Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

address-info.nse

From: David Fifield <david () bamsoftware com>
Date: Fri, 8 Jul 2011 21:49:11 -0700
Because IPv6 addresses are so big, they often encode information such as
an IPv4 address. The attached script extracts embedded data from
addresses. It does all its computation locally.

I have implemented five IPv6 formats:
  * IPv4-compatible IPv6 addresses,
  * IPv4-mapped IPv6 addresses,
  * Teredo IPv6 addresses,
  * 6to4 IPv6 addresses, and
  * stateless address autoconfiguration (SLAAC) addresses using EUI-64.
from these we can get various combinations of IPv4 addresses, MAC
addresses, and (in the case of Teredo) a port number. There is a place
for IPv4 addresses too but I haven't thought of any IPv4 address
formats. Some other ideas for IPv6 addresses are at
https://secwiki.org/w/Nmap/Script_Ideas#address-info.

At the end is a sample of the output.

David Fifield

Nmap scan report for ::1.2.3.4
Host script results:
|_address-info: IPv4-compatible; IPv4 address: 1.2.3.4

Nmap scan report for ::ffff:1.2.3.4
Host script results:
|_address-info: IPv4-mapped; IPv4 address: 1.2.3.4

Nmap scan report for 2001:0:506:708:282a:3d75:fefd:fcfb
Host script results:
| address-info: Teredo:
|   Server IPv4 address: 5.6.7.8
|   Client IPv4 address: 1.2.3.4
|_  UDP port: 49802

Nmap scan report for 2002:102:304::1
Host script results:
|_address-info: 6to4: IPv4 address: 1.2.3.4

Nmap scan report for fe80::a8bb:ccff:fedd:eeff
Host script results:
|_address-info: SLAAC IPv6; MAC address: aa:bb:cc:dd:ee:ff

Attachment: address-info.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: