Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [nmap-svn] r27349 - in nmap: . nselib scripts

From: Patrik Karlsson <patrik () cqure net>
Date: Wed, 7 Dec 2011 00:47:04 +0100
On Wed, Dec 7, 2011 at 12:21 AM, Patrick Donnelly <batrick () batbytes com>wrote:


Some standard Lua idiom suggestions below for the httpspider.lua library:

On Tue, Dec 6, 2011 at 5:47 PM,  <commit-mailer () insecure org> wrote:

Added: nmap/nselib/httpspider.lua
[...]
+module(... or "httpspider", package.seeall)
+
+require 'http'
+
+local LIBRARY_NAME = "httpspider"


You can also use _PACKAGE which is set by module [1] instead of
LIBRARY_NAME. Also, the '... or "httpspider"' idiom is something silly
I encouraged a long time ago. In the future it will probably be a hard
coded value when we switch to Lua 5.2.  (Feel free to stop doing it.)



so, it would be module('httpspider', package.seeall) instead?
The _PACKAGE alternative doesn't seem to work, maybe I'm doing something
wrong.




[1] http://www.lua.org/manual/5.1/manual.html#pdf-module


+               for _, pattern in ipairs(patterns) do
+                       for l in self.html:gfind(pattern) do


gfind was renamed gmatch in Lua 5.1. (It still works with
compatibility flags set, as is often the case.)



oops, missed that, thanks.





+               -- pull links from the queue until we get a valid one
+               local url
+               repeat
+                       url = self.urlqueue:getNext()
+               until( not(url) or not(self.processed[tostring(url)]) )


url remains in scope in the until terminating expression. You can do
instead:


+               -- pull links from the queue until we get a valid one
+               repeat
+                       local url = self.urlqueue:getNext()
+               until( not(url) or not(self.processed[tostring(url)]) )




the url variable is used further down in the code, outside of the repeat
loop.
i'm guessing this won't work then?





Added: nmap/scripts/http-email-harvest.nse
[...]
+function action(host, port)
+       local EMAIL_PATTERN =

"[A-Za-z0-9%.%%%+%-]+@[A-Za-z0-9%.%%%+%-]+%.%w%w%w?%w?"

+
+       -- by default, we cap the script at a maximum depth of 3
+       local maxdepth          =

tonumber(stdnse.get_script_args("http-email-harvest.maxdepth")) or 3

+       -- by default, we cap the script at a maximum pagecount of 20
+       local maxpagecount      =

tonumber(stdnse.get_script_args("http-email-harvest.maxpagecount")) or 20

+
+       local url                       =

stdnse.get_script_args("http-email-harvest.url") or "/"

+       local withinhost        =

stdnse.get_script_args("http-email-harvest.withinhost")

+       local withindomain      =

stdnse.get_script_args("http-email-harvest.withindomain")

I see this done a lot in scripts. These constants/script arguments can
be pulled out of the action function. Script argument parsing is
always done before scripts are loaded.



I'll rip it out of the action function, thanks.





It's good to see this in the trunk now! Thanks Patrik and Paulino for
your work on this.



Thanks, appreciate your feedback!



--
- Patrick Donnelly
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



//Patrik

-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: