Create broadcast-hid-discoveryd.nse #1232

Closed
wants to merge 4 commits into
from

Conversation

Projects
None yet
2 participants
@bcoles

bcoles commented Jun 4, 2018

No description provided.

@cldrn cldrn added the NSE label Jun 8, 2018

@cldrn

This comment has been minimized.

Show comment
Hide comment
@cldrn

cldrn Jun 8, 2018

Member

Looks good to me. The only change I would make is to use structured output tables (stdnse.output_table()) so get XML output too.

Member

cldrn commented Jun 8, 2018

Looks good to me. The only change I would make is to use structured output tables (stdnse.output_table()) so get XML output too.

@bcoles

This comment has been minimized.

Show comment
Hide comment
@bcoles

bcoles Jun 9, 2018

@cldrn I've added output_table for output.

Do you think it's also worth adding the IP address within the response packet as a newtarget (when newtargets script argument is provided) ?

Keeping in mind:

  • The source IP address of the packet can't be used as it is 255.255.255.255 (unless broadcast-hid-discoveryd.address=X was specified, which makes newtargets a moot point in this scenario).
  • The IP address specified in the contents of the packet could live outside the local class C.
  • The contents of the packet could be spoofed, forcing Nmap to add arbitrary hosts as new targets.
  • There's currently no validation performed on the response contents. The response is trusted implicitly.

bcoles commented Jun 9, 2018

@cldrn I've added output_table for output.

Do you think it's also worth adding the IP address within the response packet as a newtarget (when newtargets script argument is provided) ?

Keeping in mind:

  • The source IP address of the packet can't be used as it is 255.255.255.255 (unless broadcast-hid-discoveryd.address=X was specified, which makes newtargets a moot point in this scenario).
  • The IP address specified in the contents of the packet could live outside the local class C.
  • The contents of the packet could be spoofed, forcing Nmap to add arbitrary hosts as new targets.
  • There's currently no validation performed on the response contents. The response is trusted implicitly.
@cldrn

This comment has been minimized.

Show comment
Hide comment
@cldrn

cldrn Jun 19, 2018

Member

I think it will be good to add it. New targets can live outside our local C class and I guess none of the scripts have any sort of protection against spoofed packets.

The rest looks good!

Member

cldrn commented Jun 19, 2018

I think it will be good to add it. New targets can live outside our local C class and I guess none of the scripts have any sort of protection against spoofed packets.

The rest looks good!

@bcoles

This comment has been minimized.

Show comment
Hide comment
@bcoles

bcoles Jun 21, 2018

I've added support for --script-args=newtargets

bcoles commented Jun 21, 2018

I've added support for --script-args=newtargets

@nmap-bot nmap-bot closed this in dc888d0 Jun 23, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment