Nmap Development mailing list archives

Re: [nmap-svn] r29601 - nmap/scripts

From: David Fifield <david () bamsoftware com>
Date: Thu, 16 Aug 2012 05:18:43 -0700

On Wed, Aug 15, 2012 at 08:00:00PM -0700, commit-mailer () insecure org wrote:

Author: dmiller
Date: Wed Aug 15 20:00:00 2012
New Revision: 29601

Log:
Add @xmloutput nsedoc to ssh-hostkey, smb-os-discovery

Modified: nmap/scripts/smb-os-discovery.nse
==============================================================================
--- nmap/scripts/smb-os-discovery.nse (original)
+++ nmap/scripts/smb-os-discovery.nse Wed Aug 15 20:00:00 2012
@@ -56,7 +56,18 @@
 -- |   NetBIOS computer name: SQL2008
 -- |   NetBIOS domain name: LAB
 -- |_  System time: 2011-04-20 13:34:06 UTC-5
------------------------------------------------------------------------
+--
+--@xmloutput
+-- <script id="smb-os-discovery" output="...">
+--   <elem key="OS">Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R) 2008 Standard 
6.0)</elem>
+--   <elem key="Computer name">Sql2008</elem>
+--   <elem key="Domain name">lab.test.local</elem>
+--   <elem key="Forest name">test.local</elem>
+--   <elem key="FQDN">Sql2008.lab.test.local</elem>
+--   <elem key="NetBIOS computer name">SQL2008</elem>
+--   <elem key="NetBIOS domain name">LAB</elem>
+--   <elem key="System time">2011-04-20 13:34:06 UTC-5</elem>
+-- </script>


Thank you, Dan, for starting to update scripts.

What do people think about the XML output shown above. At first glance,
I don't like the key names, but perhaps I'm overreacting over this
issue. My impulse would be to do something like this:

<script id="smb-os-discovery" output="...">
  <elem key="os">Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R) 2008 Standard 6.0)</elem>
  <elem key="name">Sql2008</elem>
  <elem key="domain">lab.test.local</elem>
  <elem key="forest">test.local</elem>
  <elem key="fqdn">Sql2008.lab.test.local</elem>
  <elem key="netbios-name">SQL2008</elem>
  <elem key="netbios-domain">LAB</elem>
  <elem key="date">2011-04-20 13:34:06 UTC-5</elem>
</script>

The advantage of doing it the way it's been done is that the keys in the
XML match the output that's shown on screen. It's also easier to
implement that way. But keys with spaces and capitalization are more
annoying to deal with (someone writing a processing script needs to
type "NetBIOS" exactly.) It also doesn't separate data and presentation;
for instance if we were to localize the on-screen labels or fix a typo,
we wouldn't want the keys in the XML to change also.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: [nmap-svn] r29601 - nmap/scripts David Fifield (Aug 16)
- Re: [nmap-svn] r29601 - nmap/scripts David Fifield (Sep 08)