| Issue 9: | Add ability to parse nse script output - beta of working code attached | |
| 2 people starred this issue and may be notified of changes. | Back to list |
What steps will reproduce the problem?
No problem, an enhancement
What is the expected output? What do you see instead?
I added an update to the POD code as well which explains the new methods:
<tcp_script($portid)>
<udp_script($portid)>
Returns the Nmap::Parser::Host object of a (the first only currently)
script running on port,
provided by $portid. See Nmap::Parser::Host for more info.
$scrpt = $host->tcp_script(23);
$scrpt->{id}; # NSE Script used I.e. bruteforce or SNMPv1-
communitybrute
$scrpt->{output}; # credentials accepted I.e. user - pass or SNMP
community accepted
There could be multiples and I'm not sure how nse scripts deal with that,
the parser doesn't at this time
What version of the product are you using? On what operating system?
Version 1.19 on Windows with Perl 5.10
Please provide any additional information below.
I believe scripts can return multiple responses per port, but I haven't
implemented that yet. It just grabs the first response. It's a hack, but
seems useful, it could definately be refined.
|
|||
,
Apr 16, 2009
I have a patch to fix the multiple script output issue in your patched Parser module:
425c425
< sub __host_script_tag_hdlr {
---
> sub __host_script_tag_hdlr {
429c429
< my $script = $tag->first_child('script');
---
> my $script_arrayref;
431,438c431,441
< $script_hashref->{port} = $portid;
<
< if ( defined $script ) {
< $script_hashref->{id} = $script->{att}->{id} || 'unknown';
< $script_hashref->{output} = $script->{att}->{output};
< }
<
< return $script_hashref;
---
> $script_arrayref=[];
> for my $script ( $tag->children('script') ) {
> $script_hashref={};
> $script_hashref->{port} = $portid;
> if ( defined $script ) {
> $script_hashref->{id} = $script->{att}->{id} || 'unknown';
> $script_hashref->{output} = $script->{att}->{output};
> push @{$script_arrayref},$script_hashref;
> }
> }
> return $script_arrayref;
729a733
> my @ret;
737,738c741,744
< return Nmap::Parser::Host->new(
< $self->{ports}{tcp}{$portid}{script} );
---
> for my $i (@{$self->{ports}{tcp}{$portid}{script}}) {
> push @ret,Nmap::Parser::Host::Script->new($i);
> }
> return @ret;
836a843,871
> # NMAP::PARSER::HOST::SCRIPT
> #/*****************************************************************************/
>
> package Nmap::Parser::Host::Script;
> use vars qw($AUTOLOAD);
>
> sub new {
> my $class = shift;
> $class = ref($class) || $class;
> my $self = shift || {};
> bless( $self, $class );
> return $self;
> }
>
> #Support for:
> #id output
> #this will now only load functions that will be used. This saves
> #on delay (increase speed) and memory
>
> sub AUTOLOAD {
> ( my $param = $AUTOLOAD ) =~ s{.*::}{}xms;
> return if ( $param eq 'DESTROY' );
> no strict 'refs';
>
> *$AUTOLOAD = sub { return $_[0]->{ lc $param } };
> goto &$AUTOLOAD;
> }
>
> #/*****************************************************************************/
A simple test script now outputs the following:
Open Port: 80/tcp http Apache httpd 2.2.3
->Script ID : HTML title
->Script output: 302 Found
Open Port: 443/tcp ssl/http Apache httpd 2.2.3
->Script ID : SSLv2
->Script output: server still supports SSLv2
->Script ID : HTML title
->Script output: 302 Found
Thanks to Smaff for the patch. Patched Parser.pm attached.
|
|||
 Sign in to add a comment
|
