Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

New NSE Features

From: doug () hcsw org
Date: Sat, 29 Dec 2007 19:57:37 -0800
Hi nmap-dev,

I just checked two patches to NSE into SVN. The first should add
--host-timeout support for NSE scans. Here is an example:

$ ./nmap -sC -p 80 hcsw.org scanme.nmap.org --host-timeout 30s

Starting Nmap 4.51BETA ( http://insecure.org ) at 2007-12-29 17:32 PST
Interesting ports on hcsw.org (65.98.116.106):
PORT   STATE SERVICE
80/tcp open  http
|_ HTML title: Site doesn't have a title.

Skipping host scanme.nmap.org (205.217.153.62) due to host timeout

Nmap done: 2 IP addresses (2 hosts up) scanned in 31.409 seconds



* Notice that in the above scan, one host completed before its 30s time
  limit and so has its results reported, but the other didn't so it was
  skipped due to host timeout.

* Also notice that the elapsed running time is just over 30s. NSE should
  stop all running scripts for a host once its timeout expires within
  at most a couple hundred milliseconds.

The SVN revision for this patch is r6657. Please let us know if this
does/doesn't work for you!


While working on the --host-timeout patch, I noticed that NSE doesn't
have run-time interaction support! I have come to use this feature all
the time to add a -v/-d flag that I forgot on the command line and just
to give a little ping to nmap that reassures me everything is working.

When verbosity >= 2 or debugging >= 1, pressing a button while NSE
is running will now tell you how many scripts are currently active
as well as the estimated time to completion:

Stats: 0:00:07 elapsed; 0 hosts completed (2 up), 2 undergoing Script Scan
Active NSE scripts: 5
SCRIPT ENGINE Timing: About 37.50% done; ETC: 19:27 (0:00:02 remaining)
Stats: 0:00:10 elapsed; 0 hosts completed (2 up), 2 undergoing Script Scan
Active NSE scripts: 2
SCRIPT ENGINE Timing: About 75.00% done; ETC: 19:27 (0:00:01 remaining)
Stats: 0:00:11 elapsed; 0 hosts completed (2 up), 2 undergoing Script Scan
Active NSE scripts: 1
SCRIPT ENGINE Timing: About 87.50% done; ETC: 19:27 (0:00:00 remaining)

With no verbosity/debugging, the output is identical to other Nmap scans.
Maybe there is other useful info we could add here? One thing I thought might
be neat is seeing a list of (some of?) the scripts that are currently running
(maybe sorted by running duration). As well as being cool, this feature might
help tell which scripts are holding up the scan. (Come to think of it, this
would be sweet for version detection too. What probes are currently active?)

Here is what I was kinda thinking:

Stats: 0:00:07 elapsed; 0 hosts completed (2 up), 2 undergoing Script Scan
Active NSE scripts: 3
  * 5.2s: HTTPAuth.nse @ insecure.org:80
  * 3.6s: showHTMLTitle.nse @ hcsw.org:80
  * 3.4s: showHTMLTitle.nse @ insecure.org:80
SCRIPT ENGINE Timing: About 37.50% done; ETC: 19:27 (0:00:02 remaining)


The patch adding basic run-time interaction support is r6658.
Let me know what you think!

Best,

Doug

Attachment: signature.asc
Description: Digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: