Re: [NSE] Revision of telnet-brute

[David Fifield <david () bamsoftware com>]

On Thu, Apr 18, 2013 at 06:40:25PM +0000, nnposter () users sourceforge net wrote:
> In the past I did not have a lot of success with telnet-brute.nse so
> I have tried to rewrite it while preserving the outer appearance.

Thank you, these changes look good. I ahve some questions and requests.

> - Replaced hard-coded line termination \r\0 with a configurable
>   parameter (telnet-brute.eol) and set the default value to \r to avoid
>   falsely failed logins on some daemons. The parameter supports use of
>   C-like escape sequences, such as \r, \x0d, and \0015.

This part seems overengineered to me. My reading of RFC 854 says that
there are only two reasonable values for sending end-of-line: "\r\n" and
"\r\0". Ideally one of these always works better than the other and we
don't need to make it configurable. If it must be configurable, let it
be between these two choices. I don't want the unescape function to be
there.

> - Exposed the connection time-out value as a configurable parameter
>   (telnet-brute.timeout). It defaults to 5000ms.

Please use stdnse.parse_timespec for this.

> - Avoided overlapping connections to make the script work with daemons
>   that allow only one connection at a time.

What does this mean? I didn't think that the old script tried more than
one connection at a time.

Can you explain the print_debug function? Why not use stdnse.print_debug
directly?

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/