Nmap Development mailing list archives
Ncat-Lua: plugin system
From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Mon, 24 Jun 2013 09:26:47 +0200
Hi guys, The discussion in the thread "Ncat + Lua - GSOC feedback request" got pretty long and multithreaded, so in order to make sure that the ideas I like most don't get lost, I thought I'd start new thread(s) there. In this particular one, I'd like to encourage you to discuss the Lua "modules"/"plugins" system, as Daniel Miller originally proposed it (http://seclists.org/nmap-dev/2013/q2/461) : 2013/6/17 Daniel Miller <bonsaiviking () gmail com>:
On 06/17/2013 11:46 AM, David Fifield wrote:What I'm saying is that trading the syntax ncat -t for something like ncat --lua-script telnet.lua is bad. Lua code could be used internally to do some of the things we do now with code in the middle of read/write loops. On the other hand, C code could also be used to do that, with better factoring of the main program.Do you suppose that (farther down the road,) Ncat could expose an API for adding and consuming command-line options within Lua? The model I'm imagining would treat the Lua components more as "modules" than "scripts," enabling a different set of features depending on which are "loaded." For example, this simple connection: ncat nmap.org 12345 Could become a connection to a Telnet server over SSL like so: ncat --with telnet,ssl nmap.org 12345 Or via a SOCKS proxy like: ncat --with socks5 --via proxy.example.com nmap.org 12345 where the --via option is valid because a --with module of "proxy" type was loaded. Alternatively, existing short options (-t, -C, etc) could be "shortcuts" that imply the loading of a specific feature set. Caveat: This is a brainstorm post. I'm not suggesting that this exact syntax be adopted. The idea was inspired by the way Ruby modules are used as Mixins, especially within Metasploit (e.g. include Msf::Exploit::Remote::TCP) Dan
What do you think about this idea? What would you expect from such a feature to make it intuitive yet powerful? What problems would you anticipate? Jacek _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Ncat-Lua: plugin system Jacek Wielemborek (Jun 24)