Nmap Development mailing list archives

Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts

From: Fyodor <fyodor () insecure org>
Date: Sun, 28 Mar 2010 18:58:50 -0700

On Sun, Mar 28, 2010 at 07:54:59PM -0500, Kris Katterjohn wrote:


OK, I guess I'll be the first to actually argue :)


Well I think I agree with your "argument" :).  I'm not suggesting we
go wholesale combining scripts with different purposes just because
they talk to the same service.  My suggestion relates to scripts which:
 o Talk to the same service
 o Their whole function is to query that service for information and
   report it.
 o Belong to (or can be made to properly belong to) the same
   categories

I have
manually removed scripts which shared categories with previous ones in the
list (do correct my list if I made a mistake!).


In so doing, you have removed all of the scripts I would want to
combine :).

I'm not sure how to go about sorting through this mess to combine the scripts
into one.


Yeah, I don't want to combine any of those.  The groups I think are
POSSIBLE CANDIDATES for combining are:

citrix-enum-apps
citrix-enum-servers

citrix-enum-apps-xml
citrix-enum-servers-xml

couchdb-databases
couchdb-stats

db2-das-info (side note: it would be great if we could get a
db2-info      @usage and @output for the NSEdoc for these two)

dns-random-srcport
dns-random-txid

mysql-databases
mysql-info
mysql-users
mysql-variables

nfs-acls
nfs-dirlist
nfs-showmount
nfs-statfs

smb-enum-domains
smb-enum-groups
smb-enum-processes
smb-enum-sessions
smb-enum-shares
smb-enum-users
smb-os-discovery
smb-security-mode
smb-server-stats
smb-system-info

snmp-interfaces
snmp-netstat
snmp-processes
snmp-sysdescr
snmp-win32-services
snmp-win32-shares
snmp-win32-software
snmp-win32-users

Again, I'm not suggesting that each of these groups should be combined
into one script.  There are probably good reasons for keeping some of
them separate.  But I do think that some of these groups could be
reduced.  For an example of a script which does numerous queries
itself rather than splitting into one script per query type, take a
look at irc-info.

I see the benefits of the combination as:

o Easier to maintain one script than a bunch of very similar
  ones. Even with libraries, similar scripts can share a lot of code for
  output, control flow, etc.

o Easier for users to specify "--script smb-info" or even "--script
  smb-info --script-args smb-info=all" than the likes of:

  --script smb-enum-domains,smb-enum-groups,smb-enum-processes,\
    smb-enum-sessions,smb-enum-shares,smb-enum-users,\
    smb-os-discovery,smb-security-mode,smb-server-stats,\
    smb-system-info

  Even if you use wildcards the above will be pretty long. (smb-* may
  get much more than you want).

o A single -info script can be augmented with new stuff later, while
  adding a new query script will require the users to learn about it and
  add it to their command-line (though categories and wildcards can
  help here).

o Output can be combined more elegantly and intelligently if it is all
  in one script. If you break them up, the output has to be all
  separated by script.

o Easier for users to browse the lists of scripts (e.g. in the book or
  the directory or http://nmap.org/nsedoc/) if we don't have a bunch of
  similar scripts for each service.

But I also see advantages to individual scripts, particularly in cases
where:

o Users typically just want one particular piece of information. So
  snmp-sysdescr.nse might be best off on its own (even if an snmp-info
  might duplicate that functionality).

o Scripts which should be in different categories for one reason or
  another.  For example, we currently have mysql-info in default and safe
  because it just parses the banner it gets back, while mysql-databases
  must authenticate (even if using a blank password) and thus we
  consider it intrusive and non-default.

o Scripts with very different implementation

o Scripts which retrieve information which is so different that there
  isn't likely a big correlation between users wanting the output from
  one script and that from another.

I hope that makes sense.

Only combine them if the categories are similar?  I don't know how
you can have a file with mixed categories, or how you could possibly call it
from --script.


Right.  Scripts which are different enough to require different
categories are probably different enough to remain separate.

Please note that I'm not saying don't combine any scripts!


And I'm not saying we should combine all the scripts :).

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] Microsoft SQL Server (MSSQL) library and scripts, (continued)
- [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 22)
  - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Mar 22)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 22)
  - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Fyodor (Mar 22)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Ron (Mar 22)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 23)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Fyodor (Mar 28)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Ron (Mar 28)
    - [NSE] Feature suggestion (GSoC?) Martin Holst Swende (Mar 25)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Kris Katterjohn (Mar 28)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Fyodor (Mar 28)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Kris Katterjohn (Mar 28)
  - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Mar 30)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 30)
- [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 28)