Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

NSE [GSoC] Infrastructure Tasks

From: Patrick Donnelly <batrick () batbytes com>
Date: Sun, 21 Mar 2010 01:52:59 -0400
I noticed the NSE Infrastructure list of possible tasks was a bit
short so I thought I'd add some things I'd like to see done that I
don't have time to do myself right now:

o Borrow the directory iterator from the luafilesystem Lua library [1]
to replace the one in nse_fs.cc. This allows us to use a polished
"standard" library in place of our own to give us increased
portability and generality. The other pars of LFS would not be added
until a need exists.
o Investigate the benefit of including Lpeg into NSE. This would
require many of the libraries to convert and demonstrate a reduction
in code size and complexity and an increase in readability. NSE
script-args is a good candidate to begin with [2].
o NSE debugger:
  o Find a way to fix nmap_tty to allow Lua-like debugging (a la debug.debug()).
  o Allow the user/developer to examine all active (running ||
waiting) scripts. debug tracebacks/coroutine stack/etc.
  o A lot of the above requires having builtin functions that do this.
o Allow the user to kill scripts. Possibly identifying them by
coroutine thread id (because some (brute force) scripts may have
multiple threads working so we can't identify the thread by
script:hostname[:port]). Or more generally, when killing a script
uniquely identified by script:hostname[:port], kill the main thread
and all its children [3]. It may be easier to allow the user to abort
the scan entirely [4] (I suspect this is what most people want) during
runaway scans.
o Move the NSE script update database functionality from C[++]
(nse_main.cc) to nse_main.lua.

I'll add more as I think of stuff.

[1] http://keplerproject.github.com/luafilesystem/
[2] http://seclists.org/nmap-dev/2010/q1/784
[3] http://nmap.org/book/nse-parallelism.html#nse-parallelism-threads
[4] http://seclists.org/nmap-dev/2010/q1/896

-- 
- Patrick Donnelly
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: