Nmap Development mailing list archives
Re: Uniquely identifying an Nmap install from NSE?
From: David Fifield <david () bamsoftware com>
Date: Fri, 7 Aug 2009 16:17:05 -0600
On Fri, Aug 07, 2009 at 04:41:25PM -0500, Ron wrote:
I had a conversation with Ed Skoudis at Defcon, and he had a comment on some of my SMB scripts: one of his primary uses for these scripts is teaching, so he can have up to 40 people using the same scripts against the same target, and that won't work well with psexec-style scripts. Up till now, I've written the scripts from the perspective of how I'd use them: one person at a time. That doesn't work as well in the real world. The issue is, some scripts (like smb-pwdump.nse) create a service on the remote host. I always use the same name for this service, since that makes it possible to clean up later if something fails. But, this creates a race condition where if two people run the same script, it'll fail for one or both of them. So, the two obvious choices are: 1. Leave it the way it is, and accept that it's going to have a race condition 2. Randomize the name, making it difficult to clean up
Is the service left running only in an exceptional case (an error)? The idea behind using a consistent name is to make it easy for a human to go clean it up if necessary? Or is it that there is a lack of a way for NSE to store the service name between when it starts the service and when it shuts it down? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Uniquely identifying an Nmap install from NSE? Ron (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? jah (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Ron (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? David Fifield (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Ron (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Brandon Enright (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Ron (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Brandon Enright (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Ron (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Brandon Enright (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Ron (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Ben Rosenberg (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? Ron (Aug 07)
- Re: Uniquely identifying an Nmap install from NSE? jah (Aug 07)