Two ideas for NSE

[Michael Pattrick <mpattrick () rhinovirus org>]

Hello devs,

I have two ideas for NSE, I will keep these brief for now but based on
the response I may flesh this ideas out further.

 - NSE for Ncat
NSE is extremely useful for rapidly writing simple network programs,
currently this programmers are attached to the Nmap scanning engine
even if they do not benefit from a port scan. NSE for Ncat would allow
the same fine grained control but without all the overhead of being
reliant on the network scanner. I imagine this would be best
implemented by the addition of a new library which would be used by
both Ncat and Nmap. Nmap would load the library and then add any Nmap
dependent API(such as the Nmap namespace), and Ncat would do the same.

 - Data structure standards for NSE output
Currently scripts return a string, while the string is excellent for
human consumption it isn't a very elegant solution. I propose using
tables to express output in a form that is palpable for both humans
and an XML parser. For example.
Strings:
output = "Port: 80\nServer: HTTP\nServer Status: Online"

->String as XML
<script id="test-script" output="Port: 80&#xa;Server: HTTP&#xa;Server
Status: Online&#xa;/>

Tables:
output = {
   Port="80",
   Server="HTTP"
   Status="Online"
}

->Table as XML
<script id="test-script"><data name="Port">80</data><data
name="Server">HTTP</data><data name="Status">Online</data></script>

Not only is this method easier for computers to read, its also nicer
to look at (no ugly &#xa;) and can easily be converted to a string for
standard output.

As per above, please respond if you hold any strong opinion on these
two ideas, for or against them.


Cheers,
Michael Pattrick

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org