Nmap Development mailing list archives
Re: Full nmap command line injection in output files
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 5 Jan 2015 21:44:27 -0600
Olivier, This is a good suggestion, but there is a workaround for the specific case you mentioned: NSE script arguments can be provided in a separate file with the --script-args-file option. This was added in Nmap 5.61TEST5 (March 2012) for keeping credentials off the command line. We are not likely to implement an extra option to remove this information from the output, since Nmap already has a great number of options and editing the file is a good enough solution for many people. I suggest that you update to the latest version of Nmap and use the --script-args-file option. Thanks for your suggestion, and happy hacking! Dan On Fri, Jan 2, 2015 at 5:23 AM, Olivier Hupond <Olivier.Hupond () agessi fr> wrote:
Hi, Using nmap (5.21) to make automatic scans to identify network changes, I would like to mask/remove the injection of the full nmap command line in any output files generated. As the command might use logons informations (in nse scripts args), it is not secure to do so, almost if files are computed by other programs or scripts (or users…). I made some search but couldn’t find any thread about this. I think it’s not possible, and It maight be a good evolution for further verions. Best regards, --- Olivier Hupond AGESSI - Administration et Gestion des Systèmes d'Information Technopôle Brest Iroise / 65 place Nicolas COPERNIC / 29280 PLOUZANÉ Tél : +33 (0)2 98 05 10 00 - Fax +33 (0)2 98 05 12 13 - www.agessi.fr _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Full nmap command line injection in output files Olivier Hupond (Jan 05)
- Re: Full nmap command line injection in output files Daniel Miller (Jan 05)
- Re: Full nmap command line injection in output files Robin Wood (Jan 06)
- Re: Full nmap command line injection in output files Daniel Miller (Jan 05)