Nmap Development mailing list archives
Re: Nmap tty and NSE
From: David Fifield <david () bamsoftware com>
Date: Wed, 24 Dec 2008 11:19:14 -0700
On Wed, Dec 24, 2008 at 03:11:55AM -0700, Patrick Donnelly wrote:
We should probably have a use in mind for it if the unique ID is included. For example, some other messages can then print the unique ID and omit other (longer) information.Right now NSE does not track information relevant to a script (the filename for instance). Under some circumstances, such as when a script thread must end (host timed out), we cannot retrieve this information easily. Using the thread's pointer as an identifier is the only solution that won't dramatically increase the code's complexity.
Can we put the script file name in struct run_record? It is currently struct run_record { short type; // 0 - hostrule; 1 - portrule Port* port; Target* host; }; which already encapsulates all the information we need except for the file name. Having to match up a thread ID in a "Finished" line with an ID in an earlier "Starting" line just to find out the name of the script that finished is really suboptimal. I don't mean to put down your patch technically, because it looks very good, and of course I can only speak for myself about output preferences.
It is probably worth adding the time (since Nmap started) to the start/finish lines.That looks like a good idea. Which function should I be using to add the timing?
I would use o.TimeSinceStartMS() / 1000.0. There are a few examples in scan_engine.cc.
Perhaps we should prefix with the subsystem and time to match some of our other messages (particularly our trace lines). And if the ID is going to be there, I'd put it at the end. For example: NSE (0.41s) starting './scripts/html-title.nse' against 95.78.76.91:80 (thread 0x843a6a8). NSE (0.92s) finished './scripts/http-auth.nse' against 95.78.76.91:80 (thread 0x843a6a8).Should we add the "NSE" or "SCRIPT_ENGINE" prefix to these lines?
I like "NSE" better. We should just change the SCRIPT_ENGINE define to use that, and all the NSE messages will be shorter. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Nmap tty and NSE, (continued)
- Re: Nmap tty and NSE doug (Dec 22)
- Re: Nmap tty and NSE David Fifield (Dec 22)
- Re: Nmap tty and NSE Brandon Enright (Dec 22)
- Re: Nmap tty and NSE Fyodor (Dec 22)
- Re: Nmap tty and NSE doug (Dec 22)
- Re: Nmap tty and NSE Patrick Donnelly (Dec 23)
- Re: Nmap tty and NSE David Fifield (Dec 23)
- Re: Nmap tty and NSE Patrick Donnelly (Dec 24)
- Re: Nmap tty and NSE Fyodor (Dec 24)
- Re: Nmap tty and NSE Patrick Donnelly (Dec 24)
- Re: Nmap tty and NSE Fyodor (Dec 24)
- Re: Nmap tty and NSE David Fifield (Dec 24)
- Re: Nmap tty and NSE David Fifield (Dec 24)