PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 05:31:31 +00:00
Code Issues Projects Releases Wiki Activity

Add the --resolve-all option

Browse Source
This commit is contained in:
dmiller
2017-12-06 04:17:06 +00:00
parent d9b66b20a3
commit f1488554bd
7 changed files with 27 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGELOG
View File

@@ -1,5 +1,8 @@
#Nmap Changelog ($Id$); -*-text-*- #Nmap Changelog ($Id$); -*-text-*-
o Add the --resolve-all option to resolve and scan all IP addresses of a host.
This essentially replaces the resolveall NSE script. [Daniel Miller]
o [NSE] VNC scripts now support Apple Remote Desktop authentication (auth type o [NSE] VNC scripts now support Apple Remote Desktop authentication (auth type
30) [Daniel Miller] 30) [Daniel Miller]
@@ -97,11 +100,6 @@ o [NSE] New script http-jsonp-detection Attempts to discover JSONP endpoints in
web servers. JSONP endpoints can be used to bypass Same-origin Policy web servers. JSONP endpoints can be used to bypass Same-origin Policy
restrictions in web browsers. [Vinamra Bhatia] restrictions in web browsers. [Vinamra Bhatia]
o Nmap can now resolve and scan all IP addresses of a host. Instead of using
the resolveall NSE script, append "*all" to a target hostname:
nmap example.com*all another.example.com*all/24
[Daniel Miller]
o [GH#957] Fix reporting of zlib and libssh2 versions in "nmap --version". We o [GH#957] Fix reporting of zlib and libssh2 versions in "nmap --version". We
were always reporting the version number of the included source, even when a were always reporting the version number of the included source, even when a
different version was linked. [Pavel Zhukov] different version was linked. [Pavel Zhukov]

1
NmapOps.cc
View File

@@ -364,6 +364,7 @@ void NmapOps::Initialize() {
mass_dns = true; mass_dns = true;
deprecated_xml_osclass = false; deprecated_xml_osclass = false;
always_resolve = false; always_resolve = false;
resolve_all = false;
dns_servers = NULL; dns_servers = NULL;
implicitARPPing = true; implicitARPPing = true;
numhosts_scanned = 0; numhosts_scanned = 0;

1
NmapOps.h
View File

@@ -371,6 +371,7 @@ class NmapOps {
std::map<std::string, std::string> loaded_data_files; std::map<std::string, std::string> loaded_data_files;
bool mass_dns; bool mass_dns;
bool always_resolve; bool always_resolve;
bool resolve_all;
char *dns_servers; char *dns_servers;
/* Do IPv4 ARP or IPv6 ND scan of directly connected Ethernet hosts, even if /* Do IPv4 ARP or IPv6 ND scan of directly connected Ethernet hosts, even if

2
TargetGroup.cc
View File

@@ -381,7 +381,7 @@ static NetBlock *parse_expr_without_netmask(const char *hostexp, int af) {
return NULL; return NULL;
} }
NetBlockHostname *netblock_hostname = new NetBlockHostname(hostn, af, resolveall); NetBlockHostname *netblock_hostname = new NetBlockHostname(hostn, af, resolveall || o.resolve_all);
free(hostn); free(hostn);
return netblock_hostname; return netblock_hostname;
} }

19
docs/refguide.xml
View File

@@ -169,9 +169,7 @@ simplest case is to specify a target IP address or hostname for scanning.</para>
via the Domain Name System (DNS) to determine the IP address to scan. If the via the Domain Name System (DNS) to determine the IP address to scan. If the
name resolves to more than one IP address, only the first one will be name resolves to more than one IP address, only the first one will be
scanned. To make Nmap scan all the resolved addresses instead of only the scanned. To make Nmap scan all the resolved addresses instead of only the
first one, append <literal>*all</literal> first one, use the <option>--resolve-all</option> option.
<indexterm><primary>*all</primary></indexterm> to the hostname like so:
<literal>example.com*all</literal>
</para> </para>
<para>Sometimes you wish to scan a whole network of adjacent hosts. For <para>Sometimes you wish to scan a whole network of adjacent hosts. For
@@ -961,6 +959,21 @@ Traceroute works by sending packets with a low TTL (time-to-live) in an attempt
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term>
<option>--resolve-all</option> (Scan each resolved address)
<indexterm><primary><option>--resolve-all</option></primary></indexterm>
</term>
<listitem>
<para>If a hostname target resolves to more than one address, scan
all of them. The default behavior is to only scan the first
resolved address. Regardless, only addresses in the appropriate
address family will be scanned: IPv4 by default, IPv6 with
<option>-6</option>.
</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<option>--system-dns</option> (Use system DNS resolver) <option>--system-dns</option> (Use system DNS resolver)

3
nmap.cc
View File

@@ -683,6 +683,7 @@ void parse_options(int argc, char **argv) {
{"version-all", no_argument, 0, 0}, {"version-all", no_argument, 0, 0},
{"system_dns", no_argument, 0, 0}, {"system_dns", no_argument, 0, 0},
{"system-dns", no_argument, 0, 0}, {"system-dns", no_argument, 0, 0},
{"resolve-all", no_argument, 0, 0},
{"log_errors", no_argument, 0, 0}, {"log_errors", no_argument, 0, 0},
{"log-errors", no_argument, 0, 0}, {"log-errors", no_argument, 0, 0},
{"deprecated_xml_osclass", no_argument, 0, 0}, {"deprecated_xml_osclass", no_argument, 0, 0},
@@ -941,6 +942,8 @@ void parse_options(int argc, char **argv) {
o.mass_dns = false; o.mass_dns = false;
} else if (optcmp(long_options[option_index].name, "dns-servers") == 0) { } else if (optcmp(long_options[option_index].name, "dns-servers") == 0) {
o.dns_servers = strdup(optarg); o.dns_servers = strdup(optarg);
} else if (optcmp(long_options[option_index].name, "resolve-all") == 0) {
o.resolve_all = true;
} else if (optcmp(long_options[option_index].name, "log-errors") == 0) { } else if (optcmp(long_options[option_index].name, "log-errors") == 0) {
/*Nmap Log errors is deprecated and is now always enabled by default. /*Nmap Log errors is deprecated and is now always enabled by default.
This option is left in so as to not break anybody's scanning scripts. This option is left in so as to not break anybody's scanning scripts.

4
scripts/resolveall.nse
View File

@@ -120,7 +120,7 @@ preaction = function()
else else
table.insert(output, "Use the 'newtargets' script-arg to add the results as targets") table.insert(output, "Use the 'newtargets' script-arg to add the results as targets")
end end
table.insert(output, "Scanning 'hostname*all' will scan all resolved addresses for 'hostname' without using this script.") table.insert(output, "Use the --resolve-all option to scan all resolved addresses without using this script.")
return xmloutput, stdnse.format_output(true, output) return xmloutput, stdnse.format_output(true, output)
end end
@@ -152,7 +152,7 @@ hostaction = function(host)
else else
table.insert(output, "Use the 'newtargets' script-arg to add the results as targets") table.insert(output, "Use the 'newtargets' script-arg to add the results as targets")
end end
table.insert(output, ("Scanning '%s*all' will scan all resolved addresses without using this script."):format(host.targetname)) table.insert(output, ("Use the --resolve-all option to scan all resolved addresses without using this script."):format(host.targetname))
return xmloutput, stdnse.format_output(true, output) return xmloutput, stdnse.format_output(true, output)
end end