Nmap Development mailing list archives

Re: [Bug]? Script Directories 4.23RC3 on MSWin32

From: David Fifield <david () bamsoftware com>
Date: Sat, 8 Dec 2007 23:38:58 -0700

On Fri, Dec 07, 2007 at 09:51:40PM +0000, jah wrote:

I would like, in certain circumstances, to force nmap not to run scripts 
that it would otherwise run automatically (category "version") and I've 
been experimenting with 4.23RC3.  Having re-read the docs on the 
subject, I decided that I'd start by pointing nmap at a directory 
containing zero scripts and found what I believe to be some odd things:

Nmap won't parse any arguments found after a quote enclosed, absolute 
path, to a directory containing zero or more scripts, if a backslash is 
appended to the path:

C:\>nmap --script "C:\Program Files\Nmap\scripts\" -sV --log-errors -p80 
192.168.1.1 -R --script-trace
Starting Nmap 4.23RC3 ( http://insecure.org ) at 2007-12-07 18:07 GMT 
Standard Time
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.047 seconds


As Kris observed, this is because the backslash is escaping the closing
quote.

So escaping the trailing slash should work:

C:\>nmap --script "C:\Program Files\Nmap\scripts\\" -sV --log-errors 
-p80 192.168.1.1 -R --script-trace
Starting Nmap 4.23RC3 ( http://insecure.org ) at 2007-12-07 18:07 GMT 
Standard Time
SCRIPT ENGINE: No such category, file or directory: 'C:\Program 
Files\Nmap\scripts\'
SCRIPT ENGINE: Aborting script scan.
Interesting ports on 192.168.1.1:
PORT   STATE SERVICE    VERSION
80/tcp open  tcpwrapped
MAC Address: XX:XX:XX:D5:5E:30 (XXXXXX)
Service detection performed. Please report any incorrect results at 
http://insecure.org/nmap/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 5.562 seconds


I committed a fix for this. Here is what happens before and after the
fix.

nmap --script=/home/david/nmap/scripts/SSHv1-support.nse -d localhost
Before: SCRIPT ENGINE: No such category, file or directory: '/home/david/nmap/scripts/SSHv1-support.nse'
After:  SCRIPT ENGINE: Will run /home/david/nmap/scripts/SSHv1-support.nse against 127.0.0.1:22

nmap --script=/home/david/nmap/scripts/SSHv1-support -d localhost
Before: SCRIPT ENGINE: No such category, file or directory: '/home/david/nmap/scripts/SSHv1-support'
After:  SCRIPT ENGINE: Will run /home/david/nmap/scripts/SSHv1-support.nse against 127.0.0.1:22

nmap --script=/scripts/SSHv1-support.nse -d localhost
Before: SCRIPT ENGINE: Will run /usr/share/nmap//scripts/SSHv1-support.nse against 127.0.0.1:22
After:  SCRIPT ENGINE: No such category, file or directory: '/scripts/SSHv1-support.nse'

nmap --script=/scripts/SSHv1-support -d localhost
Before: SCRIPT ENGINE: Will run /usr/share/nmap//scripts/SSHv1-support.nse against 127.0.0.1:22
After:  SCRIPT ENGINE: No such category, file or directory: '/scripts/SSHv1-support'

nmap --script=/home/david/nmap/scripts -d localhost
Before: SCRIPT ENGINE: No such category, file or directory: '/home/david/nmap/scripts'
After:  SCRIPT ENGINE: Will run /home/david/nmap/scripts/ripeQuery.nse against 127.0.0.1
        SCRIPT ENGINE: Will run /home/david/nmap/scripts/SSHv1-support.nse against 127.0.0.1:22

I also tested on Windows.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[Bug]? Script Directories 4.23RC3 on MSWin32 jah (Dec 07)
- Re: [Bug]? Script Directories 4.23RC3 on MSWin32 Kris Katterjohn (Dec 07)
  - Re: [Bug]? Script Directories 4.23RC3 on MSWin32 jah (Dec 07)
- Re: [Bug]? Script Directories 4.23RC3 on MSWin32 David Fifield (Dec 08)
  - Re: [Bug]? Script Directories 4.23RC3 on MSWin32 jah (Dec 09)
    - Re: [Bug]? Script Directories 4.23RC3 on MSWin32 Fyodor (Dec 09)
    - Re: [Bug]? Script Directories 4.23RC3 on MSWin32 jah (Dec 09)
    - Re: [Bug]? Script Directories 4.23RC3 on MSWin32 jah (Dec 09)
    - Re: [Bug]? Script Directories 4.23RC3 on MSWin32 David Fifield (Dec 14)