Re: Pcre Binding

[nnposter () users sourceforge net]

Daniel Miller wrote:
> nnposter,
> In response to your bug report [1], I put together the attached patch. My
> guess is that the information about anchors (beginning and end of string)
> was lost during the conversion. Since re.compile creates patterns which
> anchor at the beginning (as all lpeg patterns do), I used
> lpeg-utility.anywhere() to convert them to un-anchored patterns, though
> perhaps it would be cleaner with a ".*" prepended to the regex instead.
> Contrary to my comment on the Github bug report, there *is* a way to
> represent the "$" end-of-string anchor: "!."
>
> If you could try this out and let us know how it works for you then we can
> get this issue resolved. I don't have any telnet services handy to test
> with, unfortunately.

It seems to me that LPEG is not the right tool for this particular
case because we are not dealing with well structured input, such as
HTML, but with haphazard snippets from various telnet servers. PCRE
is a much more concise way to deal with it and if there is a desire
to discontinue PCRE support then maybe Lua patterns might still be
preferable over LPEG.

I am attaching a counter-proposal for addressing the current issues.
It has been created from the functional pre-LPEG version of the script
by converting all PCRE patterns to Lua patterns. Of course they are
not fully equivalent but I was able to test the script against:

* Linux telnetd
* Windows 2003
* Cisco IOS
* Nortel Contivity
* Digital Sprite DVR
* NetGear RM356

The patch should be applied on top of Dan's patch. This way it is
easier to judge whether we should take the LPEG route or stick with
native Lua patterns.


Cheers,
nnposter

Attachment: telnet-brute-luaptn.patch
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/