Nmap Development mailing list archives
Re: Feature request: scanning an AS
From: John Bond <john.r.bond () gmail com>
Date: Thu, 28 Apr 2011 10:03:25 +0200
On 28 April 2011 05:17, David Fifield <david () bamsoftware com> wrote:
On Mon, Apr 18, 2011 at 09:12:56PM +0200, John Bond wrote:On 15 March 2011 20:52, John Bond <john.r.bond () gmail com> wrote:On 15 March 2011 00:13, John Bond <john.r.bond () gmail com> wrote:On 14 March 2011 21:45, John Bond <john.r.bond () gmail com> wrote:I noticed this script on the todo list in the wiki and i wasn't really doing nse last year. anyway i have written a very small script which does this. It relies on the whois server oliver day mentioned. see attached -- @usage -- nmap --script asn-to-prefix --script-args asn-to-prefix.asn=65000[asn-to-prefix.whois_server=asn.shadowserver.org,asn-to-prefix.whois_port=43] -- -- @output -- 53/udp open domain udp-response -- | asn-to-prefix: -- |_ 127.0.0.0/8another update as per the comments on secwiki to add newtargets functionality --- -- @args asn-to-prefix.asn The asn number to search -- @args asn-to-prefix.whois_server whois server to use default is asn.shadowserver.org -- @args asn-to-prefix.whois_port whois port to conect to default is 43 -- @args newtargets prefixes discovered will be added to the nmap scan -- -- @usage -- nmap --script asn-to-prefix --script-args asn-to-prefix.asn={65000,65001}[asn-to-prefix.whois_server=asn.shadowserver.org,asn-to-prefix.whois_port=43,newtargets] -- -- @output -- 53/udp open domain udp-response -- | asn-to-prefix: -- |_ 127.0.0.0/8 I was originally skeptical about how useful this script would be but i have been using it at least every week so look forward to seeing it in current :)Okay, I think this is a nice script. Here are a few things I'd like to see: We should get permission from the operators of the whois server, like we did for the asn-query script. We just don't want them to be mad if the script being distributed with Nmap causes them a lot of extra load. Would you email them and ask if they object to the script.
I have already emailed them and they are happy for us to use the service, i can forward you the thread if needed.
The script needs to go into the "external" category. I think this is unnecessary: newtargets = stdnse.get_script_args('asn-to-prefix.newtargets') Just plain "newtarget" already sets target.ALLOW_NEW_TARGETS.
no problem
Instead of doing socket:receive_lines(1000000), do socket:receive_lines(1) in a loop. That way you can limit how much you will read and not stall forever if the server gives you a lot of data. You still need to split on newlines because receive_lines(1) may return more than one line.
Ok ill take a look at this in a bit _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Feature request: scanning an AS John Bond (Apr 18)
- Re: Feature request: scanning an AS David Fifield (Apr 27)
- Re: Feature request: scanning an AS John Bond (Apr 28)
- Re: Duplicate targets - was: Feature request: scanning an AS Djalal Harouni (May 08)
- Re: Feature request: scanning an AS David Fifield (Apr 27)