Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] robtex http reverse ip (Correction)

From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 22 Oct 2011 19:12:01 +0200
Hi riemann,

Thanks for a great contribution, I've made some small changes to your
script:
* converted the script to be run as a prerule script instead of a portrule
script
* added a minor sanity check of the supplied host argument to make sure
it's a valid ipv4 address
* updated the documentation a little bit

I've been using Robtex myself in the past and I think this script provides
some great value. However, as the script uses the same approach as
http-reverse-ip, ie. scraping information from a webpage I'm having some
considerations in regards to how to proceed. Mainly because scraping comes
with some drawbacks:
1. The Robtex TOS may not allow the page to be processed the way we're
doing
2. The risk of the webpage being changed in the future, breaking the
script is considerably higher than when using a dedicated API, which is
not available here AFAIK

In regards to the TOS I can't find anything on the website suggesting that
this should be a problem. In regards to scraping, there is a RSS
alternative, although I'm not sure whether it's less likely to change or
not.

I'm willing to commit and accept the risk of the script breaking in the
future, anyone feel differently?

//Patrik

 
Den 10/13/11 1:41 AM skrev riemann <riemann () opendz org>:


On 11/10/2011 15:32, Duarte Silva wrote:

Hi,


I would also like to purpose the changing of the output to something
more
in the lines of this:

PORT   STATE SERVICE
80/tcp open  http

| http-robtex-reverse-ip:
|   li86-221.members.linode.com
|_  scanme.nmap.org


i dont understand here, you meen http-robtex-reverse-ip without .nse


no, it's just that I think the number of domains in the output section
of the
NSEDoc to be a bit excessive.

I'm also suggesting to use the scanme.nmap.org host, since it makes
more sense
for someone trying to use this script to test it against it than any
other
host in the insecure.org/nmap.org domains.

Regards,
Duarte Silva

On Tuesday 11 October 2011 11:22:26 you wrote:

On 11/10/2011 12:40, Duarte Silva wrote:

Hi riemann,

at line 69 you have:

return "\n" .. stdnse.format_output(true, domains)

that will add an unnecessary line break in the output. The line should
be:

return stdnse.format_output(true, domains)


it's done


I would also like to purpose the changing of the output to something
more
in the lines of this:

PORT   STATE SERVICE
80/tcp open  http

| http-robtex-reverse-ip:
|   li86-221.members.linode.com
|
|_  scanme.nmap.org


i dont understand here, you meen http-robtex-reverse-ip without .nse


It's smaller and uses the scanme.nmap.org machine, which it's only
purpose in live is to be scanned :P

Regards,
Duarte Silva



Sorry for the late reply, i used a target that return lot of domains to
show the effectiveness of using robtex in this case.
Thx for your help Duarte,
Bests Regards,


On Monday 10 October 2011 14:45:42 riemann wrote:

On 10/10/2011 15:42, riemann wrote:

On 10/10/2011 11:42, Duarte Silva wrote:

Hi riemann,

I did some testing and it seems to work fine, I have a suggestion
though, make
use of the format_output [1] function instead of the strjoin. This
will make
sure that the NSE output is consistent.

[1] http://nmap.org/nsedoc/lib/stdnse.html#format_output

Regards,
Duarte Silva


Thx Duarte,
It's done.
Best Regards


Sorry, forget some debug value, this is the good one.
Best Regards


Best Regards


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Attachment: http-robtex-reverse-ip.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: