Nmap ip-forwarding NSE Script
This page contains detailed information about how to use the ip-forwarding NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/ip-forwarding.nse
Script categories: safe, discovery
Target service / protocol: -
Target network port(s): -
List of CVEs: -
Script Description
The ip-forwarding.nse script detects whether the remote device has ip forwarding or "Internet connection sharing" enabled, by sending an ICMP echo request to a given target using the scanned host as default gateway.
The given target can be a routed or a LAN host and needs to be able to respond to ICMP requests (ping) in order for the test to be successful. In addition, if the given target is a routed host, the scanned host needs to have the proper routing to reach it.
In order to use the scanned host as default gateway Nmap needs to discover the MAC address. This requires Nmap to be run in privileged mode and the host to be on the LAN.
Ip-forwarding NSE Script Arguments
This is a full list of arguments supported by the ip-forwarding.nse script:
ip-forwarding.targetA LAN or routed target responding to ICMP echo requests (ping).
- - -
To use this script argument, add it to Nmap command line like in this example:
nmap --script=ip-forwarding --script-args ip-forwarding.target=value <target>Ip-forwarding NSE Script Example Usage
Here's an example of how to use the ip-forwarding.nse script:
sudo nmap -sn <target> --script ip-forwarding --script-args='target=www.example.com'
Ip-forwarding NSE Script Example Output
Here's a sample output from the ip-forwarding.nse script:
| ip-forwarding:
|_ The host has ip forwarding enabled, tried ping against (www.example.com)
Ip-forwarding NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.
Author
- Patrik Karlsson
References
- https://nmap.org/nsedoc/scripts/ip-forwarding.html
- https://github.com/nmap/nmap/tree/master/scripts/ip-forwarding.nse
See Also
Related NSE scripts to the ip-forwarding.nse script:
- ip-geolocation-geoplugin.nse
- ip-geolocation-ipinfodb.nse
- ip-geolocation-map-bing.nse
- ip-geolocation-map-google.nse
- ip-geolocation-map-kml.nse
- ip-geolocation-maxmind.nse
- ip-https-discover.nse
- ipidseq.nse
- ipmi-brute.nse
- ipmi-cipher-zero.nse
- ipmi-version.nse
- ipv6-multicast-mld-list.nse
- ipv6-node-info.nse
- ipv6-ra-flood.nse
Visit Nmap NSE Library for more scripts.
The ip-forwarding.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Failed to determine hosts remote MAC address
Here is a relevant code snippet related to the "Failed to determine hosts remote MAC address" error message:
37:
38: local arg_target = stdnse.get_script_args(SCRIPT_NAME .. ".target")
39:
40: hostrule = function(host)
41: if ( not(host.mac_addr) ) then
42: stdnse.debug1("Failed to determine hosts remote MAC address" )
43: end
44: return (arg_target ~= nil and host.mac_addr ~= nil)
45: end
46:
47:
Failed to determine the network interface name
Here is a relevant code snippet related to the "Failed to determine the network interface name" error message:
76:
77: action = function(host)
78:
79: local ifname = nmap.get_interface() or host.interface
80: if ( not(ifname) ) then
81: return fail("Failed to determine the network interface name")
82: end
83:
84: local target = ipOps.ip_to_bin(arg_target)
85: if ( not(target) ) then
86: local status
Failed to lookup hostname: %s
Here is a relevant code snippet related to the "Failed to lookup hostname: %s" error message:
84: local target = ipOps.ip_to_bin(arg_target)
85: if ( not(target) ) then
86: local status
87: status, target = dns.query(arg_target, { dtype='A' })
88: if ( not(status) ) then
89: return fail(("Failed to lookup hostname: %s"):format(arg_target))
90: end
91: else
92: target = arg_target
93: end
94:
Target can not be the same as the scanned host
Here is a relevant code snippet related to the "Target can not be the same as the scanned host" error message:
91: else
92: target = arg_target
93: end
94:
95: if ( target == host.ip ) then
96: return fail("Target can not be the same as the scanned host")
97: end
98:
99: if (icmpEchoRequest(ifname, host, target)) then
100: return ("\n The host has ip forwarding enabled, tried ping against (%s)"):format(arg_target)
101: end
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
