Well, that was what I wanted. I know, Conficker was hot months ago. But hey, I’m not often around Windows machines and I thought that while I was, I might just as well scan my parents’s network.
So there I was with my little netbook, most recent Nmap (nmap-4.85_beta8) loaded, ready to go. A quick Google search taught me the right command.
But it failed.
nmap: unrecognized option '--script'
[snip: followed by regular nmap --help output]
Eh?
As my thinking was suspended, I went for Google to find me the culprit responsible for this error. No results. What? Ah, well, this is just why I wanted my own blog: to enhance Google with yet unknown knowledge (or knowledge previously only available in obscure languages). Now only to find the solution…
Turns out it was actually rather simple: compile Nmap with the lua USE flag. Yes, that’s all.
OPEN PACKAGE.USE
nano /etc/portage/package.use
AND INSERT
net-analyzer/nmap lua
OR ON A TERMINAL ENTER
echo "net-analyzer/nmap lua" >> /etc/portage/package.use
After this you’re good to go.
While I’m at it, let’s leave you with the recommended scan options at the moment of writing:
#Source: Nmap changelog
o Recommended command for a fast Conficker scan (combine into 1 line):
nmap -p139,445 --script p2p-conficker,smb-os-discovery,smb-check-vulns
--script-args checkconficker=1,safe=1 -T4 [target networks]
o Recommended command for a more comprehensive (but slower) scan:
nmap --script p2p-conficker,smb-os-discovery,smb-check-vulns -p-
--script-args checkall=1,safe=1 -T4 [target networks]
Tags: blog, compile, Conficker, emerge, Gentoo Linux, Google, lua, nmap, package.use, portage, USE flags
