Add the resolveall prerule script which takes a table of hosts and adds the

resolved addresses to Nmap's target queue.

CHANGELOG

@@ -1,5 +1,10 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Added the resolveall prerule script which takes a table of
+  target names as a "hosts" argument and adds all of the resolved
+  addresses (IPv4 or IPv6, depending on Nmap's -6 option) for all of
+  the hosts to the scanning queue. [Kris]
+
 o Fixed some inconsistencies in nmap-os-db and a small memory leak
   that would happen where there was more than one round of OS
   detection. These were reported by Xavier Sudre from netVigilance,

scripts/resolveall.nse

@@ -0,0 +1,75 @@
+description = [[
+Resolves hostnames and adds every address (IPv4 or IPv6, depending) to Nmap's
+target list.  Nmap itself resolves a host but only scans the first address.
+]]
+
+---
+-- @usage 
+-- nmap --script=resolveall --script-args=newtargets,resolveall.hosts={<host1>, ...} ...
+-- @args resolveall.hosts Table of hosts to resolve
+
+author = "Kris Katterjohn"
+
+license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
+
+categories = {"safe", "discovery"}
+
+require 'target'
+
+prerule = function() return target.ALLOW_NEW_TARGETS end
+
+local addtargets = function(list)
+	local sum = 0
+
+	for _, t in ipairs(list) do
+		local st, err = target.add(t)
+		if st then
+			sum = sum + 1
+		else
+			stdnse.print_debug("Couldn't add target " .. t .. ": " .. err)
+		end
+	end
+
+	return sum
+end
+
+action = function()
+	local hosts
+
+	for _, k in ipairs({"resolveall.hosts", "hosts"}) do
+		if nmap.registry.args[k] then
+			hosts = nmap.registry.args[k]
+		end
+	end
+
+	if not hosts then
+		stdnse.print_debug(3,
+			"Skipping '%s' %s, 'resolveall.hosts' argument is missing.",
+			SCRIPT_NAME, SCRIPT_TYPE)
+		return
+	end
+
+	if type(hosts) ~= "table" then
+		stdnse.print_debug(3,
+			"Skipping '%s' %s, 'resolveall.hosts' must be a table.",
+			SCRIPT_NAME, SCRIPT_TYPE)
+		return
+	end
+
+	local sum = 0
+
+	for _, host in ipairs(hosts) do
+		local status, list = nmap.resolve(host, nmap.address_family())
+
+		if status and #list > 0 then
+			sum = sum + addtargets(list)
+		end
+	end
+
+	if sum == 0 then
+		return
+	end
+
+	return "Successfully added " .. tostring(sum) .. " new targets"
+end
+

scripts/script.db

@@ -101,6 +101,7 @@ Entry { filename = "pop3-capabilities.nse", categories = { "default", "discovery
 Entry { filename = "pptp-version.nse", categories = { "version", } }
 Entry { filename = "qscan.nse", categories = { "discovery", "safe", } }
 Entry { filename = "realvnc-auth-bypass.nse", categories = { "default", "safe", "vuln", } }
+Entry { filename = "resolveall.nse", categories = { "discovery", "safe", } }
 Entry { filename = "robots.txt.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "rpcinfo.nse", categories = { "discovery", "safe", } }
 Entry { filename = "skypev2-version.nse", categories = { "version", } }
@@ -140,7 +141,7 @@ Entry { filename = "ssl-cert.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ssl-enum-ciphers.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "sslv2.nse", categories = { "default", "safe", } }
 Entry { filename = "svn-brute.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "targets-traceroute.nse", categories = { "safe", "discovery", } }
+Entry { filename = "targets-traceroute.nse", categories = { "discovery", "safe", } }
 Entry { filename = "telnet-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "upnp-info.nse", categories = { "default", "safe", } }
 Entry { filename = "vnc-brute.nse", categories = { "auth", "intrusive", } }