Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] port.version.name_confidence not settable via nmap.set_port_version()

From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 23 Oct 2013 12:14:29 -0500
List,
Several scripts [1] are attempting to set port.version.name_confidence, but the NSE function nmap.set_port_version() does not support setting this value. The documentation (http://nmap.org/nsedoc/lib/nmap.html#set_port_version) seems clear, in that it does not list name_confidence as a settable value.
Currently, name_confidence is set in portlist.cc (PortList::setServiceProbeResults) and follows this logic: 

if ( probestate == "hardmatched" or probestate == "softmatched" ) then
  name_confidence = 10
elseif ( probestate == "tcpwrapped" ) then
  name_confidence = 8
else
  name_confidence = 3
end
I'd like to hear folks' thoughts on opening this up to setting via NSE. My current thoughts: 

PRO: Scripts will work as expected.

CON: Scripts may use inappropriate values (especially less than 3)

Dan

[1] List of scripts that attempt to set name_confidence
scripts/backorifice-brute.nse
scripts/backorifice-info.nse
scripts/cassandra-info.nse
scripts/db2-das-info.nse
scripts/drda-info.nse
scripts/metasploit-info.nse
scripts/mongodb-info.nse
scripts/murmur-version.nse
scripts/pptp-version.nse
scripts/teamspeak2-version.nse
scripts/ventrilo-info.nse
scripts/wdb-version.nse
scripts/xmpp-info.nse

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: