Re: [NSE] More shortport.port_or_service problems

[David Fifield <david () bamsoftware com>]

On Thu, Feb 03, 2011 at 12:09:35PM +0100, Jost Krieger wrote:
> [This is my first post, so please bear with me.]
>
> It seems there are more scripts mistaking functions for their calls:
>
> 1.
> dns-zone-transfer.nse runs against all ports, which I noticed because I
> found a working "chargen" port and nmap didn't come back.
>
> This patch seems to fix it:
>
> --- scripts/dns-zone-transfer.nse       2011-01-31 11:44:26.000000000 +0100
> +++ /usr/local/share/nmap/scripts//dns-zone-transfer.nse        2011-02-03 11:42:04.000000000 +0100
> @@ -112,7 +112,7 @@
>  end
>  
>  portrule = function(host, port)
> -  if shortport.portnumber(53, 'tcp') then
> +  if shortport.portnumber(53, 'tcp')(host, port) then
>      dns_opts.domain, dns_opts.addall = stdnse.get_script_args(
>        {"dns-zone-transfer.domain", "dnszonetransfer.domain"},
>        {"dns-zone-transfer.addall","dnszonetransfer.addall"}
>
>
> 2.
> ftp-proftpd-backdoor.nse sems to have a similar problem, which probably
> will never show up, because there are some tests before.
>
> Here's an untested patch:
>
> --- scripts/ftp-proftpd-backdoor.nse    2011-01-31 11:44:26.000000000 +0100
> +++ /usr/local/share/nmap/scripts//ftp-proftpd-backdoor.nse     2011-02-03 12:05:38.000000000 +0100
> @@ -43,7 +43,7 @@
>                 return false
>         end
>  
> -       return shortport.port_or_service(21, "ftp")
> +       return shortport.port_or_service(21, "ftp")(host, port)
>  end
>  
>  action = function(host, port)

Nice work, Jost. I've applied your patches.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/