Open-AudIT
https://www.open-audit.org/phpBB3/

nmap linux
https://www.open-audit.org/phpBB3/viewtopic.php?f=10&t=3908
Page 1 of 1

Author:  Ra0 [ Tue Dec 07, 2010 5:16 am ]
Post subject:  nmap linux

Hi !

I am giving a try to OA. Not that easy, regarding the lack of documentation...
Especially for Linux version, I would say.

Anyhow, I succeeded in grabbing info from both Linux or Windows hosts.

Now, I am stuck with scanning my network with nmap.
I ran the following script, very simplified version of nmap_linux.sh script available in OA package :

[code]#!/bin/bash
nmap_file="./nmap_file.txt"
nmap_input=`nmap -v -O -oN $nmap_file 192.168.0.1`
nmap_output=`cat $nmap_file`
wget --post-data="submit=submit&add=$nmap_output" http://my_server/OpenAudit/admin_nmap_input.php
[/code]

No success. There is no entry in 'Discover ports >> All active ports" on OA server :(

Find below the last lines of admin_nmap_input.php :
[code]<td valign="top">
<div class="main_each"><p class="contenthead">NMap</p>
IP Address: 192.168.0.1<br />Name: my-dhcp-0-1<br />Device Type: general purpose<br />Running: Microsoft Windows Vista|2008|7<br />Windows.<br />SELECT net_uuid FROM network_card WHERE net_ip_address = '192.168.0.1'<br />SELECT other_id FROM other WHERE other_ip_address = '192.168.000.001'<br /></div>
</div>
</td>
</body>
</html>
[/code]

Notes :

  • Of course, 192.168.0.1 is a running host, with many active ports.

  • Of course, my OA server is available at http://my_server/OpenAudit :)

  • I run this script from another linux host that the one hosting OA server (but it should not make any difference, I guess...)


Any idea why the NMAP table on OA server remains empty ?
Thanks in advance for support.

Author:  jpa [ Wed Dec 08, 2010 1:16 pm ]
Post subject:  Re: nmap linux

Documentation is not fun!

Make sure you're on the latest version of OpenAudit from SVN ([url=http://www.open-audit.org/phpBB3/viewtopic.php?f=6&t=1430]using SVN client[/url] or [url=http://www.open-audit.org/phpBB3/viewtopic.php?f=8&t=2414#p17091]not[/url]). Nmap [url=http://www.open-audit.org/phpBB3/viewtopic.php?f=10&t=3724#p16437]output changed[/url] at some point and OpenAudit needed some changes to work.

Hopefully this does it for you.

Author:  Ra0 [ Sat Dec 11, 2010 4:14 am ]
Post subject:  Re: nmap linux

Thanks for the answer.

I cleaned everything (webroot and mysql DB) and start with last version I have found in trunk folder (Version 10.09.01, according to what I can read on my OA server).

I tried the nmap script. And still no success :(
Did I miss something ?

Any way to debug this quickly (before I decide to dive into PHP code...!) ??

Thanks for help.

Author:  Ra0 [ Sat Dec 11, 2010 4:29 am ]
Post subject:  Re: nmap linux

I saved a version of generated admin_nmap_input.php, renamed it and copied into webroot folder.
I then opened this PHP document in my browser (http://my_oa_server/oa/my_renamed_admin_nmap_input.php), and this is what I can read on the page :

[quote]NMap

IP Address: 192.168.0.1
Name: dhcp-0-1
Device Type: general purpose
Running: Microsoft Windows Vista|2008|7
Windows.
SELECT net_uuid FROM network_card WHERE net_ip_address = '192.168.000.001'
SELECT other_id FROM other WHERE other_ip_address = '192.168.000.001'

Now is it supposed or not to add new records in mysql DB ??

Am I supposed to see something in 'Discovered ports >> All active ports' ??

Thanks.

Author:  jpa [ Sun Dec 12, 2010 9:53 am ]
Post subject:  Re: nmap linux

Without seeing the contents of nmap_file.txt my guess would be nmap is not outputting a MAC addresss which admin_nmap_input.php is expecting. If there's nothing too confidential in the nmap_file.txt post it here for further debugging.

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/