Nmap Development mailing list archives
Re: adding this option?
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Sun, 13 Jan 2008 23:20:39 -0600
On Jan 13, 2008 9:31 PM, mike <> wrote:
i mentioned this to Fyodor but never got a reply. i have used nmap for years and love the options it features and i am glad people are always looking for him to add more. right now it is the ultimate port scanner as far as i am concerned, for it pretty much has everything BUT...an option for pushing your OWN packet payload data via your own way instead of NSE scripting. i am not a fan of NSE/lua scripting, it is cumbersome and for the newbie, a bit cryptic. the same goes for adding version triggers. i have a hard time parsing those lines as well. for a few years i have done this as a test for port knocking and payload triggers---running netcat like this: nc -v -u (ip) (port) < (file i create in hex to push payload string/data). i would then run ethereal with the -X option for full disection of the protocol or just a simple running windump to see what i get back. i asked fyodor since he already has the option --data-length, which only sends RANDOM data in bytes, why not allow us, the users to point to our OWN files to send what we would like to trigger? anyone else agree with this idea? setting an option like --local-file that would point to your "payload.foo" file and you could send this to a target range for say RIP or BGP, ie: a payload that is not handled yet by nmap for triggers. i wrote out a simple 24 byte RIP1 packet to pull the remote route table on request with an AF of 0 as the RFC specifies. i have given him the idea, i do not code so i can only add my input in terms of what i would like to see as a user of nmap. any of you guys think that option could be added and would it be something you would also wish to see? Mike
Line wrap, Mike. Learn it please :P. It would probably be trivial to design an NSE script that reads in a file and sticks it out there, verbatim, on the wire. It's passed (past?) my bedtime here or I might go read the docs to see (http://insecure.org/nmap/nse/, http://insecure.org/nmap/nse/nse-tutorial.html#nse-tutorial-action). -Jason -- NOTICE: Reading this email message requires root privileges which you do not appear to possess. Sorry, dude. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- adding this option? mike (Jan 13)
- Re: adding this option? DePriest, Jason R. (Jan 13)
- Re: adding this option? Eddie Bell (Jan 15)
- Re: adding this option? Brandon Enright (Jan 15)
- Re: adding this option? Eddie Bell (Jan 15)
- Re: adding this option? Diman Todorov (Feb 01)
- Re: adding this option? Eddie Bell (Jan 15)
- Re: adding this option? DePriest, Jason R. (Jan 13)