Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [nmap-svn] r29601 - nmap/scripts

From: David Fifield <david () bamsoftware com>
Date: Sat, 8 Sep 2012 10:12:10 -0700
On Thu, Aug 16, 2012 at 05:18:43AM -0700, David Fifield wrote:

On Wed, Aug 15, 2012 at 08:00:00PM -0700, commit-mailer () insecure org wrote:

Author: dmiller
Date: Wed Aug 15 20:00:00 2012
New Revision: 29601

Log:
Add @xmloutput nsedoc to ssh-hostkey, smb-os-discovery

Modified: nmap/scripts/smb-os-discovery.nse
==============================================================================
--- nmap/scripts/smb-os-discovery.nse       (original)
+++ nmap/scripts/smb-os-discovery.nse       Wed Aug 15 20:00:00 2012
@@ -56,7 +56,18 @@
 -- |   NetBIOS computer name: SQL2008
 -- |   NetBIOS domain name: LAB
 -- |_  System time: 2011-04-20 13:34:06 UTC-5
------------------------------------------------------------------------
+--
+--@xmloutput
+-- <script id="smb-os-discovery" output="...">
+--   <elem key="OS">Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R) 2008 Standard 
6.0)</elem>
+--   <elem key="Computer name">Sql2008</elem>
+--   <elem key="Domain name">lab.test.local</elem>
+--   <elem key="Forest name">test.local</elem>
+--   <elem key="FQDN">Sql2008.lab.test.local</elem>
+--   <elem key="NetBIOS computer name">SQL2008</elem>
+--   <elem key="NetBIOS domain name">LAB</elem>
+--   <elem key="System time">2011-04-20 13:34:06 UTC-5</elem>
+-- </script>


Thank you, Dan, for starting to update scripts.

What do people think about the XML output shown above. At first glance,
I don't like the key names, but perhaps I'm overreacting over this
issue. My impulse would be to do something like this:

<elem key="os">Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R) 2008 Standard 6.0)</elem>
<elem key="name">Sql2008</elem>
<elem key="domain">lab.test.local</elem>
<elem key="forest">test.local</elem>
<elem key="fqdn">Sql2008.lab.test.local</elem>
<elem key="netbios-name">SQL2008</elem>
<elem key="netbios-domain">LAB</elem>
<elem key="date">2011-04-20 13:34:06 UTC-5</elem>


This was bothering me so I made a change to the structured output. It
now looks like this:

<elem key="os">Windows Server (R) 2008 Standard 6001 Service Pack 1</elem>
<elem key="lanmanager">Windows Server (R) 2008 Standard 6.0</elem>
<elem key="domain">LAB</elem>
<elem key="server">SQL2008</elem>
<elem key="date">2011-04-20T13:34:06-05:00</elem>
<elem key="fqdn">Sql2008.lab.test.local</elem>
<elem key="domain_dns">lab.test.local</elem>
<elem key="forest_dns">test.local</elem>

The output is mostly the same table that is returned by smb.get_os,
which was already close to what we want. I also followed these
principles:
* Structured output should be broken down as much as is reasonable.
  smb.get_os returns separate "os" and "lanmanager" keys. The script was
  combining these as string.format("%s (%s)", os, lanmanager), which is
  fine for screen output, but they should be separate fields in
  structured output.
* Keys should be lowercase and look like identifiers.
* Less redundancy. The "Computer name" field is actually derived from
  "FQDN", so I didn't keep it as a separate element in structured
  output.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: