Re: hddtemp-info.nse

[Toni Ruottu <toni.ruottu () iki fi>]

The included patch fixes a bug in the comm library. Previously the
options got trashed when someone was used get_banner, like
hddtemp-info did. The fix also adds a new parameter eopts to method
tryssl. The new parameter can be used to set options for the early
receive, which takes place before the actual data exchange.

  --Toni

p.s. It is a bit illogical that the early receive option is turned on
from the regular opts, and not from the eopts, but I did not change
this as some code might rely on turning it on the old way.

On Mon, Dec 13, 2010 at 10:46 AM, Toni Ruottu <toni.ruottu () iki fi> wrote:
> Finally, I got it working. The attached patch sets the bytes option,
> but also supports different separators. The previous version worked
> with |, but failed in case the administrator had specified a custom
> separator.
>
> Your patch modifies read function to do the right thing, but the
> get_banner function is using receive directly. After 1) applying the
> patch 2) changing get_banner to use read, and 3) applying my patch on
> the hddtemp script, it should all be good. Although I am unsure if
> there is some hidden problem in using read with get_banner. Should the
> parameter be called banner_bytes to distinguish it from the bytes
> argument used for payload?
>
>  --Toni
>
>
> On Sun, Dec 12, 2010 at 11:33 PM, David Fifield <david () bamsoftware com> wrote:
> > On Sun, Dec 12, 2010 at 11:09:10PM +0200, Toni Ruottu wrote:
> > > On Sat, Dec 11, 2010 at 9:18 PM, David Fifield <david () bamsoftware com> wrote:
> > > > On Thu, Dec 09, 2010 at 11:20:24AM +0200, Toni Ruottu wrote:
> > > > > On Thu, Dec 9, 2010 at 2:07 AM, David Fifield <david () bamsoftware com> wrote:
> > > > > > On Tue, Nov 30, 2010 at 07:03:35PM +0200, Toni Ruottu wrote:
> > > > > > > The problem seems to be that comm always does a single receive. If the
> > > > > > > network conditions are good this does not matter, but over the
> > > > > > > Internet the first receive is not likely to contain the full banner. I
> > > > > > > think the comm library needs to be changed to do as many receives as
> > > > > > > it is able to do before a time out.
> > > > > >
> > > > > > Does this patch make a difference?
> > > > >
> > > > > No. Still broken, after applying the patch.
> > > >
> > > > Try increasing the timeout (shouldn't require the patch I gave you). If
> > > > you find a reasonable timeout value I'll commit it.
> > > >
> > > > http://nmap.org/nsedoc/lib/comm.html
> > >
> > > I doubt that increasing the timeout will help. As far as I can tell
> > > the problem is not about the timeout being too short. The problem is
> > > that comm library does only one recv. My impression is that the
> > > response arrives very quickly, but in multiple parts. So reading it is
> > > really fast, as long as you do multiple recv.
> >
> > Nsock (used by NSE) internally does multiple recvs by default. It keeps
> > reading until the given byte limit is reached, EOF, or timeout. You
> > might have to increase the byte limit from its default of 1 too. (That's
> > what my earlier patch effectively did).
> >
> > David Fifield

Attachment: comm-eopts.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/