Nmap Development mailing list archives
Interacting with scan can break XML DTD validation
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 02 Sep 2011 16:19:06 -0500
Hey list,I found an issue that may not be worth pursuing, but here it is: When increasing verbosity in the middle of a scan, XML elements may be output without preceding ones (e.g. taskend without corresponding taskbegin), which causes the output to fail DTD validation. Steps to reproduce:
1. Start a scan with parallel DNS resolution and XML output: $ nmap -sL -oX out.xml 192.168.1.0/24 2. Between 1-2 seconds after initiating, press "v" to increase verbosity.3. Try to validate the output against DTD. Example output from python lxml validator: out.xml:4:0:ERROR:VALID:DTD_CONTENT_MODEL: Element nmaprun content does not follow the DTD, expecting (scaninfo* , verbose , debugging , ((taskbegin , taskprogress* , taskend) | prescript | postscript | host | output)* , runstats), got (verbose debugging taskend host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host runstats )
I'm not sure how to go about fixing this. It seems like something that is just not well supported by serially-output XML (along with the "verbose" level, which changes without being noted in the output).
As a side note, I also found and patched a problem with the DTD regarding service fingerprint confidence levels. Previously, these were enumerated as 0, 3, 5, and 10, but I found tcpwrapped services were given a value of 8. The comments in portlist.h say it could be any integer between 0 and 10, so that's what I changed the DTD to reflect.
Dan
Attachment:
dtd.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Interacting with scan can break XML DTD validation Daniel Miller (Sep 05)
- Re: Interacting with scan can break XML DTD validation David Fifield (Sep 05)
- Re: Interacting with scan can break XML DTD validation Daniel Miller (Sep 05)
- Re: Interacting with scan can break XML DTD validation David Fifield (Sep 05)
- Re: Interacting with scan can break XML DTD validation Daniel Miller (Sep 05)
- Re: Interacting with scan can break XML DTD validation David Fifield (Sep 05)