Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Privilege checks in broadcast-* scripts

From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 13 Jan 2012 14:48:25 +0100
On Fri, Jan 13, 2012 at 2:34 PM, Henri Doreau <henri.doreau () greenbone net>wrote:


Hello,

I've had trouble with broadcast-listener.nse, that doesn't check for
privileges before attempting to open pcap readers, leading to verbose
errors.
I have patched the script to add a nmap.is_privileged() check (as done
by other scripts) in the prerule. I've also modified
broadcast-pppoe-discover.nse and broadcast-dhcp-discover.nse for
consistency sake.

For the two last scripts, I haven't removed the checks which are
performed in the action code. Should I? or should I add such a
redundant check to broadcast-listener.nse instead?

Regards.

--
Henri



Good catch Henri. But is the rootfail check really necessary? According to
my understanding and nsedoc the prerule scripts only run once: "prerule
scripts run once, before any hosts are scanned, during the script
pre-scanning phase."

In regards to the checks in the action code, I initially thought we could
remove them. Then I remembered the force patch that we introduced recently
and realized that we probably need them in the action method too.

Cheers,
Patrik
-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: