Nmap Development mailing list archives
Re: [NSE] Draft - targets-sniffer.nse
From: Henri Doreau <henri.doreau () greenbone net>
Date: Mon, 28 Mar 2011 16:48:01 +0200
Hi Nick, 2011/3/28 Nick Nikolaou <nikolasnikolaou1 () gmail com>:
Hello everyone once again, I made some further changes to the script: 1. Removed the simple *.*.*.255 broadcast check since it wouldn't do anything on a VLSM network. The script now gets the broadcast address using Djalal's patch and iface_info.broadcast. 2. Changed the way IP addresses are extracted from packets. That is now done using the packet library.
Nice work.
3. Timeout works as it should.
Not exactly, at least not if timeout stands for "total execution time". In case the timeout is set to 4sec for instance, and if the script receives a packet after 3.90 sec, it will start a loop for another 4 seconds. Maybe it is an intended behavior but I think that most users will expect the script to sniff for the exact duration they supplied. You could update the timeout at each iteration to have a finer control of the execution time. Here is an example: <...> sock:pcap_open(iface, 104, false , "ip") stdnse.print_debug(1, "Using interface %s", iface) repeat local start_time = nmap.clock_ms() -- Used for script timeout sock:set_timeout(timeout) local status, _, _, layer3 = sock:pcap_receive() if status then local ip_src, ip_dst = get_ip_addresses(layer3) <...check and store IP addresses...> end -- update timeout timeout = timeout - (nmap.clock_ms() - start_time) until timeout <= 0 sock:pcap_close() <...> This code uses a repeat...until form that avoid duplicate calls to pcap_receive(). The timeout is also set before the call to pcap_receive().
4. As per Henri's suggestion most of the initializations are now inside functions (with a couple of exceptions) and code should be easier to follow. I also checked that variables and functions have the correct scope.
Cool! Unless I am missing a reason not to do so, you could even move the last call into the prerule function: <...> if nmap.is_privileged() then iface = nmap.get_interface() if iface then return true <...>
5. The script doesn't default to eth0 if no interface is specified but prints an error message. As you know by now, the script relies heavily on Djalal's interface patch so the patch needs to be added first in order to use the script.
Finally, I would also suggest to use stdnse.get_script_args() instead of reading arguments from the registry. This could be combined with the addition of a default value for the timeout. <...> local timeoutstr = stdnse.get_script_args("targets-sniffer.timeout") or tostring(DEFAULT_TIMEOUT_SEC) local timeout = stdnse.parse_timespec(timeoutstr) * 1000 <...>
I hope you find this useful. Cheers, Nick
Regards. -- Henri Doreau | Greenbone Networks GmbH | http://www.greenbone.net Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Kris Katterjohn (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse David Fifield (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 24)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 26)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Henri Doreau (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 28)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Toni Ruottu (Mar 29)
- Re: [NSE] Draft - targets-sniffer.nse Abuse007 (Mar 30)
- Re: [NSE] Draft - targets-sniffer.nse Djalal Harouni (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Nick Nikolaou (Mar 22)
- Re: [NSE] Draft - targets-sniffer.nse Patrick Donnelly (Mar 22)