Nmap Development mailing list archives
Re: [NSE] port.version.name_confidence not settable via nmap.set_port_version()
From: Henri Doreau <henri.doreau () gmail com>
Date: Sun, 24 Nov 2013 17:49:43 +0100
2013/10/23 Daniel Miller <bonsaiviking () gmail com>:
List, Several scripts [1] are attempting to set port.version.name_confidence, but the NSE function nmap.set_port_version() does not support setting this value. The documentation (http://nmap.org/nsedoc/lib/nmap.html#set_port_version) seems clear, in that it does not list name_confidence as a settable value. Currently, name_confidence is set in portlist.cc (PortList::setServiceProbeResults) and follows this logic: if ( probestate == "hardmatched" or probestate == "softmatched" ) then name_confidence = 10 elseif ( probestate == "tcpwrapped" ) then name_confidence = 8 else name_confidence = 3 end I'd like to hear folks' thoughts on opening this up to setting via NSE. My current thoughts: PRO: Scripts will work as expected. CON: Scripts may use inappropriate values (especially less than 3) Dan [1] List of scripts that attempt to set name_confidence scripts/backorifice-brute.nse scripts/backorifice-info.nse scripts/cassandra-info.nse scripts/db2-das-info.nse scripts/drda-info.nse scripts/metasploit-info.nse scripts/mongodb-info.nse scripts/murmur-version.nse scripts/pptp-version.nse scripts/teamspeak2-version.nse scripts/ventrilo-info.nse scripts/wdb-version.nse scripts/xmpp-info.nse
Hi Dan, that's interesting. In which case would a script set non-maxium name_confidence? To be flexible and robust we could let scripts set it, provide the scripts with two constants and return an error if anything but these values is passed in? Regards -- Henri _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] port.version.name_confidence not settable via nmap.set_port_version() Daniel Miller (Oct 23)
- Re: [NSE] port.version.name_confidence not settable via nmap.set_port_version() Henri Doreau (Nov 24)