Nmap Development mailing list archives
Re: [NSE] New script reverse-index
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 29 Nov 2011 01:50:57 +0100
On Mon, Nov 28, 2011 at 12:13 AM, David Fifield <david () bamsoftware com>wrote:
On Thu, Nov 24, 2011 at 12:46:48AM +0100, Patrik Karlsson wrote:On Wed, Nov 23, 2011 at 11:35 PM, Patrik Karlsson <patrik () cqure net>wrote:On Wed, Nov 23, 2011 at 5:19 PM, Patrik Karlsson <patrik () cqure net>wrote:On Wed, Nov 23, 2011 at 1:36 AM, David Fifield <david () bamsoftware comwrote:On Tue, Nov 22, 2011 at 09:17:31PM +0100, Patrik Karlsson wrote:Hi, Here's an attempt on creating the reverse-index script which is inthehigh-priority list of the secwiki. The script runs both as a hostrule, collecting port information foreachhost and storing it in the registry, and as a portrule building theoutputbased on the collected port data.-- | tcp -- | 22: 192.168.0.60 -- | 23: 192.168.0.100 -- | udp -- |_ 5353: 192.168.0.102, 192.168.0.1, 192.168.0.60I would prefer output like this:-- | tcp/22: 192.168.0.60 -- | tcp/23: 192.168.0.100 -- | udp/5353: 192.168.0.102, 192.168.0.1, 192.168.0.60I wasn't sure how and if it's possible to create it as a postruleonlyscript as the secwiki documentation suggests.No, I don't think so. You found a nice solution.Anyway, please let me know if it turned out as expected andwhether itshould go into any other categories than safe, so that it can becommitted. Looks good. Great job! David FifieldWhile trying to address this I noticed something weird. If I do the following: repeat port = nmap.get_ports(host, port, "tcp", "closed") until(not(port)) I get ALL ports regardless of their protocol or state. Is this really intended behavior. According to my interpretation of the documentation I should only get closed tcp ports, right? Any ideas on what I need to do to fix this?I'm hoping this patch solves the problem and returns the correct ports matching both protocol and state. Could someone take a look at it and see if it looks correct before I commit it?Here's a revised version of the script with the changes to formatting. It needs the previous patch to nse_nmaplib.cc to return the properresults. I got the output backwards--it should be 22/tcp not tcp/22. Other than that you're good to go. David Fifield
I just committed the reverse-index script as r27261 with the above changes. Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New script reverse-index Patrik Karlsson (Nov 22)
- Re: [NSE] New script reverse-index Patrick Donnelly (Nov 22)
- Re: [NSE] New script reverse-index David Fifield (Nov 22)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index David Fifield (Nov 27)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 28)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 23)
- Re: [NSE] New script reverse-index David Fifield (Nov 27)
- Re: [NSE] New script reverse-index Patrik Karlsson (Nov 28)