Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Uniquely identifying an Nmap install from NSE?

From: Ron <ron () skullsecurity net>
Date: Fri, 07 Aug 2009 17:29:40 -0500
On 08/07/2009 05:17 PM, David Fifield wrote:

Is the service left running only in an exceptional case (an error)? The
idea behind using a consistent name is to make it easy for a human to go
clean it up if necessary? Or is it that there is a lack of a way for NSE
to store the service name between when it starts the service and when it
shuts it down?

David Fifield
Yes, it's only left if an unexpected error happens (any error that's properly handled will clean up after itself). In theory, it should never happen, but because it's so invasive I want to be sure. 

The script currently does the following:
1. Attempt cleanup
2. Upload the .exe file, create the service, run it, do its work, etc.
3. Attempt cleanup
So even if a failed attempt has already been made, it will clean itself up before continuing. At one time, I was going to add a script-arg to tell it to attempt a cleanup and nothing more, but I haven't done that yet.
Having a human-readable name will allow it to be cleaned by a human, but that's kind of secondary. I can easily make the service called 'nmap-service-<random>' for that purpose.
Another option that jah mentioned is keeping track of the service name. A modification of his idea that might work more easily is creating a random name the first time you run it, then keeping that name for all further tests. That's another option, though I don't really like storing persistent data. 

Ron

--
Ron Bowes
http://www.skullsecurity.org/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: