Re: [NSE] Script submission: targets-ipv6-wordy

[Everardo Padilla Saca <everardo.padilla.saca () gmail com>]

I'm replying to myself to re-attach the script (which had a mistake in the
documentation) and the wordlist (changed the extension to .txt, somehow the
server thinks the .lst one is a binary).

Also, the following is an example run:

<example>

The executed command is:
nmap -6 --script targets-ipv6-wordy.nse --script-args
'newtargets,targets-ipv6-wordy.wordlist=nselib/data/hex-wordy-en.txt,targets-ipv6-wordy.segments="3,8",targets-ipv6-wordy.base-address="0000:0000:0000:0000:0000:0000:0000:0000"'

The chosen segments were 3 and 8.

The test wordlist has:
c001
beef
dada
face
d1c3

Results (also printing the generated addresses):
Starting Nmap 6.41SVN ( http://nmap.org ) at 2014-04-01 01:42 CST
0000:0000:beef:0000:0000:0000:0000:beef
0000:0000:dada:0000:0000:0000:0000:beef
0000:0000:face:0000:0000:0000:0000:beef
0000:0000:d1c3:0000:0000:0000:0000:beef
0000:0000:c001:0000:0000:0000:0000:beef
0000:0000:beef:0000:0000:0000:0000:dada
0000:0000:dada:0000:0000:0000:0000:dada
0000:0000:face:0000:0000:0000:0000:dada
0000:0000:d1c3:0000:0000:0000:0000:dada
0000:0000:c001:0000:0000:0000:0000:dada
0000:0000:beef:0000:0000:0000:0000:face
0000:0000:dada:0000:0000:0000:0000:face
0000:0000:face:0000:0000:0000:0000:face
0000:0000:d1c3:0000:0000:0000:0000:face
0000:0000:c001:0000:0000:0000:0000:face
0000:0000:beef:0000:0000:0000:0000:d1c3
0000:0000:dada:0000:0000:0000:0000:d1c3
0000:0000:face:0000:0000:0000:0000:d1c3
0000:0000:d1c3:0000:0000:0000:0000:d1c3
0000:0000:c001:0000:0000:0000:0000:d1c3
0000:0000:beef:0000:0000:0000:0000:c001
0000:0000:dada:0000:0000:0000:0000:c001
0000:0000:face:0000:0000:0000:0000:c001
0000:0000:d1c3:0000:0000:0000:0000:c001
0000:0000:c001:0000:0000:0000:0000:c001
Nmap done: 25 IP addresses (0 hosts up) scanned in 0.05 seconds

</example>


Regards.


On Sun, Mar 30, 2014 at 6:31 PM, Everardo Padilla Saca <
everardo.padilla.saca () gmail com> wrote:

> Hi list,
>
> Being influenced by Raul Fuentes' work, I have created a script that
> generates IPv6 addresses using known words (including l33t sp34k) and then
> pipes them to Nmap. Given a base IPv6 address and the chosen segments to
> "wordify", the script will generate all the possible combinations with
> words taken from a list.
>
> A segment is any 4-nibble part of a hex IPv6 address. Consider the
> following example:
> - Base address = 0000:0000:0000:0000:0000:0000:0000:0001 (caveat: this
> must have all the 32 nibbles and their respective colons).
> - Segments = 7,8
> - Wordlist = nselib/data/hex-wordy-en.lst
>
> The file hex-wordy-en.lst contains:
> c001
> 50fa
>
> The generated addresses will be:
> 0000:0000:0000:0000:0000:0000:50fa:50fa
> 0000:0000:0000:0000:0000:0000:c001:50fa
> 0000:0000:0000:0000:0000:0000:50fa:c001
> 0000:0000:0000:0000:0000:0000:c001:c001
>
> If the wordlist has N entries and the number of segments is M, the
> generated addresses will be N^M.
>
> I'm fairly new to Lua and NSE, so I would appreciate suggestions and/or
> feedback. Thanks!
>
> Regards.

Attachment: hex-wordy-en.txt
Description:

Attachment: targets-ipv6-wordy.nse
Description:

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/