Nmap Development mailing list archives
Full nmap command line injection in output files
From: Olivier Hupond <Olivier.Hupond () agessi fr>
Date: Fri, 2 Jan 2015 12:23:55 +0100
Hi, Using nmap (5.21) to make automatic scans to identify network changes, I would like to mask/remove the injection of the full nmap command line in any output files generated. As the command might use logons informations (in nse scripts args), it is not secure to do so, almost if files are computed by other programs or scripts (or users...). I made some search but couldn't find any thread about this. I think it's not possible, and It maight be a good evolution for further verions. Best regards, --- Olivier Hupond AGESSI - Administration et Gestion des Systèmes d'Information Technopôle Brest Iroise / 65 place Nicolas COPERNIC / 29280 PLOUZANÉ Tél : +33 (0)2 98 05 10 00 - Fax +33 (0)2 98 05 12 13 - www.agessi.fr
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Full nmap command line injection in output files Olivier Hupond (Jan 05)
- Re: Full nmap command line injection in output files Daniel Miller (Jan 05)
- Re: Full nmap command line injection in output files Robin Wood (Jan 06)
- Re: Full nmap command line injection in output files Daniel Miller (Jan 05)