Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SoC Feature Creeper and Performance Czar Tasks

From: Fyodor <fyodor () insecure org>
Date: Wed, 24 May 2006 21:02:37 -0700
On Sat, May 13, 2006 at 10:55:13PM -0700, Fyodor wrote:


o Write a general scanning engine for abusing applications for port
  scanning purposes. This would handle scanning through SOCKS and HTTP
  proxies, and the existing FTP bounce scan would also be ported to this
  engine. Proxy chaining must be supported.


Someone (who wants to remain anonymous) also suggested bouncing
through IMAP servers using the SELECT command.  You do need to
authenticate, but it could be useful toward elevating privileges once
you sniff a mail password.  Here are the details:

http://lists.darklab.org/pipermail/darklab/2006-January/000185.html

So I've added IMAP to the task.  TOR is a possibility too.  Anyone
know any other good protocols we can coax into port scanning for us?

Cheers,
-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Previous By Date Next
Previous By Thread Next

Current thread: