From 341e447868f08ec678c2b07fea6b082c124b1333 Mon Sep 17 00:00:00 2001 From: jay Date: Wed, 30 Jul 2014 07:05:58 +0000 Subject: [PATCH] Add the nmap.version_intensity() function for use in NSE version scripts. Modify shortport.version_port_or_service() to also take a rarity parameter. --- nse_nmaplib.cc | 33 +++++++++++++++++++++++++++++++++ nselib/shortport.lua | 12 +++++++++--- 2 files changed, 42 insertions(+), 3 deletions(-) diff --git a/nse_nmaplib.cc b/nse_nmaplib.cc index bbf500305..3a1f913f2 100644 --- a/nse_nmaplib.cc +++ b/nse_nmaplib.cc @@ -634,6 +634,38 @@ static int l_new_try (lua_State *L) return 1; } +static int l_get_version_intensity (lua_State *L) +{ + static int intensity = -1; + + if (intensity < 0) { + int is_script_intensity_set; + int script_intensity; + + lua_getglobal(L, "nmap"); + lua_getfield(L, -1, "registry"); + lua_getfield(L, -1, "args"); + lua_getfield(L, -1, "script-intensity"); + + script_intensity = lua_tointegerx(L, lua_gettop(L), &is_script_intensity_set); + + lua_pop(L, 4); + + if (is_script_intensity_set) { + if (script_intensity < 0 || script_intensity > 9) + error("Warning: Valid values of script arg script-intensity are between " + "0 and 9. Using %d nevertheless.\n", script_intensity); + intensity = script_intensity; + } else { + intensity = o.version_intensity; + } + } + + lua_pushnumber(L, intensity); + + return 1; +} + static int l_get_verbosity (lua_State *L) { int verbosity; @@ -912,6 +944,7 @@ int luaopen_nmap (lua_State *L) {"clock", l_clock}, {"log_write", l_log_write}, {"new_try", l_new_try}, + {"version_intensity", l_get_version_intensity}, {"verbosity", l_get_verbosity}, {"debugging", l_get_debugging}, {"have_ssl", l_get_have_ssl}, diff --git a/nselib/shortport.lua b/nselib/shortport.lua index 6658c39eb..40b73c999 100644 --- a/nselib/shortport.lua +++ b/nselib/shortport.lua @@ -128,26 +128,32 @@ end --- Return a portrule that returns true when given an open port matching -- either a port number or service name and has not been listed in the --- exclude port directive of the nmap-service-probes file. +-- exclude port directive of the nmap-service-probes file. If version +-- intensity is lesser than rarity value, portrule always returns false. -- -- This function is a combination of the port_is_excluded -- and port_or_service functions. The port, service, proto may -- be single values or a list of values as in those functions. -- This function can be used by version category scripts to check if a --- given port and its protocol are in the exclude directive. +-- given port and its protocol are in the exclude directive and that version +-- intensity is greater than or equal to the rarity value of the script. -- @usage portrule = shortport.version_port_or_service(22) -- @usage portrule = shortport.version_port_or_service(nil, "ssh", "tcp") +-- @usage portrule = shortport.version_port_or_service(nil, nil, "tcp", nil, 8) -- @param services Service name or a list of names to run against. -- @param protos The protocol or list of protocols to match against, default -- "tcp". -- @param states A state or list of states to match against, default -- {"open", "open|filtered"}. +-- @param rarity A minimum value of version script intensity, below +-- which the function always returns false, default 7. -- @return Function for the portrule. -version_port_or_service = function(ports, services, protos, states) +version_port_or_service = function(ports, services, protos, states, rarity) return function(host, port) local p_s_check = port_or_service(ports, services, protos, states) return p_s_check(host, port) and not(port_is_excluded(port.number, port.protocol)) + and (nmap.version_intensity() >= (rarity or 7)) end end