Nmap Development mailing list archives
Re: Script force
From: Patrick Donnelly <batrick () batbytes com>
Date: Wed, 7 Dec 2011 03:40:48 -0500
On Wed, Dec 7, 2011 at 3:18 AM, Martin Holst Swende <martin () swende se> wrote:
Hi, On 12/04/2011 10:00 AM, Patrick Donnelly wrote:With that said, I have a suggestion. The '+' should be a prefix to a pattern. It should not be a prefix to a filename, category, or boolean expression. It should change the meaning of the entire expression: "any script chosen as a result of this expression is forced to run". So, you might have: --script '+not intrusive and not discovery'. This would mean, "forcibly run all scripts that are not in the intrusive and not in the discovery categories". [As an aside with respect to the implementation: note that most script filenames are usually matched and loaded via the Entry function. The code that runs after this comment "-- Now load any scripts listed by name rather than by category." loads files and directories that are not found in the script database (the script database is a series of calls to the Entry function). For example, that fallback code would load scripts specified by "my-scripts/foo.nse" or a directory "my-scripts". With that changed, I think the patch would be much nicer. However...I agree with your reasoning here, but perhaps I misread you a bit. I think the '+' should be a prefix to an expression.
There is no established terminology here and I was winging it in my post. [There is no real benefit for getting pedantic about command line syntax in user documentation.] To be clear, the proposed change would result in this sort of syntax: --script <outer-expression> <outer-expression> := [prefix] specification { <comma> [prefix] specification } specification := filepath | directory | expression expression := filename-pattern | category | expression binop expression | unop expression binop := and or unop := not filename-pattern only matches files in the script database. Note the pattern can actually be a literal filename.
+safe and http-*,+http-title => +(default and http-*), +(http-verb-tamper) => "Ignore the return value of the portrule for any script selected matching (safe and http-*) and any script matching (http-verb-tamper), unless already loaded"
Assuming your example got mixed up during writing, yes that's right.
That would make strange corner cases go away: (not +http-title) => errror, no + allowed inside expression, + only allowed at the left side of an expression.
They are not really corner cases but strange consequences of the design. It just wasn't well defined why or how the force "operator" should apply to only parts of an expression. David brought this up earlier in the thread. -- - Patrick Donnelly _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Script force, (continued)
- Re: Script force Djalal Harouni (Dec 01)
- Re: Script force Martin Holst Swende (Dec 03)
- Re: Script force Patrick Donnelly (Dec 04)
- Re: Script force - Named probes Djalal Harouni (Dec 04)
- Re: Script force - Named probes Martin Holst Swende (Dec 04)
- Re: Script force - Named probes Djalal Harouni (Dec 04)
- Re: Script force - Named probes Patrick Donnelly (Dec 15)
- Re: Script force - Named probes Martin Holst Swende (Dec 16)
- Re: Script force - Named probes Djalal Harouni (Dec 18)
- Re: Script force Martin Holst Swende (Dec 07)
- Re: Script force Patrick Donnelly (Dec 07)
- Re: Script force Martin Holst Swende (Dec 07)
- Re: Script force Martin Holst Swende (Dec 07)
- Re: Script force Martin Holst Swende (Dec 11)
- Re: Script force Djalal Harouni (Dec 11)
- Re: Script force Martin Holst Swende (Dec 13)
- Re: Script force Patrik Karlsson (Dec 16)
- Re: Script force Fyodor (Dec 19)
- Re: script category selection bug - was: Script force Djalal Harouni (Dec 05)
- Re: script category selection bug - was: Script force Patrick Donnelly (Dec 05)
- Re: script category selection bug - was: Script force Djalal Harouni (Dec 05)