Re: Nmap tty and NSE

["Patrick Donnelly" <batrick.donnelly () gmail com>]

On Tue, Dec 23, 2008 at 12:09 PM, David Fifield <david () bamsoftware com> wrote:
> On Tue, Dec 23, 2008 at 07:08:31AM -0700, Patrick Donnelly wrote:
> > I have attached a patch that outputs script threads when they start
> > and when they finish. This is some example output with debugging = 1.
> >
> > SCRIPT ENGINE: Initiating script scanning.
> > SCRIPT ENGINE: Script scanning 100 hosts.
> > SCRIPT ENGINE: Initialized 24 rules
> > SCRIPT ENGINE: Matching rules.
> > SCRIPT ENGINE: Running scripts.
> > SCRIPT ENGINE: Runlevel: 1.000000
> > Initiating SCRIPT ENGINE at 06:42
> > Running 14 script threads:
> > Starting script './scripts/robots.txt.nse' (thread 0x845ad30) against target 95.78.76.91.
> > Starting script './scripts/http-auth.nse' (thread 0x84391f8) against target 95.78.76.91.
> > Starting script './scripts/html-title.nse' (thread 0x843a6a8) against target 95.78.76.91.
> > ...
> > Finished script './scripts/http-auth.nse' (thread 0x849efd8) against target 129.131.227.244.
> > SCRIPT ENGINE DEBUG: html-title.nse: 129.131.227.244 did not respond with any data.
> > Finished script './scripts/html-title.nse' (thread 0x84a04d0) against target 129.131.227.244.
> > Completed SCRIPT ENGINE at 06:42, 11.57s elapsed
> > SCRIPT ENGINE: Script scanning completed.
>
> The patch looks great to me. I would change the format of each line from
>
> Starting script './scripts/robots.txt.nse' (thread 0x845ad30) against target 95.78.76.91.
>
> to
>
> Starting script ./scripts/robots.txt.nse against 95.78.76.91 (thread 0x845ad30).
>
> with the thread address displayed only with -d2 (raw memory addresses
> feel too low-level for -d). The main thing is that it's best if each
> output line fits in 80 columns. With those small changes I say go ahead
> and commit it.

My feeling is there needs to be some form of unique identifier for
each instance of the script (even at -d1). The simplest way to do that
is output the thread's pointer.

Also, with the large amount of information being output (especially
with the variable length script file name), cutting the output down to
80 characters is difficult. I'm not sure there is an easy solution to
solving that. That example output didn't show it, but it can also look
like this:

Finished script './scripts/showHTMLTitle.nse' (thread: 0x84b0698)
against 88.217.63.66.adsl.dyn.setel.com (66.63.217.88).

Naturally, the hostname can be quite long making it very easy to
overflow 80 characters. The previous output I pasted didn't have any
hostnames for any of the targets.

How should we correct this (if it needs correcting)? Personally I'm
satisfied with the result.

Cheers,

-- 
-Patrick Donnelly

"One of the lessons of history is that nothing is often a good thing
to do and always a clever thing to say."

-Will Durant

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org