nmap output & processing modules

[H D Moore <hdm () secureaustin com>]

Hi everyone,

I have been thinking about a modularized version of nmap for a while
now, but today I finally broke down and started coding.  Jay was a
little late is his email, as I already spent about 5-6 hours working on
a dynamic module system for nmap's output and processing scheme. I want
to share what I have and where I am (was?) going with this:

I gave nmap the ability to load an external module for it's output
processing.  This simply means that instead of doing -oM/O/S/H, you can
specify a module name and the filename parameter for that module.  This
would enable people to come up with their own logging formats without
having to touch the nmap core.  Distribution and development of these
modules would be much simpler than trying to gut nmap to provide XML or
HTML output.  If you have seen nmap's scattered logging process you can
understand why this is taking so long to accomplish (3-4 hours
alone...).

The next step was to add processing module support, where during the
base scan open ports would be fed to a module function.  Things like RPC
and Ident scanning would fit in prefectly as processing modules and
adding banner checks, version detection, and auto-r00ters would be
trivial.

After all the work that Jay has put into this, my stuff seems pretty
trivial, can I get some feedback from the rest of you on whether I
should keep working on my code or not?  Jay, would you like any help
with this?  My C++ is rusty, but if there is anything else I can do to
help...


-HD

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).