Nmap Development mailing list archives
Re: address-info.nse
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 9 Jul 2011 08:02:18 +0200
On Jul 9, 2011, at 6:49 AM, David Fifield wrote:
Because IPv6 addresses are so big, they often encode information such as an IPv4 address. The attached script extracts embedded data from addresses. It does all its computation locally. I have implemented five IPv6 formats: * IPv4-compatible IPv6 addresses, * IPv4-mapped IPv6 addresses, * Teredo IPv6 addresses, * 6to4 IPv6 addresses, and * stateless address autoconfiguration (SLAAC) addresses using EUI-64. from these we can get various combinations of IPv4 addresses, MAC addresses, and (in the case of Teredo) a port number. There is a place for IPv4 addresses too but I haven't thought of any IPv4 address formats. Some other ideas for IPv6 addresses are at https://secwiki.org/w/Nmap/Script_Ideas#address-info. At the end is a sample of the output. David Fifield Nmap scan report for ::1.2.3.4 Host script results: |_address-info: IPv4-compatible; IPv4 address: 1.2.3.4 Nmap scan report for ::ffff:1.2.3.4 Host script results: |_address-info: IPv4-mapped; IPv4 address: 1.2.3.4 Nmap scan report for 2001:0:506:708:282a:3d75:fefd:fcfb Host script results: | address-info: Teredo: | Server IPv4 address: 5.6.7.8 | Client IPv4 address: 1.2.3.4 |_ UDP port: 49802 Nmap scan report for 2002:102:304::1 Host script results: |_address-info: 6to4: IPv4 address: 1.2.3.4 Nmap scan report for fe80::a8bb:ccff:fedd:eeff Host script results: |_address-info: SLAAC IPv6; MAC address: aa:bb:cc:dd:ee:ff <address-info.nse>_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Works great for me, after re-compiling Nmap. I don't do that very often and was about to write a bug report before I tried it. Until we get an updater, maybe we should put a "requires nmap 5.59Beta1" in the comments? Or in whatever release host.bin_ip was added. Just a thought. //Patrik -- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- address-info.nse David Fifield (Jul 08)
- Re: address-info.nse Patrik Karlsson (Jul 08)
- Re: address-info.nse Toni Ruottu (Jul 09)
- Re: address-info.nse Fyodor (Jul 17)
- Re: address-info.nse Gorjan Petrovski (Aug 22)
- Re: address-info.nse David Fifield (Aug 22)
- Re: address-info.nse Gorjan Petrovski (Aug 23)
- Re: address-info.nse Gorjan Petrovski (Aug 22)