Nmap Development mailing list archives
Re: [NSE] Draft - targets-sniffer.nse
From: Nick Nikolaou <nikolasnikolaou1 () gmail com>
Date: Thu, 24 Mar 2011 21:49:30 +0000
On 22 March 2011 23:32, Djalal Harouni <tixxdz () opendz org> wrote: In your script I see that you have a check for duplicates new targets, you can drop it. Nmap internals already do this check, and if you want to see it just use -d3.
Hey Djalal, I suspected that but forgot to confirm it. Thanks. You can do this: target.add(unpack(array_of_targets)) Thanks, made the changes. Please use the second version of the patch [1] and let us know if there
are any bugs, and with that patch you can choose the network interface to use: * For prerule scripts: Nmap -e or -S options. * For hostrule/portrule: just use the host table (host.interface).
e.g: ./nmap -sL --script targets-sniffer.nse --script-args=newtargets -e eth0
I just applied the patch. I 'll report back once I get some spare time to make the changes to the script. Nick On 22 March 2011 23:32, Djalal Harouni <tixxdz () opendz org> wrote:
On 2011-03-22 11:56:19 -0700, David Fifield wrote:On Tue, Mar 22, 2011 at 06:44:03PM +0000, Nick Nikolaou wrote:Hello everyone, Attached is a draft of a targets-sniffer script. The script sniffs foraconfigured amount of a time and adds addresses from packets it sees in newtargets. (https://secwiki.org/w/Nmap_Script_Ideas#targets-sniffer)In your script I see that you have a check for duplicates new targets, you can drop it. Nmap internals already do this check, and if you want to see it just use -d3. You can do this: target.add(unpack(array_of_targets))*Issues that need to be resolved:* 1) The sniffing interface is hard-coded at the moment. Is there a wayto getthe active interface in a prerule script? Alternatively I could changetherule to a hostrule. (and maybe a high enough runlevel to ensure thescriptruns first?)We don't have a way for scripts to get the list of interfaces, but Djalal has a patch to do it: http://seclists.org/nmap-dev/2011/q1/291. It hasn't been added yet because there isn't a script to use it, but you can make it a part of your patch if it helps.Please use the second version of the patch [1] and let us know if there are any bugs, and with that patch you can choose the network interface to use: * For prerule scripts: Nmap -e or -S options. * For hostrule/portrule: just use the host table (host.interface). e.g: ./nmap -sL --script targets-sniffer.nse --script-args=newtargets -e eth0 You can also check the type of the interface to report errors ... etc David just a note: The get_interface_info() function of the network interfaces patch should replace the nmap.get_interface_link() function. [1] http://seclists.org/nmap-dev/2011/q1/734 -- tixxdz http://opendz.org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Kris Katterjohn (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse David Fifield (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 24)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Toni Ruottu (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Abuse007 (Mar 30)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)