Re: Adding new NSE discovered targets to Nmap

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/12/2010 09:06 AM, Djalal Harouni wrote:
> * If we took scanme.nmap.org as an example:
> scanme.nmap.org == 64.13.134.52
>     target.add("scanme.nmap.org","64.13.134.52")
> this code will add two new targets. Nmap will do the DNS lookup for us
> and will scan the same IP twice, so should we add NSE DNS lookup
> functions (Kris has already done some part of it, in his resolveall
> prerule script [1]) and do the DNS lookup in target.add() function ?
> Personally I prefer to allow only IPs targets for the moment and when we
> have a better target filtering engine that checks for already processed
> IPv4/IPv6 in TargetGroup::parse_expr() and nexthost() functions, then we
> should allow hostnames and different network specifications that are
> supported by Nmap, and we could even use a vector to store the new added
> targets instead of a tree so it will be easy to read and remove the
> targets from the new_targets_cache vector.
> Any new NSE valid IP checking should go in the ipOps.lua library.
>
> To sum it up: I'm for allowing only new IPs for the moment and make
> adding new hostnames and networks targets future features, what do you
> think ?

I think some DNS resolving functionality (like my nmap.resolve() patch which
gives all addresses) should be present for scripts (prerule or not).  This
gives scripts control over what address or addresses are used.  If target name
adding is supported and a script just hands target.add() a name, then Nmap can
look it up and choose the first address.

So regardless of the current support for names in target.add(), I think script
should be given (at least optional) control.  However, unless I'm mistaken, if
names aren't supported, something like nmap.resolve() becomes necessary if
users pass names to prerule scripts which could get added as targets
(otherwise prerule target-adding scripts don't support names either, which
would suck).

Even though scripts could resolve names with nmap.resolve() and pass the
address(es) to Nmap, I think adding target names should be supported unless
there's quite a good reason not to.  Making every script resolve names
themselves doesn't seem right, especially if the script doesn't care and would
behave as Nmap does anyway by just picking one.  Using nmap.resolve() is easy,
but I'm not sure if it's worth using in scripts which don't actually require
it or care in place of target.add() supporting names.

Cheers,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJMZITlAAoJEEQxgFs5kUfukYkP/3LVsVLCDlse4ihtEXTSHCpV
IMK/YS1D4OQbCqFY6nJRMdAZm7KJDYhXvAh/pGPryFbjXeIzbNPMajkk7zgsTwjR
5g3QwYJ6nuFWSfwiPJcZ9NGiFPIYiQ1jc2YxH4Z82ZDoLPqHze9cx0Mh95mSqYFy
Xkfc0di3kZw9RaiskvJqbQWXLzQrmuMx/AAhSjZ/Zfpy/9N+cSkc1cFYtTXgjArr
mc2BQ/9wlchv4joRBhcU0I320BI52CMl0K80L2VYSNXD4lyD0qGTEux2Z/UgI+Q+
f2aQJzCl9lcitRg2eI1/KR1TFpBm9sWyfmsFnKKd7KeerP/qU63WiAEmGVTVdt1B
bRoEAZbcVcnYiucMs+sF/WSMOxpP1x9GLvmFeurRBCDVmRQSseVAVQrs6IvAcM0j
gt07j85aCbc8sKlZn9kvnh5qBc7pC5pw/uXEwZ+isxtH+qQDM5iZDxhiunKj3jg/
WWNXuznmuwANHKrZFXceEpJn4hyqClnKohsXOnDVegN5voHVCXtycCTKRSbdZLnM
nwvnTKM/cBmkilqIT8fXuKAuas+oQG2wk7hOXYYV2HMduS2bK4UBjiCP/Qs0WbTd
LZjljOa97dXnxD/U4sRzhKEJ5gmZ6AWhwNN0hZUtqK6c0crKLqAuupJ5IXLOdpkT
YIVQ9fg20z8djX1pjE1H
=CI3r
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/