Nmap Development mailing list archives
Re: Fathom 0.97 - Full Toolkit release, bug fixes, new features
From: Tom Sellers <nmap () fadedcode net>
Date: Tue, 23 Nov 2010 05:55:20 -0600
On 11/22/10 11:06 PM, David Fifield wrote:
On Sun, Nov 07, 2010 at 05:31:51PM -0600, Tom Sellers wrote:
<snip>
Release: http://www.fadedcode.net/fathom/index.htm#Fathom0.97 Changelog: http://www.fadedcode.net/fathom/downloads.htm#Changelog New functionality: * Addition of scan-full.sh, scan-recon.sh and scan-noping-full.sh shell scripts. Each of these scripts performs a particular type of single target scan. They can be executed manually for a specific target, or called by the sweep scripts.Fathom is a great example of how to run Nmap scans on a recurring basis. I also appreciate the insight into how you do your scans.
Thanks for the compliment!
This documentation is good (I was looking for it on the main page but it's on the downloads page): http://www.fadedcode.net/fathom/downloads.htm#BasicSetup
In the next release I will be improving and consolidating the documentation. The full documentation will be on the website as well as included with the scripts.
* Addition of report.sh shell script. This script accepts an IP address as input and simply echoes the contents of that IP's .nmap file to the console if it exists. This simplifies quick lookups of data for single hosts.I like this report.sh option.
It's one of the benefits of outputting the results in all formats. ;)
Changes to prior functionality: * fathom.rb - Added -m / --mac-address to search by MAC address or MAC vendor string. This will use results from nbstat.nse if the MAC data isn't present but nbstat data is. Thanks to Ron Bowes (www.skullsecurity.org) for this idea.This is a nice idea. This is another argument for better structured NSE output. Scripts should be able to represent addresses and other data without requiring special knowledge in tools like Fathom.
One thing that has come up out of this work and has been discussed by a few of us in #nmap on freenode is that scripts need the ability to set certain host values that nmap generates. The MAC address is an excellent example of this. If your target is several hops away nmap cannot figure out the MAC but there are several scripts such as nbstat.nse and the snmp scripts that can. If they could set these values (under tight controls) such as the way that port version/status/service could be set this would be very useful. Another example of a field that could be set this way would be the OS when nbstat.nse detects it. I think the major concern there would be normalization of the data.
I was surprised at the results of this search: $ ruby fathom.rb -m ab 192.168.0.190 00:16:CB:AE:D4:AC Apple Computer 2010/11/22 20:35:41
I will check this out this weekend. I have a bugfix version that I am *hopefully* going to release by Sunday. The bug fix deals with searching for SSL tunneled services. For example, https only finds services where a port was detected on port 443 AND version detection was not performed (as it then becomes HTTP with tunnel=ssl in the XML). The side benefit is that now fathom has a single flag to search for ALL services using SSL as well as a stand alone script in development to deal with SSL services. The dedicated SSL script will allow searching for certs by expiration date, creation date, issuer, bit strength, etc.
For those of you that play around with or use Fathom I would greatly appreciate any and all feedback you feel like sending regardless of the topic (functionality, code quality, installation, site, etc).I expected the Ruby and shell scripts to be executable. If that's possible to do in a zip file it would be nice. The scripts even require it: # sh sweep-recon.sh 11/22/2010 08:49:49 PM Scanning 192.168.0.0 sweep-recon.sh: line 18: ./scan-recon.sh: Permission denied 11/22/2010 08:49:49 PM Scanning 192.168.0.1 sweep-recon.sh: line 18: ./scan-recon.sh: Permission denied 11/22/2010 08:49:49 PM Scanning 192.168.0.10 sweep-recon.sh: line 18: ./scan-recon.sh: Permission denied
Thanks for the feedback on that. I will make sure that the documentation addresses this. I may provide a utility to set the bits on all the scripts as well. Thanks tons for the feedback! Tom Sellers _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Fathom 0.97 - Full Toolkit release, bug fixes, new features Tom Sellers (Nov 07)
- Re: Fathom 0.97 - Full Toolkit release, bug fixes, new features David Fifield (Nov 22)
- Re: Fathom 0.97 - Full Toolkit release, bug fixes, new features Tom Sellers (Nov 23)
- Re: Fathom 0.97 - Full Toolkit release, bug fixes, new features David Fifield (Nov 26)
- Re: Fathom 0.97 - Full Toolkit release, bug fixes, new features Tom Sellers (Nov 23)
- Re: Fathom 0.97 - Full Toolkit release, bug fixes, new features David Fifield (Nov 22)