Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] mtrace.nse

From: Hani Benhabiles <kroosec () gmail com>
Date: Fri, 10 Aug 2012 01:59:49 +0100
Hi list,

description = [[
Queries for the multicast path from a source to a destination host.

This works by sending an IGMP Traceroute Query and listening for IGMP
Traceroute responses. The Traceroute Query is sent to the first hop and
contains information about source, destination and multicast group addresses. First hop defaults to the multicast All routers address. The default multicast group address is 0.0.0.0 and the default destination is our own host address. A 
source address must be provided. The responses are parsed to get interesting
information about interface addresses and used protocols and error codes.

This is similar to the mtrace utility provided in Cisco IOS.
]]

--
-- @args mtrace.fromip Source address from which to traceroute.
--
-- @args mtrace.toip Destination address to which to traceroute.
-- Defaults to our host address.
--
-- @args mtrace.group Multicast group address for the traceroute.
-- Defaults <code>0.0.0.0</code> which represents all group addresses.
--
-- @args mtrace.firsthop Host to which the query is sent. If not set, the
-- query will be sent to <code>224.0.0.2</code>.
--
-- @args mtrace.timeout Time to wait for responses in seconds.
-- Defaults to <code>10</code> seconds.
--
--@usage
-- nmap --script mtrace --script-args 'mtrace.fromip=172.16.45.4'
--
--@output
-- Pre-scan script results:
-- | mtrace:
-- |   Group 0.0.0.0 from 172.16.45.4 to 172.16.0.1
-- |   Source: 172.16.45.4
-- |     In address: 172.16.34.3
-- |       Out address: 172.16.0.3
-- |       Protocol: PIM
-- |     In address: 172.16.45.4
-- |       Out address: 172.16.34.4
-- |       Protocol: PIM
-- |   Source: 172.16.45.4
-- |     In address: 172.16.13.1
-- |       Out address: 172.16.0.2
-- |       Protocol: PIM / Static
-- |     In address: 172.16.34.3
-- |       Out address: 172.16.13.3
-- |       Protocol: PIM
-- |     In address: 172.16.45.4
-- |       Out address: 172.16.34.4
-- |_      Protocol: PIM

Tests and feedback are welcome.

Cheers,
Hani.

--
Hani Benhabiles

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com

Attachment: mtrace.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: