Nmap Development mailing list archives
Re: [NSE] Revision of telnet-brute
From: David Fifield <david () bamsoftware com>
Date: Sat, 20 Apr 2013 15:40:14 -0700
On Sat, Apr 20, 2013 at 09:17:30PM +0000, nnposter () users sourceforge net wrote:
David Fifield wrote:- Replaced hard-coded line termination \r\0 with a configurable parameter (telnet-brute.eol) and set the default value to \r to avoid falsely failed logins on some daemons. The parameter supports use of C-like escape sequences, such as \r, \x0d, and \0015.This part seems overengineered to me. My reading of RFC 854 says that there are only two reasonable values for sending end-of-line: "\r\n" and "\r\0". Ideally one of these always works better than the other and we don't need to make it configurable. If it must be configurable, let it be between these two choices. I don't want the unescape function to be there.Sequence \r\0 does not always work while it is the one used by the linux telnet client. Sequence \r\n worked for me (and it is the one used by the Windows client) but that observation is not worth much. Single \r worked for me as well. That is why the best approach might be to pick a sensible default value but give the user the option to override it, instead of having to clone the script and edit the hard-coded string inside, which is what I had to do with the old one to make it work. I honestly do not follow what you are proposing here. Some Boolean script parameter "Use the other line termination"? Could you please elaborate?
Let's hard-code it to be "\r\n". If you can find a server that doesn't work on, then we'll make it configurable. The reason I ask you to do this is that I don't want the extra complexity for a feature that, to a close approximation, nobody will use. I'm looking at the future maintenance costs. If there were to be a script argument, it would be something like eol=lfnul or eol=crlf.
Can you explain the print_debug function? Why not use stdnse.print_debug directly?The local function is just a wrapper around stdnse.print_debug to make sure that the messages are consistently prefixed with the script name, without having to repeat the same code over and over.
Okay, but I don't understand the two branches inside the function. Am I wrong, or is only one of the branches ever followed? David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Revision of telnet-brute nnposter (Apr 18)
- Re: [NSE] Revision of telnet-brute Aleksandar Nikolic (Apr 18)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 18)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 18)
- Re: [NSE] Revision of telnet-brute Jesper Kückelhahn (Apr 18)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 18)
- Re: [NSE] Revision of telnet-brute David Fifield (Apr 20)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 20)
- Re: [NSE] Revision of telnet-brute David Fifield (Apr 20)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 21)
- Re: [NSE] Revision of telnet-brute David Fifield (Apr 25)
- Re: [NSE] Revision of telnet-brute nnposter (Apr 20)