Nmap Development mailing list archives
Re: status report #9 of 15
From: David Fifield <david () bamsoftware com>
Date: Mon, 28 Jun 2010 21:59:42 -0600
On Mon, Jun 28, 2010 at 10:41:09PM +0530, kirubakaran S wrote:
Accomplishments: ** Arguments can be entered values in interface itself. The user can also edit the argument values supplied later.
This looks very nice! I have found a couple of bugs though. The first is that script arguments are not revealed to be shared among scripts in the interface. If I select afp-brute, and enter a value for the userdb argument, it does not appear under userdb when I later select db2-brute. Script arguments are global and the interface should reflect that by updating an argument everywhere when it is changed in one place. The other bug is that the interface needs to be smart about quoting or escaping string values. I can enter this string as the value for userdb, for example: /home/david/userdb,test=nothing and the profile editor will construct the command line nmap --script db2-brute --script-args userdb=/home/david/userdb,test=nothing This makes it appear as though I have entered a script argument test=nothing. The command generated should instead be nmap --script db2-brute --script-args userdb="/home/david/userdb,test=nothing" This makes me realize that we haven't considered how to let the user set a script argument whose value is a table. We need to distinguish between the values {test} (a table) and "{test}" (a string). Do you have ideas on how to accomplish this? I don't want a solution that relies on guessing whether a value looks like a string or a table. We might have another GUI widget to select which interpretation is used, or we could force the user to quote their strings if necessary and only show an error when it would lead to an incorrect interpretation, as in the test=nothing example above. The documentation for script argument syntax is at http://nmap.org/book/nse-usage.html#nse-args. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- status report #9 of 15 kirubakaran S (Jun 28)
- Re: status report #9 of 15 David Fifield (Jun 28)
- <Possible follow-ups>
- Status report #9 of 15 ithilgore (Jun 28)
- Status Report #9 of 15 Dražen Popović (Jun 28)
- Status Report #9 of 15 alexandru (Jun 28)
- Status Report #9 of 15 Djalal Harouni (Jun 29)
- Status Report #9 of 15 Luis MartinGarcia. (Jun 29)