Nmap Development mailing list archives
Re: nmap scanning of IPv6 hosts
From: Craig Miller <cvmiller () gmail com>
Date: Mon, 4 Jan 2016 09:19:34 -0800
Thanks Daniel, I gave the new MLD script a try, and there is something not right. cvmiller@hau:/usr/share/nmap/scripts$ time sudo nmap -6 -F -v --script-args newtargets --script targets-ipv6-multicast-mld Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-31 17:26 PST NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 17:26 NSE Timing: About 50.00% done; ETC: 17:27 (0:00:31 remaining) NSE Timing: About 50.00% done; ETC: 17:28 (0:01:01 remaining) NSE Timing: About 50.00% done; ETC: 17:29 (0:01:31 remaining) NSE Timing: About 50.00% done; ETC: 17:30 (0:02:01 remaining) NSE Timing: About 50.00% done; ETC: 17:31 (0:02:31 remaining) NSE Timing: About 50.00% done; ETC: 17:32 (0:03:01 remaining) NSE Timing: About 50.00% done; ETC: 17:33 (0:03:31 remaining) NSE Timing: About 50.00% done; ETC: 17:34 (0:04:01 remaining) NSE Timing: About 50.00% done; ETC: 17:35 (0:04:31 remaining) NSE Timing: About 50.00% done; ETC: 17:36 (0:05:01 remaining) NSE Timing: About 50.00% done; ETC: 17:37 (0:05:34 remaining) NSE Timing: About 50.00% done; ETC: 17:38 (0:06:10 remaining) NSE Timing: About 50.00% done; ETC: 17:40 (0:06:49 remaining) NSE Timing: About 50.00% done; ETC: 17:41 (0:07:31 remaining) NSE Timing: About 50.00% done; ETC: 17:43 (0:08:19 remaining) NSE Timing: About 50.00% done; ETC: 17:44 (0:09:10 remaining) NSE Timing: About 50.00% done; ETC: 17:46 (0:10:07 remaining) NSE Timing: About 50.00% done; ETC: 17:48 (0:11:10 remaining) NSE Timing: About 50.00% done; ETC: 17:51 (0:12:19 remaining) NSE Timing: About 50.00% done; ETC: 17:53 (0:13:34 remaining) NSE Timing: About 50.00% done; ETC: 17:56 (0:14:58 remaining) NSE Timing: About 50.00% done; ETC: 17:59 (0:16:28 remaining) ^C real 16m43.579s user 16m23.644s sys 0m19.004sSomething is happening which appears to be tripping up the script (Or I am not starting it correctly). Is there a flag I can use to get more debug information?
thanks, Craig... On 15-12-31 12:26 PM, Daniel Miller wrote:
Craig,I see you are using Nmap 6.40, released in July 2013. IPv6 support was one of the biggest areas of improvement in the recent Nmap 7.00 release, so I would encourage you to upgrade.Regarding the MLD script specifically, we just fixed a bug and improved detection [1], but the fix has not yet been released. You can get it by downloading the script from the NSEdoc page [2] as well as the multicast.lua library [3].Dan [1] http://seclists.org/nmap-dev/2015/q4/258 [2] https://nmap.org/nsedoc/scripts/targets-ipv6-multicast-mld.html [3] https://nmap.org/nsedoc/lib/multicast.htmlOn Dec 31, 2015 1:24 PM, "Craig Miller" <cvmiller () gmail com <mailto:cvmiller () gmail com>> wrote:On 15-12-31 09:22 AM, David Fifield wrote: On Thu, Dec 31, 2015 at 08:23:49AM -0800, Craig Miller wrote: On 15-12-30 11:07 AM, David Fifield wrote: On Wed, Dec 30, 2015 at 08:55:59AM -0800, Craig Miller wrote: It would be nice if nmap supported the MLD/ff02::1 approach natively, as the brute force method is not really practical for IPv6. I am hoping to start a discussion in order to further improve nmap. If you use the newtargets script argument, the discovered addresses will be added to the target list and scanned. nmap -6 -F -v --script-args newtargets --script targets-ipv6-multicast-mld Thanks David, I will work through getting the targets-ipv6-multicast-mld script running. Perhaps there is a ubuntu/debian package which the casual user of nmap can use to install the script. But the reason I was requesting that IPv6 scanning using the ff02::1 method be integrated natively in nmap is to make it available for the casual user of nmap. I have used nmap and found it quite useful for over 13 years, and never ran a nse script. I suspect there is a large community of nmap users who are like me. Having native support within nmap would reach a much larger audience. Maybe I don't understand you. The scripts *are* part of Nmap. They are included in the Ubuntu/Debian packages. You don't have to install anything separately. Just try running the example command line I showed. There are other IPv6 discovery scripts you might want to try. nmap --script-help 'targets-ipv6-*' https://nmap.org/nsedoc/scripts/targets-ipv6-map4to6.html https://nmap.org/nsedoc/scripts/targets-ipv6-multicast-echo.html https://nmap.org/nsedoc/scripts/targets-ipv6-multicast-invalid-dst.html https://nmap.org/nsedoc/scripts/targets-ipv6-multicast-mld.html https://nmap.org/nsedoc/scripts/targets-ipv6-multicast-slaac.html https://nmap.org/nsedoc/scripts/targets-ipv6-wordlist.html A ton of Nmap functionality is implemented through the scripting engine these days. If you've even run -sV, you've run a script. Thanks again, David. You are right, of course, the scripts are in /usr/share/nmap/scripts/ But I am still having trouble, the mld script detects no hosts: cvmiller@hau:/usr/share/nmap/scripts$ nmap -6 -vv --script targets-ipv6-multicast-slaac.nse Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-31 11:17 PST NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. NSE: Starting runlevel 1 (of 1) scan. NSE: Script Post-scanning. NSE: Starting runlevel 1 (of 1) scan. Read data files from: /usr/bin/../share/nmap WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.07 seconds cvmiller@hau:/usr/share/nmap/scripts$ nmap -6 -vv --script targets-ipv6-multicast-slaac.nse --script-args newtargets Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-31 11:17 PST NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. NSE: Starting runlevel 1 (of 1) scan. NSE: Script Post-scanning. NSE: Starting runlevel 1 (of 1) scan. Read data files from: /usr/bin/../share/nmap WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.06 seconds cvmiller@hau:/usr/share/nmap/scripts$ cvmiller@hau:/usr/share/nmap/scripts$ cvmiller@hau:/usr/share/nmap/scripts$ cvmiller@hau:/usr/share/nmap/scripts$ sudo nmap -6 --script=targets-ipv6-multicast-mld.nse --script-args 'newtargets,interface=eth0' Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-31 11:18 PST WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.07 seconds The second run is right off example in: https://nmap.org/nsedoc/scripts/targets-ipv6-multicast-mld.html I have 11 IPv6 hosts on my network, not sure why it isn't finding something. Is there a debug flag to help understand where it is going wrong? TIA, Craig... _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: nmap scanning of IPv6 hosts Craig Miller (Jan 04)
- Re: nmap scanning of IPv6 hosts Daniel Miller (Jan 04)
- Re: nmap scanning of IPv6 hosts Craig Miller (Jan 04)
- Re: nmap scanning of IPv6 hosts Daniel Miller (Jan 04)