Nmap Development mailing list archives
Re: Nmap tty and NSE
From: Fyodor <fyodor () insecure org>
Date: Wed, 24 Dec 2008 01:00:57 -0800
On Wed, Dec 24, 2008 at 01:29:37AM -0700, Patrick Donnelly wrote:
My feeling is there needs to be some form of unique identifier for each instance of the script (even at -d1). The simplest way to do that is output the thread's pointer.
The thread pointer is only unique for concurrent instances, right? I imagine that it may be reused in the next host group during an Nmap scan. I don't really have an opinion on whether a unique ID is worthwhile, or what the best identifier would be. A counter would at least be unique during Nmap execution, though perhaps the pointer is more useful for debugging purposes, etc. We should probably have a use in mind for it if the unique ID is included. For example, some other messages can then print the unique ID and omit other (longer) information.
Finished script './scripts/showHTMLTitle.nse' (thread: 0x84b0698) against 88.217.63.66.adsl.dyn.setel.com (66.63.217.88). Naturally, the hostname can be quite long making it very easy to overflow 80 characters. The previous output I pasted didn't have any hostnames for any of the targets.
That one seems easy -- just remove the host name. We don't need both the hostname and IP repeated on every debug line, and if you only have one of them, the IP is clearly the way to go. It is probably worth adding the time (since Nmap started) to the start/finish lines. Regarding these samples: Starting script './scripts/http-auth.nse' (thread 0x84391f8) against target 95.78.76.91. Finished script './scripts/http-auth.nse' (thread 0x84391f8) against target 95.78.76.91. First, I think the word "script" and "target" can probably be safely removed. Also, service scripts like these will need a port number, like so: Starting './scripts/html-title.nse' (thread 0x843a6a8) against 95.78.76.91:80. Finished './scripts/http-auth.nse' (thread 0x84391f8) against 95.78.76.91:80. Perhaps we should prefix with the subsystem and time to match some of our other messages (particularly our trace lines). And if the ID is going to be there, I'd put it at the end. For example: NSE (0.41s) starting './scripts/html-title.nse' against 95.78.76.91:80 (thread 0x843a6a8). NSE (0.92s) finished './scripts/http-auth.nse' against 95.78.76.91:80 (thread 0x843a6a8). A few more things to consider: o The thread ID could be removed if not needed. I don't really have an opinion on whether it is worth including. The key is to figure out whether (and how) it is useful to an Nmap developer. If you can't figure out how it helps, it should be removed. If it is very useful, then it is worth keeping even if it takes us beyond 80 columns. o The finished line could tell the script return status (e.g. whether it returned something, returned nothing, erred, or timed out). The goal is to make sure these new messages are concise and useful enough to include with just one -d. I think that is possible, and that Patrick's patch is just about there. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Nmap tty and NSE, (continued)
- Re: Nmap tty and NSE Fyodor (Dec 22)
- Re: Nmap tty and NSE Patrick Donnelly (Dec 22)
- Re: Nmap tty and NSE David Fifield (Dec 22)
- Re: Nmap tty and NSE doug (Dec 22)
- Re: Nmap tty and NSE David Fifield (Dec 22)
- Re: Nmap tty and NSE Brandon Enright (Dec 22)
- Re: Nmap tty and NSE Fyodor (Dec 22)
- Re: Nmap tty and NSE doug (Dec 22)
- Re: Nmap tty and NSE Patrick Donnelly (Dec 23)
- Re: Nmap tty and NSE David Fifield (Dec 23)
- Re: Nmap tty and NSE Patrick Donnelly (Dec 24)
- Re: Nmap tty and NSE Fyodor (Dec 24)
- Re: Nmap tty and NSE Patrick Donnelly (Dec 24)
- Re: Nmap tty and NSE Fyodor (Dec 24)
- Re: Nmap tty and NSE David Fifield (Dec 24)
- Re: Nmap tty and NSE Fyodor (Dec 22)
- Re: Nmap tty and NSE David Fifield (Dec 24)