Nmap Development mailing list archives
Re: Bringing CPE to NSE
From: David Fifield <david () bamsoftware com>
Date: Sat, 22 Oct 2011 11:09:32 -0700
On Tue, Oct 18, 2011 at 11:16:16PM +0200, Henri Doreau wrote:
Hello, now that nmap is CPE-aware[1] it would be interesting to let NSE see (and eventually set) CPEs. I am thinking about the best API for that. I've experimented some things but I'm not entirely satisfied with the API and would like to discuss it here to gather comments and suggestions. My approach was to add a new "cpe" table to port.version, table that could contain three items: one slot per CPE type actually. - application (named "app") - operating system (named "os") - hardware (named "hw") Another option would be to directly add the CPEs as fields of port.version ("app_cpe", "os_cpe" and "hw_cpe" for instance). In both cases, the CPEs can be set/modified from within a script by calling set_port_version(), just like the other version detection fields.
I would prefer not to explicitly separate the different CPE parts. It may be desirable to have more than one app, for example. I suggest having a flat list to store CPEs (perhaps enforcing new duplicates). I guess it should just be a list of strings. We can provide auxiliary functions to parse a CPE URL into a table, and convert a table back into a string. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bringing CPE to NSE Henri Doreau (Oct 18)
- Re: Bringing CPE to NSE Djalal Harouni (Oct 22)
- Re: Bringing CPE to NSE David Fifield (Oct 22)
- Re: Bringing CPE to NSE Henri Doreau (Nov 07)