Added the targets-traceroute script, which inserts traceroute hops onto Nmap scanning queue.

2025-12-18 13:39:02 +00:00 · 2010-09-10 01:53:22 +00:00
parent 138439e5bf
commit 15a0dc47b0
3 changed files with 72 additions and 0 deletions
--- a/3
+++ b/3
@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-

+o [NSE] Added the targets-traceroute script, which inserts traceroute
+  hops onto Nmap scanning queue. [Henri Doreau]
+
 o [NSE] Added the target NSE library to let scripts to add new
  discovered targets onto Nmap scanning queue. This feature, coupled
  with the new prerule is well suited for NSE host discovery. [Djalal]
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -140,6 +140,7 @@ Entry { filename = "ssl-cert.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ssl-enum-ciphers.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "sslv2.nse", categories = { "default", "safe", } }
 Entry { filename = "svn-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "targets-traceroute.nse", categories = { "safe", "discovery", } }
 Entry { filename = "telnet-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "upnp-info.nse", categories = { "default", "safe", } }
 Entry { filename = "vnc-brute.nse", categories = { "auth", "intrusive", } }
--- a/scripts/targets-traceroute.nse
+++ b/scripts/targets-traceroute.nse
@@ -0,0 +1,68 @@
+description = [[
+Inserts traceroute hops into the Nmap scanning queue.
+
+The script needs Nmap <code>traceroute</code> option, and will
+only run if the script argument <code>newtargets</code> is given.
+]]
+
+---
+-- @args newtargets  If specified, adds traceroute hops onto Nmap
+--                   scanning queue.
+--
+-- @usage
+-- nmap --script targets-traceroute --script-args newtargets --traceroute target
+--
+-- @output
+-- Host script results:
+-- |_traceroute-scan-hops: successfully added 5 new targets.
+
+
+-- 09/02/2010
+author = "Henri Doreau"
+
+license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
+
+categories = {"safe", "discovery"}
+
+require("stdnse")
+require("target")
+
+hostrule = function(host)
+  -- print debug messages because the script relies on
+  -- script arguments and traceroute results.
+  if not target.ALLOW_NEW_TARGETS then
+    stdnse.print_debug(3,
+      "Skipping %s script, 'newtargets' script argument is missing.",
+      SCRIPT_NAME)
+    return false
+  end
+  if not host.traceroute then
+    stdnse.print_debug(3,
+      "Skipping %s script because traceroute results are missing.",
+      SCRIPT_NAME)
+    return false
+  end
+  return true
+end
+
+action = function(host)
+  local ntargets = 0
+  for _, hop in ipairs(host.traceroute) do
+    -- avoid timedout hops, marked as empty entries
+    -- do not add the current scanned host.ip
+    if hop.ip and host.ip ~= hop.ip then
+      local status, ret = target.add(hop.ip)
+      if status then
+        ntargets = ntargets + ret
+        stdnse.print_debug(3,
+            "TRACEROUTE Scan Hops: Added new target "..host.ip.." from traceroute results")
+      else
+        stdnse.print_debug(3, "TRACEROUTE Scan Hops: " .. ret)
+      end
+    end
+  end
+
+  if ntargets > 0 then
+    return string.format("successfully added %d new targets.\n", ntargets)
+  end
+end