Nmap Development mailing list archives
Quoting/escaping of command line in XML
From: David Fifield <david () bamsoftware com>
Date: Thu, 11 Nov 2010 08:47:02 -0800
XML output has an nmaprun@args attribute that is meant to allow you to recover the command line: $ ./nmap -sn -oX - --no-stylesheet <?xml version="1.0"?> <!-- Nmap 5.35DC18 scan initiated Thu Nov 11 08:30:57 2010 as: ./nmap -sn -oX - --no-stylesheet --> <nmaprun scanner="nmap" args="./nmap -sn -oX - --no-stylesheet"> It has a problem, which is that it loses information when any of the arguments contains a space: $ ./nmap -sn -oX - --no-stylesheet --script-args 'msg=one two' <?xml version="1.0"?> <!-- Nmap 5.35DC18 scan initiated Thu Nov 11 08:33:50 2010 as: ./nmap -sn -oX - --no-stylesheet --script-args msg=one two --> <nmaprun scanner="nmap" args="./nmap -sn -oX - --no-stylesheet --script-args msg=one two" NSE sees the proper argument msg="one two", but if you try to recover the command line, it looks like an argument msg="one" running against the target "two". Fyodor also noticed this: C:\> "C:\Program Files (x86)\Nmap\nmap.exe" -sn -oX - --no-stylesheet <?xml version="1.0"?> <!-- Nmap 5.35DC18 scan initiated Thu Nov 11 08:36:13 2010 as: C:\Program Files (x86)\Nmap\nmap.exe -sn -oX - --> <nmaprun scanner="nmap" args="C:\Program Files (x86)\Nmap\nmap.exe -sn -oX -"> Here it looks like "C:\Program" is the executable name and "Files" and "(x86)\Nmap\nmap.exe" are targets. I attach a patch that quotes spaces in this string. It also escapes '"' and '\' because of the added quoting. This is only to enable the recovery of the arguments array (i.e., what you would pass to execv). It doesn't look for shell metacharacters or anything like that, so you can't just copy and paste from the XML to your shell. (Although this patch makes copying easier than it was before.) I'm writing to ask for comments and to alert anyone using this part of XML output. The above examples become: $ ./nmap -sn -oX - --no-stylesheet --script-args 'msg=one two' <?xml version="1.0"?> <!-- Nmap 5.35DC18 scan initiated Thu Nov 11 08:45:16 2010 as: ./nmap -sn -oX - --no-stylesheet --script-args "msg=one two" --> <nmaprun scanner="nmap" args="./nmap -sn -oX - --no-stylesheet --script-args "msg=one two""> C:\> "C:\Program Files (x86)\Nmap\nmap.exe" -sn -oX - --no-stylesheet <?xml version="1.0"?> <!-- Nmap 5.35DC18 scan initiated Thu Nov 11 08:36:13 2010 as: "C:\\Program Files (x86)\\Nmap\\nmap.exe" -sn -oX - --> <nmaprun scanner="nmap" args=""C:\\Program Files (x86)\\Nmap\\nmap.exe" -sn -oX -"> David Fifield
Attachment:
xml-escape.diff
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Quoting/escaping of command line in XML David Fifield (Nov 11)
- Re: Quoting/escaping of command line in XML David Fifield (Nov 13)