Nmap Development mailing list archives
RE: Question on NSE script output
From: "Sina Bahram" <sbahram () nc rr com>
Date: Sat, 6 Jun 2009 00:03:35 -0400
Unless if I did it wrong, you can't actually do this: return host.ip .. " Anonymous FTP login allowed" Let me preface with, I'm a programmer, but not a LUA one. Here's what I've discovered. If you are printing something, then unless if you have parentheses around it, you can't inline concat a string. Even if you assign it to a local variable first, then pass the variable to the print. Probably because it does expansion at that point, just like lisp or something. Since we're returning a string, not printing it ... I'm not sure if the print that eventually gets called has parentheses around it; thus, when I tried to do the line of code above, almost exactly what you wrote as your suggestion in your email, I got the same error as if I had done a print with a string being concatted without parentheses around it. Does this make sense? What I eventually did was just modified the script to only return host.ip, then could grep on the anon keyword, since that's prefaced before the output. Anyways, I got the stuff to work, so no worries, but I am interested in fixing this weirdness, if I can? Take care, Sina -----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of David Fifield Sent: Friday, June 05, 2009 11:58 PM To: Sina Bahram Cc: 'nmap-dev' Subject: Re: Question on NSE script output On Thu, Jun 04, 2009 at 10:19:39PM -0400, Sina Bahram wrote:
I have a question about NSE output in nmap. I want to discover all ftp servers on a decent sized network which allow anonymous login. Wonderful for me that there exists an NSE script to do exactly this, but how do I get only those ip's? I was thinking of just inserting a print to stderr of the ip and a yes/no flag into the script then being able to grep on this? Is it possible to print to STDERR in our NSE infrastructure?
I don't know of a way to print to stderr, but you can include the IP address in the normal script output: if(isAnon) then return host.ip .. " Anonymous FTP login allowed" end
I'm sure there's a much prettier way, and since I tend to despise hacks
for
no good reason, I look forward to hearing about a way of just getting the ftp servers which allow anonymous login, somehow? I can't grep the regular nmap output as the context crosses multiple
lines,
and it becomes an awk script, if I really want to do it right, and I'd
like
the data quick.
Without any script changes, you could get the list pretty quick with egrep '(^Interesting ports |ftp-anon)' scan.log | grep -B 1 ftp-anon Script output is a difficult case because it is mostly free-form text that may be short or may be many lines. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Question on NSE script output Sina Bahram (Jun 04)
- Re: Question on NSE script output David Fifield (Jun 05)
- RE: Question on NSE script output Sina Bahram (Jun 05)
- Re: Question on NSE script output David Fifield (Jun 05)
- RE: Question on NSE script output Sina Bahram (Jun 05)
- RE: Question on NSE script output Sina Bahram (Jun 05)
- Re: Question on NSE script output David Fifield (Jun 05)