Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DNS based service discovery script

From: David Fifield <david () bamsoftware com>
Date: Tue, 29 Sep 2009 09:12:34 -0600
On Tue, Sep 29, 2009 at 06:29:51PM +0530, Ravipriya Thushara wrote:

But I have got some problems with the script and in trouble now. I'll
be happy if I got your help.
Im running and testing Nmap on windows XP installed on VMWare and it's
hosted on Windows7. I installed iTunes on windows 7 and there was a
opened port on windows 7(5353 UDP). Nmap also detects that. But in my
script the port rule is always false in that port.

_____________________________________________________________________
hostrule = function(host)
      return true
end

action = function(host)
      local portdns = nmap.get_port_state(host,{number=5353, protocol="udp"})
      if (portdns ~= nil)then
              return "port good"
      else
              return "port down"     -- always return this
      end     
end
      
__________________________________________________________

require "shortport"

hostrule = function(host)
      return true
end

action = function(host)
       local var
       var=shortport.portnumber(53, "udp")
       if(var==true)then
            return "port good"
       else
            return "port down"      -- always print this
       end
end


There are a few things happening here so I will attend to them
individually.

The first is that you should be using portrule, not hostrule, because
this script belongs to a single port and not to the entire host. Using a
portrule means that the script output will appear under the port in the
output, and it also gives you the port table without having to call
nmap.get_port_state. It will look like this:

require("shortport")

portrule = shortport.port_or_service(53, {"zeroconf", "mdns"}, "udp")

action = function(host, port)
        -- action goes here
end

The code you posted using nmap.get_port_state is unnecessary if you use
the portrule like I showed, but it should work nonetheless. The only way
that get_port_state can return nil, I think, is if you pass it a port
that wasn't scanned. Did you use -sU when running the script against the
host? If the port wasn't scanned then the script shouldn't run.

Keep it up! You're learning fast. If you send future questions to this
list then they may be answered by people who know NSE better than I do.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: