Nmap Development mailing list archives

Re: Adding new NSE discovered targets to Nmap

From: Djalal Harouni <tixxdz () gmail com>
Date: Fri, 13 Aug 2010 17:22:15 +0100

On 2010-08-12 15:35:53 -0500, Ron wrote:

Attached a script that does a DHCP request then scans the DHCP address range. 

I ran into a couple issues, though. 

First, if I do socket:connect("255.255.255.255", 67, "udp") - it doesn't work. It appears to, but packets don't get 
sent. I've run into issues with broadcasting like that before, and I don't understand exactly what's going on, but 
does anybody have any ideas? For now, in this script, I hardcoded 192.168.1.1 as the router's address -- definitely 
not optimal. 

Second, I have to use pcap_receive() to get the response from the DHCP server (because DHCP is crazy). pcap_receive() 
requires an interface and a MAC address. Since this is a prescan rule, there's no interface so I hardcode "eth0". Is 
that going to break on non-Linux or is that standard for Nmap? Is there some way I can enumerate ethernet interfaces 
so I can send out the DHCP request on all of them? If not, would it be hard to add?

We should add support for iflist and getinterfaces() functions to
NSE to be able to enumerate and use net interfaces and perhaps routes ?
First I've planned to pass them in the net table to prerule/postrule
scripts, but the prefered solution was to not use a net table and only
add some NSE API.

BTW Patrick, I think that nse_nsock library is getting too big, perhaps
pcap and dnet and any other future net stuff should be on separate
nse_netutil file or nse_pcap etc.

And third, I ran into some segfaults on this branch related to target selection:
$ nmap -d
Starting Nmap 5.35DC18 ( http://nmap.org ) at 2010-08-12 15:33 CDT
Segmentation fault

$ nmap abc
Starting Nmap 5.35DC18 ( http://nmap.org ) at 2010-08-12 15:33 CDT
Segmentation fault

$ nmap 1.2.3.4
Starting Nmap 5.35DC18 ( http://nmap.org ) at 2010-08-12 15:34 CDT
Segmentation fault

This was fixed and thx for the tests.

-- 
tixxdz
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: Receiving broadcasts in Nsock, (continued)
- - - Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
    - Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 17)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 19)
    - Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 21)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
    - Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 30)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
    - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 12)
    - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 31)
  - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 13)
    - Re: Adding new NSE discovered targets to Nmap David Fifield (Sep 06)
    - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Sep 10)
- Re: Adding new NSE discovered targets to Nmap Kris Katterjohn (Aug 12)