Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Override port rule for a script from the command line?

From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 13 Jun 2011 15:47:26 -0500
You can use version detection (-sV) to detect the SSL, which will satisfy
shortport.ssl. Use --version-light to avoid sending too many probes: it
should be detected just fine with that.

Dan

On Mon, Jun 13, 2011 at 3:04 PM, Marcus Haebler <haebler () gmail com> wrote:


-All,

is there a general way to override the portrule setting in a script
from the nmap command line? I was trying to run ssl-enum-ciphers

http://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html

on TCP port 80 because someone put an HTTPS server there.
Unfortunately, the script has a port rule of:

portrule = shortport.ssl

That seems to make it impossible to get the ciphers enumerated with
Nmap unless I either change the script - make portrule more general
like all TCP or add a script specific parameter - or have a general
way to override the portrule line.

The latter does not seem to exist or I did not see the forest for the
trees.

Thoughts?

Thanks,

Marcus
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: