Nmap Development mailing list archives
Re: [NSE] NSE HTTP library
From: Sven Klemm <sven () c3d2 de>
Date: Fri, 01 Feb 2008 16:06:11 +0100
Fyodor wrote:
On Thu, Jan 31, 2008 at 06:09:59PM +0100, Sven Klemm wrote:You are right. I shouldn't check for nmap.have_ssl(). If I don't check the connect will fail for ssl and a table with status nil will be returned. I've attached a new version with those 2 issues fixed.Looks great, Sven! I've applied this to SVN. The only remaining issue is documentation. People won't use this function if they don't know about it.
Thanks for applying.
I have checked the XML source to the Nmap Scripting Engine documentation (http://nmap.org/nse/) into nmap/docs/scripting.xml. It would probably be hard for you to build it now, but maybe you could look at the nse-api section format and add a similar sort of section for your HTTP library? If you don't know DocBook, you can probably get the picture by reading the other NSE Library sections. If you send me a patch for scripting.xml, I'll check it in, recompile, and update the article on the website.
I've attached a patch that adds documentation for the http library. Cheers, Sven -- Sven Klemm http://cthulhu.c3d2.de/~sven/
Index: docs/scripting.xml =================================================================== --- docs/scripting.xml (revision 6779) +++ docs/scripting.xml (working copy) @@ -1332,6 +1332,74 @@ </varlistentry> </variablelist> </sect2> + <sect2 id="nse-lib-http"> + <title>HTTP Functions</title> + <para> + The <literal>http</literal> module provides functions for dealing with the client side of the http protocol. + The functions reside inside the <literal>http</literal> namespace. + The return value of each function in this module is a table with the following keys: + <literal>status</literal>, <literal>header</literal> and <literal>body</literal>. + <literal>status</literal> is the status code of the http request + In case of an error status is <literal>nil</literal>. <literal>header</literal> + is a table with the headers received from the server. The header names are + lower-cased and multiple headers of the same name are concatenated with comma. + <literal>body</literal> holds a string with the request body. + </para> + <variablelist> + <varlistentry> + <term><option>table = http.get(host,port,path,[options])</option> + <indexterm><primary>get</primary></indexterm></term> + <listitem> + <para> + Fetches a resource with a <literal>GET</literal> request. + The first argument is either a string with the hostname or a + table like the host table passed by nmap. The second argument + is either the port number or a table like the port table passed + by nmap. The third argument is the path of the resource. The fourth + argument is a table for further options. The table may have 2 keys: + <literal>timeout</literal> and <literal>header</literal>. + <literal>timeout</literal> is the timeout used for the socket + operations. <literal>header</literal> is a table with additional + headers to be used for the request. + The function builds the request and calls <literal>http.request</literal> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>table = http.request(host,port,request,[options])</option> + <indexterm><primary>request</primary></indexterm></term> + <listitem> + <para> + Sends <literal>request</literal> to <literal>host</literal>:<literal>port</literal> + and parses the answer. + The first argument is either a string with the hostname or a + table like the host table passed by nmap. The second argument + is either the port number or a table like the port table passed + by nmap. SSL is used for the request if either <literal>port.service</literal> + equals <literal>"https"</literal> or <literal>port.version.service_tunnel</literal> + equals <literal>"ssl"</literal>. The third argument is the request. The fourth + argument is a table for further options. You can specify a timeout + for the socket operations with the timeout key. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>table = http.get_url(url,[options])</option> + <indexterm><primary>get_url</primary></indexterm></term> + <listitem> + <para> + Parses <literal>url</literal> and calls <literal>http.get</literal> + with the result. + The second argument is a table for further options. The table may have 2 keys: + <literal>timeout</literal> and <literal>header</literal>. + <literal>timeout</literal> is the timeout used for the socket + operations. <literal>header</literal> is a table with additional + headers to be used for the request. + </para> + </listitem> + </varlistentry> + </variablelist> + </sect2> <sect2 id="nse-lib-stdnse"> <title>Various Utility Functions</title> <para>
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [NSE] NSE HTTP library, (continued)
- Re: [NSE] NSE HTTP library Thomas Buchanan (Jan 19)
- RE: [NSE] NSE HTTP library Thomas Buchanan (Jan 19)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 20)
- Re: [NSE] NSE HTTP library Fyodor (Jan 31)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 31)
- RE: [NSE] NSE HTTP library Thomas Buchanan (Jan 31)
- Re: [NSE] NSE HTTP library Kris Katterjohn (Jan 31)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 31)
- Re: [NSE] NSE HTTP library Fyodor (Jan 31)
- Re: [NSE] NSE HTTP library Kris Katterjohn (Jan 31)
- Re: [NSE] NSE HTTP library Sven Klemm (Feb 01)
- Re: [NSE] NSE HTTP library Fyodor (Feb 01)