Nmap Development mailing list archives
Re: [NSE] New script reverse-index
From: Patrik Karlsson <patrik () cqure net>
Date: Wed, 23 Nov 2011 23:35:04 +0100
On Wed, Nov 23, 2011 at 5:19 PM, Patrik Karlsson <patrik () cqure net> wrote:
On Wed, Nov 23, 2011 at 1:36 AM, David Fifield <david () bamsoftware com>wrote:On Tue, Nov 22, 2011 at 09:17:31PM +0100, Patrik Karlsson wrote:Hi, Here's an attempt on creating the reverse-index script which is in the high-priority list of the secwiki. The script runs both as a hostrule, collecting port information for each host and storing it in the registry, and as a portrule building theoutputbased on the collected port data.-- | tcp -- | 22: 192.168.0.60 -- | 23: 192.168.0.100 -- | udp -- |_ 5353: 192.168.0.102, 192.168.0.1, 192.168.0.60I would prefer output like this:-- | tcp/22: 192.168.0.60 -- | tcp/23: 192.168.0.100 -- | udp/5353: 192.168.0.102, 192.168.0.1, 192.168.0.60I wasn't sure how and if it's possible to create it as a postrule only script as the secwiki documentation suggests.No, I don't think so. You found a nice solution.Anyway, please let me know if it turned out as expected and whether it should go into any other categories than safe, so that it can becommitted. Looks good. Great job! David FifieldWhile trying to address this I noticed something weird. If I do the following: repeat port = nmap.get_ports(host, port, "tcp", "closed") until(not(port)) I get ALL ports regardless of their protocol or state. Is this really intended behavior. According to my interpretation of the documentation I should only get closed tcp ports, right? Any ideas on what I need to do to fix this? Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77
I'm hoping this patch solves the problem and returns the correct ports matching both protocol and state. Could someone take a look at it and see if it looks correct before I commit it? Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77
Attachment:
nse_nmaplib.cc.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New script reverse-index Patrik Karlsson (Nov 22)
- Re: [NSE] New script reverse-index Patrick Donnelly (Nov 22)
- Re: [NSE] New script reverse-index David Fifield (Nov 22)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index David Fifield (Nov 27)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 28)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index David Fifield (Nov 27)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 28)