advance, for any feeedback - I'm looking forward to learning just how far off my fantasy world is from reality! luke On Sun, Mar 28, 2010 at 3:43 PM, David Fifield <david () bamsoftware com>wrote:On Fri, Mar 26, 2010 at 11:21:53PM -0600, luke jeter wrote:My thought is that if a second layout (or two or three) will be done to improve how things are displayed on such a relatively small screen, whynotspend the same amount of time creating a new gui using the tools providedbythe Android SDK. There are probably other features that would be nice to have on a handheld device that I don't think already exist in Zenmap,suchas a list of reachable wireless networks, which could also be writtenintoan Android-specific interface.Thanks for the notes on Android. If there are useful features that Zenmap is missing, there's no reason to add them only to a new mobile interface. Desktop users should get them too. And going the other way, if Zenmap's interface poses problems for small screens, it's better to redesign the interface and get rid of excess crud on the desktop too, not just in a mobile interface that's going to require separate maintenance. There's nothing sacred about the Zenmap interface. It's already changed a lot. I'd love to see a proposal that shows how we can get rid of the left Hosts/Services column--not an effective use of space in my opinion--and present that information in line with the other scan results, while retaining the ability to select a single host or service. I may be mistaken, but I think the Filter Hosts function can do everything the left sidebar can do, just not in as discoverable a fashion. David Fifield_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: GSoC: Nmap on Android luke jeter (Apr 05)
- Message not available
- Fwd: GSoC: Nmap on Android Duarte Silva (Apr 06)
- Re: GSoC: Nmap on Android Duarte Silva (Apr 06)
- Fwd: GSoC: Nmap on Android Duarte Silva (Apr 06)
- Message not available
- Re: GSoC: Nmap on Android David Fifield (Apr 08)
- Re: GSoC: Nmap on Android DePriest, Jason R. (Apr 19)