Open-AudIT
https://www.open-audit.org/phpBB3/

nmap linux
https://www.open-audit.org/phpBB3/viewtopic.php?f=10&t=3908
Page 1 of 1

Author:  Ra0 [ Tue Dec 07, 2010 5:16 am ]
Post subject:  nmap linux

Hi !

I am giving a try to OA. Not that easy, regarding the lack of documentation...
Especially for Linux version, I would say.

Anyhow, I succeeded in grabbing info from both Linux or Windows hosts.

Now, I am stuck with scanning my network with nmap.
I ran the following script, very simplified version of nmap_linux.sh script available in OA package :

Code:
#!/bin/bash
    nmap_file="./nmap_file.txt"
    nmap_input=`nmap -v -O -oN $nmap_file 192.168.0.1`
    nmap_output=`cat $nmap_file`
    wget --post-data="submit=submit&add=$nmap_output" http://my_server/OpenAudit/admin_nmap_input.php


No success. There is no entry in 'Discover ports >> All active ports" on OA server :(

Find below the last lines of admin_nmap_input.php :
Code:
<td valign="top">
<div class="main_each"><p class="contenthead">NMap</p>
IP Address: 192.168.0.1<br />Name: my-dhcp-0-1<br />Device Type: general purpose<br />Running: Microsoft Windows Vista|2008|7<br />Windows.<br />SELECT net_uuid FROM network_card WHERE net_ip_address = '192.168.0.1'<br />SELECT other_id FROM other WHERE other_ip_address = '192.168.000.001'<br /></div>
</div>
</td>
</body>
</html>


Notes :
  • Of course, 192.168.0.1 is a running host, with many active ports.
  • Of course, my OA server is available at http://my_server/OpenAudit :)
  • I run this script from another linux host that the one hosting OA server (but it should not make any difference, I guess...)

Any idea why the NMAP table on OA server remains empty ?
Thanks in advance for support.

Author:  jpa [ Wed Dec 08, 2010 1:16 pm ]
Post subject:  Re: nmap linux

Documentation is not fun!

Make sure you're on the latest version of OpenAudit from SVN (using SVN client or not). Nmap output changed at some point and OpenAudit needed some changes to work.

Hopefully this does it for you.

Author:  Ra0 [ Sat Dec 11, 2010 4:14 am ]
Post subject:  Re: nmap linux

Thanks for the answer.

I cleaned everything (webroot and mysql DB) and start with last version I have found in trunk folder (Version 10.09.01, according to what I can read on my OA server).

I tried the nmap script. And still no success :(
Did I miss something ?

Any way to debug this quickly (before I decide to dive into PHP code...!) ??

Thanks for help.

Author:  Ra0 [ Sat Dec 11, 2010 4:29 am ]
Post subject:  Re: nmap linux

I saved a version of generated admin_nmap_input.php, renamed it and copied into webroot folder.
I then opened this PHP document in my browser (http://my_oa_server/oa/my_renamed_admin_nmap_input.php), and this is what I can read on the page :

Quote:
NMap

IP Address: 192.168.0.1
Name: dhcp-0-1
Device Type: general purpose
Running: Microsoft Windows Vista|2008|7
Windows.
SELECT net_uuid FROM network_card WHERE net_ip_address = '192.168.000.001'
SELECT other_id FROM other WHERE other_ip_address = '192.168.000.001'


Now is it supposed or not to add new records in mysql DB ??

Am I supposed to see something in 'Discovered ports >> All active ports' ??

Thanks.

Author:  jpa [ Sun Dec 12, 2010 9:53 am ]
Post subject:  Re: nmap linux

Without seeing the contents of nmap_file.txt my guess would be nmap is not outputting a MAC addresss which admin_nmap_input.php is expecting. If there's nothing too confidential in the nmap_file.txt post it here for further debugging.

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/