Nmap Development mailing list archives
NSE Script Arguments (Was: Script selection - Gsoc)
From: Patrick Donnelly <batrick () batbytes com>
Date: Mon, 5 Apr 2010 00:14:22 -0400
On Fri, Apr 2, 2010 at 6:52 PM, David Fifield <david () bamsoftware com> wrote:
Making script arguments defined by code not comments--as we do for description and categories--is a sensible design decision. There would have to be a way to get arguments from included libraries too. I don't like adding an extra parameter to action; isn't the pretty much the same as nmap.registry.args? Also it puts args at a different parameter index for portrule and hostrule scripts, which is a little awkward but maybe it doesn't bother people. But the overall idea is something I can support. --script-updatedb could then put args in script.db and Zenmap could parse it.
Another option is to make the args globally available via an 'arg' table for each script (each script has its own args). This is kinda similar to how Lua gives args to a script on the CLI [1]. A script could specify its arguments using code like this: arg["user"] = arg["user"] or "foo" arg["password"] = arg["password"] or "bar" nse_main.lua could easily figure out what arguments are used simply using __index and/or __newindex metamethods and generate entries in the script database without parsing the file's NSEDoc comments. I'm undecided on whether we should strip some "identifier" for script arguments in the above code snippet. Something like this: arg["ldap-brute.username"] = arg["ldap-brute.username"] or "foo" versus arg["username"] = arg["username"] or "foo" -- the ldap-brute prefix is inferred by nse_main.lua I think I prefer the former because many scripts "share" the same argument. [1] http://www.lua.org/manual/5.1/manual.html#6 -- - Patrick Donnelly _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE Script Arguments (Was: Script selection - Gsoc) Patrick Donnelly (Apr 04)
- Re: NSE Script Arguments (Was: Script selection - Gsoc) Kris Katterjohn (Apr 04)
- Re: NSE Script Arguments (Was: Script selection - Gsoc) Patrick Donnelly (Apr 04)
- Re: NSE Script Arguments (Was: Script selection - Gsoc) Kris Katterjohn (Apr 04)
- Re: NSE Script Arguments (Was: Script selection - Gsoc) David Fifield (Apr 06)
- Re: NSE Script Arguments (Was: Script selection - Gsoc) Kris Katterjohn (Apr 06)
- Re: NSE Script Arguments (Was: Script selection - Gsoc) Patrick Donnelly (Apr 04)
- Re: NSE Script Arguments (Was: Script selection - Gsoc) Kris Katterjohn (Apr 04)