Nmap Development mailing list archives
Re: [NSE][patch] Load script-args from a file
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 23 Dec 2011 11:39:40 -0600
On 09/21/2011 11:01 AM, Daniel Miller wrote:
On 06/18/2011 04:42 PM, Fyodor wrote:On Wed, Jun 15, 2011 at 10:12:02PM -0500, Daniel Miller wrote:Here's a patch to let users specify a file from which to load script-args. Example: $ cat ~/.nmap/myargs smbdomain=WORKGROUP, smbpassword=MyPa$$, $ nmap --script smb-* --script-args file=myargs target.example.com Simply put, it checks for a script-arg of "file", parses the contentsof the file the same way we currently parse the argument to --script-args,combines it with any arguments on the command line, then goes aboutbusiness as usual. Any arguments on the command line supersede ones in the file. The file can be an absolute path, or a path relative to Nmap's usualsearch path (NMAPDIR, etc.)Thanks Dan. That does sound like it might be useful. It would be interesting to hear other people's take on this (e.g. who here is likely to use this)? From a UI perspective, I think it would be better to add a separate Nmap option (e.g. --script-args-file) rather than to make the "file" script argument name be magic. That would be consistent with the way we offer both --exclude and --excludefile rather than providing a syntax to --exclude that causes it to load a file. Cheers, FyodorList,Dredging up an old thread, I've modified the patch to use the --script-args-file syntax. It will take either an absolute file path, or a path relative to Nmap's search path (~/.nmap/:$NMAP_DIR:/usr/whatever/nmap/), and load arguments out of that file just as they would be specified on the command line. The only difference is that arguments may be separated with newlines, not just commas. The example in my initial email now looks like this:$ cat ~/.nmap/myargs smbdomain=WORKGROUP smbpassword=MyPa$$ $ nmap --script smb-* --script-args-file myargs target.example.comDanP.S. Some of the options are listed twice, once with hyphens, and again with underscores. I thought I understood this was to be more flexible in what was allowed, but I noticed the options parsing often only compares with the hyphenated version. Should we strip some of these out, or does it really not matter?
List,I submitted this patch in September, and there seemed to be interest in June, but it never was accepted. I'm resubmitting with the addition of some documentation on the --script-args-file option. Additionally, I found that the --script-help option was incorrectly nested under the --script-args option, which can be seen as an extra level of indentation for that option in the Nmap man page. This patch should fix that issue as well.
Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE][patch] Load script-args from a file Daniel Miller (Dec 23)
- Message not available
- Re: [NSE][patch] Load script-args from a file Daniel Miller (Dec 24)
- Re: [NSE][patch] Load script-args from a file Patrik Karlsson (Dec 29)
- Re: [NSE][patch] Load script-args from a file Daniel Miller (Dec 29)
- Re: [NSE][patch] Load script-args from a file Daniel Miller (Dec 24)
- Message not available