Re: New functions to target.lua library (NSE Leftovers - Part 1)

[Brendan Byrd <sineswiper () gmail com>]

On Thu, Sep 6, 2012 at 4:44 PM, David Fifield <david () bamsoftware com> wrote:
> This patch seems overly complex for what it does. I wasn't able to
> understand it after spending a few minutes. It seems to be managing a
> structure of IP ranges, then testing new specifications to see if they
> overlap?

Most of the code revolves around unwrapping and re-wrapping the
strings to use CIDR and IPv4/6, to keep it in a common language.
There is also IP block merging code to make sure that larger subnets
will swallow smaller ones, or adjacent subnets that should be merged.

> Are there scripts that are currently causing a problem with adding the
> same target more than once? I admit that we currently have a bug, but I
> think we can live with it unless there is a very simple solution. I'm
> guessing that it's hardly ever a problem in practice.

Some of this spawned from a new SNMP-based script to actively look for
IP address ranges from routing tables.   It would start from a single
router, look at its routing/interface/ARP tables, add in the new
targets, and repeat on the other devices.  This would spider out,
using the exclusion list as boundary points.

The IP merging would be critical here, since routing tables tend to
collect duplicate subnets in different forms.

(I should have the script in that mega patch from last year, but I
haven't split it out yet.  I was waiting on some responses to some of
these first.)

> I think writing this functionality in C is a bad idea.

Then we should have a Lua interface to the existing targets and
exclusion lists.  That would solve the problem with duplicates between
the C-accessible-only CLI targets and the new targets added from Lua.

-- 
Brendan Byrd/SineSwiper <SineSwiper () GMail com>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/