Nmap Development mailing list archives
Re: address-info.nse
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sat, 9 Jul 2011 10:53:06 +0300
I like the script idea. IPv4 addresses have information encoded in them as well. Atleast there are different address ranges for loopback, LAN, WAN, documentation etc. Typically we prefix names of scripts that operate by ip address with "ip-". I would also like to call this something other than info just because an info script would typically talk to the host to figure out details. Maybe we could name this script simply ip-address.nse. On Sat, Jul 9, 2011 at 7:49 AM, David Fifield <david () bamsoftware com> wrote:
Because IPv6 addresses are so big, they often encode information such as an IPv4 address. The attached script extracts embedded data from addresses. It does all its computation locally. I have implemented five IPv6 formats: * IPv4-compatible IPv6 addresses, * IPv4-mapped IPv6 addresses, * Teredo IPv6 addresses, * 6to4 IPv6 addresses, and * stateless address autoconfiguration (SLAAC) addresses using EUI-64. from these we can get various combinations of IPv4 addresses, MAC addresses, and (in the case of Teredo) a port number. There is a place for IPv4 addresses too but I haven't thought of any IPv4 address formats. Some other ideas for IPv6 addresses are at https://secwiki.org/w/Nmap/Script_Ideas#address-info. At the end is a sample of the output. David Fifield Nmap scan report for ::1.2.3.4 Host script results: |_address-info: IPv4-compatible; IPv4 address: 1.2.3.4 Nmap scan report for ::ffff:1.2.3.4 Host script results: |_address-info: IPv4-mapped; IPv4 address: 1.2.3.4 Nmap scan report for 2001:0:506:708:282a:3d75:fefd:fcfb Host script results: | address-info: Teredo: | Server IPv4 address: 5.6.7.8 | Client IPv4 address: 1.2.3.4 |_ UDP port: 49802 Nmap scan report for 2002:102:304::1 Host script results: |_address-info: 6to4: IPv4 address: 1.2.3.4 Nmap scan report for fe80::a8bb:ccff:fedd:eeff Host script results: |_address-info: SLAAC IPv6; MAC address: aa:bb:cc:dd:ee:ff _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- address-info.nse David Fifield (Jul 08)
- Re: address-info.nse Patrik Karlsson (Jul 08)
- Re: address-info.nse Toni Ruottu (Jul 09)
- Re: address-info.nse Fyodor (Jul 17)
- Re: address-info.nse Gorjan Petrovski (Aug 22)
- Re: address-info.nse David Fifield (Aug 22)
- Re: address-info.nse Gorjan Petrovski (Aug 23)
- Re: address-info.nse Gorjan Petrovski (Aug 22)