Nmap Development mailing list archives
RE: dev Digest, Vol 126, Issue 7
From: roswell alofaga <roswella () hotmail co uk>
Date: Fri, 11 Sep 2015 07:22:28 +1200
Subject:Re: Zenmap Hacking>>I was wondering if anyone is able to help me out with getting money through hacking or ifanyone needs my help getting money out from banks in NZ I am glad to help only if I get my >share. I am home 24/7 onmy PC, So I thought I would just start earning money from home >and pay for my sons medical needs. I stay in New Zealand, Please Anybody>>Message ID: <7366897bea845d1c1afd27d3254b8f0ec059f00c () hotmail co uk>>Contact: 64 02102866266>Email: roswella () hotmail co uk From: dev-request () nmap org Subject: dev Digest, Vol 126, Issue 7 To: dev () nmap org Date: Thu, 10 Sep 2015 12:00:02 -0700 Send dev mailing list submissions to dev () nmap org To subscribe or unsubscribe via the World Wide Web, visit https://nmap.org/mailman/listinfo/dev or, via email, send a message with subject or body 'help' to dev-request () nmap org You can reach the person managing the list at dev-owner () nmap org When replying, please edit your Subject line so it is more specific than "Re: Contents of dev digest..." Today's Topics: 1. Re: [NSE] Update to s7-info.nse (Paulino Calderon) 2. Re: NMap Slowness (and Partial Fix) on Ubuntu-Based Distros (Davide Girardi) 3. Re: [NSE] Update to s7-info.nse (Stephen J. Hilt) 4. Re: Question related to the Nmap script http-useragent-tester (George Chatzisofroniou) ---------------------------------------------------------------------- Message: 1 Date: Wed, 9 Sep 2015 21:34:20 -0500 From: Paulino Calderon <paulino () calderonpale com> To: "Stephen J. Hilt" <shooter000 () gmail com> Cc: Nmap-dev <dev () nmap org> Subject: Re: [NSE] Update to s7-info.nse Message-ID: <59E7B11F-A831-4EF9-92FD-79A1F428A404 () calderonpale com> Content-Type: text/plain; charset="utf-8" Hi Stephen, Thanks for the patch. I?ve applied it in r35230. Cheers.On Sep 9, 2015, at 12:54 PM, Stephen J. Hilt <shooter000 () gmail com> wrote: Hello all, I found an issue with the s7-info script where it was never making it to trying the second COTP negotiation, as a result S7-1200 Model PLCs were not being queried correctly. See patch here https://github.com/digitalbond/Redpoint/blob/master/s7-enumerate.nse <https://github.com/digitalbond/Redpoint/blob/master/s7-enumerate.nse> Stephen J. Hilt . ..: _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://nmap.org/mailman/private/dev/attachments/20150909/bc1f6256/attachment.html> ------------------------------ Message: 2 Date: Thu, 10 Sep 2015 10:58:07 +0200 From: Davide Girardi <davidegirardi () gmail com> To: Daniel Miller <bonsaiviking () gmail com> Cc: Nmap-dev <dev () nmap org> Subject: Re: NMap Slowness (and Partial Fix) on Ubuntu-Based Distros Message-ID: <CABfgvRTkbkcDU363A8FL2U+tHjgt6N9bZFZNy6HtYqtrdbpFDw () mail gmail com> Content-Type: text/plain; charset=UTF-8 I will try to see what happens with kernel 3.19. I did a fast test with the kernel 4.0.4 and nmap 4.49beta4 and it's extremely slow in the same test condition: 67 seconds vs 1.8 seconds vs 0.10 seconds. On Wed, Sep 9, 2015 at 7:45 PM, Daniel Miller <bonsaiviking () gmail com> wrote:Davide, Thanks for the detailed bug report. This is a known issue that stems from a Linux kernel bug that was fixed in kernel 3.19. You can read all the gory details in our own bug tracker here: http://issues.nmap.org/34 Dan On Wed, Sep 9, 2015 at 11:13 AM, Davide Girardi <davidegirardi () gmail com> wrote:Hi guys, This is my first message and is going to be long! --- Quick Summary --- Nmap is really slow on Ubuntu-based distros (tested on Ubuntu, BackBox, Mint) working at top 163 packets per seconds on a LAN, while it's blazing fast on Debian 7.8 and Kali v1 working at top 20803 packets per second in the same environment. This has been tested with nmap 6.47. Physical and virtual machines. For example, scanning a host with nmap -sS -n <target IP> takes about 1.5 - 1.8 seconds on Ubuntu and just 0.10 - 0.15 seconds on Debian. Compiling nmap from source gives the same results: Debian is fast while Ubuntu is slow. This behavior seems to be related to how libpcap has been compiled (there is the same version on both systems by the way). --- Workaround for Version 6.47 --- Compiling nmap with the included libpcap (./configure --with-libpcap=included) fixes the slowness on Ubuntu based systems. Thanks to d33tah on the #nmap Freenode IRC channel for helping me with the hunt :) --- About Version 6.49beta4 --- The workaround does not seem to work with the latest beta: it compiles fine in BackBox, but has the same performance of the nmap shipped with the distro (1.80 seconds to scan a LAN host vs. 0.10 seconds). Moreover if I compile the latest beta on Kali v1 my test scan runs in about 70 seconds no matter what version of libpcap I use during the configuration. I don't want to make this too long to read, so I am available to provide any other information or test results. Thank to everyone for creating and mantaining such a great tool! -- Davide Girardi <davidegirardi () gmail com> _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/-- Davide Girardi <davidegirardi () gmail com> ------------------------------ Message: 3 Date: Thu, 10 Sep 2015 11:01:23 -0400 From: "Stephen J. Hilt" <shooter000 () gmail com> To: Paulino Calderon <paulino () calderonpale com> Cc: Nmap-dev <dev () nmap org> Subject: Re: [NSE] Update to s7-info.nse Message-ID: <CAMTxanfEV3muJ9D-kUE81uS7WyN+NifPE-E9TqebePZ6kQMDXw () mail gmail com> Content-Type: text/plain; charset="utf-8" Thanks! see you in a few weeks Paulino! Stephen J. Hilt (423)402-0936 . ..: On Wed, Sep 9, 2015 at 10:34 PM, Paulino Calderon <paulino () calderonpale com> wrote:Hi Stephen, Thanks for the patch. I?ve applied it in r35230. Cheers. On Sep 9, 2015, at 12:54 PM, Stephen J. Hilt <shooter000 () gmail com> wrote: Hello all, I found an issue with the s7-info script where it was never making it to trying the second COTP negotiation, as a result S7-1200 Model PLCs were not being queried correctly. See patch here https://github.com/digitalbond/Redpoint/blob/master/s7-enumerate.nse Stephen J. Hilt . ..: _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://nmap.org/mailman/private/dev/attachments/20150910/5e37fdf8/attachment.html> ------------------------------ Message: 4 Date: Thu, 10 Sep 2015 19:24:37 +0300 From: George Chatzisofroniou <sophron () latthi com> To: Raul Fuentes <ra.fuentess.sam () gmail com> Cc: nmap list <dev () nmap org> Subject: Re: Question related to the Nmap script http-useragent-tester Message-ID: <CACeRBzmRK9mpWc8We8oghieRz=i=EDHDz78HE15-CuQvw3Uh2w () mail gmail com> Content-Type: text/plain; charset=UTF-8 Hi Raul, I'm glad you found a solution on this. Have you written a patch yet? PS: I'm CC'ing nmap-dev. On Wed, Sep 9, 2015 at 9:26 PM, Raul Fuentes <ra.fuentess.sam () gmail com> wrote:Hi George, I had a little free time to check again the script http-useragent-tester. And was able to make it run properly. Bonsaiviking already identify the issue as a bug (Being honest, I'm still .thinking I was crazy and with errors from my part). The issue is in the nselib/http.lua when is invoking the generic_request (used by http.get) due that is using " " instead of the ' ' (Example: "GET" instead of 'GET') Sincerely, Raul Fuentes 2015-09-02 16:42 GMT+02:00 George Chatzisofroniou <sophron () latthi com>:Hi Raul, On Mon, Aug 31, 2015 at 6:07 PM, Raul Fuentes <ra.fuentess.sam () gmail com> wrote:I will elaborated my question a little more, I was reviewing the script and in theory, the line 74: local response = http.get(host, port, '/', options) Should be in a loop with the content of HTTPlibs (a predefined user-agent list plus user-custom). Yet, testing in my local server I got only one HTTP Header request each time the script is executed and the user-agent is a different one from the list: "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)". I already tested with the -d2 and the script indeed, run the former line by each element in the list.I'll have a look the following days and I'll let you know. Cheers, -- George Chatzisofroniou-- Ate. Raul FUENTES------------------------------ Subject: Digest Footer _______________________________________________ dev mailing list dev () nmap org https://nmap.org/mailman/listinfo/dev ------------------------------ End of dev Digest, Vol 126, Issue 7 ***********************************
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- RE: dev Digest, Vol 126, Issue 7 roswell alofaga (Sep 10)
- Re: dev Digest, Vol 126, Issue 7 Daniel Miller (Sep 10)