Re: [NSE] Script Dependencies Replacement for Runlevels

[Fyodor <fyodor () insecure org>]

On Fri, Nov 13, 2009 at 06:29:06PM -0700, David Fifield wrote:
> On Fri, Nov 13, 2009 at 05:58:58PM -0600, Ron wrote:
> > Patrick Donnelly wrote:
> >
> > smb-security-mode.nse prints out the user that was performing all the
> > tests. To get a good reading, it should run after at least one script.
> > Therefore, smb-security-mode.nse sort of has a weak dependency on smb-*.
> > So there's a use case for it.
> >
> > Right now, I'm solving it with "runlevel = 1.01", but that's hacky.
>
> I didn't mean "*login" is a wildcard matching script names. It just
> stands for any syntax that could be used to stand for a class of
> scripts. It could be [login] or $auth$ or whatever, just to indicate
> that a script is capable of finding accounts that other scripts might
> want to use. Your use of runlevel = 1.01 is exactly what would need a
> replacement when we change to a dependency system.

I realize that matching scripts with wildcards in the dependency
specification is not exactly what you had in mind, but it doesn't
sound like a bad idea to me.  At first it seemed hackish, but it does
simplify things as you don't need to add the likes of
"provides=brute-force" lines in *-brute.  If some scripts have names
which aren't conducive to this sort of globbing, they can always be
listed explicitly.  So my first reaction is actually to prefer this
sort of script ID (same as the filename) globbing to a more formalized
system of provides/requires.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/