Nmap Development mailing list archives

Re: Sending HEX to a socket in a NSE script

From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 06 Jun 2008 10:20:52 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tom Sellers wrote:

I am working on writing two NSE scripts to detect the versions
of DB2 and Oracle.  As I cannot seem to find decent documentation
for either I have been working with packet captures.  While I am
familiar with send hex within normal nmap probe, I am not so sure
when it comes to lua.

Does anyone have any pointers on this?  I am not looking for anything
detailed, just one or two lines sending something as simple as FF FF FF.


I think the hextobin() function in the packet library is what you're looking
for.  From packet.lua:

Parse specifically printed hex string as binary
Only bytes [a-f0-9A-F] from input are interpreted. The rest is ignored.
Number of interpreted bytes _must_ be even. *The input is interpreted in
pairs*.

hextobin("20 20 20")         -> "   "
hextobin("414243")           -> "ABC"
hextobin("\\41\\42\\43")     -> "ABC"
hextobin("   41   42    43  ")-> "ABC"


Thanks much,

Tom


Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSElV0f9K37xXYl36AQLhGw/+Imc979Xp8QzvA2VHNczvuXXrZyscy1cQ
JP1doN6Vj1kEEXHw3ubG5DgMABosiAgkByEsn+b+XYnxdVSdxk1am1eSWUhNq4oo
NUq0Fv08Wjorg+81/KVPVjLq+NCmD3VWCC6PoQFwZy5XsDSZq6K6/FgcJZcC2q5S
Kz783irCrO2bc1mrUkQ75XoRNVOpwPWMW4Sn8kDPKRnq4oVNx+vh4sgfXth0+mlM
h5MkXqQ4ENr48qXM1y4mDfSGBp4Q9yZANYCRYQegFnk8L1Vg2+879XNhp35Nd8k3
GAmVqB3oRoaN2DEucUBE7w57oQHholHNxT5/TNdjlDVVMi30+4sCcdPmuQ5O4fBg
DN+twNxSr6KixXDQcVdLwIdnHBAt7TT8vixlVJPWHvF+3K7OGbJ9bwYSdW/YJK/0
PguYx/znGtf7hSOBtuN2fr7m35VfQ8W1dRk5eUmJmpQZRTF20RPPb7MIhWKJK5Bb
qwP3x+f1GVGhxYUeDq5XUrPg412znYBJAAd15rZSfjn45L/ucYqrHCUbWeFK/cu3
meb4KI9LddamXpuM8hzRPnHiYGd/9PN6yYnegA5JXriUcTqW3PwCGJv49O2q5+HQ
6yIv/3OZAxEmXo0Pcc/ktUSBLR+3NOpTvUIq1rytJZ08CuJWJThSQmhmGrsmo6Cg
GMg0pDpCOnc=
=bOqc
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Terminating active scan Prototypes Jurand Nogiec (Jun 05)
- Re: Terminating active scan Prototypes jah (Jun 06)
  - Re: Terminating active scan Prototypes David Fifield (Jun 08)
- Sending HEX to a socket in a NSE script Tom Sellers (Jun 06)
  - Re: Sending HEX to a socket in a NSE script Kris Katterjohn (Jun 06)
  - Re: Sending HEX to a socket in a NSE script Eddie Bell (Jun 06)
    - Re: Sending HEX to a socket in a NSE script Tom Sellers (Jun 10)