Nmap Development mailing list archives
Re: [NSE][patch] Load script-args from a file
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 21 Sep 2011 11:01:18 -0500
On 06/18/2011 04:42 PM, Fyodor wrote:
On Wed, Jun 15, 2011 at 10:12:02PM -0500, Daniel Miller wrote:Here's a patch to let users specify a file from which to load script-args. Example: $ cat ~/.nmap/myargs smbdomain=WORKGROUP, smbpassword=MyPa$$, $ nmap --script smb-* --script-args file=myargs target.example.com Simply put, it checks for a script-arg of "file", parses the contents of the file the same way we currently parse the argument to --script-args, combines it with any arguments on the command line, then goes about business as usual. Any arguments on the command line supersede ones in the file. The file can be an absolute path, or a path relative to Nmap's usual search path (NMAPDIR, etc.)Thanks Dan. That does sound like it might be useful. It would be interesting to hear other people's take on this (e.g. who here is likely to use this)? From a UI perspective, I think it would be better to add a separate Nmap option (e.g. --script-args-file) rather than to make the "file" script argument name be magic. That would be consistent with the way we offer both --exclude and --excludefile rather than providing a syntax to --exclude that causes it to load a file. Cheers, Fyodor
List,Dredging up an old thread, I've modified the patch to use the --script-args-file syntax. It will take either an absolute file path, or a path relative to Nmap's search path (~/.nmap/:$NMAP_DIR:/usr/whatever/nmap/), and load arguments out of that file just as they would be specified on the command line. The only difference is that arguments may be separated with newlines, not just commas. The example in my initial email now looks like this:
$ cat ~/.nmap/myargs smbdomain=WORKGROUP smbpassword=MyPa$$ $ nmap --script smb-* --script-args-file myargs target.example.com
DanP.S. Some of the options are listed twice, once with hyphens, and again with underscores. I thought I understood this was to be more flexible in what was allowed, but I noticed the options parsing often only compares with the hyphenated version. Should we strip some of these out, or does it really not matter?
Attachment:
argsfile.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE][patch] Load script-args from a file Daniel Miller (Sep 21)