Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] New class of scripts -- New Rule proposal

From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 06 Jul 2010 14:53:06 -0500
On 07/05/2010 08:30 PM, Fyodor wrote:

On Tue, Jun 29, 2010 at 10:13:41PM -0500, DePriest, Jason R. wrote:

On Tue, Jun 29, 2010 at 12:14 AM, Fyodor<>  wrote:

Maybe all of this could be used to implement a feature I've wanted to
see for a long time: the ability to automatically portscan the IPs
that show up in the --traceroute to your original target.

Good point.  Our prerule scripts won't have the traceroute results
(they run before other Nmap scanning), and our postrule scripts won't
be able to add new targets to Nmap's run queue.  So this is a good
argument for allowing normal host and port rule scripts to add targets
to the run queue, and I believe our latest plan is to enable this.  So
your idea should work for a host rule script once we have this
functionality.  Djalal is working hard on it :).

Cheers,
-F
Whoever implements this MUST be sure to control recursion and duplication. If a regular port rule script can both add targets to the run queue AND be run against those added targets, things could quickly get out of hand. This is probably something that should be implemented in Nmap itself, and not left up to the script authors. 

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: