Nmap Development mailing list archives

Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family()

From: Patrik Karlsson <patrik () cqure net>
Date: Mon, 16 Aug 2010 08:01:03 +0200


On 16 aug 2010, at 01.40, Fyodor wrote:

On Thu, Aug 12, 2010 at 01:50:13PM -0400, Patrick Donnelly wrote:

On Thu, Aug 12, 2010 at 12:48 PM, Patrik Karlsson <patrik () cqure net> wrote:


The postrule reads the "session name" and posts a tweet once the scan has finished.
The tweet is sent as a public status update using the user and password supplied as script argument.


That is so awesome (lol!).


I agree!  Just for fun, I took Patrik's session-name.nse and made a
simple tweet.nse which I was able to use to send a few Tweets to a
test account.  I thought it would be fun to use this for posts to the
@nmap account too, but there are a couple problems:

1) It looks like Twitter is planning to disable this form of
  authentication (basic auth) tomorrow in favor of OAuth:

  http://dev.twitter.com/announcements
  http://dev.twitter.com/pages/basic_to_oauth

2) It looks like you need to register your application in order to
have it show up on Tweets (e.g. "Posted by Nmap NSE").  So I've
registered Nmap NSE as app #247241.  If someone implements OAuth for
Twitter in NSE, we can try to get this working!


I can look at implementing OAuth.


I'm not suggesting that Nmap include any tweet.nse Twitter client by
default, it is just a fun thing to play with.  An OAuth library might
be welcome in NSE if there are good use cases for it.  If OAuth is
problematic, we could consider one of the other supported
authentication methods, like xAuth or out-of-band PIN auth
(http://dev.twitter.com/pages/auth_overview).


Even if it was more of a "just for fun" submission I think a notification script might be useful when running long 
(time consuming) Nmap scans from remote servers.
The notification can be made over twitter, e-mail, SMS, IM or any other channel for that matter.


Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

//Patrik

--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: [NSE] Script Pre-scanning and Post-scanning example, (continued)
- - Re: [NSE] Script Pre-scanning and Post-scanning example Djalal Harouni (Aug 11)
    - Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Aug 11)
    - Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Sep 09)
    - Re: [NSE] Script Pre-scanning and Post-scanning example David Fifield (Sep 27)
    - Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Sep 27)
- [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Kris Katterjohn (Aug 11)
  - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Djalal Harouni (Aug 11)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Patrik Karlsson (Aug 12)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Patrick Donnelly (Aug 12)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Fyodor (Aug 15)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Patrik Karlsson (Aug 15)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Djalal Harouni (Aug 12)
  - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() David Fifield (Aug 26)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Kris Katterjohn (Aug 26)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() David Fifield (Sep 27)
    - Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Kris Katterjohn (Sep 27)