Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] get Nmap interfaces

From: David Fifield <david () bamsoftware com>
Date: Wed, 29 Sep 2010 14:06:45 -0600
On Thu, Sep 16, 2010 at 06:34:09PM +0100, Djalal Harouni wrote:

Attached are two patches:

1) The first patch adds the broadcast address to the interface_info
struct (libnetutil). Sorry windows currently is not supported, I'll try
to register a live account to be able to use a free license, but it will
be cool if any one can send us a small patch to support it.


I think you can calculate this from the netmask with the addr_bcast
function in libdnet. That should be portable.


2) The second patch introduces two new nmap library functions:
* get_interfaces(): return a detailed table of Nmap interfaces
informations. Routes information is not included, I don't know if we
need it currently.
* get_iface(): This is for the pre-scanning phase scripts, it will
return the interface name that Nmap should use. This function can be
combined with the results of get_interfaces() to determine the current IP
address, the hardware type and the broadcast address of the interface.


Could you send a couple of sample scripts demonstrating the interface?
The main thing is that I want to make sure this meets the needs of the
dhcp-discover newtargets idea. How about these two: interfaces.nse, that
just returns a list of interfaces and information about them, and
interface-broadcast.nse, which prints the broadcast address for the
interface given by -e.

The iface.mac member should be a binary string, not a test string like
"AA:BB:CC:DD:EE:FF". This is to match host.mac addr
(http://nmap.org/book/nse-api.html#nse-api-arguments).

I think that your patch is good, I just want to make sure the
programming interface is a good as possible. This implementation creates
a brand new interface table from scratch each that nmap.get_interfaces
is called. Another option would be to generate the table once, and after
that to return a reference to it. Another idea is to have one function
that returns a list of interface names (strings only), and another
function to return an interface table given a name. A further variation
would be to return the interfaces in a table indexed by name, instead of
an array indexed by number. Would you comment on the benefits and
drawbacks of these representations? Which is the best programming
interface in your opinion?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: