Re: NSE Script: x11 server checking

[David Fifield <david () bamsoftware com>]

On Thu, Aug 06, 2009 at 06:15:18PM +0200, vladz () devzero fr wrote:
> I've wrote a small NSE script that checks if you're allowed to connect to
> a X server (basically when a user type the "xhost +" command in its X 
> session). 
>
> As the "-sV" option already checks this, I like my script to be ran only
> if version detection hasn't been called from the command line. So it won't 
> run the test again if "-sV" and "-sC" are both called.

I think this script is a good idea and it should be run even if version
detection has been done already. The reason I think that is that not all
the version probes report the open status, and having it on a line of
NSE output will make it easy to grep for.

I would rename the script, maybe call it x11-access.

Please include a URL to documentation of the relevant part of the X11
network protocol as a comment above where you send the binary data. That
way readers of the script can look up exactly what it's doing.

Add an NSEDoc @output example. See http://nmap.org/book/nsedoc.html.

The X11Probe in nmap-service-probes works with ports 6000-6020. Do you
think the script should cover that whole range, or just the ports 6000,
6001, and 6003 that are listed in the script?

Use the nmap.new_try exception handling around socket operations,
including connect, send, and receive_bytes. You are already checking for
a timeout in receive_bytes, but there are other ways a socket operation
can fail. See http://nmap.org/book/nse-api.html#nse-exceptions .

Thanks for your submission. With these changes, I would like to include
the script.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org