Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE Script: x11 server checking

From: jah <jah () zadkiel plus com>
Date: Thu, 06 Aug 2009 20:13:19 +0100
On 06/08/2009 17:15, vladz () devzero fr wrote:

Hi,

I've wrote a small NSE script that checks if you're allowed to connect to
a X server (basically when a user type the "xhost +" command in its X 
session). 

As the "-sV" option already checks this, I like my script to be ran only
if version detection hasn't been called from the command line. So it won't 
run the test again if "-sV" and "-sC" are both called.

Do you have any idea ? Thanks.

Regards,
-vladz.

Hi Vladz,

I think a good solution would be to check to see if port.product has
been set by version detection.  You could do this in the portrule() as
follows:

portrule = function( host, port )
  if port.number ~= 6000 and port.number ~= 6001 and port.number ~= 6003
and port.name ~= 'x11' then
      return false
  end
  -- don't run if version detection determined 'product'
  if port.product and port.product ~= '' then
      return false
  end
  return true
end

This portrule returns false if port.product has been set and is not an
empty string (I'm not sure that it can be an empty string, but testing
it doesn't cost much).

Does that do what you want?

Regards,

jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: