Nmap Development mailing list archives
Ncrack discussion
From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Thu, 14 May 2009 15:49:28 +0300
Ncrack is already in the stage of being coded but there are some pending issues which need to be discussed. 1) Target-Service Specification One of the most important issues is command-line target and service specification. An easy-to-use and flexible scheme, like Nmap's, is the goal here. I will provide some examples so that things are clearer that way: Ex1: $ ncrack 10.0.0.*, 192.168.1.1, www.google.com -p22, 23 This will try to crack the default services on ports 22, 23 (ssh, telnet) for hosts 10.0.0.0-255, 192.168.1.1 and www.google.com What happens if the user knows that the above hosts' services listen on non-default ports? He should be able to specify that like this: Ex2: $ ncrack 10.0.0.*, 192.168.1.1, www.google.com -p399, 4531 -s ftp, svn This means that the user knows that the targets all have an ftp service that listens on port 339 (non-default) and an svn service that listens on port 4531(non-default). The port list -p option and the -s service-name option should be 1-1. In addition Ncrack should be able to deduce the default ports just by naming the services with -s (or --service). Fyodor also suggested a url-like scheme like this: Ex3: $ ncrack ssh://scanme.nmap.org:22, ftp://foo.bar.org:3000, bar.acme.org:21, ftp://scanme.nmap.org which will crack: scanme.nmap.org for ssh on port 22, foo.bar.org for ftp on port 3000 (non-default) bar.acme.org for ftp (deduced from default port 21) on port 21 scanme.nmap.org for ftp on default port 21 I believe that supporting all schemes (Ex1, Ex2, Ex3) is the way to go. What do you think? 2) Ncrack Input from Nmap Output Ncrack is probably going to be used after a Nmap scanning has taken place. This means that being able to parse Nmap's output and trying to crack all the services that Ncrack can handle is a good idea. iirc they are already some parsers out there that do the job? Could someone point me to them? Additionally, should we be able to support every output format parsing (surely the grepable one should be the easiest). That is all for now. Cheers, ithilgore _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ncrack discussion ithilgore (May 14)
- Re: Ncrack discussion Kris Katterjohn (May 14)
- Re: Ncrack discussion Arturo 'Buanzo' Busleiman (May 14)
- Re: Ncrack discussion sara fink (May 16)
- Re: Ncrack discussion ithilgore (May 16)
- Re: Ncrack discussion Arturo 'Buanzo' Busleiman (May 14)
- Re: Ncrack discussion Kris Katterjohn (May 14)
- Re: Ncrack discussion jah (May 14)
- Re: Ncrack discussion ithilgore (May 14)
- Re: Ncrack discussion jah (May 14)
- Re: Ncrack discussion ithilgore (May 14)
- Re: Ncrack discussion doug (May 14)
- Re: Ncrack discussion Dnucna (May 15)
- Re: Ncrack discussion ithilgore (May 14)