Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Ncat-Lua: plugin system

From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Mon, 24 Jun 2013 09:26:47 +0200
Hi guys,

The discussion in the thread "Ncat + Lua - GSOC feedback request" got
pretty long and multithreaded, so in order to make sure that the ideas
I like most don't get lost, I thought I'd start new thread(s) there.
In this particular one, I'd like to encourage you to discuss the Lua
"modules"/"plugins" system, as Daniel Miller originally proposed it
(http://seclists.org/nmap-dev/2013/q2/461) :

2013/6/17 Daniel Miller <bonsaiviking () gmail com>:

On 06/17/2013 11:46 AM, David Fifield wrote:


What I'm saying is that trading the syntax
        ncat -t
for something like
        ncat --lua-script telnet.lua
is bad. Lua code could be used internally to do some of the things we do
now with code in the middle of read/write loops. On the other hand, C
code could also be used to do that, with better factoring of the main
program.


Do you suppose that (farther down the road,) Ncat could expose an API for
adding and consuming command-line options within Lua? The model I'm
imagining would treat the Lua components more as "modules" than "scripts,"
enabling a different set of features depending on which are "loaded." For
example, this simple connection:

     ncat nmap.org 12345

Could become a connection to a Telnet server over SSL like so:

    ncat --with telnet,ssl nmap.org 12345

Or via a SOCKS proxy like:

    ncat --with socks5 --via proxy.example.com nmap.org 12345

where the --via option is valid because a --with module of "proxy" type was
loaded. Alternatively, existing short options (-t, -C, etc) could be
"shortcuts" that imply the loading of a specific feature set.

Caveat: This is a brainstorm post. I'm not suggesting that this exact syntax
be adopted. The idea was inspired by the way Ruby modules are used as
Mixins, especially within Metasploit (e.g. include
Msf::Exploit::Remote::TCP)

Dan


What do you think about this idea? What would you expect from such a
feature to make it intuitive yet powerful? What problems would you
anticipate?

Jacek
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: