Penetration Testing
run nmap automatically from index.html (??) Nov 16 2011 02:09PM
Kathy Simm (kathys39 hotmail com) (7 replies)
RE: run nmap automatically from index.html (??) Nov 16 2011 08:50PM
Ward, Jon (Jon_Ward SYNTELINC COM) (2 replies)
Re: run nmap automatically from index.html (??) Nov 17 2011 08:41AM
arvind doraiswamy (arvind doraiswamy gmail com)
RE: run nmap automatically from index.html (??) Nov 16 2011 11:10PM
Ward, Jon (Jon_Ward SYNTELINC COM)
Re: run nmap automatically from index.html (??) Nov 16 2011 05:48PM
Mihai Nitulescu (mihai nitulescu gmail com)
RE: run nmap automatically from index.html (??) Nov 16 2011 04:23PM
Kettlewell, Nate \(Kansas City\) (Nate Kettlewell fishnetsecurity com)
If you have the option, I would include a small bit of CGI in the index.html or insert a 1x1 iframe
that references a CGI file, use the REMOTE_ADDR environment variable, pass that into your script.

But this will not see half-open connections, so may not work for you.

Nate Kettlewell, CISSP

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Kathy Simm
Sent: Wednesday, November 16, 2011 8:10 AM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: run nmap automatically from index.html (??)

We are doing a pen test for a small company and wish to automate some things. We have a website
inside their Intranet that
when employees scan or visit it we'd like to nmap the box they came from trying to see if anyone
hooks up an authorized computer to their intranet. Any ideas of how to get=
nmap to run automatically?

Getting a perl script to run nmap is already done but I'm trying to figure out whether we should
monitor the libpcap data or the apache log files
etc. I'm sure someone else has done this already - can you share some ideas?

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration
test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: run nmap automatically from index.html (??) Nov 16 2011 04:16PM
securityfocus rawchaos com (1 replies)
Re: run nmap automatically from index.html (??) Nov 16 2011 05:26PM
Daniel Miller (bonsaiviking gmail com)
Re: run nmap automatically from index.html (??) Nov 16 2011 03:26PM
Justin Rogosky (jrogosky gmail com) (1 replies)
Re: run nmap automatically from index.html (??) Nov 16 2011 04:47PM
Sarah Loyd (sarahloyd mac com)
Re: run nmap automatically from index.html (??) Nov 16 2011 02:57PM
John Mason Jr (john mason jr cox net)
Re: run nmap automatically from index.html (??) Nov 16 2011 02:56PM
Guillaume Friloux (guillaume friloux asp64 com)


 

Privacy Statement
Copyright 2010, SecurityFocus