Nmap Development mailing list archives
Re: New script names
From: "sara fink" <sara.fink () gmail com>
Date: Wed, 12 Nov 2008 15:20:38 +0200
I'd like to propose a feature request about which nse script to choose in the command line. Is it complicated to make tab completion? There is a similar script in gentoo which helps in less typing commands. example emerge moz will tab complete to mozilla-firefox. The name of the script there is gentoo-bashcomp. If there is interest, I can post here the source. Thanks in advance Sara On Tue, Nov 11, 2008 at 10:48 PM, Patrick Donnelly < batrick.donnelly () gmail com> wrote:
On Tue, Nov 11, 2008 at 9:18 AM, David Fifield <david () bamsoftware com> wrote:On Mon, Nov 10, 2008 at 11:58:03PM -0600, Kris Katterjohn wrote:On 11/10/2008 11:51 PM, David Fifield wrote:I changed zone-transfer to dns-zone-transfer. I also changed the nameofthe table that script takes for a script argument. It was zoneTrans(theold name of the script; I changed it to dnszonetransfer. Am I right, there's no way to specify a script argument with dashes in the name? I get nmap --script-args 'dns-zone-transfer={domain=foo}' Error parsing --script-args QUITTING!It's apparently possible[1], but a bit clumsier.Interesting. The script args parser works by transforming the string with patterns to put quotes around the values, then evaluates it as Lua code. That means you can do weird things like nmap --script-args 'foo=a".."b' resulting in the table { foo = "ab" }. Or nmap --script-args 'pi="..math.pi.."' resulting in { pi = "3.1415926535898" }. Or nmap --script-args='loop="..loadstring("while true do end")().."' to lock up Nmap. David FifieldThere are a large variety of ways to lock up NSE. The script args can be made to not lock up the system by not exposing most C functions and setting a debug hook, if this is a problem which I don't think it is. Cheers, -- -Patrick Donnelly "One of the lessons of history is that nothing is often a good thing to do and always a clever thing to say." -Will Durant _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- New script names David Fifield (Nov 05)
- Re: New script names Vlatko Kosturjak (Nov 06)
- Re: New script names Rob Nicholls (Nov 06)
- Re: New script names Kris Katterjohn (Nov 06)
- Re: New script names David Fifield (Nov 06)
- Re: New script names Kris Katterjohn (Nov 06)
- Re: New script names David Fifield (Nov 10)
- Re: New script names Kris Katterjohn (Nov 10)
- Re: New script names David Fifield (Nov 11)
- Re: New script names Patrick Donnelly (Nov 11)
- Re: New script names sara fink (Nov 12)
- Re: New script names Ron (Nov 12)
- Re: New script names David Fifield (Nov 12)
- Re: New script names Ron (Nov 12)
- Re: New script names Richard Moore (Nov 12)
- Re: New script names Arturo 'Buanzo' Busleiman (Nov 12)
- Re: New script names Kris Katterjohn (Nov 06)
- Re: New script names sara fink (Nov 12)
- Re: New script names Patrick Donnelly (Nov 12)
- Re: New script names sara fink (Nov 12)
- Re: New script names Dirk Loss (Nov 06)