Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [BUG] Exclusions directive not honored by NSE version detection

From: Djalal Harouni <tixxdz () gmail com>
Date: Thu, 17 Jun 2010 19:21:50 +0100
On 2010-04-30 17:16:59 -0500, Tom Sellers wrote:

I have recently come across a bug involving port exclusions when
performing version
detection.   I plan to work on finding a fix for the issue this
weekend, but I thought I would go
ahead and send the info to the list now in the event that my work
was delayed or someone
had an idea of exactly where the issue lay.

Recent scanning shows that the Exclude directive in the
nmap-service-probes file is being
ignored by NSE version detection if more than one port is scanned on
a host.  The nmap
built in version detection skips the port, but NSE runs version
detection scripts against the
port anyway.


Hi Tom,

Attached is a patch against the latest nmap svn revision.

This patch introduce a new function port_is_excluded() in the shortport.lua
I've modified all the portrules of version category scripts, so this
needs testing before merging the patch.

Reasons for modifying portrules:
* I didn't want to modify the behaviour of portnumber() and service()
functions from the shortport.lua library.

* We must be sure that the excludedports list is initialized with the
correct data before executing/evaluating the portrule functions.

-- 
tixxdz

Attachment: nse-exclude.diff
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: