Nmap Development mailing list archives
Hani's status report #8 of #17
From: Hani Benhabiles <kroosec () gmail com>
Date: Tue, 19 Jun 2012 03:58:20 +0100
Hi list, Achievements:- I have added IPv6 support to firewall-bypass FTP helper. This is very interesting because, unlike in IPv4, there is no Real path filter routing-based implementation in Linux for IPv6 and it is available as a module for netfilter only since Linux 3.3 and iptables 1.4.13. Just some last polishes and tests before posting the script to the list.
- While working on IPv6 support in firewall-bypass, I have fixed a subtle bug in packet.lua library that caused the tcp_data_length in IPv6 to be miscalculated due to the IPv6 payload length field and IPv4 packet length being treated the same way.
- I have Updated ssl fingerprints database to use the latest version from littleblackbox which has newer fingerprints.
- I have looked into tls-nextprotoneg, we may not be able to add it as support for tls NPN extension was added to Openssl in version 1.0.0h while we are currently shipping an older version in mswin32.
- I have researched the SIP protocol to see what we could add to Nmap (spoofing invite requests, using options for enumeration, tracerouting with max-forwards header...).
- I have added intensive mode scan to http-waf-fingerprint, at the moment only Naxsi WAF has one.
Priorities: - Finish any remaining work with firewall-bypass and http-waf-fingerprint. - Research the feasibility of tls-nextprotoneg and work on it. - Work on SIP related scripts. - See with some work already done by Patrik on ospf and check what to add. - Checking / Working on other ideas from scripts ideas wiki page. Cheers, Hani. -- Hani Benhabiles Twitter: https://twitter.com/#!/kroosec Blog: http://kroosec.blogspot.com _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Hani's status report #8 of #17 Hani Benhabiles (Jun 18)