Nmap Development mailing list archives
Re: Ideas for nmap development
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Mon, 4 Apr 2011 02:04:24 +0300
Maybe someone who uses nmap and metasploit together could tell what the biggest problems in that combination are. What would be the best way to make that workflow more efficient? Should nmap print metasploit commands that the user could just cut and paste to the console? I do not believe that nmap can beat metasploit in this area, but maybe interoperability can be improved. The problem is that exploits may enable one to do all kinds of things to a vulnerable system. It is not clear you want to do all of those things. For example some versions of NetBus let you bypass authentication. The netbus-auth-bypass script detects this and reports it to the user. We also make use of the vulnerability in netbus-info, as it is important for the admin to see what kind of information the service leaks through. However we do not use auth bypass to perform any operations on the vulnerable system. The reason why we do not perform operations on systems is that nmap does not have a way for defining operations. We'd first need a way of telling nmap: change password of all discovered systems to "kallisti". Then we could write setpwd-scripts to automate the task for different protocols. This might not be a bad idea, but the tasks to perform should not require interaction. Thus metasploit would still remain the way to go for more complex tasks. On Sun, Apr 3, 2011 at 9:21 PM, Manik Jindal <manikjindal () gmail com> wrote:
Hello, I am a student of IITH pursuing B.Tech (2nd yr., CSE). I got the following ideas: 1. *Detect vulnerabilities and attack* nmap can detect applications along with their versions, binded with ports. If it also tells about the possible attacks, it will be a more better tool. Attacking option can also be embeded, which requires only a script for each attck. *How to implement* ** 1. Query CVE database with application name and version, which tells almost all the possible vulnerabilities. 2. List all of them. 3. Ask for an attack. 4. Choose script(if already present in nmap-attack database, may available on nmap server or local machine) or asks for script file. 5. Attack, by running script. *Script content* 1. On which port to attack 2. What packets to be send 3. Type of packets 4. If any communication requires, it will also be explained in it. 5. If an attack requires some information from user, it can ask. *Requirements to run script:* A script engine. Engine can either be NSE (if possible) or a new script engine. 2. *nmap for Mobile platforms* In todays life mobiles have a special character. It will be better to have nmap for mobiles. It will give portability to nmap users. Users can scan networks during travelling, and even at those places where laptops are not handy to use. And it will be useful at public places where obviously an hacker do not want to show results to any one. Its better to develop nmap for Android platform, coz of market statistics. Hope you like my ideas. Thank You. -- Manik Jindal CSE 2nd Year, IIT Hyderabad. +91 94933 29820 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Ideas for nmap development Manik Jindal (Apr 03)
- Re: Ideas for nmap development Toni Ruottu (Apr 03)
- Re: Ideas for nmap development Toni Ruottu (Apr 16)
- Re: Ideas for nmap development David Fifield (Apr 06)
- Re: Ideas for nmap development Manik Jindal (Apr 07)
- Re: Ideas for nmap development Toni Ruottu (Apr 03)