[NSE] comm.lua setup_connect should connect to host.ip in preference to host.targetname

[jah <jah () zadkiel plus com>]

Hi folks,

I've just run into a situation where comm.exchange connected to an IPv6
address of a target for which host name was specified on the
command-line as part of an IPv4 scan.
I've attached a patch, but I wonder: does anyone know of any good reason
for comm.lua to do a socket.connect with host.targetname in preference
to host.ip?

I cannot think of a reason, but since comm.setup_connect has always done
it this way, I thought I'd check before.

These are the scripts that pass the host table to comm.exchange
(comm.exchange is the only func calling setup_connect) and are thus
affected:

daytime.nse:23:             local status, result = comm.exchange(host
dns-random-srcport.nse:70:  local status, result = comm.exchange(host
dns-random-txid.nse:70:     local status, result = comm.exchange(host
dns-recursion.nse:31:       local status, result = comm.exchange(host
finger.nse:33:              return try(comm.exchange(host
iax2-version.nse:24:        local status, recv = comm.exchange(host
jdwp-version.nse:32:        local status, result = comm.exchange(host
ntp-info.nse:76:            status, buftres = comm.exchange(host
ntp-info.nse:92:            status, bufrlres = comm.exchange(host
pptp-version.nse:43:        local response = try(comm.exchange(host
skypev2-version.nse:19:     local status, result = comm.exchange(host
skypev2-version.nse:28:     status, result = comm.exchange(host

Finally, I'm a bit rusty: there aren't any circumstances under which the
host.ip is not present in the host table is there?

Regards,

jah

Attachment: comm.lua.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/