New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create broadcast-hid-discoveryd.nse #1232

Closed
wants to merge 4 commits into
base: master
from

Conversation

Projects
None yet
2 participants
@bcoles

bcoles commented Jun 4, 2018

No description provided.

@cldrn cldrn added the NSE label Jun 8, 2018

@cldrn

This comment has been minimized.

Member

cldrn commented Jun 8, 2018

Looks good to me. The only change I would make is to use structured output tables (stdnse.output_table()) so get XML output too.

@bcoles

This comment has been minimized.

bcoles commented Jun 9, 2018

@cldrn I've added output_table for output.

Do you think it's also worth adding the IP address within the response packet as a newtarget (when newtargets script argument is provided) ?

Keeping in mind:

  • The source IP address of the packet can't be used as it is 255.255.255.255 (unless broadcast-hid-discoveryd.address=X was specified, which makes newtargets a moot point in this scenario).
  • The IP address specified in the contents of the packet could live outside the local class C.
  • The contents of the packet could be spoofed, forcing Nmap to add arbitrary hosts as new targets.
  • There's currently no validation performed on the response contents. The response is trusted implicitly.
@cldrn

This comment has been minimized.

Member

cldrn commented Jun 19, 2018

I think it will be good to add it. New targets can live outside our local C class and I guess none of the scripts have any sort of protection against spoofed packets.

The rest looks good!

@bcoles

This comment has been minimized.

bcoles commented Jun 21, 2018

I've added support for --script-args=newtargets

@nmap-bot nmap-bot closed this in dc888d0 Jun 23, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment