Nmap Development mailing list archives
Re: 2006 Tool Survey Released - SecTools.Org
From: Diman Todorov <diman () xover mud at>
Date: Thu, 22 Jun 2006 14:06:06 +0200
On Jun 22, 2006, at 1:48 AM, KarMax wrote:
On 6/21/06, Fyodor <fyodor () insecure org> wrote:Yeah, I expected them to take a hit too. But I guess the survey would be pointless if we could predict everything. Also, Nessus doesn't have much open source vulnerability scanning competition right now. I'd love to see that change in the next survey.Mmmm maybe is just the right moment to develop a new tool (is a hole to be full filled)
I usually don't like to parrot, but: as I mentioned earlier, my SoC project is to add lua scripting to nmap. This effectively adds the required functionality to perform exploit tests with nmap. The exploit tests themselves are written in LUA :) If you do think that vulnerability scans in nmap are useful, please beta test http://xover.mud.at/~diman/nmap-4.10LUA.tar.bz2 and drop me a few lines of feedback. The current version has all of the functionality of the final version. The final version will use nmap libraries instead of luasocket for network i/o and it will execute scripts in parallel instead of sequentially. The current version is not suit for large scans because of its sequential nature but I have already scanned /24 networks without problems. For installation instructions please read README_LUA in the nmap tarball usage: perform all scripts in ./nmap_scripts nmap -sC localhost perform all scripts in some_dir nmap --script-scan=some_dir localhost perform all scripts in some_dir and some_script.lua nmap --script-scan=some_dir,some_script.lua localhost Known Bugs: the user documentation is currently far from complete :/ example session: Quintillian:~/SoC/scratch/diman/nmap diman$ ./nmap -sC <censored> -p 22,25,80,631,113 Starting Nmap 4.10LUA ( http://www.insecure.org/nmap/ ) at 2006-06-22 13:57 CEST Warning: File ./nmap-services exists, but Nmap is using /usr/local/ share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Interesting ports on <censored>: PORT STATE SERVICE SCRIPT SCAN 22/tcp open ssh | Service owner is: root | stealth sshd version: SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4 25/tcp open smtp | Service owner is: mail | smtp version: 220 HET2 ESMTP Exim 3.36 #1 Thu, 22 Jun 2006 13:57:18 +0200 80/tcp open http | Site title: Main Page - Wikipedia | Service owner is: www-data 113/tcp open auth | Service owner is: nobody 631/tcp open ipp | Service owner is: root Nmap finished: 1 IP address (1 host up) scanned in 1.316 seconds Quintillian:~/SoC/scratch/diman/nmap diman$ example script: socket = env.require("socket") -- this function returns true if the script should run -- on the currently scanned port and false otherwise portrule = function() identd = nmap.getPortState(113, "tcp") -- if identd is open on this host, then the script fires if identd then decision = true else decision = false end return decision end -- this function performs the test and returns the output action = function() status = 0 owner = "" client_ident = socket.tcp() client_service = socket.tcp() client_service:connect(host.ip, port.number) client_ident:connect(host.ip, 113) peer_ip, peer_port = client_service:getsockname() request = port.number .. ", " .. peer_port .. "\n" client_ident:send(request) owner = client_ident:receive() owner = env.string.match(owner, "USERID : .+ : (.+)", 1) if owner == nil then owner = "no user" end owner = "Service owner is: " .. owner client_ident:close() client_service:close() return owner end _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Re: 2006 Tool Survey Released - SecTools.Org KarMax (Jun 21)
- Re: 2006 Tool Survey Released - SecTools.Org Fyodor (Jun 21)
- Re: 2006 Tool Survey Released - SecTools.Org KarMax (Jun 21)
- Re: 2006 Tool Survey Released - SecTools.Org Diman Todorov (Jun 22)
- Message not available
- Re: 2006 Tool Survey Released - SecTools.Org Diman Todorov (Jun 22)
- Re: Nmap Attack Scripting Language Fyodor (Jun 24)
- Re: 2006 Tool Survey Released - SecTools.Org KarMax (Jun 21)
- Re: 2006 Tool Survey Released - SecTools.Org Fyodor (Jun 21)
- Re: 2006 Tool Survey Released - SecTools.Org Fyodor (Jun 22)