Nmap Development mailing list archives

Re: Bug report, error in documentation

From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 1 Feb 2017 08:06:32 -0600

This is not an error in documentation: the script will run just fine on
port 443 as in the example, since that port is a "known SSL port." There
are 19 such ports and 14 service names that get this special treatment. For
other services, it's recommended that you use -sV to perform version
scanning, since this will detect a simple SSL tunnel in the vast majority
of cases. There are only a small handful of times where "+" is needed (user
knows SSL is present and wants to skip version scan, etc.), and a good many
times where it would be useless or result in a ton of extra probing, so we
keep the documentation light on that feature:
https://nmap.org/book/nse-usage.html#nse-cmd-line-args and
https://nmap.org/book/man-nse.html

I've added a recommendation to use -sV to the documentation. Hopefully this
will clear up the confusion.

Dan

On Tue, Jan 31, 2017 at 2:23 PM, ToddAndMargo <ToddAndMargo () zoho com> wrote:

Dear NMap Bugs,

On your web page
    https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html

You show a sample run string

Example Usage

nmap --script ssl-enum-ciphers -p 443 <host>

with a sample result:

Script Output

PORT    STATE SERVICE REASON
443/tcp open  https   syn-ack
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
and on and so forth

that shows the various ciphers.

Bug: to actually get this output (report), you need to
add a plus sign "+" in front of the name of the script.

The correct example should be:

nmap --script *+*ssl-enum-ciphers -p 443 <host>


I pulled some hair out trying to get this report before
I realized the missing plus sign.

Many thanks,
-T




--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Computers are like air conditioners.
They malfunction when you open windows
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Bug report, error in documentation ToddAndMargo (Jan 31)
- Re: Bug report, error in documentation Daniel Miller (Feb 01)
  - Re: Bug report, error in documentation ToddAndMargo (Feb 02)
    - Re: Bug report, error in documentation Robin Wood (Feb 02)
- <Possible follow-ups>
- Re: Bug report, error in documentation Varunram Ganesh (Jan 31)
  - Re: Bug report, error in documentation ToddAndMargo (Feb 01)