Nmap Development mailing list archives
Proposal for adding new option to nmap
From: kirubakaran S <kirubakaran1989 () gmail com>
Date: Thu, 1 Jul 2010 12:34:39 +0530
Hello nmap-dev, I am kirubakaran, Gsoc student working on developing script selection interface in zenmap. I propose to add to a new option in nmap which will facilitate the development of script selection interface. Background: When the user wants to run scripts, They can give script names,categories, directories or expressions to select the scripts. we will call these as specifications. for example "default and not safe", This specification selects all the scripts which are in default category and not in safe category. Nmap, in particular NSE, evaluates these specifications and calculates the list of scrpits to be executed. Problem: In zenmap we require the list of scripts, when a specification is given by user in interface. For example, when user types "nmap --script http-*" zenmap has to get list of scripts whose name start with "http". The specification can also be complex involving boolean operators like AND,OR and NOT. Also, the specification can include entire directory which contains the scripts,path to specific scripts present in local computer or categories in which the script belongs. Possible solution: To copy the logic used in nse_main.lua to zenmap. This will solve the problem now, but these two logics has to be maintained same forever.Whenever there is a change in one logic, maintenance would be difficult. Proposed solution: To include a command line option in nmap, "--script-list" that prints the list of scripts that meets the specification criteria. Example : when user types in "nmap --script 'http-*' --script-list" The output is: http-auth http-date http-enum http-favicon http-headers http-iis-webdav-vuln http-malware-host http-methods http-open-proxy http-passwd http-php-version http-trace http-userdir-enum http-vmware-path-vuln nmap will not expect the host to be specified when this option is enabled.It prints the list of scripts that meets the specification criteria and exits nmap execution.It works just like --script-updatedb when command like "nmap --script-list" is executed without specifying the script option, nmap will print the list of all scripts installed in system. Benefits: This command will be used by zenmap whenever it wants to retrieve the list of scripts. when a specification is given by user in interface, zenmap can invoke nmap in background and obtain the list of scripts according to the specification.There will not be any side effects to current nmap functionality as it only prints the list of scripts. This option can also be used by users or other nmap modules that wants to get the list of scripts. Otherwise, The users can only obtain the list of scripts using debug option -d2, but nmap has to run a scan against a host. -- cheers Kirubakaran.S _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Proposal for adding new option to nmap kirubakaran S (Jul 01)
- Re: Proposal for adding new option to nmap Patrick Donnelly (Jul 01)
- Re: Proposal for adding new option to nmap David Fifield (Jul 01)
- Re: Proposal for adding new option to nmap David Fifield (Jul 04)
- Re: Proposal for adding new option to nmap kirubakaran S (Jul 05)
- Re: Proposal for adding new option to nmap David Fifield (Jul 05)
- Re: Proposal for adding new option to nmap Kris Katterjohn (Jul 05)
- Re: Proposal for adding new option to nmap Fyodor (Jul 06)
- Re: Proposal for adding new option to nmap David Fifield (Jul 01)
- Re: Proposal for adding new option to nmap Patrick Donnelly (Jul 01)