Re: New NSE Library: "datafiles" for parsing nmap-*

["Eddie Bell" <ejlbell () gmail com>]

Hey Kris,

This is good idea but I would suggest combining the first two
functions into one. I've attached a condensed version. What do you
think?

 - eddie

On 28/03/2008, Kris Katterjohn <katterjohn () gmail com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>  Hash: SHA1
>
>  Hey everyone,
>
>  You may recall that I converted Sven's rpcinfo.nse from using a huge RPC
>  table to reading from the nmap-rpc with nmap.fetchfile().  I figure his
>  script isn't the only one that will ever want to read from nmap-rpc, so
>  why not move it to nselib?  In fact, why not add parsing functions for
>  other nmap-* data files as well?
>
>  I've attached the following: a "datafiles" library (name subject to
>  change with any suggestions), another patch against rpcinfo.nse, and a
>  very crude but straightforward NSE script to show how the datafiles
>  library behaves (a lot of output!).
>
>  The datafiles library has the following, cleverly-named functions:
>  parse_protocols(), parse_rpc(), and parse_services([proto]).
>
>  datafiles.parse_protocols() returns a table with the protocol numbers
>  indexing the protocol names.  Uses nmap-protocols.
>
>  datafiles.parse_rpc() returns a table with the RPC numbers indexing the
>  RPC names.  Uses nmap-rpc.
>
>  datafiles.parse_services([proto]) typically returns a table in the form
>  {tcp={}, udp{}}.  tcp{} is a table with the TCP port numbers indexing
>  the service names.  udp{} is the same, but with UDP ports and services.
>   You can also call this function with the specified protocol to only
>  return that table (e.g. datafiles.parse_services("tcp") only returns
>  tcp{}).  Uses nmap-services.
>
>  In addition to returning the previously discussed tables, these
>  functions also return true/false values for exception handling.  If
>  false is returned, an error message is returned instead of the table:
>
>  <true|false>, <table|error message> = datafiles.parse_*()
>
>
>  Please try it out and let me know what you think!  Any comments or
>  suggestions are appreciated.  All of this seems straightforward and
>  works fine for me, and hopefully it will for everyone else as well.
>
>  Thanks,
>  Kris Katterjohn
>
>  -----BEGIN PGP SIGNATURE-----
>  Version: GnuPG v1.4.6 (GNU/Linux)
>  Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>  iQIVAwUBR+yPFP9K37xXYl36AQK1jg/9FUGbGXFAEu5XJHF+iUuzSJly8T65iJ8T
>  g1Z30Uz8sqC6icux6zt3wAIreDLb47a5fRXyZh9dovtY9VgraJkDwfpGCZyZYpRt
>  XAFG09iKVVrcjyYsHHeHRnG8MaAma+S9JhfAbD1KeQtRZuTokh0ki4y/X5msixZJ
>  Ag6YQwE5J/+VgxOI/L3/PTAXCE8JCoQXClwlgnr4HKYTJM6FrK3EQFA8R+dk+O2e
>  PN7UqSlSAgnLBMxeuDr1jV6RRQ/QSiTjG11eXYn4Vja/J2nCHP7jLUVUZe4blqkE
>  AVOr9FqkUCtV82HhniDo3cNF1kWYnGV4y4YmGAM/Iz17vgbU2jTieNh5oCNFtubn
>  5FXNFfOJ7Xoz6ndlzoWkbpZR4353iXX96oa/+y5jyCr7e8o53cbeZNFPaXiwbYV+
>  bNPWzAAApfw18LVBrR7cy3AzXkBZ2WQrVClQlUruoAbR6V4slgjm3nCn8oLbv0Xp
>  j5tPGZqnQtkhoRzBKL2fb59Hd+Bx8pgMYiemFtV4lWviAPJsjCviwx3Ni4Vz54r9
>  6Q5D0SBUuce2zyklhb6JSX8vnj1eJhQbD2gHHjYIPcBCxogLpiLlfJ6AYwkMW5Qu
>  4UAZlk7wVGkXpa/+dKGzd6ctgV2mHbiHKasLJHRAkbM+WSoMm7eEL7s2/du1LZDe
>  u8zrHwnefok=
>  =fGfY
>  -----END PGP SIGNATURE-----
>
> id = "datafiles testing"
>
>  description = "datafiles testing"
>
>  author = "kris katterjohn"
>
>  license = "meh"
>
>  categories = {"safe"}
>
>  require 'datafiles'
>
>  hostrule = function()
>         return true
>  end
>
>  action = function(host, port)
>         local i, v
>         local pret, protos = datafiles.parse_protocols()
>         local rret, rpc = datafiles.parse_rpc()
>         local sret, services = datafiles.parse_services()
>         local tret, tcpservs = datafiles.parse_services("tcp")
>         local uret, udpservs = datafiles.parse_services("udp")
>
>         if not pret then
>                 return "uhoh protos"
>         end
>
>         if not rret then
>                 return "uhoh rpc"
>         end
>
>         if not sret then
>                 return "uhoh services"
>         end
>
>         if not tret then
>                 return "uhoh tcpservs"
>         end
>
>         if not uret then
>                 return "uhoh udpservs"
>         end
>
>         for i,v in pairs(protos) do
>                 print("protos: " .. i .. " " .. v)
>         end
>
>         for i,v in pairs(rpc) do
>                 print("rpc: " .. i .. " " .. v)
>         end
>
>         for i,v in pairs(services["tcp"]) do
>                 print("services[tcp]: " .. i .. " " .. v)
>         end
>
>         for i,v in pairs(services["udp"]) do
>                 print("services[udp]: " .. i .. " " .. v)
>         end
>
>         for i,v in pairs(tcpservs) do
>                 print("tcpservs: " .. i .. " " .. v)
>         end
>
>         for i,v in pairs(udpservs) do
>                 print("udpservs: " .. i .. " " .. v)
>         end
>  end
>
>
>
>  _______________________________________________
>  Sent through the nmap-dev mailing list
>  http://cgi.insecure.org/mailman/listinfo/nmap-dev
>  Archived at http://SecLists.Org

Attachment: datafiles.lua
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org