Nmap Development mailing list archives
Re: [NSE] nmap.fetchfile and absolute paths
From: David Fifield <david () bamsoftware com>
Date: Tue, 11 Aug 2009 12:18:07 -0600
On Tue, Aug 11, 2009 at 01:43:10AM +0100, jah wrote:
nmap.fetchfile() as used in NSE doesn't handle absolute paths - did it ever? - would we like it to? There's nse_fetchfile_absolute() in nse_fs.cc which used to be called by fetchfile_absolute() in the now mostly defunct nse_main.cc, but is otherwise unused at the moment.
nse_fetchfile_absolute isn't completely unused--it's called by the cnse.fetchfile_absolute function used internally in nse_main.lua. I added the nse_fetchfile_absolute function (then called init_fetchfile_absolute) in r6471. It is only used to look up script filenames in the argument to --script. svn diff -c 6471 svn://svn.insecure.org/nmap/nse_init.cc@12481
NSE now calls l_fetchfile() in nse_nmaplib.cc which calls the main nmap_fetchfile() in nmap.cc and it looks to me like absolute filepaths handling may have disappeared with the change to using this function (I could be wrong). Any script which allows --script-args /path/to/some/resource (apache-userdir-enum.nse for instance) could make use of an nse nmap.fetchfile() that handles absolute paths, either directly or via datafiles.lua Vlatko noticed the same 'deficiency' in Ncrack and a similar patch (attached) could be used for the main nmap_fetchfile() in nmap.cc though this might be undesirable given that this function handles all of Nmap's datafiles fetching and is quite cautious about the way it does so. Should we reinstate the nse_fs.cc functions instead?
As far as I know, nmap.fetchfile never handled absolute paths, as nse_fetchfile_absolute was only used for looking up script filenames. However it seems reasonable that it should work that way. I would prefer changing nmap.fetchfile to use nse_fetchfile_absolute over universally changing nmap_fetchfile for all callers. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] nmap.fetchfile and absolute paths jah (Aug 10)
- Re: [NSE] nmap.fetchfile and absolute paths David Fifield (Aug 11)