Remove bin.lua calls from some scripts and libraries

scripts/broadcast-eigrp-discovery.nse

@@ -2,7 +2,6 @@ local eigrp = require "eigrp"
 local nmap = require "nmap"
 local stdnse = require "stdnse"
 local table = require "table"
-local bin = require "bin"
 local packet = require "packet"
 local ipOps = require "ipOps"
 local target = require "target"
@@ -104,7 +103,7 @@ local eigrpSend = function(interface, eigrp_raw)
   local sock = nmap.new_dnet()
   sock:ethernet_open(interface.device)
   -- Ethernet IPv4 multicast, our ethernet address and packet type IP
-  local eth_hdr = bin.pack("HAH", "01 00 5e 00 00 0a", interface.mac, "08 00")
+  local eth_hdr = stdnse.fromhex("01 00 5e 00 00 0a") .. interface.mac .. stdnse.fromhex("08 00")
   sock:ethernet_send(eth_hdr .. eigrp_packet.buf)
   sock:ethernet_close()
 end

scripts/broadcast-listener.nse

@@ -172,6 +172,7 @@ sniffInterface = function(iface, Decoders, decodertab)
           -- attempts to match the "raw" packet against a filter
           -- supplied in each ethernet packet decoder
           if ( hex:match(match) ) then
+            stdnse.debug1("Packet matched '%s'", match)
             if ( not(decodertab.ether[match]) ) then
               decodertab.ether[match] = Decoders.ether[match]:new()
             end

scripts/deluge-rpc-brute.nse

@@ -1,5 +1,4 @@
 local brute = require "brute"
-local bin = require "bin"
 local creds = require "creds"
 local nmap = require "nmap"
 local shortport = require "shortport"
@@ -61,19 +60,24 @@ local rencoded_login_request = function(username, password)
 
   -- Encode the login request:
   -- ((0, 'daemon.login', ('username', 'password'), {}),)
-  local request = bin.pack("CCCCACCACAC",
+  local request = string.pack("BBBB",
     LIST_FIXED_START + 1,
     LIST_FIXED_START + 4,
     INT_POS_FIXED_START,
-    STR_FIXED_START + string.len("daemon.login"),
-    "daemon.login",
+    STR_FIXED_START + string.len("daemon.login")
+    )
+  .. "daemon.login"
+  .. string.pack("BB",
     LIST_FIXED_START + 2,
-    STR_FIXED_START + string.len(username),
-    username,
-    STR_FIXED_START + string.len(password),
-    password,
-    DICT_FIXED_START
-  )
+    STR_FIXED_START + string.len(username)
+    )
+  ..  username
+  .. string.pack("B",
+    STR_FIXED_START + string.len(password)
+    )
+  ..  password
+  .. string.pack("B", DICT_FIXED_START)
+
   return request
 end
 

scripts/eppc-enum-processes.nse

@@ -2,6 +2,7 @@ local bin       = require('bin')
 local nmap      = require('nmap')
 local shortport = require('shortport')
 local stdnse    = require('stdnse')
+local string    = require('string')
 local tab       = require('tab')
 
 description = [[
@@ -84,7 +85,9 @@ action = function( host, port )
     local packets = {
       "PPCT\0\0\0\1\0\0\0\1",
       -- unfortunately I've found no packet specifications, so this has to do
-      bin.pack("HCpH", "e44c50525401e101", 225 + #app, app, "dfdbe302013ddfdfdfdfd500")
+      stdnse.fromhex("e44c50525401e101")
+      .. string.pack("Bs1", 225 + #app, app)
+      .. stdnse.fromhex("dfdbe302013ddfdfdfdfd500"),
     }
 
     for _, v in ipairs(packets) do

scripts/jdwp-info.nse

@@ -1,7 +1,7 @@
-local bin = require "bin"
 local io = require "io"
 local jdwp = require "jdwp"
 local stdnse = require "stdnse"
+local string = require "string"
 local nmap = require "nmap"
 local shortport = require "shortport"
 
@@ -85,7 +85,7 @@ action = function(host, port)
     return stdnse.format_output(false, result)
   end
   -- get the result string
-  local _,_,stringID = bin.unpack(">CL",result)
+  local stringID = string.unpack(">x I8",result)
   status,result = jdwp.readString(socket,0,stringID)
   -- parse results
   return stdnse.format_output(status,result)

scripts/jdwp-inject.nse

@@ -1,4 +1,3 @@
-local bin = require "bin"
 local io = require "io"
 local jdwp = require "jdwp"
 local stdnse = require "stdnse"
@@ -80,7 +79,7 @@ action = function(host, port)
     return stdnse.format_output(false, result)
   end
   -- get the result string
-  local _,_,stringID = bin.unpack(">CL",result)
+  local stringID = string.unpack(">x I8",result)
   status,result = jdwp.readString(socket,0,stringID)
   -- parse results
   return stdnse.format_output(status,result)

scripts/maxdb-info.nse

@@ -1,7 +1,7 @@
-local bin = require "bin"
 local nmap = require "nmap"
 local shortport = require "shortport"
 local stdnse = require "stdnse"
+local string = require "string"
 local tab = require "tab"
 local table = require "table"
 
@@ -55,7 +55,7 @@ local function exchPacket(socket, packet)
     stdnse.debug2("Failed to read packet from server")
     return false, "Failed to read packet from server"
   end
-  local pos, len = bin.unpack("<S", data)
+  local len = string.unpack("<I2", data)
 
   -- make sure we've got it all
   if ( len ~= #data ) then

scripts/murmur-version.nse

@@ -1,4 +1,3 @@
-local bin = require "bin"
 local comm = require "comm"
 local nmap = require "nmap"
 local shortport = require "shortport"
@@ -72,9 +71,8 @@ action = function(host, port)
     end
 
     -- Detected; extract relevant data
-    local _
-    _, r.v_a, r.v_b, r.v_c, _, r.users, r.maxusers, r.bandwidth =
-    bin.unpack(">CCCLIII", result, 2)
+    r.v_a, r.v_b, r.v_c, r.users, r.maxusers, r.bandwidth =
+    string.unpack(">BBB xxxxxxxx I4I4I4", result, 2)
   end
 
   mutex("done")

scripts/mysql-enum.nse

@@ -1,4 +1,3 @@
-local bin = require "bin"
 local brute = require "brute"
 local creds = require "creds"
 local mysql = require "mysql"
@@ -80,7 +79,7 @@ Driver = {
     stdnse.debug1( "Trying %s ...", pass)
     local auth_string = stdnse.fromhex("0000018d00000000") .. pass .. stdnse.fromhex("00504e5f5155454d4500"); -- old authentication method
     local err
-    status, err = self.socket:send(bin.pack("c",string.len(auth_string)-3) .. auth_string) --send initial auth
+    status, err = self.socket:send(string.pack("b",#auth_string-3) .. auth_string) --send initial auth
     status, response = self.socket:receive_bytes(0)
     if not status then
       return false,brute.Error:new( "Incorrect username" )

scripts/smb-vuln-ms10-054.nse

@@ -1,7 +1,7 @@
-local bin = require "bin"
 local smb = require "smb"
 local vulns = require "vulns"
 local stdnse = require "stdnse"
+local string = require "string"
 
 description = [[
 Tests whether target machines are vulnerable to the ms10-054 SMB remote memory
@@ -66,7 +66,7 @@ local function send_transaction2(smbstate, sub_command, function_parameters)
   end
 
   -- Parameters are 0x20 bytes long.
-  parameters = bin.pack("<SSSSCCSISSSSSCCS",
+  parameters = string.pack("<I2I2I2I2 BB I2 I4 I2I2I2I2I2 BB I2",
   parameter_size,                  -- Total parameter count.
   data_size,                       -- Total data count.
   0x000a,                          -- Max parameter count.

scripts/snmp-win32-software.nse

@@ -1,9 +1,9 @@
 local datetime = require "datetime"
-local bin = require "bin"
 local nmap = require "nmap"
 local shortport = require "shortport"
 local snmp = require "snmp"
 local stdnse = require "stdnse"
+local string = require "string"
 local table = require "table"
 
 description = [[
@@ -83,12 +83,12 @@ local function get_value_from_table( tbl, oid )
 end
 
 local date_xlate = {
-  year = 2,
-  month = 3,
-  day = 4,
-  hour = 5,
-  min = 6,
-  sec = 7
+  year = 1,
+  month = 2,
+  day = 3,
+  hour = 4,
+  min = 5,
+  sec = 6
 }
 
 -- translate date parts to positional indices for datetime.format_timestamp
@@ -119,7 +119,7 @@ local function process_answer( tbl )
     if ( v.oid:match(sw_name) ) then
       local objid = v.oid:gsub(sw_name, sw_date)
       local install_date = get_value_from_table( tbl, objid )
-      local install_date_tab = { bin.unpack( ">SCCCCC", install_date ) }
+      local install_date_tab = { string.unpack( ">I2 BBBBB", install_date ) }
       setmetatable(install_date_tab, date_metatab)
 
       local sw_item = {

scripts/teamspeak2-version.nse

@@ -1,7 +1,6 @@
 local comm = require "comm"
 local shortport = require "shortport"
 local nmap = require "nmap"
-local bin = require "bin"
 local string = require "string"
 
 description = [[
@@ -56,7 +55,7 @@ action = function(host, port)
   if name == "" then
     port.version.version = "2"
   else
-    local _, v_a, v_b, v_c, v_d = bin.unpack("<SSSS", version)
+    local v_a, v_b, v_c, v_d = string.unpack("<I2 I2 I2 I2", version)
     port.version.version = v_a .. "." .. v_b .. "." .. v_c .. "." .. v_d
     port.version.extrainfo = "name: " .. name .. "; no password"
     if platform == "Win32" then

scripts/telnet-ntlm-info.nse

@@ -1,6 +1,5 @@
 local datetime = require "datetime"
 local os = require "os"
-local bin = require "bin"
 local comm = require "comm"
 local shortport = require "shortport"
 local stdnse = require "stdnse"
@@ -63,7 +62,7 @@ local _, ntlm_auth_blob = smbauth.get_security_blob(
 --
 -- Create MS-TNAP Login Packet (Option Command IS)
 -- Ref: http://msdn.microsoft.com/en-us/library/cc247789.aspx
-local tnap_login_packet = bin.pack("<CCCCCCCIIACC",
+local tnap_login_packet = string.pack("<BBBBBBB I4I4",
   0xff, -- IAC
   0xfa, -- Sub-option (250)
   0x25, -- Subcommand: auth option
@@ -72,10 +71,9 @@ local tnap_login_packet = bin.pack("<CCCCCCCIIACC",
   0x00, -- Who: Mask client to server (0)
   0x00, -- Command: NTLM_NEGOTIATE (0)
   #ntlm_auth_blob, -- NTLM_DataSize (4 bytes, little-endian)
-  0x00000002, -- NTLM_BufferType (4 bytes, little-endian)
-  ntlm_auth_blob,
-  0xff, 0xf0 -- Sub-option End
-  )
+  0x00000002) -- NTLM_BufferType (4 bytes, little-endian)
+  .. ntlm_auth_blob .. string.pack("<BB",
+  0xff, 0xf0) -- Sub-option End
 
 portrule = shortport.port_or_service(23, "telnet")