Building nmap with a GUI on OS X

(or, how John learned that shell scripting is harrrrrd)

We’ve had some script kiddies attempt some things on our servers in the past, and so, being the novice sysadmin that I am, I decide to get the nmap tool that lets you find holes so we can make the boxen run as silent as possible.

The install for nmap 3.5.5 itself is easy enough, a simple

configure, make, make install
lets you use the tool to test your servers for security holes. With the recent versions of the application, there’s an X11 GUI that can be used on OS X. It just needs gtk+, says the install.

“Gtk+. No problem,” I say.

I find the downloads and install instructions with no difficulty and proceed to pull down the packages I need and begin installing them in order… pkg-config, the JPEG, PNG, and TIFF libraries, Freetype 2, libiconv, gettext…

Wait, gettext isn’t installing. It can’t find pkg_config. OK. Turns out we need to add some system wide environment variables for the make files to be happy. In 10.3 (bash or sh) you do that by typing:

$export PKG_CONFIG=/usr/local/bin/pkg_config

So we’ve got that taken care of, we go and try again:

Making all in intl-csharp
/bin/sh ../lib/ -O -g -o GNU.Gettext.dll ./intl.cs
C# compiler not found, try installing pnet, then reconfigure

It’s missing some C# compiler. WTF. This is Darwin, not Windows. We don’t want no stinking .net here. Oh well, good thing there’s pnet (DotGNU Portable.NET). Chances are I could have hacked the configure file, but I’m a child in the ways of unix, and therefore, I don’t know what will make something work and what will kill it.

So I download pnet and start to install it. No go. It needs treecc (from the same website). Got it. Installed it. But it’s still not playing nice. More environment variables to add:

$export TREECC=/usr/local/bin/treecc

Now pnet seems to play nice, although it takes forever to run the make file. Then we run pnetlib as well. and then some other piece of software (NOTE: MAKERS OF PNET. YOUR INSTALLATION SUCKS). I more or less got stuck in a loop here because I couldn’t get pnet to install, and therefore couldn’t get gettext to run, and therefore couldn’t start the glib install.

I’m now FIVE HOURS into this install with nothing to show for it but a bunch of useless gnu stuff installed.

After abusing google for a while, I found out that someone had made a binary port of GTK+ for the Mac. I should have remembered this, as I had played with Cinepaint back in the day. But this required making dummy apps with project builder and pushing things into those dummy apps. That sounds cool and all but damnit I want SIMPLICITY. I’m not a geek I play one on TeeVEE.

So, I download and install Cinepaint. I wanted the app again anyway to play with high bit painting for use with Shake and what not, but it also installed the x11 versions of gtk and what not.

Look at that. All the toys I needed to install. And all this stuff that took me how long to install (five hours!) went down in under five minutes.

So back to terminal to nmap’s configure files. Run configure and… swanky. Run make and… still missing the GTK. We know it’s installed. It shows up in /opt/local/etc/gtk. WTF.

Building NmapFE graphical frontend
gcc -no-cpp-precomp -g -O2 -Wall -I../nbase -DPACKAGE_NAME=\“\” -DPACKAGE_TARNAME=\“\” -DPACKAGE_VERSION=\“\” -DPACKAGE_STRING=\“\” -DPACKAGE_BUGREPORT=\“\” -DMISSING_GTK=1 -DMACOSX=1 -DVERSION=\“3.55\” -DHAVE_CONFIG_H=1 -I. -c nmapfe.c
nmapfe.c:101:2: #error “Your system does not appear to have GTK ( installed. Thus the Nmap X Front End will not compile. You should still be able to use Nmap the normal way (via text console). GUIs are for wimps anyway :)”

so go look at nmapfe. In the config file we see we can specify where stuff is

Tribeca:/Users/johnathayde/desktop/nmap-3.55/nmapfe root# ./configure —with-gtk-prefix=/opt/local/ —with-gtk-exec-prefix=/opt/local/

Configure for nmapfe runs. Woohoo! For shits and giggles let’s try the same thing on the nmap Configure… and it works :)

At the end of the day, this points out the inherent difficulty most users have with shell based unix. It’s not something one can pick up easily. There’s not great support online for “I got this error,” even in the program’s own install or FAQ files. The mailing lists were little help in my situation, as most people were not running Mac OS X (especially in the case of pnet). No clue why I would need .NET on this anyway to run stuff that originated on unix.

But there you go. to sum up: install Cinepaint for OS X. run nmap with the configure tags as:

Tribeca:/Users/johnathayde/desktop/nmap-3.55/ root# ./configure —with-gtk-prefix=/opt/local/ —with-gtk-exec-prefix=/opt/local/

And it loads.

So I type in the IP address for Athena into the UI, and hit “scan”

Tribeca:~ johnathayde$ /usr/local/bin/nmapfe
Gdk-ERROR **: X connection to :0.0 broken (explicit kill or server shutdown).

Which is saying that the Xwindows server died before whatever I did went through. Okay, that sucks a big one. And I have no clue how to fix it.

So, theoretically, this UI works. In practice, dear lord it’s a mess. If anyone has any suggestions on how I can make this work, please let me know.

UPDATE: Using FINK, I was able to get all these packages installed quickly and easily. Not sure if nmap’s gui is going to work, but no more hell of trying to get crappy .NET software installed.

UPDATE 2: Still no play nice on the GUI front, but at least I know it’s not some software install issue on my part.

  1. roboboshi says:

    here's the fix: Go into Xterm and type

    $ export DISPLAY=:0

    and wow. we're happy.

  2. cokey says:

    ahhhhh!! now I see!!! it's all so clear now!!

  3. Yuta says:

    For me personally, it's not that I think 24-hour time isn't uesufl, it's just that I'm used to 12 hour time, and the switchover is difficult. When you're used to just reading the time and mentally appending AM or PM, you are puzzled by a 24 hour clock at first. I'm trying to get used to it, but the trick is that all other clocks in my house are 12 hour.

Post a comment

Name or OpenID (required)

(lesstile enabled - surround code blocks with ---)