Nmap Development mailing list archives
Re: [nmap-svn] r29601 - nmap/scripts
From: David Fifield <david () bamsoftware com>
Date: Sat, 8 Sep 2012 10:12:10 -0700
On Thu, Aug 16, 2012 at 05:18:43AM -0700, David Fifield wrote:
On Wed, Aug 15, 2012 at 08:00:00PM -0700, commit-mailer () insecure org wrote:Author: dmiller Date: Wed Aug 15 20:00:00 2012 New Revision: 29601 Log: Add @xmloutput nsedoc to ssh-hostkey, smb-os-discovery Modified: nmap/scripts/smb-os-discovery.nse ============================================================================== --- nmap/scripts/smb-os-discovery.nse (original) +++ nmap/scripts/smb-os-discovery.nse Wed Aug 15 20:00:00 2012 @@ -56,7 +56,18 @@ -- | NetBIOS computer name: SQL2008 -- | NetBIOS domain name: LAB -- |_ System time: 2011-04-20 13:34:06 UTC-5 ------------------------------------------------------------------------ +-- +--@xmloutput +-- <script id="smb-os-discovery" output="..."> +-- <elem key="OS">Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R) 2008 Standard 6.0)</elem> +-- <elem key="Computer name">Sql2008</elem> +-- <elem key="Domain name">lab.test.local</elem> +-- <elem key="Forest name">test.local</elem> +-- <elem key="FQDN">Sql2008.lab.test.local</elem> +-- <elem key="NetBIOS computer name">SQL2008</elem> +-- <elem key="NetBIOS domain name">LAB</elem> +-- <elem key="System time">2011-04-20 13:34:06 UTC-5</elem> +-- </script>Thank you, Dan, for starting to update scripts. What do people think about the XML output shown above. At first glance, I don't like the key names, but perhaps I'm overreacting over this issue. My impulse would be to do something like this: <elem key="os">Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R) 2008 Standard 6.0)</elem> <elem key="name">Sql2008</elem> <elem key="domain">lab.test.local</elem> <elem key="forest">test.local</elem> <elem key="fqdn">Sql2008.lab.test.local</elem> <elem key="netbios-name">SQL2008</elem> <elem key="netbios-domain">LAB</elem> <elem key="date">2011-04-20 13:34:06 UTC-5</elem>
This was bothering me so I made a change to the structured output. It now looks like this: <elem key="os">Windows Server (R) 2008 Standard 6001 Service Pack 1</elem> <elem key="lanmanager">Windows Server (R) 2008 Standard 6.0</elem> <elem key="domain">LAB</elem> <elem key="server">SQL2008</elem> <elem key="date">2011-04-20T13:34:06-05:00</elem> <elem key="fqdn">Sql2008.lab.test.local</elem> <elem key="domain_dns">lab.test.local</elem> <elem key="forest_dns">test.local</elem> The output is mostly the same table that is returned by smb.get_os, which was already close to what we want. I also followed these principles: * Structured output should be broken down as much as is reasonable. smb.get_os returns separate "os" and "lanmanager" keys. The script was combining these as string.format("%s (%s)", os, lanmanager), which is fine for screen output, but they should be separate fields in structured output. * Keys should be lowercase and look like identifiers. * Less redundancy. The "Computer name" field is actually derived from "FQDN", so I didn't keep it as a separate element in structured output. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r29601 - nmap/scripts David Fifield (Aug 16)
- Re: [nmap-svn] r29601 - nmap/scripts David Fifield (Sep 08)