Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts

[Ron <ron () skullsecurity net>]

On Sun, 28 Mar 2010 19:24:30 -0700 Fyodor <fyodor () insecure org> wrote:
> On Mon, Mar 22, 2010 at 03:57:37PM -0500, Ron wrote:
> > On Mon, 22 Mar 2010 13:45:00 -0700 Fyodor <fyodor () insecure org>
> > wrote:
> >
> > I'd be concerned about using --script-args to control the
> > information, because I have a feeling a lot of people don't know
> > about
> > --script-args.
>
> I agree with this.  That's why I suggested that the output might
> contain a hint like:
>
>  |_ Output condensed. For full details, run with: --script-args
>  |mssql-info=all
This runs into issues where scripts are slow, noisy, or dangerous -- you may not want to run the same scripts a second 
time to get the full information, depending on the nature of the scripts. 

I think I see a good use to combining scripts, to a point, but I'm not sure I like the idea of controlling output with 
script-args. 
 
> A think a single script for querying a single service can be as
> flexible as multiple scripts if the script-args are designed well.  I
> think (in some cases) it can be easier for us to maintain, easier for
> users to run, and provide more elegant output than multiple scripts.
Potentially, I agree. Maybe not in every case, so we have to be careful what we combine. 

> In other cases, multiple script clearly win out.  So I'm not
> suggesting we get overzealous about combining scripts, just that we
> examine whether any of our scripts could be reasonably combined.  I
> sent some examples in my last email.
Exactly. :)

To save a second email to the list, I agree that a lot of the smb-* scripts can be combined. Not necessarily all of 
them -- I'd like to keep smb-enum-users separate, for instance, because it is the most important -- but combining a lot 
of the get-information scripts would be good. 

> Yeah, the multiple scripts would be a clear disaster if the protocol
> parsing code had to be repeated in each.
Agreed. 

> True, though the separated scripts may have to each repeat the same
> steps.  For example, I imagine that nfs-dirlist needs to repeat the
> queries done by nfs-showmount, but it wouldn't need to if they were
> combined.  And of course the separate scripts often each have to
> authenticate when a combined script may only have to do that once.
Sometimes, yeah. That could be partially relieved with caching and/or dependencies, but in some cases you're absolutely 
right. 

I find the whole process interesting, really. People write scripts that do different things, then, as they end up 
similar, they're collapsed into less scripts that are potentially more powerful. Kinda cool :)

> Cheers,
> -F


-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/