Git Product home page Git Product logo

Comments (9)

TerminalFi avatar TerminalFi commented on August 15, 2024 3

@ReK2Fernandez thanks for reaching out.

I am not running into this issue with the latest code. Can you run my below example which is a modified basic_scan.go copy from the examples folder.

import (
	"context"
	"fmt"
	"log"
	"strings"
	"time"

	"github.com/Ullaakut/nmap"
)

func main() {
	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
	defer cancel()

	scanner, err := nmap.NewScanner(
		nmap.WithTargets("example.com"),
		nmap.WithPorts("80,443,843"),
		nmap.WithContext(ctx),
		nmap.WithDefaultScript(),
	)
	if err != nil {
		log.Fatalf("unable to create nmap scanner: %v", err)
	}

	result, err := scanner.Run()
	if err != nil {
		log.Fatalf("unable to run nmap scan: %v", err)
	}

	// Use the results to print an example output
	for _, host := range result.Hosts {
		if len(host.Ports) == 0 || len(host.Addresses) == 0 {
			continue
		}

		fmt.Printf("Host %q:\n", host.Addresses[0])

		for _, port := range host.Ports {
			fmt.Printf("\tPort %d/%s %s %s\n", port.ID, port.Protocol, port.State, port.Service.Name)
			fmt.Printf("\t\t[ SCRIPT OUTPUT ]\n")
			for _, script := range port.Scripts {
				fmt.Printf("\t\t%s\n", strings.Replace(script.Output, "\n", "\n\t\t\t", -1))
			}
			fmt.Printf("\t\t[ SCRIPT END ]\n")
		}
	}

	fmt.Printf("Nmap done: %d hosts up scanned in %.2f seconds\n", len(result.Hosts), result.Stats.Finished.Elapsed)
}

from nmap.

TerminalFi avatar TerminalFi commented on August 15, 2024 1

@ReK2Fernandez this appears to be an nmap concern. See below.

NMAP pulls default scripts from the scripts.db file located in the folder where all nse files reside. Here is a sample from that file that shows http-methods is include as a default script to run when default scripts are called.

Entry { filename = "http-default-accounts.nse", categories = { "auth", "discovery", "intrusive", } }
Entry { filename = "http-favicon.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "http-generator.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "http-git.nse", categories = { "default", "safe", "vuln", } }
Entry { filename = "http-ls.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "http-methods.nse", categories = { "default", "safe", } }
Entry { filename = "http-ntlm-info.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "http-open-proxy.nse", categories = { "default", "discovery", "external", "safe", } }
Entry { filename = "http-robots.txt.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "http-svn-enum.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "http-svn-info.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "http-title.nse", categories = { "default", "discovery", "safe", } }

However when running the two commands from nmap directly, they produce two different results.

Command: nmap --script http-methods -p443 example.com
Results:

nmap example.com -p443 --script http-methods
Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-04 12:38 EDT
Nmap scan report for example.com (93.184.216.34)
Host is up (0.015s latency).
Other addresses for example.com (not scanned): 2606:2800:220:1:248:1893:25c8:1946

PORT    STATE SERVICE
443/tcp open  https
| http-methods:
|_  Supported Methods: OPTIONS GET HEAD POST

Nmap done: 1 IP address (1 host up) scanned in 0.47 seconds

Command: nmap --script default -p443 example.com
Results:

nmap example.com -p443 --script default
Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-04 12:38 EDT
Nmap scan report for example.com (93.184.216.34)
Host is up (0.014s latency).
Other addresses for example.com (not scanned): 2606:2800:220:1:248:1893:25c8:1946

PORT    STATE SERVICE
443/tcp open  https
|_http-title: Example Domain
| ssl-cert: Subject: commonName=www.example.org/organizationName=Internet Corporation for Assigned Names and Numbers/stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:www.example.org, DNS:example.com, DNS:example.edu, DNS:example.net, DNS:example.org, DNS:www.example.com, DNS:www.example.edu, DNS:www.example.net
| Not valid before: 2018-11-28T00:00:00
|_Not valid after:  2020-12-02T12:00:00
|_ssl-date: TLS randomness does not represent time
| tls-alpn:
|   h2
|_  http/1.1
| tls-nextprotoneg:
|   h2
|   http/1.1
|_  http/1.0

Nmap done: 1 IP address (1 host up) scanned in 1.43 seconds

As it appears either this is how nmap is meant to function or there is a issue with nmap not executing all default scripts.

from nmap.

TerminalFi avatar TerminalFi commented on August 15, 2024 1

No worries!

@Ullaakut this can be closed now. As this is just timing issues and not related to the Nmap library

from nmap.

Ullaakut avatar Ullaakut commented on August 15, 2024

Not classifying this as a bug for now, but I'll keep track of the issue and update the labels accordingly :)

from nmap.

r3k2 avatar r3k2 commented on August 15, 2024

@Ullaakut on my test and yours works if I indicate which script like:

nmap.WithScripts("http-methods"),

but not with the default flag.
maybe there is just nothing to output..

from nmap.

TerminalFi avatar TerminalFi commented on August 15, 2024

That is interesting, as http-methods is a default scan and should return results if nmap.WithScripts("http-methods"),

Let me look into this.

from nmap.

TerminalFi avatar TerminalFi commented on August 15, 2024

Confirmed throttling issues. Try using the following option.

nmap.WithTimingTemplate(nmap.TimingSneaky)

Issued opened at nmap/nmap#1724 for clarification on if this is intended or not.

from nmap.

r3k2 avatar r3k2 commented on August 15, 2024

@TheSecEng @Ullaakut hello sorry was out and i'm on CEST time zone, I have confirmed on my own most of the things you guys are rasing up here, actually was going to update with some of them but since you guys already figure them out, I will not double post. Thanks for looking into this, will try with the timing template.

from nmap.

Ullaakut avatar Ullaakut commented on August 15, 2024

Thanks for your help @TheSecEng ! 🎉

And @ReK2Fernandez don't hesitate to let us know if you find any other issue :) thanks for using the package!

from nmap.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.