Nmap Development mailing list archives
Re: Privilege checks in broadcast-* scripts
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 13 Jan 2012 14:48:25 +0100
On Fri, Jan 13, 2012 at 2:34 PM, Henri Doreau <henri.doreau () greenbone net>wrote:
Hello, I've had trouble with broadcast-listener.nse, that doesn't check for privileges before attempting to open pcap readers, leading to verbose errors. I have patched the script to add a nmap.is_privileged() check (as done by other scripts) in the prerule. I've also modified broadcast-pppoe-discover.nse and broadcast-dhcp-discover.nse for consistency sake. For the two last scripts, I haven't removed the checks which are performed in the action code. Should I? or should I add such a redundant check to broadcast-listener.nse instead? Regards. -- Henri
Good catch Henri. But is the rootfail check really necessary? According to my understanding and nsedoc the prerule scripts only run once: "prerule scripts run once, before any hosts are scanned, during the script pre-scanning phase." In regards to the checks in the action code, I initially thought we could remove them. Then I remembered the force patch that we introduced recently and realized that we probably need them in the action method too. Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 13)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 13)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 14)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 14)
- Re: Privilege checks in broadcast-* scripts Kris Katterjohn (Jan 14)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 15)
- Re: Privilege checks in broadcast-* scripts Kris Katterjohn (Jan 15)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 15)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 13)