Nmap Development mailing list archives
Re: Remove script ids, just use file names?
From: jah <jah () zadkiel plus com>
Date: Tue, 04 Nov 2008 14:52:46 +0000
On 04/11/2008 05:43, David Fifield wrote:
Hi everyone, Fyodor had the idea of getting rid of script ids and just identifying them by their file name instead. A script id is what is stored in the id field in a script. It's also what gets prefixed to each chunk of NSE output. Script ids offer a human-readable identifier for the script, which is nice. However user interaction with scripts is done using file names--when you want to run a certain script you give its file name on the command line. Knowing its id doesn't help, which can be frustrating when you want to re-run a single script whose output you see among that of other scripts. The effect of this would be to change 21/tcp open ftp |_ Anonymous FTP: FTP: Anonymous login allowed 80/tcp open http |_ HTML title: Foo. 110/tcp open pop3 |_ POP3 Capabilites: USER CAPA RESP-CODES UIDL PIPELINING STLS TOP SASL(PLAIN) to 21/tcp open ftp |_ anonFTP: FTP: Anonymous login allowed 80/tcp open http |_ showHTMLTitle: Foo. 110/tcp open pop3 |_ popcapa: USER CAPA RESP-CODES UIDL PIPELINING STLS TOP SASL(PLAIN) Do you see any downsides? If not I'll start working on this tomorrow. David Fifield
Hi I have mixed feelings about this. On the one hand I like the nice descriptive ID's in the output and they're especially good for generating reports for people who might not be familiar with nmap or its scripts - POP3 Capabilities makes it clear what the script output is showing whereas popcapa would be less clear to such people. I also like the fact that calling scripts by name can be made very simple by the use of short script names e.g. "asn" for AS Numbers. As well as making the output less readable, such a change might also lead to longer script names as script writers try to make the filenames as descriptive as possible (maybe even leading to filenames containing spaces - alert("FUD")). On the other hand I agree that, knowing the script id, calling the script by name isn't particularly intuitive. I imagine that this affects new users of nmap quite often. They'll run a scan with -sC, see some nice results and then want to reproduce those results by calling specific scripts by name - which they'll have to do by looking through the script sources until they spot the id or, now, consulting the nsedocs. Some alternative solutions that may be worth considering: A new option --list-scripts might print out the id, filename, and possibly the categories and short description of each script - sorted by script id, so that users could lookup the filename from the id. This would be a nice touch, but might get more cumbersome as the number of scripts increases. An argument to --list-scripts might be used to filter scripts by id such that "--list-scripts z" might print (in a nice tabular fashion not doable in this post): id filename description and categories zone-transfer zoneTrans.nse Requests a zone transfer (AXFR) from a DNS server. {default, intrusive, discovery} IRC zombie ircZombieTest.nse Checks for an IRC zombie. {malware} and --list-scripts html would show scripts with html in the id. --list-scripts might also recognise script categories and print out only scripts in the categories selected. Slightly off-topic, I know, but could in fact enrich the user experience - and all from the command line. Another, not mutually exclusive, possibility might be to enable calling of scripts by their id and would solve the issue without sacrificing the readability of script output - although it perhaps wouldn't help new users to learn the script names as the former possibility or the current proposal might. Other than these, a less desirable solution might be to print both the id and the filename in the results. Regards, jah _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Remove script ids, just use file names? David Fifield (Nov 03)
- Re: Remove script ids, just use file names? jah (Nov 04)
- Re: Remove script ids, just use file names? Fyodor (Nov 04)
- Re: Remove script ids, just use file names? Verde Denim (Nov 04)
- Re: Remove script ids, just use file names? David Fifield (Nov 04)
- Re: Remove script ids, just use file names? jah (Nov 04)