Nmap Development mailing list archives
Re: Nmap Attack Scripting Language (NASL)
From: David Warde-Farley <david.warde.farley () utoronto ca>
Date: Tue, 23 May 2006 02:54:45 -0400
On 23-May-06, at 2:36 AM, Paul Rigor wrote:
I say python. You can even wrap nmap and use it a module. Have python handle the application logic and scripting language parser adn have it invoke appropriate NMAP functionality. Python has great string processing facilities as well as an XML parser. It's also *very* portable, true OOP, good unit test, debugging might prove cumbersome though. Oh, also you can freeze python scripts/programs and have them run as executables (which of course rely on shared python libraries and an nmap shared lib, is there already such a thing). If you've ever used python, you will also definitely cut development.
Any of python, ruby, perl seem suited to the job. Hell, I think Scheme is really suited to the job but Fyodor does not ;) One thing to note: the way I read the doc it seems that we're looking at a scripting engine to be included in Nmap. This can be done with python, embedding an interpreter is pretty easy and there are good docs on it. However, one thing that makes me weary of python is that they aren't backwards compatible from version to version. Thus you'd probably have to "freeze" the python version you're using and piss off some people one way or the other depending on the degree you keep up with the current python release. However I think you've stumbled upon an interesting point, Paul. Why embed a scripting language in Nmap when you can embed Nmap in (possibly several) scripting languages? What I'm saying is, why not have the SoC'ers, maybe 2 or more of them, implement Python/Ruby/etc. bindings for the underlying libraries, or a C abstraction layer on top of them, with SWIG etc. the way Subversion does it? Then people can choose the scripting language they want to work with from a set of them that have bindings. Dave _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Nmap Attack Scripting Language (NASL) Fyodor (May 22)
- Re: Nmap Attack Scripting Language (NASL) doug (May 23)
- <Possible follow-ups>
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- RE: Nmap Attack Scripting Language (NASL) Brandon Enright (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- Re: Nmap Attack Scripting Language (NASL) Paul Rigor (May 22)
- Re: Nmap Attack Scripting Language (NASL) David Warde-Farley (May 22)
- Re: Nmap Attack Scripting Language (NASL) Paul Rigor (May 22)
- Re: Nmap Attack Scripting Language (NASL) Fyodor (May 23)
- Re: Nmap Attack Scripting Language (NASL) Paul Rigor (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 23)
- Re: Nmap Attack Scripting Language (NASL) Diman Todorov (May 23)