Nmap Development mailing list archives
Re: does nmap already do this?
From: "Michael Pattrick" <mpattrick () rhinovirus org>
Date: Fri, 15 Aug 2008 21:07:25 -0400
Hey Mike, On Fri, Aug 15, 2008 at 8:57 PM, Brandon Enright <bmenrigh () ucsd edu> wrote:
As for including the actual executable name... for the most part that is a dangerous thing to do. Vendors often change names, paths, get bought by other companies, etc.
Just to reiterate what Brandon said, Nmap(or any network utility that doesn't break into the target computer) is incapable of finding out the name of the executable on a target machine, as filenames aren't exposed to the network stack. "C:\Program Files\DISC\DISCover.exe" Might just as easily be "F:\CustomDir\TheAdminRenamedTheEXE.exe" The closest thing Nmap can do is discover the name and version of the service, and as Brandon said -sV is your friend. Cheers, Michael _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- does nmap already do this? mike (Aug 15)
- Re: does nmap already do this? Brandon Enright (Aug 15)
- Re: does nmap already do this? Michael Pattrick (Aug 15)
- Re: does nmap already do this? DePriest, Jason R. (Aug 15)
- Re: does nmap already do this? Brandon Enright (Aug 15)