nse_check_globals cleanup

nselib/ospf.lua

@@ -7,7 +7,11 @@
 -- @author "Patrik Karlsson <patrik@cqure.net>"
 -- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html
 
+local bin = require "bin"
+local bit = require "bit"
+local math = require "math"
 local stdnse = require "stdnse"
+local table = require "table"
 local ipOps = require "ipOps"
 local packet = require "packet"
 _ENV = stdnse.module("ospf", stdnse.seeall)
@@ -61,6 +65,7 @@ OSPF = {
 		pos, header.auth_data.password = bin.unpack(">A8", data, pos)
 	    -- MD5 hash authentication
 	    elseif header.auth_type == 0x02 then
+			local _
 		_, header.auth_data.keyid = bin.unpack(">C", data, pos+2)
 		_, header.auth_data.length = bin.unpack(">C", data, pos+3)
 		_, header.auth_data.seq = bin.unpack(">C", data, pos+4)

nselib/rdp.lua

@@ -8,6 +8,7 @@
 --
 
 local bin = require("bin")
+local nmap = require("nmap")
 local stdnse = require("stdnse")
 _ENV = stdnse.module("rdp", stdnse.seeall)
 

scripts/cvs-brute-repository.nse

@@ -6,6 +6,7 @@ local nmap = require "nmap"
 local shortport = require "shortport"
 local stdnse = require "stdnse"
 local table = require "table"
+local unpwdb = require "unpwdb"
 
 description = [[
 Attempts to guess the name of the CVS repositories hosted on the remote server.
@@ -104,7 +105,7 @@ action = function(host, port)
 		end
 	end
 
-	repository_iterator = function()
+	local function repository_iterator()
 		local function next_repo()
 			for line in f:lines() do
 				if ( not(line:match("#!comment")) ) then

scripts/dns-zone-transfer.nse

@@ -431,7 +431,7 @@ local RD = {
   end,
   DNAME = parse_domain,
   SINK = function(data, offset) -- http://bgp.potaroo.net/ietf/all-ids/draft-eastlake-kitchen-sink-02.txt
-    local coding, subcoding
+    local coding, subcoding, field
     coding = string.byte(data, offset)
     subcoding = string.byte(data, offset+1)
     offset, field = bin.unpack("A" .. (bto16(data, offset-2)-2), data, offset+2)

scripts/firewall-bypass.nse

@@ -96,6 +96,7 @@ ftp_helper = {
 
 	    -- Until we get adequate packet
             while (nmap.clock_ms() - start) < timeout do
+                local _
                 status, _, l2data, l3data = sniffer:pcap_receive()
                 if status and string.find(l3data, "220 ") then
                     break
@@ -261,7 +262,7 @@ action = function(host, port)
     end
 
     -- Then we check if target port is now open.
-    testsock = nmap.new_socket()
+    local testsock = nmap.new_socket()
     testsock:set_timeout(1000)
     local status, _ = testsock:connect(host.ip, targetport)
     testsock:close()

scripts/http-git.nse

@@ -20,6 +20,8 @@
 local http = require("http")
 local shortport = require("shortport")
 local stdnse = require("stdnse")
+local string = require("string")
+local table  = require("table")
 
 description = [[
 Checks for a Git repository found in a website's document root (GET /.git/<something> HTTP/1.1)
@@ -155,7 +157,7 @@ function action(host, port)
     -- This function will take a Git hosting service URL or a service
     -- the allows deployment via Git and find out if there is an entry
     -- for it in the configuration file
-    function lookforremote(config, url, service, success_string)
+    local function lookforremote(config, url, service, success_string)
       -- Different combinations of separating characters in the remote can
       -- indicate the access method - I know about SSH, HTTP, and Smart HTTP
       local access1, access2, reponame = string.match(

scripts/http-phpself-xss.nse

@@ -49,6 +49,8 @@ local shortport = require 'shortport'
 local url = require 'url'
 local stdnse = require 'stdnse'
 local vulns = require 'vulns'
+local string = require 'string'
+local table = require 'table'
 
 portrule = shortport.http
 

scripts/http-slowloris.nse

@@ -1,3 +1,7 @@
+local coroutine = require "coroutine"
+local math = require "math"
+local nmap = require "nmap"
+local os = require "os"
 local shortport = require "shortport"
 local stdnse = require "stdnse"
 local http = require "http"
@@ -165,7 +169,7 @@ local doMonitor = function(host,port)
 					break 
 				end
 			end
-			status, data = monitor:receive_lines(1)
+			local status, data = monitor:receive_lines(1)
 			if not status then
 				stdnse.print_debug("MONITOR: Didn't get a reply from " .. host.ip  .. "." )
 				monitor:close()
@@ -214,7 +218,6 @@ local worker_schedluer = function(host, port)
 		for thread in pairs(threads) do
 			if coroutine.status(thread) == "dead" then 
 				threads[thread] = nil 
-
 			end
 		end
 		stdnse.print_debug("starting new thread")

scripts/mcafee-epo-agent.nse

@@ -26,6 +26,8 @@ categories = {"version", "safe"}
 
 local http = require "http"
 local nmap = require "nmap"
+local stdnse = require "stdnse"
+local string = require "string"
 
 portrule = function(host, port)
   if port.version ~= nil and port.version.product ~= nil then

scripts/metasploit-info.nse

@@ -1,3 +1,4 @@
+local nmap = require "nmap"
 local shortport = require "shortport"
 local stdnse = require "stdnse"
 local string = require "string"
@@ -223,7 +224,7 @@ end
 -- write command and read result helper
 local write_read_console = function(host,port,token, console_id,command)
 	if write_console(host,port,token,console_id, command) then 
-		read_data = read_console(host,port,token,console_id)
+		local read_data = read_console(host,port,token,console_id)
 		if read_data then
 			read_data = string.sub(read_data,string.find(read_data,"\n")+1) -- skip command echo
 			return read_data

scripts/ms-sql-dac.nse

@@ -1,3 +1,4 @@
+local coroutine = require "coroutine"
 local mssql = require "mssql"
 local nmap = require "nmap"
 local stdnse = require "stdnse"

scripts/nfs-showmount.nse

@@ -36,13 +36,13 @@ portrule = shortport.port_or_service(111, {"rpcbind", "mountd"}, {"tcp", "udp"}
 
 local function get_exports(host, port)
   local mnt = rpc.Mount:new()
-  mnt_comm = rpc.Comm:new('mountd', port.version.rpc_highver)
+  local mnt_comm = rpc.Comm:new('mountd', port.version.rpc_highver)
-  status, result = mnt_comm:Connect(host, port)
+  local status, result = mnt_comm:Connect(host, port)
   if ( not(status) ) then
     stdnse.print_debug(4, "get_exports: %s", result)
     return false, result
   end
-  status, mounts = mnt:Export(mnt_comm)
+  local status, mounts = mnt:Export(mnt_comm)
   mnt_comm:Disconnect()
   if ( not(status) ) then
     stdnse.print_debug(4, "get_exports: %s", mounts)

scripts/rdp-enum-encryption.nse

@@ -29,6 +29,9 @@ author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
 
+local bin = require("bin")
+local nmap = require("nmap")
+local table = require("table")
 local shortport = require("shortport")
 local rdp = require("rdp")
 local stdnse = require("stdnse")
@@ -60,7 +63,7 @@ local function enum_protocols(host, port)
 			return false, "ERROR: Failed to connect to server"
 		end
 		local cr = rdp.Request.ConnectionRequest:new(v)
-		status, response = comm:exch(cr)
+		local status, response = comm:exch(cr)
 		comm:close()
 		if ( not(status) ) then
 			return false, response
@@ -102,7 +105,7 @@ local function enum_ciphers(host, port)
 	local res_ciphers = {}
 	
 	local function get_ordered_ciphers()
-		i = 0
+		local i = 0
 		return function()
 			i = i + 1
 			if ( not(CIPHERS[i]) ) then	return end
@@ -119,7 +122,7 @@ local function enum_ciphers(host, port)
 		end
 	
 		local cr = rdp.Request.ConnectionRequest:new()
-		status, response = comm:exch(cr)
+		local status, response = comm:exch(cr)
 		if ( not(status) ) then
 			break
 		end

scripts/sip-call-spoof.nse

@@ -1,3 +1,4 @@
+local nmap = require "nmap"
 local shortport = require "shortport"
 local sip = require "sip"
 local stdnse = require "stdnse"

scripts/sip-enum-users.nse

@@ -1,3 +1,6 @@
+local io = require "io"
+local nmap = require "nmap"
+local string = require "string"
 local shortport = require "shortport"
 local sip = require "sip"
 local stdnse = require "stdnse"
@@ -121,7 +124,7 @@ local useriterator = function(list)
     end
     f = io.open(f)
     if ( not(f) ) then
-	return false, ("\n  ERROR: Failed to open %s"):format(DEFAULT_ACCOUNTS)
+	return false, ("\n  ERROR: Failed to open %s"):format(list)
     end
     return function()
 	for line in f:lines() do
@@ -171,7 +174,7 @@ Driver = {
 	self.session = sip.Session:new(self.host, self.port)
 	local status = self.session:connect()
 	if ( not(status) ) then
-	    return false, brute.Error:new( "Couldn't connect to host: " .. err )
+	    return false, brute.Error:new( "Couldn't connect to host" )
 	end
 	return true
     end,
@@ -247,7 +250,7 @@ action = function(host, port)
 
     local iterator = numiterator(minext, maxext, padding)
     if users then
-	usernames, err = useriterator(usersfile)
+	local usernames, err = useriterator(usersfile)
 	if not usernames then
 	    return err
 	end

scripts/sip-methods.nse

@@ -1,3 +1,4 @@
+local nmap = require "nmap"
 local shortport = require "shortport"
 local sip = require "sip"
 local stdnse = require "stdnse"

scripts/ssl-enum-ciphers.nse

@@ -917,6 +917,7 @@ local function try_protocol(host, port, protocol, upresults)
 	compressors = find_compressors(host, port, protocol, ciphers[1])
 
   -- Add rankings to ciphers
+	local cipherstr
   for i, name in ipairs(ciphers) do
     if rankedciphersfilename and rankedciphers[name] then
       cipherstr=rankedciphers[name]

scripts/tls-nextprotoneg.nse

@@ -1,3 +1,5 @@
+local nmap = require "nmap"
+local string = require "string"
 local shortport = require "shortport"
 local stdnse = require "stdnse"
 local table = require "table"
@@ -131,7 +133,8 @@ local check_npn = function(response)
     end
 
     -- Get the server hello length
-    _, shlength = bin.unpack(">S", response, 4)
+    local _
+		_, shlength = bin.unpack(">S", response, 4)
     local serverhello = string.sub(response, 6, 6 + shlength)
 
     -- If server didn't return TLS NPN extension