Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Bug in stdnse.get_script_args

From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 20 Feb 2011 17:07:54 +0100

On Feb 19, 2011, at 23:18 , Patrick Donnelly wrote:


On Sat, Feb 19, 2011 at 6:46 AM, Patrik Karlsson <patrik () cqure net> wrote:

Sorry, I missed that. The following example produces the error:
nmap -p 1433 127.0.0.1 --script ms-sql-info --script-args mssql.username='sa',mssql.password=''

When looking into it now, I noticed the same occurs when the argument is fetched from the registry:
nmap -p 445 127.0.0.1 --script smb-enum-shares --script-args smbuser='guest',smbpass=''

Leaving the quotes out when using an empty string or a string containing only spaces produces the same error.
Am I missing something truly obvious here?


Empty quoted strings should be fine in script arguments. I believe
this is a shell issue. Your quotes are interpreted by the shell, you
must escape them somehow. For me, when using bash I like to surround
the entire --script-args argument in single quotes (so nothing is
interpreted) and use double quotes for quoting strings. For example:

--script-args 'smbuser="guest",smbpass=""'

^ that should work.

For Windows shell I think single quotes are interpreted literally so
you need double quotes surrounding instead. See also [1].

[1] http://seclists.org/nmap-dev/2009/q2/394

-- 
- Patrick Donnelly
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



Thanks for clearing that up Patrick!
Quoting the whole argument seems to work just fine.

//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: