Nmap Development mailing list archives
Re: Google/Nmap SoC 2009 Project Ideas?
From: fred <kbcboy () gmail com>
Date: Tue, 17 Mar 2009 22:34:16 -0400
A day late ... for what it's worth Feature requests that might be implemented in nmap ... 1) I'd like to be able to extract the map nmap creates in zenmap. Or maybe have a new -oM (output Map) Possibly tie in Graphiz code http://www.graphviz.org/Gallery.php similar to what's been done with scapy Maybe that's already there and I'm just not using it right ... There are a ton of things that can be done with the scripting language and snmp 2) snmp-os-discovery - snmp should be able to give almost 100% accuracy of the os if snmp is available 3) snmp-tftp-router-config --script snmp-tftp-router-config --script-args=tftpserver=<TFTP server IP>,community=<SNMP Community String> See perl script that does this: http://littlehacker.persiangig.com/cisco/copy-router-config.pl (it's also on backtrack) It uses the perl mod Cisco::Copyconfig which is well documented CPAN module Cisco::Copyconfig get's it's inspiration from Cisco: http://www.cisco.com/application/pdf/paws/15217/copy_configs_snmp.pdf - extra credit - ability to spoof udp snmp requesting IP address to bypass ACL http://www.securityfocus.com/infocus/1847 - - extra extra credit - have a script / option to merge a config on a tftp server with a running config on router (say to have an extra access-list or a backup admin) 4) snmp-detect-multi-homed Detect systems with multiple interfaces and print out ip addresses using snmp 5) This one is tricky ... I'd like to be able to scan with nmap my network to see if any multi-homed systems allow me to route traffic through them. something like --script backchannel-detection.nse --script-args external-address=<IP address of an external reachable system> and then have nmap send out a specially crafted signature that I can detect on that external system. And find backdoors on my network. 6) snmp users enumeration 7) snmp software listing (patch levels etc) All the snmp stuff shouldn't be too hard as it's just knowing the right OID's to query. 8) rdp-os-detection - might take some research here to see what differentiates a 2k from 2k3 over rdp 9) rusers.nse print out users logged in on hosts running rusers 10) nfs exports enumeration - output of 'showmount -e' on unix exported filesystems - would you implement this similar to some probes by capturing the request in wireshark and recreating it ? _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Google/Nmap SoC 2009 Project Ideas?, (continued)
- Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Toni Ruottu (Mar 09)
- Re: Google/Nmap SoC 2009 Project Ideas? Fyodor (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Professor 0110 (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? Vlatko Kosturjak (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? Ron (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? Vlatko Kosturjak (Mar 12)
- Re: Google/Nmap SoC 2009 Project Ideas? Ron (Mar 11)
- script cooperation jah (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? majek04 (Mar 17)
- Re: Google/Nmap SoC 2009 Project Ideas? doug (Mar 17)
- Re: Google/Nmap SoC 2009 Project Ideas? fred (Mar 17)