Nmap Development mailing list archives

small XML output inconsistency and a fix

From: "Michael Pattrick" <mpattrick () rhinovirus org>
Date: Sat, 2 Aug 2008 15:42:45 -0400

Hey everyone,

I just noticed this small oddity, when I run a command with custom
scan flags such as:
nmap --scanflags URGACK -p80 -oX test.xml 10.0.0.1

The XML file reports:
<scaninfo type="syn" protocol="tcp" numservices="1" services="80" />

URGACK is just an example, no matter what you use, by default it will
always report as syn.

I wrote a patch to fix this(attached) but it adds another attribute to
the scaninfo element so I thought I owuld announce it here before
committing. This patch will change the XML output to the following:
<scaninfo type="syn" scanflags="ACKURG" protocol="tcp" numservices="1"
services="80" />

I didn't want to change the 'type' attribute because the user can
still specify nmap options like "-sA --scanflags RSTPSH" which would
output like:
<scaninfo type="ack" scanflags="RSTPSH" protocol="tcp" numservices="1"
services="80" />

Any comments on this new attribute welcome.

Cheers,
Michael

Attachment: c14n.patch
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

small XML output inconsistency and a fix Michael Pattrick (Aug 02)
- Re: small XML output inconsistency and a fix Kris Katterjohn (Aug 03)
- Re: small XML output inconsistency and a fix David Fifield (Aug 04)
  - Re: small XML output inconsistency and a fix Michael Pattrick (Aug 04)