Re: Android UI for Nmap

[Vlatko Kosturjak <kost () linux hr>]

On Wed, Jan 28, 2015 at 04:01:15PM -0800, Fyodor wrote:
> Hi Vlatko, that's great news!  I only had a couple minutes today, but the
> download/install of the UI worked and then it was able to download and run
> the Nmap executable.  This is on a Nexus 5 running stock 5.0 Lollipop.  At

Glad it worked!

> first I tried "scanme.nmap.org" as the target and that always fails in
> about 0.15 seconds saying 0 hosts were scanned.  The same happened with
> other hostnames, so I think there is a problem with the DNS lookup.  But I
> then tried against the Scanme IPv4 IP (74.207.244.221) and the port scan
> succeeded!  I tried again with -A and both version detection and NSE seemed
> to work.  Nice!

Although, Android 4 and higher should have IPv6 support it is still flaky.
I suspect that should be the source of the problem.  
Internet is full of bad experiences, bug requests and issues regarding 
Android and IPv6. 

For sake of completeness, here are few references:
https://android.stackexchange.com/questions/3718/does-android-have-support-for-ipv6
https://code.google.com/p/android/issues/detail?id=3389
https://code.google.com/p/android/issues/detail?id=32630

> I was surprised that I wasn't asked about permissions when I installed the
> app.  Normally Android asks me to confirm a list of permissions before
> installation.  Strange.

Permissions are standard ones which you can see yourself here:
https://github.com/kost/NetworkMapper/blob/master/app/src/main/AndroidManifest.xml

For reading nmap datadir:
 <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
For downloading binary and scanning (obviously!):
 <uses-permission android:name="android.permission.INTERNET" />
For keeping android awake during scanning:
 <uses-permission android:name="android.permission.WAKE_LOCK" />

> I was going to ask how to give custom command lines to help debug, but it
> looks like I can just stick things like -d5 and --packet-trace in with the
> host names.  It might be nice to have a "custom" option in the scan menu
> which lets people specify arguments more explicitly.  Even if "custom" just
> gave a text box suggesting that the user specify the CLA in the host box,
> that'd probably help.

Thanks on comments! Regular == Custom. It will scan without any flags. 
That means that if you select "regular" you can just specify "--version" 
in host box and you'll get "nmap --version" output. Also, if you say
"--iflist" you will get list of interfaces for debugging.

Although, current UI is more PoC than final one. My idea
is to have task oriented UI with some context awareness (i.e. if Android
is connected to wireless network, provide button to scan wireless network 
subnet for hosts and later parse results and show them for further scans), etc.
Current activity (how it looks now) would be part of UI for advanced users.

In the meantime, Dinko Korunic (in CC:) jumped in and is helping me in 
transition from PoC to solid product. He's fine with Nmap License and/or GPL.

I'm open for any suggestions or (better!) patches.

> I hope I have time to look into the DNS issue more.  If you'd like me to
> try anything specific, just let me know.  I've tried it on both Wifi and
> the AT&T packet network with the same problem.

I'm actually interested how it works for people who have mips or intel based
androids. I have tried such devices only on emulators as I don't have any mips
or intel based Android near me. If anyone have such device and its Android 
4.0 or higher (UI written to support 4+) let me know if it works for you! 

Note: UI is written to support Android 4+ or higher, but binaries itself should 
support android 1.5 or higher. 

Thanks in advance!
-- 
Vlatko Kosturjak - KoSt
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/