Add the nmap.version_intensity() function for use in NSE version scripts. Modify shortport.version_port_or_service() to also take a rarity parameter.

2026-01-30 10:09:03 +00:00 · 2014-07-30 07:05:58 +00:00
parent 20235c2389
commit 341e447868
2 changed files with 42 additions and 3 deletions
--- a/nse_nmaplib.cc
+++ b/nse_nmaplib.cc
@@ -634,6 +634,38 @@ static int l_new_try (lua_State *L)
  return 1;
 }

+static int l_get_version_intensity (lua_State *L)
+{
+  static int intensity = -1;
+
+  if (intensity < 0) {
+    int is_script_intensity_set;
+    int script_intensity;
+
+    lua_getglobal(L, "nmap");
+    lua_getfield(L, -1, "registry");
+    lua_getfield(L, -1, "args");
+    lua_getfield(L, -1, "script-intensity");
+
+    script_intensity = lua_tointegerx(L, lua_gettop(L), &is_script_intensity_set);
+
+    lua_pop(L, 4);
+
+    if (is_script_intensity_set) {
+      if (script_intensity < 0 || script_intensity > 9)
+        error("Warning: Valid values of script arg script-intensity are between "
+              "0 and 9. Using %d nevertheless.\n", script_intensity);      
+      intensity = script_intensity;
+    } else {
+      intensity = o.version_intensity;
+    }
+  }
+
+  lua_pushnumber(L, intensity);
+
+  return 1;
+}
+
 static int l_get_verbosity (lua_State *L)
 {
  int verbosity;
@@ -912,6 +944,7 @@ int luaopen_nmap (lua_State *L)
    {"clock", l_clock},
    {"log_write", l_log_write},
    {"new_try", l_new_try},
+    {"version_intensity", l_get_version_intensity},
    {"verbosity", l_get_verbosity},
    {"debugging", l_get_debugging},
    {"have_ssl", l_get_have_ssl},
--- a/nselib/shortport.lua
+++ b/nselib/shortport.lua
@@ -128,26 +128,32 @@ end

 --- Return a portrule that returns true when given an open port matching
 -- either a port number or service name and has not been listed in the
-- exclude port directive of the nmap-service-probes file.
+-- exclude port directive of the nmap-service-probes file. If version
+-- intensity is lesser than rarity value, portrule always returns false.
 --
 -- This function is a combination of the <code>port_is_excluded</code>
 -- and <code>port_or_service</code> functions. The port, service, proto may
 -- be single values or a list of values as in those functions.
 -- This function can be used by version category scripts to check if a
-- given port and its protocol are in the exclude directive.
+-- given port and its protocol are in the exclude directive and that version
+-- intensity is greater than or equal to the rarity value of the script.
 -- @usage portrule = shortport.version_port_or_service(22)
 -- @usage portrule = shortport.version_port_or_service(nil, "ssh", "tcp")
+-- @usage portrule = shortport.version_port_or_service(nil, nil, "tcp", nil, 8)
 -- @param services Service name or a list of names to run against.
 -- @param protos The protocol or list of protocols to match against, default
 -- <code>"tcp"</code>.
 -- @param states A state or list of states to match against, default
 -- {<code>"open"</code>, <code>"open|filtered"</code>}.
+-- @param rarity A minimum value of version script intensity, below
+-- which the function always returns false, default 7.
 -- @return Function for the portrule.
-version_port_or_service = function(ports, services, protos, states)
+version_port_or_service = function(ports, services, protos, states, rarity)
  return function(host, port)
    local p_s_check = port_or_service(ports, services, protos, states)
    return p_s_check(host, port)
      and not(port_is_excluded(port.number, port.protocol))
+      and (nmap.version_intensity() >= (rarity or 7))
  end
 end