Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Updating scripts

From: Ron <ron () skullsecurity net>
Date: Wed, 18 Aug 2010 23:39:41 -0500
Hi Martin,

I love the idea, and it's something I've been pushing for for awhile. The biggest issue I see is that certain scripts 
require certain minimum levels of Nmap to run, and the interface between scripts and Nmap is still fairly fluid version 
to version. For example, we just added pre- and postrule functions. 

For this to work, scripts would have to include the minimum level of Nmap that they require to run. And maybe if a 
certain number of scripts are disabled due to version issues, it could print a warning that Nmap needs to be updated?

Ron

On Wed, 18 Aug 2010 19:07:26 +0200 Martin Holst Swende
<martin () swende se> wrote:

Hi list,

Thought I would just throw an idea here and see if it sticks...

A feature that would be neat would be to update the nse scripts
without updating nmap. Why nse in partucular?
- It is interpreted, no need to recompile and reinstall nmap after
update
- it is updated frequently, e.g when vulnerabilitied are released and
scripts detecting them are released

Also, a nice addition to this feature would be to update from another
location, e.g from Patriks nse- repo where he may have some new
scripts he wants some help testing.

All of this could be easily accomplished if the nse-parts are moved
into a distributed moderns rcs, such as git, hg or bazaar. I myself
am mostly familiar with hg, but I think they all could be used for
this purpose. 

There are other benefits aswell, but these above would greatly
benefit the nmap user base and not just the developers. For
developers, it would make it easier to track changes, submit
(publish) new scripts or changes, develop in branches and reduce the
load for the person reviewing modified scripts. 

Just my 5 cents. 

Regards,
Martin
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86

Attachment: _bin
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: