diff --git a/scripts/broadcast-ataoe-discover.nse b/scripts/broadcast-ataoe-discover.nse
index d3a62851f..8726f4723 100644
--- a/scripts/broadcast-ataoe-discover.nse
+++ b/scripts/broadcast-ataoe-discover.nse
@@ -30,7 +30,13 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"broadcast", "safe"}
-prerule = function() return true end
+prerule = function()
+ if ( not(nmap.is_privileged()) ) then
+ stdnse.verbose1("not running for lack of privileges")
+ return false
+ end
+ return true
+end
-- The minimalistic ATAoE interface
ATAoE = {
@@ -118,18 +124,15 @@ end
action = function()
- local iname = nmap.get_interface()
- if ( not(iname) ) then
- stdnse.verbose1("No interface supplied, use -e")
- return
+ local iface
+ local collect_interface = function (if_table)
+ if not iface and if_table.up == "up" and if_table.link == "ethernet" then
+ iface = if_table
+ end
end
- if ( not(nmap.is_privileged()) ) then
- stdnse.verbose1("not running for lack of privileges")
- return
- end
+ stdnse.get_script_interfaces(collect_interface)
- local iface = nmap.get_interface_info(iname)
if ( not(iface) ) then
return stdnse.format_output(false, "Failed to retrieve interface information")
end
diff --git a/scripts/broadcast-dhcp-discover.nse b/scripts/broadcast-dhcp-discover.nse
index c2f8a9cb0..00bab90e8 100644
--- a/scripts/broadcast-dhcp-discover.nse
+++ b/scripts/broadcast-dhcp-discover.nse
@@ -100,29 +100,9 @@ prerule = function()
return true
end
--- Gets a list of available interfaces based on link and up filters
---
--- @param link string containing the link type to filter
--- @param up string containing the interface status to filter
--- @return result table containing the matching interfaces
-local function getInterfaces(link, up)
- if( not(nmap.list_interfaces) ) then return end
- local interfaces, err = nmap.list_interfaces()
- local result
- if ( not(err) ) then
- for _, iface in ipairs(interfaces) do
- if ( iface.link == link and iface.up == up ) then
- result = result or {}
- result[iface.device] = true
- end
- end
- end
- return result
-end
-
-- Listens for an incoming dhcp response
--
--- @param iface string with the name of the interface to listen to
+-- @param iface description table of the interface to listen to
-- @param macaddr client hardware address
-- @param options DHCP options to include in the request
-- @param timeout number of ms to wait for a response
@@ -144,7 +124,7 @@ local function dhcp_listener(sock, iface, macaddr, options, timeout, xid, result
nil, -- lease time
xid)
if not status then
- stdnse.debug1("Failed to build packet for %s: %s", iface, pkt)
+ stdnse.debug1("Failed to build packet for %s: %s", iface.device, pkt)
condvar "signal"
return
end
@@ -167,15 +147,15 @@ local function dhcp_listener(sock, iface, macaddr, options, timeout, xid, result
-- Add the Ethernet header
frame:build_ether_frame(
"\xff\xff\xff\xff\xff\xff",
- nmap.get_interface_info(iface).mac, -- can't use macaddr or we won't see response
+ iface.mac, -- can't use macaddr or we won't see response
packet.ETHER_TYPE_IPV4)
local dnet = nmap.new_dnet()
- dnet:ethernet_open(iface)
+ dnet:ethernet_open(iface.device)
local status, err = dnet:ethernet_send(frame.frame_buf)
dnet:ethernet_close()
if not status then
- stdnse.debug1("Failed to send frame for %s: %s", iface, err)
+ stdnse.debug1("Failed to send frame for %s: %s", iface.device, err)
condvar "signal"
return
end
@@ -192,7 +172,7 @@ local function dhcp_listener(sock, iface, macaddr, options, timeout, xid, result
local data = data:sub(p.udp_offset + 9)
local status, response = dhcp.dhcp_parse(data, xid)
if ( status ) then
- response.iface = iface
+ response.iface = iface.device
table.insert( result, response )
end
end
@@ -243,20 +223,15 @@ action = function()
table.insert(options, {number = 61, type = "string", value = clientid })
end
- local interfaces
-
- -- first check if the user supplied an interface
- if ( nmap.get_interface() ) then
- interfaces = { [nmap.get_interface()] = true }
- else
- -- As the response will be sent to the "offered" ip address we need
- -- to use pcap to pick it up. However, we don't know what interface
- -- our packet went out on, so lets get a list of all interfaces and
- -- run pcap on all of them, if they're a) up and b) ethernet.
- interfaces = getInterfaces("ethernet", "up")
+ local interfaces = {}
+ local collect_interfaces = function (if_table)
+ if if_table and if_table.up == "up" and if_table.link=="ethernet" then
+ interfaces[if_table.device] = if_table
+ end
end
+ stdnse.get_script_interfaces(collect_interfaces)
- if( not(interfaces) ) then return fail("Failed to retrieve interfaces (try setting one explicitly using -e)") end
+ if not next(interfaces) then return fail("Failed to retrieve interfaces (try setting one explicitly using -e)") end
local transaction_id = math.random(0, 0x7F000000)
@@ -265,13 +240,13 @@ action = function()
local condvar = nmap.condvar(result)
-- start a listening thread for each interface
- for iface, _ in pairs(interfaces) do
+ for if_name, iface in pairs(interfaces) do
transaction_id = transaction_id + 1
local xid = string.pack(">I4", transaction_id)
local sock, co
sock = nmap.new_socket()
- sock:pcap_open(iface, 1500, true, "ip && udp dst port 68")
+ sock:pcap_open(if_name, 1500, true, "ip && udp dst port 68")
co = stdnse.new_thread( dhcp_listener, sock, iface, macaddr, options, timeout, xid, result )
threads[co] = true
end
diff --git a/scripts/broadcast-dhcp6-discover.nse b/scripts/broadcast-dhcp6-discover.nse
index 71b381f43..bc9b68349 100644
--- a/scripts/broadcast-dhcp6-discover.nse
+++ b/scripts/broadcast-dhcp6-discover.nse
@@ -52,26 +52,6 @@ prerule = function()
return true
end
--- Gets a list of available interfaces based on link and up filters
---
--- @param link string containing the link type to filter
--- @param up string containing the interface status to filter
--- @return result table containing the matching interfaces
-local function getInterfaces(link, up)
- if( not(nmap.list_interfaces) ) then return end
- local interfaces, err = nmap.list_interfaces()
- local result
- if ( not(err) ) then
- for _, iface in ipairs(interfaces) do
- if ( iface.link == link and iface.up == up ) then
- result = result or {}
- result[iface.device] = true
- end
- end
- end
- return result
-end
-
local function solicit(iface, result)
local condvar = nmap.condvar(result)
local helper = dhcp6.Helper:new(iface)
@@ -90,15 +70,16 @@ end
action = function(host, port)
- local iface = nmap.get_interface()
local ifs, result, threads = {}, {}, {}
local condvar = nmap.condvar(result)
- if ( iface ) then
- ifs[iface] = true
- else
- ifs = getInterfaces("ethernet", "up")
+ local ifs = {}
+ local collect_interfaces = function (if_table)
+ if if_table and if_table.up == "up" and if_table.link=="ethernet" then
+ ifs[if_table.device] = if_table
+ end
end
+ stdnse.get_script_interfaces(collect_interfaces)
for iface in pairs(ifs) do
local co = stdnse.new_thread( solicit, iface, result )
diff --git a/scripts/broadcast-eigrp-discovery.nse b/scripts/broadcast-eigrp-discovery.nse
index 832c8c0bd..442e9f1f0 100644
--- a/scripts/broadcast-eigrp-discovery.nse
+++ b/scripts/broadcast-eigrp-discovery.nse
@@ -199,7 +199,6 @@ action = function()
local as = stdnse.get_script_args(SCRIPT_NAME .. ".as")
local kparams = stdnse.get_script_args(SCRIPT_NAME .. ".kparams") or "101000"
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
- local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
local output, responses, interfaces, lthreads = {}, {}, {}, {}
local result, response, route, eigrp_hello, k
local timeout = (timeout or 10) * 1000
@@ -218,27 +217,13 @@ action = function()
k[6] = string.sub(kparams, 6)
end
- interface = interface or nmap.get_interface()
- if interface then
- -- If an interface was provided, get its information
- interface = nmap.get_interface_info(interface)
- if not interface then
- return fail(("Failed to retrieve %s interface information."):format(interface))
- end
- interfaces = {interface}
- stdnse.debug1("Will use %s interface.", interface.shortname)
- else
- local ifacelist = nmap.list_interfaces()
- for _, iface in ipairs(ifacelist) do
- -- Match all ethernet interfaces
- if iface.address and iface.link=="ethernet" and
- iface.address:match("%d+%.%d+%.%d+%.%d+") then
-
- stdnse.debug1("Will use %s interface.", iface.shortname)
- table.insert(interfaces, iface)
- end
+ local collect_interfaces = function (if_table)
+ if if_table and if_table.up == "up" and if_table.link=="ethernet"
+ and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ interfaces[#interfaces+1] = if_table
end
end
+ stdnse.get_script_interfaces(collect_interfaces)
-- If user didn't provide an Autonomous System value, we listen fro multicast
-- HELLO router announcements to get one.
diff --git a/scripts/broadcast-igmp-discovery.nse b/scripts/broadcast-igmp-discovery.nse
index 9359ee5a4..3cca9697f 100644
--- a/scripts/broadcast-igmp-discovery.nse
+++ b/scripts/broadcast-igmp-discovery.nse
@@ -302,7 +302,6 @@ end
action = function(host, port)
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
local version = stdnse.get_script_args(SCRIPT_NAME .. ".version") or 2
- local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
timeout = (timeout or 7) * 1000
if version ~= 'all' then
version = tonumber(version)
@@ -315,29 +314,13 @@ action = function(host, port)
nmap.fetchfile("nselib/data/mgroupnames.db")
local mg_names_db = group_names_fname and mgroup_names_fetch(group_names_fname)
- -- Check the interface
- interface = interface or nmap.get_interface()
- if interface then
- -- Get the interface information
- interface = nmap.get_interface_info(interface)
- if not interface then
- return stdnse.format_output(false, ("Failed to retrieve %s interface information."):format(interface))
- end
- interfaces = {interface}
- stdnse.debug1("Will use %s interface.", interface.shortname)
- else
- local ifacelist = nmap.list_interfaces()
- for _, iface in ipairs(ifacelist) do
- -- Match all ethernet interfaces
- if iface.address and iface.link=="ethernet" and
- iface.address:match("%d+%.%d+%.%d+%.%d+") then
-
- stdnse.debug1("Will use %s interface.", iface.shortname)
- table.insert(interfaces, iface)
- end
+ local collect_interfaces = function (if_table)
+ if if_table and if_table.up == "up" and if_table.link=="ethernet"
+ and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ interfaces[#interfaces+1] = if_table
end
end
-
+ stdnse.get_script_interfaces(collect_interfaces)
-- We should iterate over interfaces
for _, interface in pairs(interfaces) do
diff --git a/scripts/broadcast-listener.nse b/scripts/broadcast-listener.nse
index 3d0cf389a..f5bf9d435 100644
--- a/scripts/broadcast-listener.nse
+++ b/scripts/broadcast-listener.nse
@@ -126,7 +126,7 @@ end
-- Starts sniffing the selected interface for packets with a destination that
-- is not explicitly ours (broadcast, multicast etc.)
--
--- @param iface table containing name and address
+-- @param iface table containing device and address
-- @param Decoders the decoders class loaded externally
-- @param decodertab the "result" table to which all discovered items are
-- reported
@@ -139,7 +139,7 @@ sniffInterface = function(iface, Decoders, decodertab)
timeout = (timeout or 30) * 1000
-- We want all packets that aren't explicitly for us
- sock:pcap_open(iface.name, 1500, true, ("!host %s"):format(iface.address))
+ sock:pcap_open(iface.device, 1500, true, ("!host %s"):format(iface.address))
-- Set a short timeout so that we can timeout in time if needed
sock:set_timeout(100)
@@ -193,58 +193,20 @@ sniffInterface = function(iface, Decoders, decodertab)
condvar "signal"
end
----
--- Gets a list of available interfaces based on link and up filters
--- Interfaces are only added if they've got an ipv4 address
---
--- @param link string containing the link type to filter
--- @param up string containing the interface status to filter
--- @return result table containing tables of interfaces
--- each interface table has the following fields:
--- name containing the device name
--- address containing the device address
-getInterfaces = function(link, up)
- if( not(nmap.list_interfaces) ) then return end
- local interfaces, err = nmap.list_interfaces()
- local result = {}
- if ( not(err) ) then
- for _, iface in ipairs(interfaces) do
- if ( iface.link == link and
- iface.up == up and
- iface.address ) then
-
- -- exclude ipv6 addresses for now
- if ( not(iface.address:match(":")) ) then
- table.insert(result, { name = iface.device,
- address = iface.address } )
- end
- end
- end
- end
- return result
-end
-
local function fail (err) return stdnse.format_output(false, err) end
+local filter_interfaces = function (iface)
+ if (iface.up == "up" and iface.link=="ethernet" and iface.address
+ -- exclude ipv6 addresses for now
+ and not iface.address:match(":")) then
+ return iface
+ end
+end
+
action = function()
local DECODERFILE = "nselib/data/packetdecoders.lua"
- local iface = nmap.get_interface()
- local interfaces = {}
-
- -- was an interface supplied using the -e argument?
- if ( iface ) then
- local iinfo, err = nmap.get_interface_info(iface)
-
- if ( not(iinfo.address) ) then
- return fail("The IP address of the interface could not be determined")
- end
-
- interfaces = { { name = iface, address = iinfo.address } }
- else
- -- no interface was supplied, attempt autodiscovery
- interfaces = getInterfaces("ethernet", "up")
- end
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
-- make sure we have at least one interface to start sniffing
if ( #interfaces == 0 ) then
diff --git a/scripts/broadcast-networker-discover.nse b/scripts/broadcast-networker-discover.nse
index 1b9110dab..6aa77c66a 100644
--- a/scripts/broadcast-networker-discover.nse
+++ b/scripts/broadcast-networker-discover.nse
@@ -62,7 +62,19 @@ action = function()
local results = {}
local ip = ( nmap.address_family() == "inet" ) and "255.255.255.255" or "ff02::202"
- local iface = nmap.get_interface()
+ local iface
+ local collect_interface = function (if_table)
+ if not iface and if_table.up == "up" and if_table.link == "ethernet"
+ and if_table.address and (
+ (nmap.address_family() == "inet" and if_table.address:match("^%d+%.%d+%.%d+%.%d+$"))
+ or (nmap.address_family() == "inet6" and if_table.address:match(":"))
+ )
+ then
+ iface = if_table.device
+ end
+ end
+
+ stdnse.get_script_interfaces(collect_interface)
-- handle problematic sends on OS X requiring the interface to be
-- supplied as part of IPv6
diff --git a/scripts/broadcast-ospf2-discover.nse b/scripts/broadcast-ospf2-discover.nse
index ad3fca08b..20c5bf0fa 100644
--- a/scripts/broadcast-ospf2-discover.nse
+++ b/scripts/broadcast-ospf2-discover.nse
@@ -389,42 +389,31 @@ local ospfListen = function(interface, timeout)
listener:pcap_close()
end
+local filter_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.link=="ethernet" and
+ if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ return if_table
+ end
+end
+
action = function()
-- Get script arguments
md5_key = stdnse.get_script_args(SCRIPT_NAME .. ".md5_key") or false
router_id = stdnse.get_script_args(SCRIPT_NAME .. ".router_id") or "0.0.0.1"
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout")) or 10
- local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
stdnse.print_debug("Value for router ID argument: %s.", router_id)
stdnse.print_debug("Value for timeout argument: %s.", timeout)
-- Determine interface to use
- interface = interface or nmap.get_interface()
- if interface then
- interface = nmap.get_interface_info(interface)
- if not interface then
- return fail(("Failed to retrieve %s interface information."):format(interface))
- end
+ local interface
+ local interface_good = stdnse.get_script_interfaces(filter_interfaces)
+ if #interface_good == 1 then
+ interface = interface_good[1]
stdnse.print_debug("Will use %s interface.", interface.shortname)
+ elseif #interface_good == 0 then
+ return fail("Source interface not found.")
else
- local interface_list = nmap.list_interfaces()
- local interface_good = {}
- for _, os_interface in ipairs(interface_list) do
- if os_interface.address and os_interface.link == "ethernet" and
- os_interface.address:match("%d+%.%d+%.%d+%.%d+") then
-
- stdnse.print_debug(2, "Found usable interface: %s.", os_interface.shortname)
- table.insert(interface_good, os_interface)
- end
- end
- if #interface_good == 1 then
- interface = interface_good[1]
- stdnse.print_debug("Will use %s interface.", interface.shortname)
- elseif #interface_good == 0 then
- return fail("Source interface not found.")
- else
- return fail("Ambiguous source interface, please specify it with -e or interface parameter.")
- end
+ return fail("Ambiguous source interface, please specify it with -e or interface parameter.")
end
return ospfListen(interface, timeout)
diff --git a/scripts/broadcast-pim-discovery.nse b/scripts/broadcast-pim-discovery.nse
index 31b49c8f2..6af27fcee 100644
--- a/scripts/broadcast-pim-discovery.nse
+++ b/scripts/broadcast-pim-discovery.nse
@@ -124,7 +124,7 @@ end
--- Returns the network interface used to send packets to the destination host.
--@param destination host to which the interface is used.
--@return interface Network interface used for destination host.
-local getInterface = function(destination)
+local getInterface = function(interfaces, destination)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(destination, "12345", "udp")
@@ -137,13 +137,19 @@ local getInterface = function(destination)
stdnse.verbose1("%s", err)
return
end
- for _, interface in pairs(nmap.list_interfaces()) do
+ for _, interface in ipairs(interfaces) do
if interface.address == address then
return interface
end
end
end
+local filter_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ return if_table
+ end
+end
+
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
local responses = {}
@@ -151,12 +157,15 @@ action = function()
local mcast = "224.0.0.13"
-- Get the network interface to use
- local interface = nmap.get_interface()
- if interface then
- interface = nmap.get_interface_info(interface)
- else
- interface = getInterface(mcast)
+ local interface
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
+ if #interfaces > 1 then
+ -- TODO: send on multiple interfaces
+ interface = getInterface(interfaces, mcast)
+ elseif #interfaces == 1 then
+ interface = interfaces[1]
end
+
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(mcast))
end
diff --git a/scripts/broadcast-ping.nse b/scripts/broadcast-ping.nse
index 065e9e26b..3aa3bbba9 100644
--- a/scripts/broadcast-ping.nse
+++ b/scripts/broadcast-ping.nse
@@ -212,33 +212,17 @@ local broadcast_if = function(if_table,icmp_responders)
end
+local filter_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.link=="ethernet" and if_table.address and
+ if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ return if_table
+ end
+end
+
action = function()
- --get interface script-args, if any
- local interface_arg = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
- local interface_opt = nmap.get_interface()
-
-- interfaces list (decide which interfaces to broadcast on)
- local interfaces ={}
- if interface_opt or interface_arg then
- -- single interface defined
- local interface = interface_opt or interface_arg
- local if_table = nmap.get_interface_info(interface)
- if not (if_table and if_table.address and if_table.link=="ethernet") then
- stdnse.debug1("Interface not supported or not properly configured.")
- return false
- end
- table.insert(interfaces, if_table)
- else
- local tmp_ifaces = nmap.list_interfaces()
- for _, if_table in ipairs(tmp_ifaces) do
- if if_table.address and
- if_table.link=="ethernet" and
- if_table.address:match("%d+%.%d+%.%d+%.%d+") then
- table.insert(interfaces, if_table)
- end
- end
- end
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces == 0 then
stdnse.debug1("No interfaces found.")
diff --git a/scripts/broadcast-pppoe-discover.nse b/scripts/broadcast-pppoe-discover.nse
index 18de05bb2..2a0ed00f5 100644
--- a/scripts/broadcast-pppoe-discover.nse
+++ b/scripts/broadcast-pppoe-discover.nse
@@ -66,36 +66,15 @@ local function discoverPPPoE(helper)
return true, pado
end
--- Gets a list of available interfaces based on link and up filters
---
--- @param link string containing the link type to filter
--- @param up string containing the interface status to filter
--- @return result table containing the matching interfaces
-local function getInterfaces(link, up)
- if( not(nmap.list_interfaces) ) then return end
- local interfaces, err = nmap.list_interfaces()
- local result
- if ( not(err) ) then
- for _, iface in ipairs(interfaces) do
- if ( iface.link == link and iface.up == up ) then
- result = result or {}
- result[iface.device] = true
- end
- end
- end
- return result
-end
-
action = function()
- local interfaces
-
- -- first check if the user supplied an interface
- if ( nmap.get_interface() ) then
- interfaces = { [nmap.get_interface()] = true }
- else
- interfaces = getInterfaces("ethernet", "up")
+ local interfaces = {}
+ local collect_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.link=="ethernet" then
+ interfaces[if_table.device] = true
+ end
end
+ stdnse.get_script_interfaces(collect_interfaces)
for iface in pairs(interfaces) do
local helper, err = pppoe.Helper:new(iface)
diff --git a/scripts/broadcast-ripng-discover.nse b/scripts/broadcast-ripng-discover.nse
index 82f90dd08..9072c7c75 100644
--- a/scripts/broadcast-ripng-discover.nse
+++ b/scripts/broadcast-ripng-discover.nse
@@ -170,7 +170,14 @@ action = function()
local req = RIPng.Request:new( { RIPng.RTE:new("0::", 0, 0, 16) } )
local host, port = "FF02::9", { number = 521, protocol = "udp" }
- local iface = nmap.get_interface()
+ local iface
+ local collect_interface = function (if_table)
+ if not iface and if_table.up == "up" and if_table.link == "ethernet"
+ and if_table.address and if_table.address:match(":") then
+ iface = if_table.device
+ end
+ end
+ stdnse.get_script_interfaces(collect_interface)
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
timeout = (timeout or 5) * 1000
diff --git a/scripts/broadcast-sonicwall-discover.nse b/scripts/broadcast-sonicwall-discover.nse
index 4bdd5b821..26bf99c35 100644
--- a/scripts/broadcast-sonicwall-discover.nse
+++ b/scripts/broadcast-sonicwall-discover.nse
@@ -36,24 +36,33 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"broadcast", "safe"}
--- preliminary checks
-local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface") or nmap.get_interface()
-
prerule = function()
if not nmap.is_privileged() then
stdnse.verbose1("Not running for lack of privileges.")
return false
end
-
- local has_interface = ( interface ~= nil )
- if ( not(has_interface) ) then
- stdnse.verbose1("No network interface was supplied, aborting.")
+ if nmap.address_family() ~= "inet" then
+ stdnse.verbose1("Script is IPv4-only")
return false
end
return true
end
action = function(host, port)
+ -- preliminary checks
+ local interface
+ local collect_interface = function (if_table)
+ if not interface and if_table.up == "up" and
+ if_table.address and if_table.address:match("^%d+%.%d+%.%d+%.%d+$") then
+ interface = if_table.device
+ end
+ end
+ stdnse.get_script_interfaces(collect_interface)
+
+ if not interface then
+ stdnse.verbose1("No network interface was supplied, aborting.")
+ return false
+ end
local sock, co
sock = nmap.new_socket()
diff --git a/scripts/broadcast-wpad-discover.nse b/scripts/broadcast-wpad-discover.nse
index a9c6cba72..295f4d41a 100644
--- a/scripts/broadcast-wpad-discover.nse
+++ b/scripts/broadcast-wpad-discover.nse
@@ -52,27 +52,12 @@ local function createRequestList(req_list)
end
--- Gets a list of available interfaces based on link and up filters
---
--- @param link string containing the link type to filter
--- @param up string containing the interface status to filter
--- @return result table containing the matching interfaces
-local function getInterfaces(link, up)
- if( not(nmap.list_interfaces) ) then return end
- local interfaces, err = nmap.list_interfaces()
- local result
- if ( not(err) ) then
- for _, iface in ipairs(interfaces) do
- if ( iface.link == link and iface.up == up ) then
- result = result or {}
- result[iface.device] = true
- end
- end
+local function filter_interfaces(iface)
+ if ( iface.link == "ethernet" and iface.up == "up" ) then
+ return iface
end
- return result
end
-
local function parseDHCPResponse(response)
for _, v in ipairs(response.options) do
if ( "WPAD" == v.name ) then
@@ -135,7 +120,7 @@ local function enumWPADNames(domain)
end
-local function dnsDiscover()
+local function dnsDiscover(interfaces)
-- first try a domain if it was supplied
if ( arg_domain ) then
local status, response = enumWPADNames(arg_domain)
@@ -147,9 +132,7 @@ local function dnsDiscover()
-- if no domain was supplied, attempt to reverse lookup every ip on each
-- interface to find our FQDN hostname, once we do, try to query for WPAD
- for i in pairs(getInterfaces("ethernet", "up") or {}) do
- local iface, err = nmap.get_interface_info(i)
- if ( iface ) then
+ for _, iface in ipairs(interfaces) do
local status, response = dns.query( dns.reverse(iface.address), { dtype = 'PTR', retAll = true } )
-- did we get a name back from dns?
@@ -175,19 +158,16 @@ local function dnsDiscover()
end
- end
end
return false, "Failed to find WPAD using DNS"
end
-local function dhcpDiscover()
+local function dhcpDiscover(interfaces)
-- send a DHCP discover on all ethernet interfaces that are up
- for i in pairs(getInterfaces("ethernet", "up") or {}) do
- local iface, err = nmap.get_interface_info(i)
- if ( iface ) then
+ for _, iface in ipairs(interfaces) do
local req_list = createRequestList( { 1, 15, 3, 6, 44, 46, 47, 31, 33, 249, 43, 252 } )
local status, response = dhcp.make_request("255.255.255.255", dhcp.request_types["DHCPDISCOVER"], "0.0.0.0", iface.mac, nil, req_list, { flags = 0x8000 } )
@@ -195,7 +175,6 @@ local function dhcpDiscover()
if (status) then
return status, response
end
- end
end
end
@@ -204,6 +183,7 @@ local function fail (err) return stdnse.format_output(false, err) end
action = function()
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
local status, response, wpad
if ( arg_nodhcp and arg_nodns ) then
@@ -212,7 +192,7 @@ action = function()
end
if ( nmap.is_privileged() and not(arg_nodhcp) ) then
- status, response = dhcpDiscover()
+ status, response = dhcpDiscover(interfaces)
if ( status ) then
status, wpad = parseDHCPResponse(response)
end
@@ -220,7 +200,7 @@ action = function()
-- if the DHCP did not get a result, fallback to DNS
if (not(status) and not(arg_nodns) ) then
- status, response = dnsDiscover()
+ status, response = dnsDiscover(interfaces)
if ( not(status) ) then
local services = "DNS" .. ( nmap.is_privileged() and "/DHCP" or "" )
return fail(("Could not find WPAD using %s"):format(services))
diff --git a/scripts/eap-info.nse b/scripts/eap-info.nse
index 5741f4cac..a41eb05ae 100644
--- a/scripts/eap-info.nse
+++ b/scripts/eap-info.nse
@@ -49,24 +49,17 @@ local UNKNOWN = "unknown"
action = function()
- local arg_interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
local arg_identity = stdnse.get_script_args(SCRIPT_NAME .. ".identity")
local arg_scan = stdnse.get_script_args(SCRIPT_NAME .. ".scan")
local arg_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
local iface
- -- trying with provided interface name
- if arg_interface then
- iface = nmap.get_interface_info(arg_interface)
- end
-
- -- trying with default nmap interface
- if not iface then
- local iname = nmap.get_interface()
- if iname then
- iface = nmap.get_interface_info(iname)
+ local collect_interface = function (if_table)
+ if not iface and if_table.up == "up" and if_table.link == "ethernet" then
+ iface = if_table
end
end
+ stdnse.get_script_interfaces(collect_interface)
-- failed
if not iface then
diff --git a/scripts/ip-forwarding.nse b/scripts/ip-forwarding.nse
index 955638076..64c504c4f 100644
--- a/scripts/ip-forwarding.nse
+++ b/scripts/ip-forwarding.nse
@@ -38,10 +38,19 @@ categories = {"safe", "discovery"}
local arg_target = stdnse.get_script_args(SCRIPT_NAME .. ".target")
hostrule = function(host)
+ if nmap.address_family() ~= 'inet' then
+ stdnse.verbose1("Script is IPv4-only")
+ return false
+ end
if ( not(host.mac_addr) ) then
stdnse.debug1("Failed to determine hosts remote MAC address" )
+ return false
end
- return (arg_target ~= nil and host.mac_addr ~= nil)
+ if not arg_target then
+ stdnse.verbose1("Required argument %s.target not given", SCRIPT_NAME)
+ return false
+ end
+ return true
end
diff --git a/scripts/ipv6-multicast-mld-list.nse b/scripts/ipv6-multicast-mld-list.nse
index 56cb60be7..2b955c01f 100644
--- a/scripts/ipv6-multicast-mld-list.nse
+++ b/scripts/ipv6-multicast-mld-list.nse
@@ -248,20 +248,12 @@ do
table.sort(multicast_ranges, sort_ip_ascending)
end
-local function get_interfaces()
- local if_list = nmap.list_interfaces()
- local if_ret = {}
- local arg_interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface") or nmap.get_interface()
-
- for _, if_nfo in pairs(if_list) do
- if (arg_interface == nil or if_nfo.device == arg_interface) -- check for correct interface
+local function filter_interfaces(if_nfo)
+ if (if_nfo.link == "ethernet" -- not the loopback interface
and ipOps.ip_in_range(if_nfo.address, "fe80::/10") -- link local address
- and if_nfo.link == "ethernet" then -- not the loopback interface
- table.insert(if_ret, if_nfo)
- end
+ ) then
+ return if_nfo
end
-
- return if_ret
end
local function single_interface_broadcast(if_nfo, results)
@@ -327,7 +319,7 @@ action = function()
local threads = {}
local condvar = nmap.condvar(results)
- for _, if_nfo in ipairs(get_interfaces()) do
+ for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true
diff --git a/scripts/ipv6-ra-flood.nse b/scripts/ipv6-ra-flood.nse
index 0ecc4e027..b7bc18d44 100644
--- a/scripts/ipv6-ra-flood.nse
+++ b/scripts/ipv6-ra-flood.nse
@@ -58,23 +58,12 @@ prerule = function()
return false
end
- if not stdnse.get_script_args(SCRIPT_NAME .. ".interface") and not nmap.get_interface() then
- stdnse.debug1("No interface was selected, aborting...")
- return false
- end
-
return true
end
-local function get_interface()
- local arg_interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface") or nmap.get_interface()
-
- local if_table = nmap.get_interface_info(arg_interface)
-
- if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
+local function filter_interfaces(if_table)
+ if if_table.up == "up" and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
return if_table.device
- else
- stdnse.debug1("Interface %s not supported or not properly configured, exiting...", arg_interface)
end
end
@@ -191,7 +180,14 @@ local function broadcast_on_interface(iface)
end
function action()
- local interface = get_interface()
+ local interface
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
+ if #interfaces == 1 then
+ interface = interfaces[1]
+ else
+ stdnse.debug1("No interface was selected, aborting...")
+ return nil
+ end
broadcast_on_interface(interface)
end
diff --git a/scripts/knx-gateway-discover.nse b/scripts/knx-gateway-discover.nse
index 40ec54605..4559c2b61 100644
--- a/scripts/knx-gateway-discover.nse
+++ b/scripts/knx-gateway-discover.nse
@@ -215,7 +215,7 @@ end
--- Returns the network interface used to send packets to a target host.
-- @param target host to which the interface is used.
-- @return interface Network interface used for target host.
-local getInterface = function(target)
+local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -228,13 +228,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
- for _, interface in pairs(nmap.list_interfaces()) do
+ for _, interface in ipairs(interfaces) do
if interface.address == address then
return interface
end
end
end
+local filter_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ return if_table
+ end
+end
+
--- Make a dummy connection and return a free source port
-- @param target host to which the interface is used.
-- @return lport Local port which can be used in KNX messages.
@@ -254,12 +260,15 @@ action = function()
local lport = getSourcePort(mcast)
-- Check if a valid interface was provided
- local interface = nmap.get_interface()
- if interface then
- interface = nmap.get_interface_info(interface)
- else
- interface = getInterface(mcast)
+ local interface
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
+ if #interfaces > 1 then
+ -- TODO: send on multiple interfaces
+ interface = getInterface(interfaces, mcast)
+ elseif #interfaces == 1 then
+ interface = interfaces[1]
end
+
if not interface then
return ("\n ERROR: Couldn't get interface for %s"):format(mcast)
end
diff --git a/scripts/llmnr-resolve.nse b/scripts/llmnr-resolve.nse
index 25d2acd17..2d56f34fb 100644
--- a/scripts/llmnr-resolve.nse
+++ b/scripts/llmnr-resolve.nse
@@ -135,7 +135,7 @@ end
-- Returns the network interface used to send packets to a target host.
--@param target host to which the interface is used.
--@return interface Network interface used for target host.
-local getInterface = function(target)
+local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -148,13 +148,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
- for _, interface in pairs(nmap.list_interfaces()) do
+ for _, interface in pairs(interfaces) do
if interface.address == address then
return interface
end
end
end
+local filter_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ return if_table
+ end
+end
+
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
@@ -171,12 +177,15 @@ action = function()
end
-- Check if a valid interface was provided
- local interface = nmap.get_interface()
- if interface then
- interface = nmap.get_interface_info(interface)
- else
- interface = getInterface(mcast)
+ local interface
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
+ if #interfaces > 1 then
+ -- TODO: send on multiple interfaces
+ interface = getInterface(interfaces, mcast)
+ elseif #interfaces == 1 then
+ interface = interfaces[1]
end
+
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(mcast))
end
diff --git a/scripts/lltd-discovery.nse b/scripts/lltd-discovery.nse
index 4edd9825d..ed66d82cf 100644
--- a/scripts/lltd-discovery.nse
+++ b/scripts/lltd-discovery.nse
@@ -244,38 +244,18 @@ local LLTDDiscover = function(if_table, lltd_responders, timeout)
condvar("signal")
end
-local function filter_interfaces (if_table)
- if if_table and if_table.up == "up" and if_table.link=="ethernet" then
- return if_table
- end
- return nil
-end
-
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
timeout = timeout or 30
- --get interface script-args, if any
- local interface_arg = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
- local interface_opt = nmap.get_interface()
-
-- interfaces list (decide which interfaces to broadcast on)
- local interfaces ={}
- if interface_opt or interface_arg then
- -- single interface defined
- local interface = interface_opt or interface_arg
- local if_table = filter_interfaces(nmap.get_interface_info(interface))
- if not if_table then
- stdnse.debug1("Interface not supported or not properly configured.")
- return false
- end
- interfaces[if_table.device] = if_table
- else
- local tmp_ifaces = nmap.list_interfaces()
- for _, if_table in ipairs(tmp_ifaces) do
- interfaces[if_table.device] = filter_interfaces(if_table)
+ local interfaces = {}
+ local collect_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.link=="ethernet" then
+ interfaces[if_table.device] = if_table
end
end
+ stdnse.get_script_interfaces(collect_interfaces)
if not next(interfaces) then
stdnse.debug1("No interfaces found.")
diff --git a/scripts/mrinfo.nse b/scripts/mrinfo.nse
index fb7284f6e..3df9aae36 100644
--- a/scripts/mrinfo.nse
+++ b/scripts/mrinfo.nse
@@ -216,7 +216,7 @@ end
-- Returns the network interface used to send packets to a target host.
--@param target host to which the interface is used.
--@return interface Network interface used for target host.
-local getInterface = function(target)
+local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -229,13 +229,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
- for _, interface in pairs(nmap.list_interfaces()) do
+ for _, interface in ipairs(interfaces) do
if interface.address == address then
return interface
end
end
end
+local filter_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ return if_table
+ end
+end
+
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
timeout = (timeout or 5) * 1000
@@ -243,12 +249,14 @@ action = function()
local responses = {}
local interface, result
- interface = nmap.get_interface()
- if interface then
- interface = nmap.get_interface_info(interface)
- else
- interface = getInterface(target)
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
+ if #interfaces > 1 then
+ -- TODO: send on multiple interfaces
+ interface = getInterface(interfaces, target)
+ elseif #interfaces == 1 then
+ interface = interfaces[1]
end
+
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(target))
end
diff --git a/scripts/mtrace.nse b/scripts/mtrace.nse
index 4df793524..e899226ba 100644
--- a/scripts/mtrace.nse
+++ b/scripts/mtrace.nse
@@ -283,7 +283,7 @@ end
-- Returns the network interface used to send packets to a target host.
--@param target host to which the interface is used.
--@return interface Network interface used for target host.
-local getInterface = function(target)
+local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -296,13 +296,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
- for _, interface in pairs(nmap.list_interfaces()) do
+ for _, interface in pairs(interfaces) do
if interface.address == address then
return interface
end
end
end
+local filter_interfaces = function (if_table)
+ if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
+ return if_table
+ end
+end
+
action = function()
local fromip = stdnse.get_script_args(SCRIPT_NAME .. ".fromip")
@@ -320,11 +326,13 @@ action = function()
end
-- Get network interface to use
- local interface = nmap.get_interface()
- if interface then
- interface = nmap.get_interface_info(interface)
- else
- interface = getInterface(firsthop)
+ local interface
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
+ if #interfaces > 1 then
+ -- TODO: send on multiple interfaces
+ interface = getInterface(interfaces, firsthop)
+ elseif #interfaces == 1 then
+ interface = interfaces[1]
end
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(firsthop))
diff --git a/scripts/multicast-profinet-discovery.nse b/scripts/multicast-profinet-discovery.nse
index a811a55dd..99002fd35 100755
--- a/scripts/multicast-profinet-discovery.nse
+++ b/scripts/multicast-profinet-discovery.nse
@@ -298,38 +298,6 @@ parse_pndcp = function(eth_data, pn_data)
return device
end
--- get all possible interfaces
---@param link type of interface e.g. "ethernet"
---@param up status of the interface
---@return result table with all interfaces which match the given requirements
-getInterfaces = function(link, up)
- if( not(nmap.list_interfaces) ) then return end
- local interfaces, err = nmap.list_interfaces()
- local result = {}
-
- if ( not(err) ) then
- for _, iface in ipairs(interfaces) do
- if ( iface.link == link and
- iface.up == up and
- iface.mac ) then
- if #result == 0 then
- table.insert(result, iface)
- else
- local exists = false
- for _, intface in ipairs(result) do
- if intface.mac == iface.mac then
- exists = true
- end
- end
- if not exists then
- table.insert(result, iface)
- end
- end
- end
- end
- end
- return result
-end
-- helpfunction for thread call
--@param iface interface table
@@ -369,8 +337,6 @@ end
--@return 0 if no devices were found
--@return output_tab table for nmap to show the gathered information
action = function()
- local interface_e = nmap.get_interface()
- local interfaces = {}
local output_tab = stdnse.output_table()
output_tab.devices = {}
@@ -381,17 +347,15 @@ action = function()
local pcap_s = nmap.new_socket()
pcap_s:set_timeout(4000)
-
- if(interface_e) then -- interface supplied with -e
- local iface = nmap.get_interface_info(interface_e)
- if not (iface and iface.link == 'ethernet') then
- stdnse.debug(1, "%s not supported with %s", iface, SCRIPT_NAME)
- return false
+ local macs = {}
+ local filter_interfaces = function (iface)
+ if iface.link == "ethernet" and iface.up == "up" and
+ iface.mac and not macs[iface.mac] then
+ macs[iface.mac] = true
+ return iface
end
- table.insert(interfaces, iface)
- else -- discover interfaces
- interfaces = getInterfaces("ethernet", "up")
end
+ local interfaces = stdnse.get_script_interfaces(filter_interfaces)
-- check if at least one interface is available
if #interfaces == 0 then
diff --git a/scripts/targets-ipv6-multicast-echo.nse b/scripts/targets-ipv6-multicast-echo.nse
index d6e82b6af..58cbfb842 100644
--- a/scripts/targets-ipv6-multicast-echo.nse
+++ b/scripts/targets-ipv6-multicast-echo.nse
@@ -34,29 +34,10 @@ prerule = function()
return nmap.is_privileged()
end
-local function get_interfaces()
- local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
- or nmap.get_interface()
-
- -- interfaces list (decide which interfaces to broadcast on)
- local interfaces = {}
- if interface_name then
- -- single interface defined
- local if_table = nmap.get_interface_info(interface_name)
- if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
- interfaces[#interfaces + 1] = if_table
- else
- stdnse.debug1("Interface not supported or not properly configured.")
- end
- else
- for _, if_table in ipairs(nmap.list_interfaces()) do
- if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
- table.insert(interfaces, if_table)
- end
- end
+local function filter_interfaces(if_table)
+ if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
+ return if_table
end
-
- return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -150,7 +131,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
- for _, if_nfo in ipairs(get_interfaces()) do
+ for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true
diff --git a/scripts/targets-ipv6-multicast-invalid-dst.nse b/scripts/targets-ipv6-multicast-invalid-dst.nse
index 46cd566c0..fa673ed37 100644
--- a/scripts/targets-ipv6-multicast-invalid-dst.nse
+++ b/scripts/targets-ipv6-multicast-invalid-dst.nse
@@ -49,29 +49,10 @@ local function build_invalid_extension_header(nxt_hdr)
"\x80\x01\x00\x00\x00\x00"
end
-local function get_interfaces()
- local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
- or nmap.get_interface()
-
- -- interfaces list (decide which interfaces to broadcast on)
- local interfaces = {}
- if interface_name then
- -- single interface defined
- local if_table = nmap.get_interface_info(interface_name)
- if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
- interfaces[#interfaces + 1] = if_table
- else
- stdnse.debug1("Interface not supported or not properly configured.")
- end
- else
- for _, if_table in ipairs(nmap.list_interfaces()) do
- if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
- table.insert(interfaces, if_table)
- end
- end
+local function filter_interfaces(if_table)
+ if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
+ return if_table
end
-
- return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -179,7 +160,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
- for _, if_nfo in ipairs(get_interfaces()) do
+ for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true
diff --git a/scripts/targets-ipv6-multicast-mld.nse b/scripts/targets-ipv6-multicast-mld.nse
index e1187c0f8..b446b2b7b 100644
--- a/scripts/targets-ipv6-multicast-mld.nse
+++ b/scripts/targets-ipv6-multicast-mld.nse
@@ -64,21 +64,11 @@ prerule = function()
end
-local function get_interfaces()
- local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
- or nmap.get_interface()
-
- -- interfaces list (decide which interfaces to broadcast on)
- local interfaces = {}
- for _, if_table in pairs(nmap.list_interfaces()) do
- if (interface_name == nil or if_table.device == interface_name) -- check for correct interface
- and ipOps.ip_in_range(if_table.address, "fe80::/10") -- link local address
- and if_table.link == "ethernet" then -- not the loopback interface
- table.insert(interfaces, if_table)
- end
+local function filter_interfaces(if_table)
+ if ipOps.ip_in_range(if_table.address, "fe80::/10") -- link local address
+ and if_table.link == "ethernet" then -- not the loopback interface
+ return if_table
end
-
- return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -127,7 +117,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
- for _, if_nfo in ipairs(get_interfaces()) do
+ for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true
diff --git a/scripts/targets-ipv6-multicast-slaac.nse b/scripts/targets-ipv6-multicast-slaac.nse
index d924e6ced..db5933620 100644
--- a/scripts/targets-ipv6-multicast-slaac.nse
+++ b/scripts/targets-ipv6-multicast-slaac.nse
@@ -95,29 +95,10 @@ local function build_router_advert(mac_src,prefix,prefix_len,valid_time,preferre
return icmpv6_payload
end
-local function get_interfaces()
- local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
- or nmap.get_interface()
-
- -- interfaces list (decide which interfaces to broadcast on)
- local interfaces = {}
- if interface_name then
- -- single interface defined
- local if_table = nmap.get_interface_info(interface_name)
- if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
- interfaces[#interfaces + 1] = if_table
- else
- stdnse.debug1("Interface not supported or not properly configured.")
- end
- else
- for _, if_table in ipairs(nmap.list_interfaces()) do
- if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
- table.insert(interfaces, if_table)
- end
- end
+local function filter_interfaces(if_table)
+ if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
+ return if_table
end
-
- return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -235,7 +216,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
- for _, if_nfo in ipairs(get_interfaces()) do
+ for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
if ipOps.ip_in_range(if_nfo.address, "fe80::/10") then
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
diff --git a/scripts/targets-sniffer.nse b/scripts/targets-sniffer.nse
index 44f1e4a54..3577c7326 100644
--- a/scripts/targets-sniffer.nse
+++ b/scripts/targets-sniffer.nse
@@ -15,15 +15,15 @@ by default) and prints discovered addresses. If the
newtargets script argument is set, discovered addresses
are added to the scan queue.
-Requires root privileges. Either the targets-sniffer.iface script
+Requires root privileges. Either the targets-sniffer.interface script
argument or -e Nmap option to define which interface to use.
]]
---
-- @usage
--- nmap -sL --script=targets-sniffer --script-args=newtargets,targets-sniffer.timeout=5s,targets-sniffer.iface=eth0
+-- nmap -sL --script=targets-sniffer --script-args=newtargets,targets-sniffer.timeout=5s,targets-sniffer.interface=eth0
-- @args targets-sniffer.timeout The amount of time to listen for packets. Default 10s.
--- @args targets-sniffer.iface The interface to use for sniffing.
+-- @args targets-sniffer.interface The interface to use for sniffing.
-- @output
-- Pre-scan script results:
-- | targets-sniffer:
@@ -65,10 +65,14 @@ local function get_ip_addresses(layer3)
end
prerule = function()
- return nmap.is_privileged() and
- (stdnse.get_script_args("targets-sniffer.iface") or nmap.get_interface())
+ return nmap.is_privileged()
end
+local function collect_interface(if_table)
+ if not interface_info and if_table.up == "up" and if_table.link ~= "loopback" then
+ interface_info = if_table
+ end
+end
action = function()
@@ -77,11 +81,17 @@ action = function()
local ip_counter = 0
local timeout = stdnse.parse_timespec(stdnse.get_script_args("targets-sniffer.timeout"))
timeout = (timeout or 10) * 1000
- local interface = stdnse.get_script_args("targets-sniffer.iface") or nmap.get_interface()
- interface_info = nmap.get_interface_info(interface)
+ -- TODO: sniff on all interfaces
+ -- NOTE: targets-sniffer.iface script-arg name is non-standard, but left for compatibility.
+ local interface = stdnse.get_script_args("targets-sniffer.iface")
+ if interface then
+ interface_info = nmap.get_interface_info(interface)
+ else
+ stdnse.get_script_interfaces(collect_interface)
+ end
if interface_info==nil then -- Check if we have the interface information
- stdnse.debug1("Error: Unable to get interface info. Did you specify the correct interface using 'targets-sniffer.iface=' or '-e '?")
+ stdnse.debug1("Error: Unable to get interface info. Did you specify the correct interface using 'targets-sniffer.interface=' or '-e '?")
return
end
diff --git a/scripts/url-snarf.nse b/scripts/url-snarf.nse
index 473eb008d..05da22c4d 100644
--- a/scripts/url-snarf.nse
+++ b/scripts/url-snarf.nse
@@ -37,18 +37,11 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"safe"}
-local arg_iface = nmap.get_interface() or stdnse.get_script_args(SCRIPT_NAME .. ".interface")
-
prerule = function()
- local has_interface = ( arg_iface ~= nil )
if not nmap.is_privileged() then
stdnse.verbose1("not running for lack of privileges.")
return false
end
- if ( not(has_interface) ) then
- stdnse.verbose1("no network interface was supplied, aborting ...")
- return false
- end
return true
end
@@ -102,6 +95,19 @@ local function log_entry(src_ip, url)
end
action = function()
+ local arg_iface
+ local collect_interface = function (if_table)
+ if not arg_iface and if_table.up == "up" and if_table.link ~= "loopback" then
+ arg_iface = if_table.device
+ end
+ end
+ stdnse.get_script_interfaces(collect_interface)
+
+ if not arg_iface then
+ stdnse.verbose1("no network interface was supplied, aborting ...")
+ return false
+ end
+
local counter = 0
if ( arg_outfile ) then