Nmap Development mailing list archives

Re: [NSE] New script reverse-index

From: Patrik Karlsson <patrik () cqure net>
Date: Mon, 28 Nov 2011 13:18:51 +0100

On Sun, Nov 27, 2011 at 11:40 PM, David Fifield <david () bamsoftware com>wrote:

On Wed, Nov 23, 2011 at 05:19:37PM +0100, Patrik Karlsson wrote:

On Wed, Nov 23, 2011 at 1:36 AM, David Fifield <david () bamsoftware com
wrote:

On Tue, Nov 22, 2011 at 09:17:31PM +0100, Patrik Karlsson wrote:

Hi,

Here's an attempt on creating the reverse-index script which is in

the

high-priority list of the secwiki.
The script runs both as a hostrule, collecting port information for

each

host and storing it in the registry, and as a portrule building the

output

based on the collected port data.

-- |   tcp
-- |     22: 192.168.0.60
-- |     23: 192.168.0.100
-- |   udp
-- |_    5353: 192.168.0.102, 192.168.0.1, 192.168.0.60


I would prefer output like this:

-- |   tcp/22: 192.168.0.60
-- |   tcp/23: 192.168.0.100
-- |   udp/5353: 192.168.0.102, 192.168.0.1, 192.168.0.60

I wasn't sure how and if it's possible to create it as a postrule

only

script as the secwiki documentation suggests.


No, I don't think so. You found a nice solution.

Anyway, please let me know if it turned out as expected and whether

it

should go into any other categories than safe, so that it can be

committed.

Looks good. Great job!


While trying to address this I noticed something weird.
If I do the following:

repeat
  port = nmap.get_ports(host, port, "tcp", "closed")
until(not(port))

I get ALL ports regardless of their protocol or state. Is this really
intended behavior.
According to my interpretation of the documentation I should only get
closed tcp ports, right?
Any ideas on what I need to do to fix this?


I can't reproduce this. I attached a script that has your example code.


You know what, neither can I! I'm really sorry for being an idiot.

//Patrik
-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] New script reverse-index Patrik Karlsson (Nov 22)
- Re: [NSE] New script reverse-index Patrick Donnelly (Nov 22)
- Re: [NSE] New script reverse-index David Fifield (Nov 22)
  - Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
    - Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
    - Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
    - Re: [NSE] New script reverse-index David Fifield (Nov 27)
    - Re: [NSE] New script reverse-index Patrik Karlsson (Nov 28)
    - Re: [NSE] New script reverse-index David Fifield (Nov 27)
    - Re: [NSE] New script reverse-index Patrik Karlsson (Nov 28)