Re: Proposal for adding new option to nmap

[David Fifield <david () bamsoftware com>]

On Mon, Jul 05, 2010 at 03:37:57PM +0530, kirubakaran S wrote:
> The specific feature in this option is ,it prints only the list of scripts
> according to
> given specification. Apart from this, warnings and initial nmap comments are
> still present.
> with -d2 option so many junk information will be printed.
>    Even, If it is not present, I can change the nmap command module in
> zenmap

This option is only really useful if it produces clean output, without
any startup or junk messages. Ideally, it prints out only the selected
scripts, one per line, to standard output, and quits. I understand that
this might not be easy to implement because of the need to initialize
the script engine and avoid code paths that produce extra output. If
--script-list can't easily work in this way, then we might as well just
use -d2.

Either way, we will have to document in the source code that the
specific output format is being used by an external program (Zenmap) and
it can't be changed or removed.

I am thinking that the script list output should have the full absolute
path to every script, not just the basename. The reason for this is to
allow distinguishing between standard scripts and scripts that the user
has selected specifically from elsewhere in the filesystem. The output
might be

/usr/share/nmap/scripts/http-auth.nse
/usr/share/nmap/scripts/http-date.nse
...
/home/david/custom/test-script.nse

The script selection interface can find out which are standard scripts
by checking which are in NMAPDIR. It can mark those as selected in the
normal list view, and then it can put the remaining scripts in the
"extra scripts" box, the one you can fill in by clicking an "Open..."
button.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/