Nmap Development mailing list archives
Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family()
From: Patrik Karlsson <patrik () cqure net>
Date: Thu, 12 Aug 2010 18:48:18 +0200
Hi all, Here's a (very quick) attempt on writing a script that uses both the prerule and postrule. The prerule is used to store a custom "session name" into the Nmap registry. The postrule reads the "session name" and posts a tweet once the scan has finished. The tweet is sent as a public status update using the user and password supplied as script argument. The script leaves a lot to wish for and is ment as an example rather than something ready for use. Regards, //Patrik
Attachment:
session-name.nse
Description:
On 12 aug 2010, at 05.42, Djalal Harouni wrote:
On 2010-08-11 02:03:14 -0500, Kris Katterjohn wrote:I've attached a patch and new prerule script for adding new targets to Nmap (target adding functionality is still not in trunk yet, but here's this anyway like my snmp-interfaces changes). The script is called resolveall and just takes a host as it's only argument, resolveall.host. Several months ago there was discussion on Nmap scanning all addresses for a given host name, which is a very bad idea for default behavior. As far as I know, nothing else came of this (no options, etc), so I decided to write this. I've also added general functions to the nmap library: resolve(host,af) takes a name and optional address family ("inet", etc) and returns a table with all of the addresses; address_family() returns Nmap's o.af() value as "inet" or "inet6" like resolve() expects. If resolve() is not given an address family then it doesn't care and returns all addresses. Other scripts could find these useful since (for example) it can't determine the address family any other way (at least not prerule scripts; portrule scripts could look in the host table to deduce this). But right now they just make resolveall quite simple while still looking ahead. To test, use Djalal's nmap-add-targets branch (until it gets merged to trunk) with the attached patch and run resolveall with args "newtargets" and "resolveall.host" set to a host with multiple (or single, really) addresses, like google.com. www.kame.net gives IPv4 and IPv6 addresses. Again, only one additional target gets scanned for now right but Djalal is on this.Hi Kris, I've fixed the bug, so you can go ahead and update your code to add all the new targets (IPs or Hostnames), I've also done some changes on the target.lua library, it's documented. For any one hwo wants to play with this you checkout: svn co --user=guest --password="" \ svn://svn.insecure.org/nmap-exp/djalal/nmap-add-targets The feature will let prerule, portrule and hostrule scripts to add targets to Nmap. Targets are IPs or hostnames and even Networks with cidr notation or other target specification supported by Nmap, but perhaps this will change and we should include some network filtering features and allow only IPs and Hostnames, what do you think ? Adding networks will make it difficult to filter and if we parse the net block then it would consume lot of memory ... Excluded targets and max hosts per group features are honored, and you can count on them, so if you specify an excluded target with --exclude nmap.org ,then even if a script will add it, it will not be scanned. The same thing for min-hostgroup/max-hostgroup. I'll try to do more tests, thx. -- tixxdz _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
-- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Script Pre-scanning and Post-scanning example, (continued)
- Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Aug 10)
- Re: [NSE] Script Pre-scanning and Post-scanning example Patrick Donnelly (Aug 10)
- Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Aug 10)
- Re: [NSE] Script Pre-scanning and Post-scanning example Djalal Harouni (Aug 11)
- Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Aug 11)
- Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Sep 09)
- Re: [NSE] Script Pre-scanning and Post-scanning example David Fifield (Sep 27)
- Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Sep 27)
- Re: [NSE] Script Pre-scanning and Post-scanning example Patrick Donnelly (Aug 10)
- Re: [NSE] Script Pre-scanning and Post-scanning example Kris Katterjohn (Aug 10)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Djalal Harouni (Aug 11)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Patrik Karlsson (Aug 12)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Patrick Donnelly (Aug 12)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Fyodor (Aug 15)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Patrik Karlsson (Aug 15)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Kris Katterjohn (Aug 26)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() David Fifield (Sep 27)
- Re: [NSE] resolveall prerule, nmap.resolve(), nmap.address_family() Kris Katterjohn (Sep 27)