Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE Script] HTTP probe for /etc/passwd

From: Gaveen Prabhasara <gaveens () gmail com>
Date: Sun, 22 Jul 2007 22:27:12 +0530
On Sun, 2007-07-22 at 12:06 -0300, Arturo 'Buanzo' Busleiman wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Gaveen Prabhasara wrote:

Maybe we could add a function to NSE lib to call version detection
explicitly by the script developer.


Scripts shouldn't be able to alter how nmap was called by the user. I believe it should make a
suggestion, but never alter what the user requested nmap to do.


I agree to the fact that how nmap invoked shouldn't be affected by
scripts. At any rate no one wants nmap to make unautherised noise.

I was just mentioning a suggestion where we could use such a
function. For example lets consider this directory traversal script.
If the simple portrule specifies to check tcp ports 80, 8080 for
http servers. It's required. But whenever someone choose to run
an http server bound to a bizzare port like 1234 as Brendon
suggested or something like tcp 25, the result wouldn't be good.
I believe that's what Fyodor also meant earlier in the thread.

On Sat, 2007-07-21 at 22:36 -0700, Fyodor wrote:

Well it should still run as long as version detection is used.  And I
would in general strongly recommend version detection be used whenever
-sC is.  The -A option includes both.

Cheers,
-F


In such a situation, the mechanism I suggested or something better
could be used. I've discussed this fact among other things in
http://seclists.org/nmap-dev/2007/q3/0045.html

It's just a suggestion. I also very much agree that a script
shouldn't change which probes are sent behind a user back. :)

Cheers,
Gav


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: