PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Use stdnse.get_script_interfaces() for all relevant scripts

Browse Source
This commit is contained in:
dmiller
2024-05-24 19:01:16 +00:00
parent 4ee4d9ea27
commit 453f9a7e25
30 changed files with 297 additions and 522 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
scripts/broadcast-ataoe-discover.nse
View File

@@ -30,7 +30,13 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"broadcast", "safe"}
prerule = function() return true end
prerule = function()
if ( not(nmap.is_privileged()) ) then
stdnse.verbose1("not running for lack of privileges")
return false
end
return true
end
-- The minimalistic ATAoE interface
ATAoE = {
@@ -118,18 +124,15 @@ end
action = function()
local iname = nmap.get_interface()
if ( not(iname) ) then
stdnse.verbose1("No interface supplied, use -e")
return
local iface
local collect_interface = function (if_table)
if not iface and if_table.up == "up" and if_table.link == "ethernet" then
iface = if_table
end
end
if ( not(nmap.is_privileged()) ) then
stdnse.verbose1("not running for lack of privileges")
return
end
stdnse.get_script_interfaces(collect_interface)
local iface = nmap.get_interface_info(iname)
if ( not(iface) ) then
return stdnse.format_output(false, "Failed to retrieve interface information")
end

55
scripts/broadcast-dhcp-discover.nse
View File

@@ -100,29 +100,9 @@ prerule = function()
return true
end
-- Gets a list of available interfaces based on link and up filters
--
-- @param link string containing the link type to filter
-- @param up string containing the interface status to filter
-- @return result table containing the matching interfaces
local function getInterfaces(link, up)
if( not(nmap.list_interfaces) ) then return end
local interfaces, err = nmap.list_interfaces()
local result
if ( not(err) ) then
for _, iface in ipairs(interfaces) do
if ( iface.link == link and iface.up == up ) then
result = result or {}
result[iface.device] = true
end
end
end
return result
end
-- Listens for an incoming dhcp response
--
-- @param iface string with the name of the interface to listen to
-- @param iface description table of the interface to listen to
-- @param macaddr client hardware address
-- @param options DHCP options to include in the request
-- @param timeout number of ms to wait for a response
@@ -144,7 +124,7 @@ local function dhcp_listener(sock, iface, macaddr, options, timeout, xid, result
nil, -- lease time
xid)
if not status then
stdnse.debug1("Failed to build packet for %s: %s", iface, pkt)
stdnse.debug1("Failed to build packet for %s: %s", iface.device, pkt)
condvar "signal"
return
end
@@ -167,15 +147,15 @@ local function dhcp_listener(sock, iface, macaddr, options, timeout, xid, result
-- Add the Ethernet header
frame:build_ether_frame(
"\xff\xff\xff\xff\xff\xff",
nmap.get_interface_info(iface).mac, -- can't use macaddr or we won't see response
iface.mac, -- can't use macaddr or we won't see response
packet.ETHER_TYPE_IPV4)
local dnet = nmap.new_dnet()
dnet:ethernet_open(iface)
dnet:ethernet_open(iface.device)
local status, err = dnet:ethernet_send(frame.frame_buf)
dnet:ethernet_close()
if not status then
stdnse.debug1("Failed to send frame for %s: %s", iface, err)
stdnse.debug1("Failed to send frame for %s: %s", iface.device, err)
condvar "signal"
return
end
@@ -192,7 +172,7 @@ local function dhcp_listener(sock, iface, macaddr, options, timeout, xid, result
local data = data:sub(p.udp_offset + 9)
local status, response = dhcp.dhcp_parse(data, xid)
if ( status ) then
response.iface = iface
response.iface = iface.device
table.insert( result, response )
end
end
@@ -243,20 +223,15 @@ action = function()
table.insert(options, {number = 61, type = "string", value = clientid })
end
local interfaces
-- first check if the user supplied an interface
if ( nmap.get_interface() ) then
interfaces = { [nmap.get_interface()] = true }
else
-- As the response will be sent to the "offered" ip address we need
-- to use pcap to pick it up. However, we don't know what interface
-- our packet went out on, so lets get a list of all interfaces and
-- run pcap on all of them, if they're a) up and b) ethernet.
interfaces = getInterfaces("ethernet", "up")
local interfaces = {}
local collect_interfaces = function (if_table)
if if_table and if_table.up == "up" and if_table.link=="ethernet" then
interfaces[if_table.device] = if_table
end
end
stdnse.get_script_interfaces(collect_interfaces)
if( not(interfaces) ) then return fail("Failed to retrieve interfaces (try setting one explicitly using -e)") end
if not next(interfaces) then return fail("Failed to retrieve interfaces (try setting one explicitly using -e)") end
local transaction_id = math.random(0, 0x7F000000)
@@ -265,13 +240,13 @@ action = function()
local condvar = nmap.condvar(result)
-- start a listening thread for each interface
for iface, _ in pairs(interfaces) do
for if_name, iface in pairs(interfaces) do
transaction_id = transaction_id + 1
local xid = string.pack(">I4", transaction_id)
local sock, co
sock = nmap.new_socket()
sock:pcap_open(iface, 1500, true, "ip && udp dst port 68")
sock:pcap_open(if_name, 1500, true, "ip && udp dst port 68")
co = stdnse.new_thread( dhcp_listener, sock, iface, macaddr, options, timeout, xid, result )
threads[co] = true
end

31
scripts/broadcast-dhcp6-discover.nse
View File

@@ -52,26 +52,6 @@ prerule = function()
return true
end
-- Gets a list of available interfaces based on link and up filters
--
-- @param link string containing the link type to filter
-- @param up string containing the interface status to filter
-- @return result table containing the matching interfaces
local function getInterfaces(link, up)
if( not(nmap.list_interfaces) ) then return end
local interfaces, err = nmap.list_interfaces()
local result
if ( not(err) ) then
for _, iface in ipairs(interfaces) do
if ( iface.link == link and iface.up == up ) then
result = result or {}
result[iface.device] = true
end
end
end
return result
end
local function solicit(iface, result)
local condvar = nmap.condvar(result)
local helper = dhcp6.Helper:new(iface)
@@ -90,15 +70,16 @@ end
action = function(host, port)
local iface = nmap.get_interface()
local ifs, result, threads = {}, {}, {}
local condvar = nmap.condvar(result)
if ( iface ) then
ifs[iface] = true
else
ifs = getInterfaces("ethernet", "up")
local ifs = {}
local collect_interfaces = function (if_table)
if if_table and if_table.up == "up" and if_table.link=="ethernet" then
ifs[if_table.device] = if_table
end
end
stdnse.get_script_interfaces(collect_interfaces)
for iface in pairs(ifs) do
local co = stdnse.new_thread( solicit, iface, result )

25
scripts/broadcast-eigrp-discovery.nse
View File

@@ -199,7 +199,6 @@ action = function()
local as = stdnse.get_script_args(SCRIPT_NAME .. ".as")
local kparams = stdnse.get_script_args(SCRIPT_NAME .. ".kparams") or "101000"
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
local output, responses, interfaces, lthreads = {}, {}, {}, {}
local result, response, route, eigrp_hello, k
local timeout = (timeout or 10) * 1000
@@ -218,27 +217,13 @@ action = function()
k[6] = string.sub(kparams, 6)
end
interface = interface or nmap.get_interface()
if interface then
-- If an interface was provided, get its information
interface = nmap.get_interface_info(interface)
if not interface then
return fail(("Failed to retrieve %s interface information."):format(interface))
end
interfaces = {interface}
stdnse.debug1("Will use %s interface.", interface.shortname)
else
local ifacelist = nmap.list_interfaces()
for _, iface in ipairs(ifacelist) do
-- Match all ethernet interfaces
if iface.address and iface.link=="ethernet" and
iface.address:match("%d+%.%d+%.%d+%.%d+") then
stdnse.debug1("Will use %s interface.", iface.shortname)
table.insert(interfaces, iface)
end
local collect_interfaces = function (if_table)
if if_table and if_table.up == "up" and if_table.link=="ethernet"
and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
interfaces[#interfaces+1] = if_table
end
end
stdnse.get_script_interfaces(collect_interfaces)
-- If user didn't provide an Autonomous System value, we listen fro multicast
-- HELLO router announcements to get one.

27
scripts/broadcast-igmp-discovery.nse
View File

@@ -302,7 +302,6 @@ end
action = function(host, port)
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
local version = stdnse.get_script_args(SCRIPT_NAME .. ".version") or 2
local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
timeout = (timeout or 7) * 1000
if version ~= 'all' then
version = tonumber(version)
@@ -315,29 +314,13 @@ action = function(host, port)
nmap.fetchfile("nselib/data/mgroupnames.db")
local mg_names_db = group_names_fname and mgroup_names_fetch(group_names_fname)
-- Check the interface
interface = interface or nmap.get_interface()
if interface then
-- Get the interface information
interface = nmap.get_interface_info(interface)
if not interface then
return stdnse.format_output(false, ("Failed to retrieve %s interface information."):format(interface))
end
interfaces = {interface}
stdnse.debug1("Will use %s interface.", interface.shortname)
else
local ifacelist = nmap.list_interfaces()
for _, iface in ipairs(ifacelist) do
-- Match all ethernet interfaces
if iface.address and iface.link=="ethernet" and
iface.address:match("%d+%.%d+%.%d+%.%d+") then
stdnse.debug1("Will use %s interface.", iface.shortname)
table.insert(interfaces, iface)
end
local collect_interfaces = function (if_table)
if if_table and if_table.up == "up" and if_table.link=="ethernet"
and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
interfaces[#interfaces+1] = if_table
end
end
stdnse.get_script_interfaces(collect_interfaces)
-- We should iterate over interfaces
for _, interface in pairs(interfaces) do

60
scripts/broadcast-listener.nse
View File

@@ -126,7 +126,7 @@ end
-- Starts sniffing the selected interface for packets with a destination that
-- is not explicitly ours (broadcast, multicast etc.)
--
-- @param iface table containing <code>name</code> and <code>address</code>
-- @param iface table containing <code>device</code> and <code>address</code>
-- @param Decoders the decoders class loaded externally
-- @param decodertab the "result" table to which all discovered items are
-- reported
@@ -139,7 +139,7 @@ sniffInterface = function(iface, Decoders, decodertab)
timeout = (timeout or 30) * 1000
-- We want all packets that aren't explicitly for us
sock:pcap_open(iface.name, 1500, true, ("!host %s"):format(iface.address))
sock:pcap_open(iface.device, 1500, true, ("!host %s"):format(iface.address))
-- Set a short timeout so that we can timeout in time if needed
sock:set_timeout(100)
@@ -193,58 +193,20 @@ sniffInterface = function(iface, Decoders, decodertab)
condvar "signal"
end
---
-- Gets a list of available interfaces based on link and up filters
-- Interfaces are only added if they've got an ipv4 address
--
-- @param link string containing the link type to filter
-- @param up string containing the interface status to filter
-- @return result table containing tables of interfaces
-- each interface table has the following fields:
-- <code>name</code> containing the device name
-- <code>address</code> containing the device address
getInterfaces = function(link, up)
if( not(nmap.list_interfaces) ) then return end
local interfaces, err = nmap.list_interfaces()
local result = {}
if ( not(err) ) then
for _, iface in ipairs(interfaces) do
if ( iface.link == link and
iface.up == up and
iface.address ) then
-- exclude ipv6 addresses for now
if ( not(iface.address:match(":")) ) then
table.insert(result, { name = iface.device,
address = iface.address } )
end
end
end
end
return result
end
local function fail (err) return stdnse.format_output(false, err) end
local filter_interfaces = function (iface)
if (iface.up == "up" and iface.link=="ethernet" and iface.address
-- exclude ipv6 addresses for now
and not iface.address:match(":")) then
return iface
end
end
action = function()
local DECODERFILE = "nselib/data/packetdecoders.lua"
local iface = nmap.get_interface()
local interfaces = {}
-- was an interface supplied using the -e argument?
if ( iface ) then
local iinfo, err = nmap.get_interface_info(iface)
if ( not(iinfo.address) ) then
return fail("The IP address of the interface could not be determined")
end
interfaces = { { name = iface, address = iinfo.address } }
else
-- no interface was supplied, attempt autodiscovery
interfaces = getInterfaces("ethernet", "up")
end
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
-- make sure we have at least one interface to start sniffing
if ( #interfaces == 0 ) then

14
scripts/broadcast-networker-discover.nse
View File

@@ -62,7 +62,19 @@ action = function()
local results = {}
local ip = ( nmap.address_family() == "inet" ) and "255.255.255.255" or "ff02::202"
local iface = nmap.get_interface()
local iface
local collect_interface = function (if_table)
if not iface and if_table.up == "up" and if_table.link == "ethernet"
and if_table.address and (
(nmap.address_family() == "inet" and if_table.address:match("^%d+%.%d+%.%d+%.%d+$"))
or (nmap.address_family() == "inet6" and if_table.address:match(":"))
)
then
iface = if_table.device
end
end
stdnse.get_script_interfaces(collect_interface)
-- handle problematic sends on OS X requiring the interface to be
-- supplied as part of IPv6

39
scripts/broadcast-ospf2-discover.nse
View File

@@ -389,42 +389,31 @@ local ospfListen = function(interface, timeout)
listener:pcap_close()
end
local filter_interfaces = function (if_table)
if if_table.up == "up" and if_table.link=="ethernet" and
if_table.address:match("%d+%.%d+%.%d+%.%d+") then
return if_table
end
end
action = function()
-- Get script arguments
md5_key = stdnse.get_script_args(SCRIPT_NAME .. ".md5_key") or false
router_id = stdnse.get_script_args(SCRIPT_NAME .. ".router_id") or "0.0.0.1"
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout")) or 10
local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
stdnse.print_debug("Value for router ID argument: %s.", router_id)
stdnse.print_debug("Value for timeout argument: %s.", timeout)
-- Determine interface to use
interface = interface or nmap.get_interface()
if interface then
interface = nmap.get_interface_info(interface)
if not interface then
return fail(("Failed to retrieve %s interface information."):format(interface))
end
local interface
local interface_good = stdnse.get_script_interfaces(filter_interfaces)
if #interface_good == 1 then
interface = interface_good[1]
stdnse.print_debug("Will use %s interface.", interface.shortname)
elseif #interface_good == 0 then
return fail("Source interface not found.")
else
local interface_list = nmap.list_interfaces()
local interface_good = {}
for _, os_interface in ipairs(interface_list) do
if os_interface.address and os_interface.link == "ethernet" and
os_interface.address:match("%d+%.%d+%.%d+%.%d+") then
stdnse.print_debug(2, "Found usable interface: %s.", os_interface.shortname)
table.insert(interface_good, os_interface)
end
end
if #interface_good == 1 then
interface = interface_good[1]
stdnse.print_debug("Will use %s interface.", interface.shortname)
elseif #interface_good == 0 then
return fail("Source interface not found.")
else
return fail("Ambiguous source interface, please specify it with -e or interface parameter.")
end
return fail("Ambiguous source interface, please specify it with -e or interface parameter.")
end
return ospfListen(interface, timeout)

23
scripts/broadcast-pim-discovery.nse
View File

@@ -124,7 +124,7 @@ end
--- Returns the network interface used to send packets to the destination host.
--@param destination host to which the interface is used.
--@return interface Network interface used for destination host.
local getInterface = function(destination)
local getInterface = function(interfaces, destination)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(destination, "12345", "udp")
@@ -137,13 +137,19 @@ local getInterface = function(destination)
stdnse.verbose1("%s", err)
return
end
for _, interface in pairs(nmap.list_interfaces()) do
for _, interface in ipairs(interfaces) do
if interface.address == address then
return interface
end
end
end
local filter_interfaces = function (if_table)
if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
return if_table
end
end
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
local responses = {}
@@ -151,12 +157,15 @@ action = function()
local mcast = "224.0.0.13"
-- Get the network interface to use
local interface = nmap.get_interface()
if interface then
interface = nmap.get_interface_info(interface)
else
interface = getInterface(mcast)
local interface
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces > 1 then
-- TODO: send on multiple interfaces
interface = getInterface(interfaces, mcast)
elseif #interfaces == 1 then
interface = interfaces[1]
end
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(mcast))
end

32
scripts/broadcast-ping.nse
View File

@@ -212,33 +212,17 @@ local broadcast_if = function(if_table,icmp_responders)
end
local filter_interfaces = function (if_table)
if if_table.up == "up" and if_table.link=="ethernet" and if_table.address and
if_table.address:match("%d+%.%d+%.%d+%.%d+") then
return if_table
end
end
action = function()
--get interface script-args, if any
local interface_arg = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
local interface_opt = nmap.get_interface()
-- interfaces list (decide which interfaces to broadcast on)
local interfaces ={}
if interface_opt or interface_arg then
-- single interface defined
local interface = interface_opt or interface_arg
local if_table = nmap.get_interface_info(interface)
if not (if_table and if_table.address and if_table.link=="ethernet") then
stdnse.debug1("Interface not supported or not properly configured.")
return false
end
table.insert(interfaces, if_table)
else
local tmp_ifaces = nmap.list_interfaces()
for _, if_table in ipairs(tmp_ifaces) do
if if_table.address and
if_table.link=="ethernet" and
if_table.address:match("%d+%.%d+%.%d+%.%d+") then
table.insert(interfaces, if_table)
end
end
end
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces == 0 then
stdnse.debug1("No interfaces found.")

33
scripts/broadcast-pppoe-discover.nse
View File

@@ -66,36 +66,15 @@ local function discoverPPPoE(helper)
return true, pado
end
-- Gets a list of available interfaces based on link and up filters
--
-- @param link string containing the link type to filter
-- @param up string containing the interface status to filter
-- @return result table containing the matching interfaces
local function getInterfaces(link, up)
if( not(nmap.list_interfaces) ) then return end
local interfaces, err = nmap.list_interfaces()
local result
if ( not(err) ) then
for _, iface in ipairs(interfaces) do
if ( iface.link == link and iface.up == up ) then
result = result or {}
result[iface.device] = true
end
end
end
return result
end
action = function()
local interfaces
-- first check if the user supplied an interface
if ( nmap.get_interface() ) then
interfaces = { [nmap.get_interface()] = true }
else
interfaces = getInterfaces("ethernet", "up")
local interfaces = {}
local collect_interfaces = function (if_table)
if if_table.up == "up" and if_table.link=="ethernet" then
interfaces[if_table.device] = true
end
end
stdnse.get_script_interfaces(collect_interfaces)
for iface in pairs(interfaces) do
local helper, err = pppoe.Helper:new(iface)

9
scripts/broadcast-ripng-discover.nse
View File

@@ -170,7 +170,14 @@ action = function()
local req = RIPng.Request:new( { RIPng.RTE:new("0::", 0, 0, 16) } )
local host, port = "FF02::9", { number = 521, protocol = "udp" }
local iface = nmap.get_interface()
local iface
local collect_interface = function (if_table)
if not iface and if_table.up == "up" and if_table.link == "ethernet"
and if_table.address and if_table.address:match(":") then
iface = if_table.device
end
end
stdnse.get_script_interfaces(collect_interface)
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
timeout = (timeout or 5) * 1000

23
scripts/broadcast-sonicwall-discover.nse
View File

@@ -36,24 +36,33 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"broadcast", "safe"}
-- preliminary checks
local interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface") or nmap.get_interface()
prerule = function()
if not nmap.is_privileged() then
stdnse.verbose1("Not running for lack of privileges.")
return false
end
local has_interface = ( interface ~= nil )
if ( not(has_interface) ) then
stdnse.verbose1("No network interface was supplied, aborting.")
if nmap.address_family() ~= "inet" then
stdnse.verbose1("Script is IPv4-only")
return false
end
return true
end
action = function(host, port)
-- preliminary checks
local interface
local collect_interface = function (if_table)
if not interface and if_table.up == "up" and
if_table.address and if_table.address:match("^%d+%.%d+%.%d+%.%d+$") then
interface = if_table.device
end
end
stdnse.get_script_interfaces(collect_interface)
if not interface then
stdnse.verbose1("No network interface was supplied, aborting.")
return false
end
local sock, co
sock = nmap.new_socket()

40
scripts/broadcast-wpad-discover.nse
View File

@@ -52,27 +52,12 @@ local function createRequestList(req_list)
end
-- Gets a list of available interfaces based on link and up filters
--
-- @param link string containing the link type to filter
-- @param up string containing the interface status to filter
-- @return result table containing the matching interfaces
local function getInterfaces(link, up)
if( not(nmap.list_interfaces) ) then return end
local interfaces, err = nmap.list_interfaces()
local result
if ( not(err) ) then
for _, iface in ipairs(interfaces) do
if ( iface.link == link and iface.up == up ) then
result = result or {}
result[iface.device] = true
end
end
local function filter_interfaces(iface)
if ( iface.link == "ethernet" and iface.up == "up" ) then
return iface
end
return result
end
local function parseDHCPResponse(response)
for _, v in ipairs(response.options) do
if ( "WPAD" == v.name ) then
@@ -135,7 +120,7 @@ local function enumWPADNames(domain)
end
local function dnsDiscover()
local function dnsDiscover(interfaces)
-- first try a domain if it was supplied
if ( arg_domain ) then
local status, response = enumWPADNames(arg_domain)
@@ -147,9 +132,7 @@ local function dnsDiscover()
-- if no domain was supplied, attempt to reverse lookup every ip on each
-- interface to find our FQDN hostname, once we do, try to query for WPAD
for i in pairs(getInterfaces("ethernet", "up") or {}) do
local iface, err = nmap.get_interface_info(i)
if ( iface ) then
for _, iface in ipairs(interfaces) do
local status, response = dns.query( dns.reverse(iface.address), { dtype = 'PTR', retAll = true } )
-- did we get a name back from dns?
@@ -175,19 +158,16 @@ local function dnsDiscover()
end
end
end
return false, "Failed to find WPAD using DNS"
end
local function dhcpDiscover()
local function dhcpDiscover(interfaces)
-- send a DHCP discover on all ethernet interfaces that are up
for i in pairs(getInterfaces("ethernet", "up") or {}) do
local iface, err = nmap.get_interface_info(i)
if ( iface ) then
for _, iface in ipairs(interfaces) do
local req_list = createRequestList( { 1, 15, 3, 6, 44, 46, 47, 31, 33, 249, 43, 252 } )
local status, response = dhcp.make_request("255.255.255.255", dhcp.request_types["DHCPDISCOVER"], "0.0.0.0", iface.mac, nil, req_list, { flags = 0x8000 } )
@@ -195,7 +175,6 @@ local function dhcpDiscover()
if (status) then
return status, response
end
end
end
end
@@ -204,6 +183,7 @@ local function fail (err) return stdnse.format_output(false, err) end
action = function()
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
local status, response, wpad
if ( arg_nodhcp and arg_nodns ) then
@@ -212,7 +192,7 @@ action = function()
end
if ( nmap.is_privileged() and not(arg_nodhcp) ) then
status, response = dhcpDiscover()
status, response = dhcpDiscover(interfaces)
if ( status ) then
status, wpad = parseDHCPResponse(response)
end
@@ -220,7 +200,7 @@ action = function()
-- if the DHCP did not get a result, fallback to DNS
if (not(status) and not(arg_nodns) ) then
status, response = dnsDiscover()
status, response = dnsDiscover(interfaces)
if ( not(status) ) then
local services = "DNS" .. ( nmap.is_privileged() and "/DHCP" or "" )
return fail(("Could not find WPAD using %s"):format(services))

15
scripts/eap-info.nse
View File

@@ -49,24 +49,17 @@ local UNKNOWN = "unknown"
action = function()
local arg_interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
local arg_identity = stdnse.get_script_args(SCRIPT_NAME .. ".identity")
local arg_scan = stdnse.get_script_args(SCRIPT_NAME .. ".scan")
local arg_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
local iface
-- trying with provided interface name
if arg_interface then
iface = nmap.get_interface_info(arg_interface)
end
-- trying with default nmap interface
if not iface then
local iname = nmap.get_interface()
if iname then
iface = nmap.get_interface_info(iname)
local collect_interface = function (if_table)
if not iface and if_table.up == "up" and if_table.link == "ethernet" then
iface = if_table
end
end
stdnse.get_script_interfaces(collect_interface)
-- failed
if not iface then

11
scripts/ip-forwarding.nse
View File

@@ -38,10 +38,19 @@ categories = {"safe", "discovery"}
local arg_target = stdnse.get_script_args(SCRIPT_NAME .. ".target")
hostrule = function(host)
if nmap.address_family() ~= 'inet' then
stdnse.verbose1("Script is IPv4-only")
return false
end
if ( not(host.mac_addr) ) then
stdnse.debug1("Failed to determine hosts remote MAC address" )
return false
end
return (arg_target ~= nil and host.mac_addr ~= nil)
if not arg_target then
stdnse.verbose1("Required argument %s.target not given", SCRIPT_NAME)
return false
end
return true
end

18
scripts/ipv6-multicast-mld-list.nse
View File

@@ -248,20 +248,12 @@ do
table.sort(multicast_ranges, sort_ip_ascending)
end
local function get_interfaces()
local if_list = nmap.list_interfaces()
local if_ret = {}
local arg_interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface") or nmap.get_interface()
for _, if_nfo in pairs(if_list) do
if (arg_interface == nil or if_nfo.device == arg_interface) -- check for correct interface
local function filter_interfaces(if_nfo)
if (if_nfo.link == "ethernet" -- not the loopback interface
and ipOps.ip_in_range(if_nfo.address, "fe80::/10") -- link local address
and if_nfo.link == "ethernet" then -- not the loopback interface
table.insert(if_ret, if_nfo)
end
) then
return if_nfo
end
return if_ret
end
local function single_interface_broadcast(if_nfo, results)
@@ -327,7 +319,7 @@ action = function()
local threads = {}
local condvar = nmap.condvar(results)
for _, if_nfo in ipairs(get_interfaces()) do
for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true

24
scripts/ipv6-ra-flood.nse
View File

@@ -58,23 +58,12 @@ prerule = function()
return false
end
if not stdnse.get_script_args(SCRIPT_NAME .. ".interface") and not nmap.get_interface() then
stdnse.debug1("No interface was selected, aborting...")
return false
end
return true
end
local function get_interface()
local arg_interface = stdnse.get_script_args(SCRIPT_NAME .. ".interface") or nmap.get_interface()
local if_table = nmap.get_interface_info(arg_interface)
if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
local function filter_interfaces(if_table)
if if_table.up == "up" and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
return if_table.device
else
stdnse.debug1("Interface %s not supported or not properly configured, exiting...", arg_interface)
end
end
@@ -191,7 +180,14 @@ local function broadcast_on_interface(iface)
end
function action()
local interface = get_interface()
local interface
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces == 1 then
interface = interfaces[1]
else
stdnse.debug1("No interface was selected, aborting...")
return nil
end
broadcast_on_interface(interface)
end

23
scripts/knx-gateway-discover.nse
View File

@@ -215,7 +215,7 @@ end
--- Returns the network interface used to send packets to a target host.
-- @param target host to which the interface is used.
-- @return interface Network interface used for target host.
local getInterface = function(target)
local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -228,13 +228,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
for _, interface in pairs(nmap.list_interfaces()) do
for _, interface in ipairs(interfaces) do
if interface.address == address then
return interface
end
end
end
local filter_interfaces = function (if_table)
if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
return if_table
end
end
--- Make a dummy connection and return a free source port
-- @param target host to which the interface is used.
-- @return lport Local port which can be used in KNX messages.
@@ -254,12 +260,15 @@ action = function()
local lport = getSourcePort(mcast)
-- Check if a valid interface was provided
local interface = nmap.get_interface()
if interface then
interface = nmap.get_interface_info(interface)
else
interface = getInterface(mcast)
local interface
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces > 1 then
-- TODO: send on multiple interfaces
interface = getInterface(interfaces, mcast)
elseif #interfaces == 1 then
interface = interfaces[1]
end
if not interface then
return ("\n ERROR: Couldn't get interface for %s"):format(mcast)
end

23
scripts/llmnr-resolve.nse
View File

@@ -135,7 +135,7 @@ end
-- Returns the network interface used to send packets to a target host.
--@param target host to which the interface is used.
--@return interface Network interface used for target host.
local getInterface = function(target)
local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -148,13 +148,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
for _, interface in pairs(nmap.list_interfaces()) do
for _, interface in pairs(interfaces) do
if interface.address == address then
return interface
end
end
end
local filter_interfaces = function (if_table)
if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
return if_table
end
end
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
@@ -171,12 +177,15 @@ action = function()
end
-- Check if a valid interface was provided
local interface = nmap.get_interface()
if interface then
interface = nmap.get_interface_info(interface)
else
interface = getInterface(mcast)
local interface
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces > 1 then
-- TODO: send on multiple interfaces
interface = getInterface(interfaces, mcast)
elseif #interfaces == 1 then
interface = interfaces[1]
end
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(mcast))
end

30
scripts/lltd-discovery.nse
View File

@@ -244,38 +244,18 @@ local LLTDDiscover = function(if_table, lltd_responders, timeout)
condvar("signal")
end
local function filter_interfaces (if_table)
if if_table and if_table.up == "up" and if_table.link=="ethernet" then
return if_table
end
return nil
end
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
timeout = timeout or 30
--get interface script-args, if any
local interface_arg = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
local interface_opt = nmap.get_interface()
-- interfaces list (decide which interfaces to broadcast on)
local interfaces ={}
if interface_opt or interface_arg then
-- single interface defined
local interface = interface_opt or interface_arg
local if_table = filter_interfaces(nmap.get_interface_info(interface))
if not if_table then
stdnse.debug1("Interface not supported or not properly configured.")
return false
end
interfaces[if_table.device] = if_table
else
local tmp_ifaces = nmap.list_interfaces()
for _, if_table in ipairs(tmp_ifaces) do
interfaces[if_table.device] = filter_interfaces(if_table)
local interfaces = {}
local collect_interfaces = function (if_table)
if if_table.up == "up" and if_table.link=="ethernet" then
interfaces[if_table.device] = if_table
end
end
stdnse.get_script_interfaces(collect_interfaces)
if not next(interfaces) then
stdnse.debug1("No interfaces found.")

22
scripts/mrinfo.nse
View File

@@ -216,7 +216,7 @@ end
-- Returns the network interface used to send packets to a target host.
--@param target host to which the interface is used.
--@return interface Network interface used for target host.
local getInterface = function(target)
local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -229,13 +229,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
for _, interface in pairs(nmap.list_interfaces()) do
for _, interface in ipairs(interfaces) do
if interface.address == address then
return interface
end
end
end
local filter_interfaces = function (if_table)
if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
return if_table
end
end
action = function()
local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
timeout = (timeout or 5) * 1000
@@ -243,12 +249,14 @@ action = function()
local responses = {}
local interface, result
interface = nmap.get_interface()
if interface then
interface = nmap.get_interface_info(interface)
else
interface = getInterface(target)
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces > 1 then
-- TODO: send on multiple interfaces
interface = getInterface(interfaces, target)
elseif #interfaces == 1 then
interface = interfaces[1]
end
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(target))
end

22
scripts/mtrace.nse
View File

@@ -283,7 +283,7 @@ end
-- Returns the network interface used to send packets to a target host.
--@param target host to which the interface is used.
--@return interface Network interface used for target host.
local getInterface = function(target)
local getInterface = function(interfaces, target)
-- First, create dummy UDP connection to get interface
local sock = nmap.new_socket()
local status, err = sock:connect(target, "12345", "udp")
@@ -296,13 +296,19 @@ local getInterface = function(target)
stdnse.verbose1("%s", err)
return
end
for _, interface in pairs(nmap.list_interfaces()) do
for _, interface in pairs(interfaces) do
if interface.address == address then
return interface
end
end
end
local filter_interfaces = function (if_table)
if if_table.up == "up" and if_table.address:match("%d+%.%d+%.%d+%.%d+") then
return if_table
end
end
action = function()
local fromip = stdnse.get_script_args(SCRIPT_NAME .. ".fromip")
@@ -320,11 +326,13 @@ action = function()
end
-- Get network interface to use
local interface = nmap.get_interface()
if interface then
interface = nmap.get_interface_info(interface)
else
interface = getInterface(firsthop)
local interface
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
if #interfaces > 1 then
-- TODO: send on multiple interfaces
interface = getInterface(interfaces, firsthop)
elseif #interfaces == 1 then
interface = interfaces[1]
end
if not interface then
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(firsthop))

50
scripts/multicast-profinet-discovery.nse
View File

@@ -298,38 +298,6 @@ parse_pndcp = function(eth_data, pn_data)
return device
end
-- get all possible interfaces
--@param link type of interface e.g. "ethernet"
--@param up status of the interface
--@return result table with all interfaces which match the given requirements
getInterfaces = function(link, up)
if( not(nmap.list_interfaces) ) then return end
local interfaces, err = nmap.list_interfaces()
local result = {}
if ( not(err) ) then
for _, iface in ipairs(interfaces) do
if ( iface.link == link and
iface.up == up and
iface.mac ) then
if #result == 0 then
table.insert(result, iface)
else
local exists = false
for _, intface in ipairs(result) do
if intface.mac == iface.mac then
exists = true
end
end
if not exists then
table.insert(result, iface)
end
end
end
end
end
return result
end
-- helpfunction for thread call
--@param iface interface table
@@ -369,8 +337,6 @@ end
--@return 0 if no devices were found
--@return output_tab table for nmap to show the gathered information
action = function()
local interface_e = nmap.get_interface()
local interfaces = {}
local output_tab = stdnse.output_table()
output_tab.devices = {}
@@ -381,17 +347,15 @@ action = function()
local pcap_s = nmap.new_socket()
pcap_s:set_timeout(4000)
if(interface_e) then -- interface supplied with -e
local iface = nmap.get_interface_info(interface_e)
if not (iface and iface.link == 'ethernet') then
stdnse.debug(1, "%s not supported with %s", iface, SCRIPT_NAME)
return false
local macs = {}
local filter_interfaces = function (iface)
if iface.link == "ethernet" and iface.up == "up" and
iface.mac and not macs[iface.mac] then
macs[iface.mac] = true
return iface
end
table.insert(interfaces, iface)
else -- discover interfaces
interfaces = getInterfaces("ethernet", "up")
end
local interfaces = stdnse.get_script_interfaces(filter_interfaces)
-- check if at least one interface is available
if #interfaces == 0 then

27
scripts/targets-ipv6-multicast-echo.nse
View File

@@ -34,29 +34,10 @@ prerule = function()
return nmap.is_privileged()
end
local function get_interfaces()
local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
or nmap.get_interface()
-- interfaces list (decide which interfaces to broadcast on)
local interfaces = {}
if interface_name then
-- single interface defined
local if_table = nmap.get_interface_info(interface_name)
if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
interfaces[#interfaces + 1] = if_table
else
stdnse.debug1("Interface not supported or not properly configured.")
end
else
for _, if_table in ipairs(nmap.list_interfaces()) do
if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
table.insert(interfaces, if_table)
end
end
local function filter_interfaces(if_table)
if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
return if_table
end
return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -150,7 +131,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
for _, if_nfo in ipairs(get_interfaces()) do
for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true

27
scripts/targets-ipv6-multicast-invalid-dst.nse
View File

@@ -49,29 +49,10 @@ local function build_invalid_extension_header(nxt_hdr)
"\x80\x01\x00\x00\x00\x00"
end
local function get_interfaces()
local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
or nmap.get_interface()
-- interfaces list (decide which interfaces to broadcast on)
local interfaces = {}
if interface_name then
-- single interface defined
local if_table = nmap.get_interface_info(interface_name)
if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
interfaces[#interfaces + 1] = if_table
else
stdnse.debug1("Interface not supported or not properly configured.")
end
else
for _, if_table in ipairs(nmap.list_interfaces()) do
if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
table.insert(interfaces, if_table)
end
end
local function filter_interfaces(if_table)
if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
return if_table
end
return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -179,7 +160,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
for _, if_nfo in ipairs(get_interfaces()) do
for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true

20
scripts/targets-ipv6-multicast-mld.nse
View File

@@ -64,21 +64,11 @@ prerule = function()
end
local function get_interfaces()
local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
or nmap.get_interface()
-- interfaces list (decide which interfaces to broadcast on)
local interfaces = {}
for _, if_table in pairs(nmap.list_interfaces()) do
if (interface_name == nil or if_table.device == interface_name) -- check for correct interface
and ipOps.ip_in_range(if_table.address, "fe80::/10") -- link local address
and if_table.link == "ethernet" then -- not the loopback interface
table.insert(interfaces, if_table)
end
local function filter_interfaces(if_table)
if ipOps.ip_in_range(if_table.address, "fe80::/10") -- link local address
and if_table.link == "ethernet" then -- not the loopback interface
return if_table
end
return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -127,7 +117,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
for _, if_nfo in ipairs(get_interfaces()) do
for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)
threads[co] = true

27
scripts/targets-ipv6-multicast-slaac.nse
View File

@@ -95,29 +95,10 @@ local function build_router_advert(mac_src,prefix,prefix_len,valid_time,preferre
return icmpv6_payload
end
local function get_interfaces()
local interface_name = stdnse.get_script_args(SCRIPT_NAME .. ".interface")
or nmap.get_interface()
-- interfaces list (decide which interfaces to broadcast on)
local interfaces = {}
if interface_name then
-- single interface defined
local if_table = nmap.get_interface_info(interface_name)
if if_table and ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
interfaces[#interfaces + 1] = if_table
else
stdnse.debug1("Interface not supported or not properly configured.")
end
else
for _, if_table in ipairs(nmap.list_interfaces()) do
if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
table.insert(interfaces, if_table)
end
end
local function filter_interfaces(if_table)
if ipOps.ip_to_str(if_table.address) and if_table.link == "ethernet" then
return if_table
end
return interfaces
end
local function single_interface_broadcast(if_nfo, results)
@@ -235,7 +216,7 @@ action = function()
local results = {}
local condvar = nmap.condvar(results)
for _, if_nfo in ipairs(get_interfaces()) do
for _, if_nfo in ipairs(stdnse.get_script_interfaces(filter_interfaces)) do
-- create a thread for each interface
if ipOps.ip_in_range(if_nfo.address, "fe80::/10") then
local co = stdnse.new_thread(single_interface_broadcast, if_nfo, results)

26
scripts/targets-sniffer.nse
View File

@@ -15,15 +15,15 @@ by default) and prints discovered addresses. If the
<code>newtargets</code> script argument is set, discovered addresses
are added to the scan queue.
Requires root privileges. Either the <code>targets-sniffer.iface</code> script
Requires root privileges. Either the <code>targets-sniffer.interface</code> script
argument or <code>-e</code> Nmap option to define which interface to use.
]]
---
-- @usage
-- nmap -sL --script=targets-sniffer --script-args=newtargets,targets-sniffer.timeout=5s,targets-sniffer.iface=eth0
-- nmap -sL --script=targets-sniffer --script-args=newtargets,targets-sniffer.timeout=5s,targets-sniffer.interface=eth0
-- @args targets-sniffer.timeout The amount of time to listen for packets. Default <code>10s</code>.
-- @args targets-sniffer.iface The interface to use for sniffing.
-- @args targets-sniffer.interface The interface to use for sniffing.
-- @output
-- Pre-scan script results:
-- | targets-sniffer:
@@ -65,10 +65,14 @@ local function get_ip_addresses(layer3)
end
prerule = function()
return nmap.is_privileged() and
(stdnse.get_script_args("targets-sniffer.iface") or nmap.get_interface())
return nmap.is_privileged()
end
local function collect_interface(if_table)
if not interface_info and if_table.up == "up" and if_table.link ~= "loopback" then
interface_info = if_table
end
end
action = function()
@@ -77,11 +81,17 @@ action = function()
local ip_counter = 0
local timeout = stdnse.parse_timespec(stdnse.get_script_args("targets-sniffer.timeout"))
timeout = (timeout or 10) * 1000
local interface = stdnse.get_script_args("targets-sniffer.iface") or nmap.get_interface()
interface_info = nmap.get_interface_info(interface)
-- TODO: sniff on all interfaces
-- NOTE: targets-sniffer.iface script-arg name is non-standard, but left for compatibility.
local interface = stdnse.get_script_args("targets-sniffer.iface")
if interface then
interface_info = nmap.get_interface_info(interface)
else
stdnse.get_script_interfaces(collect_interface)
end
if interface_info==nil then -- Check if we have the interface information
stdnse.debug1("Error: Unable to get interface info. Did you specify the correct interface using 'targets-sniffer.iface=<interface>' or '-e <interface>'?")
stdnse.debug1("Error: Unable to get interface info. Did you specify the correct interface using 'targets-sniffer.interface=<interface>' or '-e <interface>'?")
return
end

20
scripts/url-snarf.nse
View File

@@ -37,18 +37,11 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"safe"}
local arg_iface = nmap.get_interface() or stdnse.get_script_args(SCRIPT_NAME .. ".interface")
prerule = function()
local has_interface = ( arg_iface ~= nil )
if not nmap.is_privileged() then
stdnse.verbose1("not running for lack of privileges.")
return false
end
if ( not(has_interface) ) then
stdnse.verbose1("no network interface was supplied, aborting ...")
return false
end
return true
end
@@ -102,6 +95,19 @@ local function log_entry(src_ip, url)
end
action = function()
local arg_iface
local collect_interface = function (if_table)
if not arg_iface and if_table.up == "up" and if_table.link ~= "loopback" then
arg_iface = if_table.device
end
end
stdnse.get_script_interfaces(collect_interface)
if not arg_iface then
stdnse.verbose1("no network interface was supplied, aborting ...")
return false
end
local counter = 0
if ( arg_outfile ) then