Nmap Development mailing list archives
Re: NSE Script: x11 server checking
From: David Fifield <david () bamsoftware com>
Date: Fri, 7 Aug 2009 18:25:36 -0600
On Thu, Aug 06, 2009 at 06:15:18PM +0200, vladz () devzero fr wrote:
I've wrote a small NSE script that checks if you're allowed to connect to a X server (basically when a user type the "xhost +" command in its X session). As the "-sV" option already checks this, I like my script to be ran only if version detection hasn't been called from the command line. So it won't run the test again if "-sV" and "-sC" are both called.
I think this script is a good idea and it should be run even if version detection has been done already. The reason I think that is that not all the version probes report the open status, and having it on a line of NSE output will make it easy to grep for. I would rename the script, maybe call it x11-access. Please include a URL to documentation of the relevant part of the X11 network protocol as a comment above where you send the binary data. That way readers of the script can look up exactly what it's doing. Add an NSEDoc @output example. See http://nmap.org/book/nsedoc.html. The X11Probe in nmap-service-probes works with ports 6000-6020. Do you think the script should cover that whole range, or just the ports 6000, 6001, and 6003 that are listed in the script? Use the nmap.new_try exception handling around socket operations, including connect, send, and receive_bytes. You are already checking for a timeout in receive_bytes, but there are other ways a socket operation can fail. See http://nmap.org/book/nse-api.html#nse-exceptions . Thanks for your submission. With these changes, I would like to include the script. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE Script: x11 server checking vladz (Aug 06)
- Re: NSE Script: x11 server checking jah (Aug 06)
- Re: NSE Script: x11 server checking jah (Aug 06)
- Re: NSE Script: x11 server checking vladz (Aug 06)
- Re: NSE Script: x11 server checking David Fifield (Aug 07)
- Re: NSE Script: x11 server checking vladz (Aug 08)
- Re: NSE Script: x11 server checking David Fifield (Aug 08)
- Re: NSE Script: x11 server checking vladz (Aug 08)