Re: Forcing scripts to run?

[Dražen Popović <drazen.popovic () fer hr>]

On Mon, 2010-07-12 at 11:26 -0500, Ron wrote:
> Hey all,
>
> I was helping somebody resolve an issue this morning, and realized there's a feature missing from NSE that maybe 
> ought to be there: forcing a script to run against a host and/or port in spite of its hostrule/portrule. 
>
> What happened was, he had a custom HTTP running on a non-standard port. Nmap -sV didn't recognize it as a HTTP server 
> (and shouldn't -- it wasn't a standard configuration), so http-headers.nse wouldn't run against it. The only way to 
> do it would be to change the service to run on a port that Nmap recognizes as HTTP or to hack the portrule to say "if 
> port == 1234 then return true end". Neither of those are great solutions. 
>
> Any ideas how it could work? I imagine this as similar to --version-all, except it would be running every script 
> against every host/port. 

Hi Ron,
correct me if I'm wrong but I think that OpenVAS has this feature
implemented using "Optimize tests". By disabling this "optimization" one
actually makes sure that every script will be run, regardless of the
previously (un)gathered results. For more details see
http://www.openvas.org/compendium/nasl-plugin-description.html

So that would be a cool feature to have and its motivation seems sound
as its already present in other security tools like OpenVAS and Nessus.
I don't see too many implementation issues considering that NSE engine
should execute every selected scripts regardless of the port/host/net
rule.

Regards,
Dražen.

-- 
Laboratory for Systems and Signals
Department of Electronic Systems and Information Processing
Faculty of Electrical Engineering and Computing
University of Zagreb
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/