Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] New Script Version scan phase for versionrule scripts

From: Djalal Harouni <tixxdz () gmail com>
Date: Sat, 11 Sep 2010 00:21:02 +0100
On 2010-08-21 21:20:06 +0100, Djalal Harouni wrote:

Hi,

A patch is attached to introduce a new rule 'versionrule' which will be
used by version category scripts. The patch is against nmap trunk.

A new patch that introduces the new Script Version scan phase
(NSE_VERSION_SCAN) before the Script scan phase (NSE_SCAN) is attached.

Scripts will run during this Script Version scan phase if they have a
versionrule and if the -sV option was given and if the pair
port/protocol are not in the exclude directive.

Note: running a script with --script=version will activate the portrule
rather than the versionrule.


But there is a *minor* issue, and I need more feedbacks on it:
* If we have a script which have multiple rules (portrule and
  versionrule), then this script can run *twice* for the same port, one
  for the versionrule and the other one for the portrule.

Perhaps we can filter loaded scripts in the threads table ? or leave it
as it is (do not filter).

Thx.

-- 
tixxdz

Attachment: nse-versionrule.patch
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: