Nmap Development mailing list archives
Re: [NSE] New Script Version scan phase for versionrule scripts
From: Djalal Harouni <tixxdz () gmail com>
Date: Sat, 11 Sep 2010 00:21:02 +0100
On 2010-08-21 21:20:06 +0100, Djalal Harouni wrote:
Hi, A patch is attached to introduce a new rule 'versionrule' which will be used by version category scripts. The patch is against nmap trunk.
A new patch that introduces the new Script Version scan phase (NSE_VERSION_SCAN) before the Script scan phase (NSE_SCAN) is attached. Scripts will run during this Script Version scan phase if they have a versionrule and if the -sV option was given and if the pair port/protocol are not in the exclude directive. Note: running a script with --script=version will activate the portrule rather than the versionrule. But there is a *minor* issue, and I need more feedbacks on it: * If we have a script which have multiple rules (portrule and versionrule), then this script can run *twice* for the same port, one for the versionrule and the other one for the portrule. Perhaps we can filter loaded scripts in the threads table ? or leave it as it is (do not filter). Thx. -- tixxdz
Attachment:
nse-versionrule.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New versionrule for version category scripts Djalal Harouni (Aug 21)
- Re: [NSE] New Script Version scan phase for versionrule scripts Djalal Harouni (Sep 10)
- Re: [NSE] New Script Version scan phase for versionrule scripts David Fifield (Sep 27)
- Re: [NSE] New Script Version scan phase for versionrule scripts Djalal Harouni (Sep 10)