Re: Nmap tty and NSE

[Fyodor <fyodor () insecure org>]

On Wed, Dec 24, 2008 at 01:29:37AM -0700, Patrick Donnelly wrote:
> My feeling is there needs to be some form of unique identifier for
> each instance of the script (even at -d1). The simplest way to do that
> is output the thread's pointer.

The thread pointer is only unique for concurrent instances, right?  I
imagine that it may be reused in the next host group during an Nmap
scan.  I don't really have an opinion on whether a unique ID is
worthwhile, or what the best identifier would be.  A counter would at
least be unique during Nmap execution, though perhaps the pointer is
more useful for debugging purposes, etc.

We should probably have a use in mind for it if the unique ID is
included.  For example, some other messages can then print the unique
ID and omit other (longer) information.

> Finished script './scripts/showHTMLTitle.nse' (thread: 0x84b0698)
> against 88.217.63.66.adsl.dyn.setel.com (66.63.217.88).
>
> Naturally, the hostname can be quite long making it very easy to
> overflow 80 characters. The previous output I pasted didn't have any
> hostnames for any of the targets.

That one seems easy -- just remove the host name.  We don't need both
the hostname and IP repeated on every debug line, and if you only have
one of them, the IP is clearly the way to go.

It is probably worth adding the time (since Nmap started) to the
start/finish lines.

Regarding these samples:

Starting script './scripts/http-auth.nse' (thread 0x84391f8) against target 95.78.76.91.
Finished script './scripts/http-auth.nse' (thread 0x84391f8) against target 95.78.76.91.

First, I think the word "script" and "target" can probably be safely
removed.  Also, service scripts like these will need a port number,
like so:

Starting './scripts/html-title.nse' (thread 0x843a6a8) against 95.78.76.91:80.
Finished './scripts/http-auth.nse' (thread 0x84391f8) against 95.78.76.91:80.

Perhaps we should prefix with the subsystem and time to match some of
our other messages (particularly our trace lines).  And if the ID is
going to be there, I'd put it at the end. For example:

NSE (0.41s) starting './scripts/html-title.nse' against 95.78.76.91:80 (thread 0x843a6a8).
NSE (0.92s) finished './scripts/http-auth.nse' against 95.78.76.91:80 (thread 0x843a6a8).

A few more things to consider:
 o The thread ID could be removed if not needed.  I don't really have
   an opinion on whether it is worth including.  The key is to figure
   out whether (and how) it is useful to an Nmap developer.  If you
   can't figure out how it helps, it should be removed.  If it is very
   useful, then it is worth keeping even if it takes us beyond 80
   columns.
 o The finished line could tell the script return status (e.g. whether
   it returned something, returned nothing, erred, or timed out).

The goal is to make sure these new messages are concise and useful
enough to include with just one -d.  I think that is possible, and that
Patrick's patch is just about there.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org