Nmap Development mailing list archives

Re: Ncrack: -iX, -iN input from Nmap

From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Thu, 27 Aug 2009 00:18:56 +0300

David Fifield wrote:

On Wed, Aug 26, 2009 at 11:37:16PM +0300, ithilgore wrote:

David Fifield wrote:

Opening an XML file in Zenmap and saving it again changes the file
format enough that it's not recognized.

$ ncrack -iX zenmap.xml -v -v localhost
-iX file doesn't seem to be in Nmap's XML output format option -oX <filename>!

I corrected that issue too, but there is another more serious problem.
Zenmap's XML file doesn't use newlines between certain tag sections,
something which Nmap does and Ncrack's XML parser uses in order to
function. Is there any reason for this inconsistency between Zenmap
and Nmap? I would suggest that Zenmap's XML file has the same format
as Nmap with the newlines in place.


It's just what is produced naturally from Python's
xml.sax.saxutils.XMLGenerator. I think it's ugly with no newlines so
maybe we should find another way to write it with newlines and
indentation. But it's XML in any case, so it shouldn't matter to XML
processors.


That is true, but doing that manually would result in much more complicate
code and I don't want to write a full-fledged XML parser from scratch just
for the light needs of Ncrack.


Maybe it's time to do another search for a suitable XML parser? There
are a lot of other things that don't change the meaning of the XML but
would confuse a pattern-matching parser, such as character encoding and
entity expansion. That said, I'm willing to change the way Zenmap writes
XML if someone has a better way, because Nmap and Zenmap are going to be
by far the biggest sources of input to Ncrack. In other words, an
incomplete working solution soon is better than a perfect solution
farther in the future.


Well, although it is tempting to use a ready solution, I think that Ncrack's 
parsing needs are pretty light to be worth the overhead of including a separate
XML parser. Anyway, if you make Zenmap's XML output appear the same way as Nmap XML file
(with the newlines in place - nothing else is necessary), then -iX will work out of
the box. Also, as you said Zenmap's XML output (although it will probably not be read by a human)
will look far better with the newlines.

-- ithilgore

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Ncrack: -iX, -iN input from Nmap ithilgore (Aug 26)
- Re: Ncrack: -iX, -iN input from Nmap David Fifield (Aug 26)
  - Re: Ncrack: -iX, -iN input from Nmap ithilgore (Aug 26)
    - Re: Ncrack: -iX, -iN input from Nmap David Fifield (Aug 26)
    - Re: Ncrack: -iX, -iN input from Nmap ithilgore (Aug 26)
    - Re: Ncrack: -iX, -iN input from Nmap Fyodor (Aug 27)
    - Re: Ncrack: -iX, -iN input from Nmap Dirk Loss (Aug 27)
    - Re: Ncrack: -iX, -iN input from Nmap Fyodor (Aug 28)
    - Re: Ncrack: -iX, -iN input from Nmap Dirk Loss (Aug 28)