Re: dev Digest, Vol 124, Issue 30

[ryan chou <jkryanchou () gmail com>]

I think it was pretty cool that we could use nmap through Tor. It will do
help to our penetration now.  And I hope Nmap's performances and stability
will become better and better.

2015-07-16 3:58 GMT+08:00 <dev-request () nmap org>:

> Send dev mailing list submissions to
>         dev () nmap org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://nmap.org/mailman/listinfo/dev
> or, via email, send a message with subject or body 'help' to
>         dev-request () nmap org
>
> You can reach the person managing the list at
>         dev-owner () nmap org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of dev digest..."
>
>
> Today's Topics:
>
>    1. Re: Scanning trough proxy, including Tor: Ethical
>       consideration (Daniel Miller)
>    2. problem with --spoof-mac option? (amine debbah)
>    3. Re: Nmap 6.49BETA4 on Android (Vlatko Kosturjak)
>    4. Re: Bug: nmap doesn't run on Windows XP anymore (Vlatko Kosturjak)
>    5. Re: Bug: nmap doesn't run on Windows XP anymore (Gisle Vanem)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 14 Jul 2015 14:13:51 -0500
> From: Daniel Miller <bonsaiviking () gmail com>
> To: "Fabio Pietrosanti (naif) - lists" <lists () infosecurity ch>
> Cc: Andrew Jason Farabee <afarabee () uci edu>,    Jacek Wielemborek
>         <d33tah () gmail com>, Nmap-dev <dev () nmap org>
> Subject: Re: Scanning trough proxy, including Tor: Ethical
>         consideration
> Message-ID:
>         <
> CABmvJnM0Y2k-SryuEkjL3Sxk_Ze96os-qJBSJCV+4bYeuapRNg () mail gmail com>
> Content-Type: text/plain; charset="utf-8"
>
> On Tue, Jul 14, 2015 at 6:44 AM, Fabio Pietrosanti (naif) - lists <
> lists () infosecurity ch> wrote:
>
> > Regarding the high-performance scanning trough proxy, including and
> > especially Tor, did you considered the ethical aspects of such
> > implementation?
> >
> > Up to now there are no point'n'click high-performance ports canning tool
> > to work well behind Tor, this means that the Tor network abuse for ports
> > canning exists, but it's not yet a major problem for Tor Exit Node
> > operators.
> >
> > Whenever nmap will support scanning trough Tor with high-performance and
> > high-accuracy, we will see a strong increase in amount of abuses of the
> > Tor network.
> >
> > This will lead to problems to Tor Exit Node operators that on a
> > volunteer basis support the Tor anonymity network.
> >
> > I'd suggest to keep the patch for scanning trough Tor, off nmap official
> > software releases.
> >
> > I know it's a controversial topic, but consider the possible impact it
> > will have on a public, free, volunteer run Tor network.
> Fabio,
>
> Thanks for this interesting perspective. I think that there are a few
> critical points here to keep in mind, which should help ease your mind and
> guide our progress.
>
> First, the goal of Andrew Farabee's GSOC project should not be stated as
> "implement scanning through Tor" or even "scanning of Tor hidden services."
> The actual capability we are seeking is "extend Nsock proxy support to
> allow connect-by-name." This is a basic capability of many existing
> proxy-aware programs like proxychains, Firefox, etc. We have gotten focused
> on Tor because connect-by-name is the *only* way to access hidden services.
> For this reason, they provide a nice way to test our capability. But the
> capability has much broader application. Imagine being able to SSH into a
> network, add a dynamic port forward, and scan the network with a local copy
> of Nmap. Additionally, the focus is not just Nmap and port scanning; The
> Nsock library is used by Ncat as well, so an example use case for the
> capability would be connecting to an Ncat --chat server hosted as a hidden
> service.
>
> Second, it is unlikely that any port scanning capability through Tor will
> ever be considered "high-performance" or "high-accuracy." The tunneled
> nature of Tor, coupled with the network's notoriously low bandwidth, means
> that scans will have to be very slow indeed to preserve accuracy. Nmap's
> automatic timing adjustments will probably require considerable tuning for
> this type of scenario to avoid grinding to a halt.
>
> Third, the capability to do port scanning through Tor already exists. It
> would take me all of 2 minutes to write a one-line command to looping
> proxychains-wrapped netcat over a list of servers and ports. There are
> guides to combining Nmap with proxychains that work to varying degrees of
> success. If exit node operators are not dealing with this now, then either
> they are not paying attention or it is not an issue. Exit policies provide
> a simple way to lock down an exit node, and the default exit policy is
> quite restrictive compared to the "needs" of someone looking to anonymize
> their port scanning activities.
>
> I hope this helped address some of your concerns.
>
> Dan
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://nmap.org/mailman/private/dev/attachments/20150714/41d4673c/attachment.html
> >
>
> ------------------------------
>
> Message: 2
> Date: Wed, 15 Jul 2015 01:46:55 +0200
> From: amine debbah <debbah_amin () hotmail fr>
> To: "dev () nmap org" <dev () nmap org>
> Subject: problem with --spoof-mac option?
> Message-ID: <DUB121-W478AF079303FE9ACB42C61E69B0 () phx gbl>
> Content-Type: text/plain; charset="windows-1256"
>
> hi,i'm aminei'm new in nmap today i try to use an Firewall/IDS Evasion and
> Spoofing option wich is --spoof-macto scan a machine in my own home
> networkso i put these commandes => root@kali:~# nmap -sT -PN --spoof-mac
> 0 192.168.1.38& also this one root@kali:~# nmap -sT -PN --spoof-mac
> 11:22:33:44:55:66 192.168.1.38but when i analyze the packets with "
> Wireshark " i quickly realized my real mac addr is shown !i am using =>
> Nmap 6.47
> didn't found any post on the internet who deals with mac adresse
> spoofingmaybe people dont check their command on nmap  :)  Best regards
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://nmap.org/mailman/private/dev/attachments/20150715/ea4fb6af/attachment.html
> >
>
> ------------------------------
>
> Message: 3
> Date: Wed, 15 Jul 2015 13:17:37 +0200
> From: Vlatko Kosturjak <kost () linux hr>
> To: Vlatko Kosturjak <kost () linux hr>
> Cc: dev () nmap org
> Subject: Re: Nmap 6.49BETA4 on Android
> Message-ID: <20150715111737.GB15453 () griffin linux hr>
> Content-Type: text/plain; charset=utf-8
>
> Hello!
>
> Forgot to add gist link with run_pie.c.
>
> On Mon, Jul 13, 2015 at 07:17:07AM +0200, Vlatko Kosturjak wrote:
> > = Running binaries on previous Android versions
> >
> > Since new binaries are compiled with PIE support and Android versions
> prior to version 4 did not support PIE ? does that mean there?s no way to
> run these binaries on older systems? It?s not completely true. There is a
> way to run these binaries, but the process involves of compiling small
> snippet available at gist:
> > This small executable helps in running PIE executables where the linker
> doesn?t support PIE. So, for previous Android versions, you need to compile
> above gist and run nmap binary as following:
>
> https://gist.github.com/kost/5fd4628f45a4995bec28
>
> Hope it helps,
> --
> Vlatko Kosturjak - KoSt
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 15 Jul 2015 13:21:06 +0200
> From: Vlatko Kosturjak <kost () linux hr>
> To: Gisle Vanem <gvanem () yahoo no>
> Cc: dev () nmap org
> Subject: Re: Bug: nmap doesn't run on Windows XP anymore
> Message-ID: <20150715112106.GC15453 () griffin linux hr>
> Content-Type: text/plain; charset=us-ascii
>
> On Sat, Jul 11, 2015 at 01:02:29PM +0200, Gisle Vanem wrote:
> > Vlatko Kosturjak wrote:
> >
> > > Nmap download page should be updated then:
> > > https://nmap.org/download.html
> > In my private build, I did use GetProcAddress() on these and
> > use the newest API if available. Otherwise a fallback to
> > GetIpForwardTable() for Win-XP.
> > Vlatko, contact me off-list if you want a patch and is able
> > to compile Nmap yourself.
>
> Gisle,
>
> Thanks on your info.
>
> I don't have a need of having Nmap on Windows XP.
>
> But could you provide your patch publicly somewhere (gist,
> github, etc), so other people can have benefit of it?
>
> Thanks in advance,
> --
> Vlatko Kosturjak - KoSt
>
>
> ------------------------------
>
> Message: 5
> Date: Wed, 15 Jul 2015 21:56:35 +0200
> From: Gisle Vanem <gvanem () yahoo no>
> To: dev () nmap org
> Subject: Re: Bug: nmap doesn't run on Windows XP anymore
> Message-ID: <55A6BAF3.9020405 () yahoo no>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Vlatko Kosturjak wrote:
>
> > I don't have a need of having Nmap on Windows XP.
> >
> > But could you provide your patch publicly somewhere (gist,
> > github, etc), so other people can have benefit of it?
>
> Here you go:
>    https://gist.github.com/gvanem/2a0915e13f208fd150b8
>
> Please comment.
>
> --
> --gv
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> dev mailing list
> dev () nmap org
> https://nmap.org/mailman/listinfo/dev
>
>
> ------------------------------
>
> End of dev Digest, Vol 124, Issue 30
> ************************************
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/