Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Dropbox LanSync host collection

From: Djalal Harouni <tixxdz () gmail com>
Date: Tue, 21 Dec 2010 14:41:21 +0100
On 2010-12-15 05:31:05 -0500, Patrick Donnelly wrote:

On Wed, Dec 15, 2010 at 12:15 AM, Fyodor <fyodor () insecure org> wrote:

On Tue, Dec 14, 2010 at 11:54:37AM -0600, Kris Katterjohn wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/14/2010 11:37 AM, David Fifield wrote:

Recall we all ready have the separate arg "newtargets" for scripts adding
targets to Nmap's scanning queue.  Maybe for consistency we could add a
"broadcast" arg to allow scripts like this to run?  I don't remember this
being brought up before, but I could have missed it.
Otherwise, only running them when called by name sounds like a good enough
alternative.



Good points.  I like the idea of modifying the scripts so they only
run if they are called by name (e.g. the same rule as we use for the
verbosity bump) or if a special NSE argument is set (whether that be
"broadcast" or something else).


We have a pretty flexible script "choosing" mechanism now that we have
the boolean operators for categories. Shouldn't we be adding more
categories? I mean, similar to how the "all" category is a
pseudo-category, we could add others such as "quick" which would
translate to: "safe and not broadcast and not newtarget" or something
like that. Or maybe make a legitimate "quick" category?

Seems there are mechanisms in place to make this easy but we are
forgetting about them...

Adding new categories seems the best solution, since the boolean
operator can handle all this stuff. "broadcast" can be used as a special
argument, but I don't think it's like the "newtargets", this last one
will modify the behaviour of Nmap, but the other one will be used to
choose which scripts to run.

Reformulating the 'Script Categories' section [1] of the Nmap book is
necessary, since we have added new types of scripts.


[1] http://nmap.org/book/nse-usage.html#nse-categories

-- 
tixxdz
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: