Nmap Development mailing list archives

Re: Date formats for structured output

From: David Fifield <david () bamsoftware com>
Date: Sat, 8 Sep 2012 09:19:25 -0700

On Thu, Aug 16, 2012 at 05:08:22AM -0700, David Fifield wrote:

On Thu, Aug 16, 2012 at 05:05:18AM -0700, David Fifield wrote:

On Wed, Aug 15, 2012 at 08:00:00PM -0700, commit-mailer () insecure org wrote:

Author: dmiller
Date: Wed Aug 15 20:00:00 2012
New Revision: 29601

Log:
Add @xmloutput nsedoc to ssh-hostkey, smb-os-discovery

Modified: nmap/scripts/smb-os-discovery.nse
==============================================================================
--- nmap/scripts/smb-os-discovery.nse     (original)
+++ nmap/scripts/smb-os-discovery.nse     Wed Aug 15 20:00:00 2012
@@ -56,7 +56,18 @@
 -- |   NetBIOS computer name: SQL2008
 -- |   NetBIOS domain name: LAB
 -- |_  System time: 2011-04-20 13:34:06 UTC-5
------------------------------------------------------------------------
+--
+--@xmloutput
+-- <script id="smb-os-discovery" output="...">
+--   <elem key="OS">Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R) 2008 Standard 
6.0)</elem>
+--   <elem key="Computer name">Sql2008</elem>
+--   <elem key="Domain name">lab.test.local</elem>
+--   <elem key="Forest name">test.local</elem>
+--   <elem key="FQDN">Sql2008.lab.test.local</elem>
+--   <elem key="NetBIOS computer name">SQL2008</elem>
+--   <elem key="NetBIOS domain name">LAB</elem>
+--   <elem key="System time">2011-04-20 13:34:06 UTC-5</elem>
+-- </script>


As for this part of the output,

+--   <elem key="System time">2011-04-20 13:34:06 UTC-5</elem>

I think there will be a lot of value if we use a common date format in
all scripts that use structured output. I have been using
os.date("%Y-%m-%dT%H:%M:%SZ") which looks like
    2012-08-16T05:03:30Z
This is ISO 8601. However, this supposes UTC, so we would have to
represent the "UTC-5" in the date above separately. Perhaps we should
settle on a date format that also includes a time zone?


Here is something:
https://www.cl.cam.ac.uk/~mgk25/iso-time.html#zone


I have just (r29731) made a new stdnse.format_timestamp function, which
formats dates and times according to RFC 3339, and can optionally
include a time zone. I modified existing scripts to use it.

stdnse.format_timestamp(os.time())           --> "2012-09-08T16:17:55"
stdnse.format_timestamp(os.time(), 0)        --> "2012-09-08T16:17:55+00:00"
stdnse.format_timestamp(os.time(), -7*60*60) --> "2012-09-08T09:17:55-07:00"

I started a new section on structured output conventions in
scripting.xml to document this convention and others that will arise in
the future.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Date formats for structured output David Fifield (Aug 16)
- Re: Date formats for structured output David Fifield (Aug 16)
  - Re: Date formats for structured output Daniel Miller (Aug 16)
    - Re: Date formats for structured output David Fifield (Aug 17)
  - Re: Date formats for structured output David Fifield (Sep 08)