[NSE] resolveall prerule, nmap.resolve(), nmap.address_family()

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey everyone,

On 08/06/2010 12:18 PM, Djalal Harouni wrote:
> Hi list,
>
> I've merged the Script Pre-scanning and Post-scanning phases to Nmap
> trunk. I hope that we'll see lot of scripts that make use of them.

I've attached a patch and new prerule script for adding new targets to Nmap
(target adding functionality is still not in trunk yet, but here's this anyway
like my snmp-interfaces changes).  The script is called resolveall and just
takes a host as it's only argument, resolveall.host.

Several months ago there was discussion on Nmap scanning all addresses for a
given host name, which is a very bad idea for default behavior.  As far as I
know, nothing else came of this (no options, etc), so I decided to write this.

I've also added general functions to the nmap library: resolve(host,af) takes
a name and optional address family ("inet", etc) and returns a table with all
of the addresses; address_family() returns Nmap's o.af() value as "inet" or
"inet6" like resolve() expects.  If resolve() is not given an address family
then it doesn't care and returns all addresses.

Other scripts could find these useful since (for example) it can't determine
the address family any other way (at least not prerule scripts; portrule
scripts could look in the host table to deduce this).  But right now they just
make resolveall quite simple while still looking ahead.

To test, use Djalal's nmap-add-targets branch (until it gets merged to trunk)
with the attached patch and run resolveall with args "newtargets" and
"resolveall.host" set to a host with multiple (or single, really) addresses,
like google.com.   www.kame.net gives IPv4 and IPv6 addresses.

Again, only one additional target gets scanned for now right but Djalal is on
this.

The patch is against the exp branch but applies cleanly to trunk as well.  It
doesn't contain any doc updates.

Cheers,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJMYksyAAoJEEQxgFs5kUfuqOgP/0Jf+x5QWVYSrYa4FNbp2Gso
PbRwVkvBj6ISz4+j9qvwpwfAjTp0hM4PnlyiJMnAH7NTEPVBxdJN0i+hjKxRF2Dr
o3uBbMAL3GW3ROBEdXEji0751fZk6s8VT3ZGqE/ypZr6nkPuLxZO1XmHLQKg3Itb
IF1c+veNuaaNFa1LFRfhDNtV6iypdqtYQ9JTtH1HFDy2wfEWQJo+tdA7YkQF3j8p
c8YEdSxJhaeWUoJaYvIXp1bpHYumhJ0hb8VUdiIi+Efqmlhxrr6TbcUPQMc2twEs
DC3GQ8hX7p9A7SyJMnuHF7o9xAEoxuyt9/0y5HnV3EoJkg8JHtHUUMqCUSc0UwN3
NW5W39d1vYDe+ng0jXCMLrzRpVubX/ZKbxiyiKgd3CsLYr8jpD1wbIrb+8iNGkGF
L0ajGiO9AI9MSqsMo2WwCHFa8rnWOnvqMnon+3eY444RPg/E7o0fz/ujI8uuKeRn
l1bEQEsTU30PDNTV3fFy1i+HgB9ou56JaTHlcDpzjK1BN5GTFIPrPrUrdt91odHm
kyAN4tsJ8MUHcC2P6kUdjidfA6BgMP17beqryTZnuJTGCM1V09VqNDour3T1o+vj
WO5I+xJUVrLjsfyVMywuPYJwy82HCpd6zf32HTzsx5fvzSxkkYG+d1vTxQDXoAo5
CgVlJblsJRTVwLb5Xcuq
=KlGj
-----END PGP SIGNATURE-----

Attachment: resaf.patch
Description:

Attachment: resolveall.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/