Re: [NSE] new scripts and libraries: http

[David Fifield <david () bamsoftware com>]

On Thu, Aug 19, 2010 at 10:54:40PM +0200, Patrik Karlsson wrote:
> On 13 aug 2010, at 06.48, David Fifield wrote:
>
> > Could the cached credentials in in nmap.registry.credentials.http be
> > indexed by the domain and realm? My idea is to introduce a more capable
> > default http.get function that is capable of following redirects and
> > using cached authentication automatically. If it knows the domain and
> > realm it can do this just like a web browser.
>
> I didn't change this because I wanted to check what your thoughts are on implementing a creds.lua library instead.
> Now all scripts are in charge of storing their credentials in the registry for other scripts to use.
> There is no standard way of doing so. Not even my own scripts use the same place or method.
>
> We could create a library that would basically have a function to store the credentials:
> function store_credentials( host, service, username, password, state, info )
>
> We could then have a few different functions to fetch credentials like e.g.
> get_credentials_for_service( host, service )
> get_credentials_for_host( host )
>
> In addition it would be very easy to write a postrule script that would print all found credentials at the end of a 
> scan sorted per host and service.

Yes, that's a great idea. I'm eager to see such a patch. On the
Metasploit blog I saw this post:
http://blog.metasploit.com/2010/08/redesigning-credential-cracking.html.
I think that is a good basis for design because they already have a
schema for what information they've found necessary to record.

> Btw, did you get to the bottom of the theading and mutex bug?

Not yet.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/