Nmap Development mailing list archives
Re: Adding new NSE discovered targets to Nmap
From: Djalal Harouni <tixxdz () gmail com>
Date: Fri, 13 Aug 2010 17:22:15 +0100
On 2010-08-12 15:35:53 -0500, Ron wrote:
Attached a script that does a DHCP request then scans the DHCP address range. I ran into a couple issues, though. First, if I do socket:connect("255.255.255.255", 67, "udp") - it doesn't work. It appears to, but packets don't get sent. I've run into issues with broadcasting like that before, and I don't understand exactly what's going on, but does anybody have any ideas? For now, in this script, I hardcoded 192.168.1.1 as the router's address -- definitely not optimal. Second, I have to use pcap_receive() to get the response from the DHCP server (because DHCP is crazy). pcap_receive() requires an interface and a MAC address. Since this is a prescan rule, there's no interface so I hardcode "eth0". Is that going to break on non-Linux or is that standard for Nmap? Is there some way I can enumerate ethernet interfaces so I can send out the DHCP request on all of them? If not, would it be hard to add?
We should add support for iflist and getinterfaces() functions to NSE to be able to enumerate and use net interfaces and perhaps routes ? First I've planned to pass them in the net table to prerule/postrule scripts, but the prefered solution was to not use a net table and only add some NSE API. BTW Patrick, I think that nse_nsock library is getting too big, perhaps pcap and dnet and any other future net stuff should be on separate nse_netutil file or nse_pcap etc.
And third, I ran into some segfaults on this branch related to target selection: $ nmap -d Starting Nmap 5.35DC18 ( http://nmap.org ) at 2010-08-12 15:33 CDT Segmentation fault $ nmap abc Starting Nmap 5.35DC18 ( http://nmap.org ) at 2010-08-12 15:33 CDT Segmentation fault $ nmap 1.2.3.4 Starting Nmap 5.35DC18 ( http://nmap.org ) at 2010-08-12 15:34 CDT Segmentation fault
This was fixed and thx for the tests. -- tixxdz _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Receiving broadcasts in Nsock, (continued)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 17)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 19)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 21)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 30)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 12)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 31)
- Re: Adding new NSE discovered targets to Nmap David Fifield (Sep 06)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Sep 10)