Nmap Development mailing list archives

Re: Upgrading NSE to Lua 5.3

From: Paulino Calderon Pale <paulino () calderonpale com>
Date: Sun, 8 Feb 2015 13:36:16 -0600

Hi Patrick,

I tested your branch and I’m having problems with some NSE scripts:

sh-3.2# ./nmap -sC scanme.nmap.org -d

Starting Nmap 6.47SVN ( http://nmap.org ) at 2015-02-08 13:28 CST
PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI: 
NSE: Failed to load /Users/cldrn/Code/patrick/nse-lua53/./scripts/http-ntlm-info.nse:
/Users/cldrn/Code/patrick/nse-lua53/./nselib/bin.lua:46: attempt to call a nil value (global 'tonumber')
stack traceback:
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/bin.lua:46: in function 
</Users/cldrn/Code/patrick/nse-lua53/./nselib/bin.lua:45>
        [C]: in function 'string.gsub'
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/bin.lua:124: in function 'bin.unpack'
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/base64.lua:139: in function 'base64.enc'
        ...ldrn/Code/patrick/nse-lua53/./scripts/http-ntlm-info.nse:58: in function 
<...ldrn/Code/patrick/nse-lua53/./scripts/http-ntlm-info.nse:1>
NSE: failed to initialize the script engine:
/Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:599: could not load script
stack traceback:
        [C]: in function 'error'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:599: in field 'new'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:775: in global 'Entry'
        /Users/cldrn/Code/patrick/nse-lua53/./scripts/script.db:192: in local 'db_closure'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:788: in local 'get_chosen_scripts'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:1249: in main chunk
        [C]: in ?

QUITTING!

If I remove the script, Nmap runs but there are still some issues with the default script category:

NSE: ssh-hostkey against scanme.nmap.org (74.207.244.221:22.0) threw an error!
/Users/cldrn/Code/patrick/nse-lua53/./nselib/bin.lua:125: attempt to index a nil value (global 'fmt')
stack traceback:
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/bin.lua:125: in function 'bin.unpack'
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/ssh1.lua:35: in function 'ssh1.check_packet_length'
        [C]: in method 'receive_buf'
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/ssh1.lua:53: in function 'ssh1.receive_ssh_packet'
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/ssh1.lua:78: in function 'ssh1.fetch_host_key'
        ...s/cldrn/Code/patrick/nse-lua53/./scripts/ssh-hostkey.nse:274: in function 
<...s/cldrn/Code/patrick/nse-lua53/./scripts/ssh-hostkey.nse:267>
        (...tail calls…)

I tried running other scripts that depend on the library “bin” and more issues came up:

sh-3.2# ./nmap -p443 --script ssl*  scanme.nmap.org -d

Starting Nmap 6.47SVN ( http://nmap.org ) at 2015-02-08 13:33 CST
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI: 
NSE: Failed to load /Users/cldrn/Code/patrick/nse-lua53/./scripts/ssl-ccs-injection.nse:
/Users/cldrn/Code/patrick/nse-lua53/./nselib/bit.lua:36: attempt to call a nil value (global 'select')
stack traceback:
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/bit.lua:36: in function 'bit.bor'
        /Users/cldrn/Code/patrick/nse-lua53/./nselib/vulns.lua:393: in main chunk
        [C]: in function 'require'
        ...n/Code/patrick/nse-lua53/./scripts/ssl-ccs-injection.nse:9: in function 
<...n/Code/patrick/nse-lua53/./scripts/ssl-ccs-injection.nse:1>
NSE: failed to initialize the script engine:
/Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:599: could not load script
stack traceback:
        [C]: in function 'error'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:599: in field 'new'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:775: in global 'Entry'
        /Users/cldrn/Code/patrick/nse-lua53/./scripts/script.db:441: in local 'db_closure'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:788: in local 'get_chosen_scripts'
        /Users/cldrn/Code/patrick/nse-lua53/./nse_main.lua:1249: in main chunk
        [C]: in ?

QUITTING!

I will keep looking into this, hopefully we just need to update a few scripts.

Cheers.

On Jan 24, 2015, at 8:47 PM, Patrick Donnelly <batrick () batbytes com> wrote:

Hi List,

I've just run through NSE upgrading it to Lua 5.3. The current branch is here:

https://svn.nmap.org/nmap-exp/patrick/nse-lua53@33937

Lua 5.3 has a number of attractive features including 64 bit integers,
native bitwise operators, builtin string.pack/string.unpack, a utf8
encoding library,

Here are two interesting changes in this branch for Lua 5.3:

o I have removed the old C compiled bit library (nse_bit.cc). It's
been replaced by a Lua library that wraps the new bitwise operators.
I've marked it as deprecated. So, existing scripts using the "bit"
library will continue to function.

o I've only marked the bin library as deprecated. There are some minor
differences between the old bin library and Lua's new
string.pack/unpack. A wrapper library may be difficult.

I don't consider the branch done yet, I will be looking over the code
in depth again to make sure I didn't miss anything.

I would appreciate any feedback (including: "it builds!").

-- 
Patrick Donnelly
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Upgrading NSE to Lua 5.3 Patrick Donnelly (Jan 24)
- Re: Upgrading NSE to Lua 5.3 devin bjelland (Jan 31)
- Re: Upgrading NSE to Lua 5.3 Paulino Calderon Pale (Feb 08)
  - Re: Upgrading NSE to Lua 5.3 Patrick Donnelly (Feb 09)
    - Re: Upgrading NSE to Lua 5.3 Paulino Calderon Pale (Feb 09)
    - Re: Upgrading NSE to Lua 5.3 Patrick Donnelly (Feb 09)