Nmap Development mailing list archives

Re: Script force

From: Martin Holst Swende <martin () swende se>
Date: Sat, 19 Nov 2011 20:22:11 +0100

On 11/19/2011 11:25 AM, Djalal Harouni wrote:

On Wed, Nov 16, 2011 at 09:56:49AM +0100, Martin Holst Swende wrote:

On 11/16/2011 09:37 AM, Martin Holst Swende wrote:

I really like that idea!
I implemented it, using the @ - character. Usage :
./nmap --script @smb-brute,http-* -p80 www.google.com -d3
//This would force smb-brute, but run the http-* as normal.

./nmap --script @http-title,smb-brute -p80 www.google.com
//Forces http-title, but not smb-brute

Force does not work for categories now ("@http-*"), but I can add it on
if this suggestion gets approval. Svndiff attached.

Why wait. Here's another version, the following syntax works also:
/nmap --script @smb-* -p80 www.google.com

Diff attached.

After a quick review it seems that forcing by categories is not supported,
why ?  perhaps this can be a bit overkill.

We should also add a verbosity boost like the 'script selected by name'
to this feature, and I think that we'll start to see some errors in scripts
due to hard values, etc.

To conclude:
* This is a nice feature.
* The patch needs a bit cleaning.
* We'll see what others think about it.

Thanks for the feedback! I had missed the categories after all, patched
that now. I also added a printout so it is obvious why a script is or
isn't executed :

martin@linovox:~/tools/nmap$ ./nmap localhost -p1000 --script +intrusive -d

Starting Nmap 5.61TEST3 ( http://nmap.org ) at 2011-11-19 20:13 CET
[...]
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 3) scan.
NSE: broadcast-avahi-dos set for execution: portrule true, force true
NSE: Starting broadcast-avahi-dos.
NSE: dns-brute set for execution: portrule false, force true
NSE: Starting dns-brute.

I also changed it to use the '+'-sign, which Fyodor suggested, since it
has good connotations (typically what is used in a search engine to
specify "I want exactly this, nothing else").

/Martin

Attachment: svndiff_nsemain
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Script force Martin Holst Swende (Nov 15)
- Re: Script force Vlatko Kosturjak (Nov 15)
  - Re: Script force Martin Holst Swende (Nov 15)
    - Re: Script force Djalal Harouni (Nov 15)
- Re: Script force Djalal Harouni (Nov 15)
  - Re: Script force Martin Holst Swende (Nov 16)
    - Re: Script force Martin Holst Swende (Nov 16)
    - Re: Script force Duarte Silva (Nov 16)
    - Re: Script force Djalal Harouni (Nov 19)
    - Re: Script force Martin Holst Swende (Nov 19)
    - Re: Script force David Fifield (Nov 29)
    - Re: Script force Martin Holst Swende (Nov 30)
    - Re: Script force Fyodor (Nov 30)
    - Re: Script force Djalal Harouni (Dec 01)
    - Re: Script force Martin Holst Swende (Dec 03)
    - Re: Script force Patrick Donnelly (Dec 04)
    - Re: Script force - Named probes Djalal Harouni (Dec 04)
    - Re: Script force - Named probes Martin Holst Swende (Dec 04)
    - Re: Script force - Named probes Djalal Harouni (Dec 04)
    - Re: Script force - Named probes Patrick Donnelly (Dec 15)

(Thread continues...)