Nmap Development mailing list archives

Re: [NSE] Revision of telnet-brute

From: nnposter () users sourceforge net
Date: Sat, 20 Apr 2013 21:17:30 +0000

David Fifield wrote:

- Replaced hard-coded line termination \r\0 with a configurable
parameter (telnet-brute.eol) and set the default value to \r to avoid
falsely failed logins on some daemons. The parameter supports use of
C-like escape sequences, such as \r, \x0d, and \0015.


This part seems overengineered to me. My reading of RFC 854 says that
there are only two reasonable values for sending end-of-line: "\r\n" and
"\r\0". Ideally one of these always works better than the other and we
don't need to make it configurable. If it must be configurable, let it
be between these two choices. I don't want the unescape function to be
there.


Sequence \r\0 does not always work while it is the one used by the
linux telnet client. Sequence \r\n worked for me (and it is the one
used by the Windows client) but that observation is not worth much.
Single \r worked for me as well.

That is why the best approach might be to pick a sensible default
value but give the user the option to override it, instead of having
to clone the script and edit the hard-coded string inside, which is what
I had to do with the old one to make it work.

I honestly do not follow what you are proposing here. Some Boolean
script parameter "Use the other line termination"? Could you please
elaborate?

- Exposed the connection time-out value as a configurable parameter
(telnet-brute.timeout). It defaults to 5000ms.


Please use stdnse.parse_timespec for this.


I was not aware of this function. Thank you for pointing it out.

- Avoided overlapping connections to make the script work with daemons
that allow only one connection at a time.


What does this mean? I didn't think that the old script tried more than
one connection at a time.


The old script did not sufficiently make sure that the previous
connection was completely "retired" on both ends before initiating
a new one, which resulted in unfriendly RSTs from the server upon
reconnect.

Can you explain the print_debug function? Why not use stdnse.print_debug
directly?


The local function is just a wrapper around stdnse.print_debug to make
sure that the messages are consistently prefixed with the script name,
without having to repeat the same code over and over.


Cheers,
nnposter
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] Revision of telnet-brute nnposter (Apr 18)
- Re: [NSE] Revision of telnet-brute Aleksandar Nikolic (Apr 18)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 18)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 18)
  - Re: [NSE] Revision of telnet-brute Jesper Kückelhahn (Apr 18)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 18)
- Re: [NSE] Revision of telnet-brute David Fifield (Apr 20)
  - Re: [NSE] Revision of telnet-brute nnposter (Apr 20)
    - Re: [NSE] Revision of telnet-brute David Fifield (Apr 20)
    - Re: [NSE] Revision of telnet-brute nnposter (Apr 21)
    - Re: [NSE] Revision of telnet-brute David Fifield (Apr 25)