RE: [NSE] Script Submission: NTLM Information Disclosure (MS-SQL, SMTP, IMAP, POP3, Telnet, NNTP)

["NMap User1" <nmapuser1 () gmail com>]

Hi Dan,

I originally contemplated creating one large script to handle all the
various protocols.  However, the name of the script wouldn't align with the
traditional naming scheme ([protocol]-[name]).  Thus, it may confuse users
especially when searching for protocol specific scripts, or, trying to
enable all scripts for a defined protocol (e.g --script
http-*,telnet-*,etc.).

I'm more than happy to combine all protocols into one monolithic script if
needed.  I just need some guidance from the Nmap team what the preferred
method would be. 

Thoughts?

Regards,
Justin

----------------------------------------------------------------------------
-------------------------------------
From: Daniel Miller [mailto:bonsaiviking () gmail com] 
Sent: Wednesday, April 23, 2014 1:50 PM
To: NMap User1; dev () nmap org
Subject: Re: [NSE] Script Submission: NTLM Information Disclosure (MS-SQL,
SMTP, IMAP, POP3, Telnet, NNTP)

Justin,

These look really neat, and I'm sure we can integrate them somehow. Do you
think that it would be possible to combine them into one script that just
handles the pre-NTLM protocol handshaking depending on the service, then
does the NTLM information gathering on its own? Take a look at how sslcert
library (http://nmap.org/nsedoc/lib/sslcert.html) does things with the
SPECIALIZED_PREPARE_TLS and StartTLS tables, for instance. Just a thought
for now, since I haven't had time to take a closer look yet.

Dan

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/