Nmap Development mailing list archives
Re: status line in nmap
From: ian.vitek () ixsecurity com
Date: Thu, 4 Jan 2001 11:27:24 +0100
Yo! We at iXsecurity have problems when pentesting firewalls. We want to know how long time the scan will take (with our timing switches). Therefor have we added a -c switch to nmap. There is still problems with resends (firewalled ports) but the solution below is acceptable. The output is two status rows updated every second: -------------------------------------------------------- root@trapper:/hacktools# nmap -sS -p 1- -c -n 10.0.0.1 Starting nmap V. 2.54BETA7IAN ( www.insecure.org/nmap/ ) Tried: 25080 (0 resends) P/S: 3582.86 ETS: 11 -------------------------------------------------------- Legend: Tried=ports tried resends=firewalled resends or similar (setting a port to PORT_FRESH) P/S=ports per second ETS=Estimated Time of Scan in seconds The cursor is moved to the "T" in Tried so if something is written (verbose output or results) the two status rows is overwritten and the next status information continues at the end. Nothing is written to the log. This is only tested on standard unix terminals. The "\e[28D\e[A" is taken from the linux termcap file. Can this be included into the next nmap version? Best regards //Ian Vitek, iXsecurity Cell: +46-70-2293917 PS: See Fyodors remarks below. scan_engine.c 2.54BETA7 ======================= 531a532,533
int itimes = 0; int iresends = 0;
544a547
int lastcheckedtime;
707a711
lastcheckedtime = starttime;
914a919,926
if (o.count) { itimes++; if ( time(NULL) != lastcheckedtime ) { lastcheckedtime = time(NULL); log_write(LOG_STDOUT, "Tried: %5d (%d resends) \nP/S:
%8.2f ETS: %7.0f \e[28D\e[A", itimes , iresends , (double) ( itimes ) / ( 1 + lastcheckedtime - starttime ) , (double) ( o.numports - itimes + iresends ) / ( (double) itimes / ( 1 + lastcheckedtime - starttime ) ) );
log_flush(LOG_STDOUT); } }
1042a1055
iresends++;
1241a1255,1257
int lastcheckedtime; int itimes = 0; int iresends = 0;
1345a1362
lastcheckedtime = starttime;
1427a1445,1452
if (o.count) { itimes++; if ( time(NULL) != lastcheckedtime ) { lastcheckedtime = time(NULL); log_write(LOG_STDOUT, "Tried: %5d (%d resends) \nP/S:
%8.2f ETS: %7.0f \e[28D\e[A", itimes , iresends , (double) itimes / ( 1 + lastcheckedtime - starttime ) , (double) ( o.numports - itimes + iresends ) / ( (double) ( itimes + iresends ) / ( 1 + lastcheckedtime - starttime ) ) );
log_flush(LOG_STDOUT); } }
1648a1674
iresends++;
=================================================== I am a Unix freak. 8) This meens that I can't, not jet, do WinNT CMD.EXE cursor moves or XML tagging :( The status line is now working for TCP/Syn/X/Null/Fin/RPC scans. Shouldn't be to hard to implement it to FTP-bounce. To time the whole scan I need to count computers done. This is not done in the scan_engine.c... Well I do not have the time to implement this feature. Thanks for a good tool! //Ian Vitek, iXsecurity PS: hackers () guardianit se is hackers () ixsecurity com, pentesters (whitehat hackers) at ixsecurity. --------------------------------------------------- Neat! You might want to send that to nmap-dev () insecure org (the latter is much smaller -- only about 200 people vs. 11,000 in the hackers list). I would love to add this sort of functionality to Nmap, but it has to be full featured and general. But if you have time, it would certainly be a useful contribution. Here are some of the things I think would be important in such a feature: -- It should work on the large majority of terminal types -- this includes normal VT100, Xterm, and console terminals. Maybe your "\e[28D\e[A" is portable enough already. Otherwise something link ncurses or curses should probably be used (and ./configure should just disable the feature if the *curses library isn't available) -- It should provide the capability for later support by Nmap GUIs. This probably just means outputing an XML tag every 10 seconds or so giving the current status info that you are printing to the terminal. -- It should support all the scan types (even though some of the estimates might not be so good on some of them). -- It would be very nice (although probably not essential) if it gave an idea of estimated time for the whole Nmap run to finish, rather than just the current scan. By the way, who are Hackers () guardianit se ? Cheers, -F --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Re: status line in nmap ian . vitek (Jan 04)
- Re: status line in nmap H D Moore (Jan 04)