Nmap Development mailing list archives
Re: [NSE] Draft - targets-sniffer.nse
From: Abuse007 <abuse007 () gmail com>
Date: Wed, 30 Mar 2011 21:20:26 +1100
Don't default to filtering for ip, you will miss ARPs, IPv6 and any other non-IP packets that leak IP addresses. Default should be no filter IMO. On 30/03/2011, at 9:41 AM, Djalal Harouni <tixxdz () opendz org> wrote:
On 2011-03-28 18:41:43 +0100, Nick Nikolaou wrote:Good idea, thanks. I made all the changes. Thanks again for your help.target.add() will return some info, you can use it to print how many targets where added. Since this kind of scripts can be very powerful, here are more ideas: * Add a new argument targets-sniffer.bpf: a Berkeley Packet Filter expression, which will be passed to pcap_open(), this way users can choose their targets, if this argument is not present then default to "ip". * If the 'newtargets' argument is not specified, then the script should print some info taken from the captured packets. * Perhaps we should add a regular expression to search in packets, or turn this script in a fully capable ngrep [1]. This can be useful like sniff some clear text protocols, find some useful strings and pass them to the brute force scripts. I think that we can find different scenarios, not just strings but even protocols and their _fields_. There are some machines which like to share their OS type, version ... when broadcasting, and this data can be very helpful to Nmap, to sum it up: consider the old passive techniques. * Turn Nmap into Vi or Emacs ... [1] http://ngrep.sourceforge.net/ -- tixxdz http://opendz.org _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Draft - targets-sniffer.nse, (continued)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 24)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Toni Ruottu (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Abuse007 (Mar 30)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Patrick Donnelly (Mar 22)