Re: My TODO list for smb/msrpc scripts

[David Fifield <david () bamsoftware com>]

On Sat, May 08, 2010 at 04:07:48PM -0500, Ron wrote:
> Hey all,
>
> Since there's a GSoC student who's planning on looking at the
> SMB/MSRPC code (good luck! You'll need it ;) ), I thought I'd share my
> personal TODO list, since I haven't touched the SMB/MSRPC stuff for
> awhile (aside from bugfixes). I'm sure there are plenty of other
> things to do, but this is what I wrote down:
>
> o Look into writing a new interface to the SMB/MSRPC libraries that
> would be based on information type, rather than actual remote
> functions. Things like get_users(), get_shares(), etc. I've already
> started this a little at the bottom of smb.lua and msrpc.lua, but I'd
> move it to its own thing. 

As for this one, I like the dual interface that Patrik Karlsson has been
using in his libraries. There are low-level functions that map closely
to the protocol, and a higher-level Helper class that does the things
you actually want to do. For example, in the afp library
(http://nmap.org/nsedoc/lib/afp), the low-level calls are used like
this:

        self.proto = afp.Proto:new( { socket=self.socket} )
        response = self.proto:dsi_open_session(self.socket)
        if response:getErrorCode() ~= ERROR.FPNoErr then
                self.socket:close()
                return false, response:getErrorMessage()
        end

And the Helper calls are used like this:

        helper = afp.Helper:new()
        status, response = helper:OpenSession( host, port )
        status, response = helper:Login()
        status, response = helper:Logout()
        status, response = helper:CloseSession()

This is good for a guy like me, who was no idea what the "dsi" in
dsi_open_session might stand for.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/