PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-10 09:49:05 +00:00
Code Issues Projects Releases Wiki Activity

Patch to make require errors silent and removed evil workarounds.

Browse Source 
Added new stdnse function stdnse.print_verbose (similar to print_debug).
This commit is contained in:
batrick
2011-05-04 21:06:53 +00:00
parent 7da53c5147
commit 7f66646636
16 changed files with 103 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
nse_main.lua
View File

@@ -67,8 +67,10 @@ local loadfile = loadfile;
local loadstring = loadstring; local loadstring = loadstring;
local next = next; local next = next;
local pairs = pairs; local pairs = pairs;
local pcall = pcall;
local rawget = rawget; local rawget = rawget;
local rawset = rawset; local rawset = rawset;
local require = require;
local select = select; local select = select;
local setfenv = setfenv; local setfenv = setfenv;
local setmetatable = setmetatable; local setmetatable = setmetatable;
@@ -94,6 +96,8 @@ local open = io.open;
local math = require "math"; local math = require "math";
local max = math.max; local max = math.max;
local package = require "package";
local string = require "string"; local string = require "string";
local byte = string.byte; local byte = string.byte;
local find = string.find; local find = string.find;
@@ -207,6 +211,19 @@ local function tcopy (t)
return tc; return tc;
end end
local REQUIRE_ERROR = {};
stdnse.require = require; -- add real require to stdnse so it can be called if desired
function _G.require (...)
local status, mod = pcall(require, ...);
if not status then
print_debug(1, "%s", traceback(mod));
yield(REQUIRE_ERROR); -- use script yield
error(mod);
else
return mod;
end
end
local Script = {}; -- The Script Class, its constructor is Script.new. local Script = {}; -- The Script Class, its constructor is Script.new.
local Thread = {}; -- The Thread Class, its constructor is Script:new_thread. local Thread = {}; -- The Thread Class, its constructor is Script:new_thread.
do do
@@ -354,6 +371,9 @@ do
categories = "table", categories = "table",
dependencies = "table", dependencies = "table",
}; };
local quiet_errors = {
[REQUIRE_ERROR] = true,
}
-- script = Script.new(filename) -- script = Script.new(filename)
-- Creates a new Script Class for the script. -- Creates a new Script Class for the script.
-- Arguments: -- Arguments:
@@ -381,7 +401,11 @@ do
setmetatable(env, {__index = _G}); setmetatable(env, {__index = _G});
setfenv(file_closure, env); setfenv(file_closure, env);
local co = create(file_closure); -- Create a garbage thread local co = create(file_closure); -- Create a garbage thread
assert(resume(co)); -- Get the globals it loads in env local status, e = assert(resume(co)); -- Get the globals it loads in env
if quiet_errors[e] then
print_verbose(1, "Failed to load '%s'.", filename);
return nil;
end
-- Check that all the required fields were set -- Check that all the required fields were set
for f, t in pairs(required_fields) do for f, t in pairs(required_fields) do
local field = rawget(env, f); local field = rawget(env, f);

33
nselib/stdnse.lua
View File

@@ -53,7 +53,7 @@ c = nil
-- sleep is a C function defined in nse_nmaplib.cc. -- sleep is a C function defined in nse_nmaplib.cc.
--- ---
-- Prints a formatted debug message if the current verbosity level is greater -- Prints a formatted debug message if the current debugging level is greater
-- than or equal to a given level. -- than or equal to a given level.
-- --
-- This is a convenience wrapper around -- This is a convenience wrapper around
@@ -73,6 +73,28 @@ print_debug = function(level, fmt, ...)
end end
end end
---
-- Prints a formatted verbosity message if the current verbosity level is greater
-- than or equal to a given level.
--
-- This is a convenience wrapper around
-- <code>nmap.log_write</code>. The first optional numeric
-- argument, <code>level</code>, is used as the verbosity level necessary
-- to print the message (it defaults to 1 if omitted). All remaining arguments
-- are processed with Lua's <code>string.format</code> function.
-- @param level Optional verbosity level.
-- @param fmt Format string.
-- @param ... Arguments to format.
print_verbose = function(level, fmt, ...)
local l, d = tonumber(level), nmap.verbosity();
if l and l <= d then
nmap.log_write("stdout", format(fmt, ...));
elseif not l and 1 <= d then
nmap.log_write("stdout", format(level, fmt, ...));
end
end
--- Join a list of strings with a separator string. --- Join a list of strings with a separator string.
-- --
-- This is Lua's <code>table.concat</code> function with the parameters -- This is Lua's <code>table.concat</code> function with the parameters
@@ -846,3 +868,12 @@ do end -- no function here, see nse_main.lua
--@class function --@class function
--@return coroutine Returns the base coroutine of the running script. --@return coroutine Returns the base coroutine of the running script.
do end -- no function here, see nse_main.lua do end -- no function here, see nse_main.lua
--- The (Unmodified) Lua Require Function.
--
-- See the Lua manual for description. NSE replaces the standard function
-- in the global namespace to improve error handling.
--
--@name require
--@class function
do end -- no function here, see nse_main.lua

23
scripts/firewalk.nse
View File

@@ -77,8 +77,6 @@ require('stdnse')
require('packet') require('packet')
require('tab') require('tab')
-----= scan parameters defaults =----- -----= scan parameters defaults =-----
-- number of retries for unanswered probes -- number of retries for unanswered probes
@@ -399,24 +397,13 @@ end
--- host rule, check for requirements before to launch the script --- host rule, check for requirements before to launch the script
hostrule = function(host) hostrule = function(host)
-- firewalk requires privileges to run
if not nmap.is_privileged() then if not nmap.is_privileged() then
if not nmap.registry['firewalk'] then nmap.registry[SCRIPT_NAME] = nmap.registry[SCRIPT_NAME] or {};
nmap.registry['firewalk'] = {} if not nmap.registry[SCRIPT_NAME].rootfail then
stdnse.print_verbose("%s not running for lack of privileges.", SCRIPT_NAME);
end end
nmap.registry[SCRIPT_NAME].rootfail = true;
if nmap.registry['firewalk']['rootfail'] then return nil;
return false
end
nmap.registry['firewalk']['rootfail'] = true
if nmap.verbosity() > 0 then
stdnse.print_debug("%s not running for lack of privileges.", SCRIPT_NAME)
end
return false
end end
if nmap.address_family() ~= 'inet' then if nmap.address_family() ~= 'inet' then

7
scripts/http-favicon.nse
View File

@@ -37,6 +37,7 @@ require "http"
require "stdnse" require "stdnse"
require "datafiles" require "datafiles"
require "nsedebug" require "nsedebug"
require "openssl"
portrule = shortport.http portrule = shortport.http
@@ -55,12 +56,6 @@ action = function(host, port)
return return
end end
if not pcall(require,'openssl') then
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return
end
if(nmap.registry.args['favicon.root']) then if(nmap.registry.args['favicon.root']) then
root = nmap.registry.args['favicon.root'] root = nmap.registry.args['favicon.root']
end end

16
scripts/ipidseq.nse
View File

@@ -187,18 +187,14 @@ end
hostrule = function(host) hostrule = function(host)
if not nmap.is_privileged() then if not nmap.is_privileged() then
if not nmap.registry['ipidseq'] then nmap.registry[SCRIPT_NAME] = nmap.registry[SCRIPT_NAME] or {};
nmap.registry['ipidseq'] = {} if not nmap.registry[SCRIPT_NAME].rootfail then
stdnse.print_verbose("%s not running for lack of privileges.", SCRIPT_NAME);
end end
if nmap.registry['ipidseq']['rootfail'] then nmap.registry[SCRIPT_NAME].rootfail = true;
return false return nil;
end
nmap.registry['ipidseq']['rootfail'] = true
if nmap.verbosity() > 0 then
stdnse.print_debug("%s not running for lack of privileges.", SCRIPT_NAME)
end
return false
end end
if nmap.address_family() ~= 'inet' then if nmap.address_family() ~= 'inet' then
stdnse.print_debug("%s is IPv4 compatible only.", SCRIPT_NAME) stdnse.print_debug("%s is IPv4 compatible only.", SCRIPT_NAME)
return false return false

11
scripts/mysql-brute.nse
View File

@@ -17,22 +17,13 @@ require 'shortport'
require 'stdnse' require 'stdnse'
require 'mysql' require 'mysql'
require 'unpwdb' require 'unpwdb'
require 'openssl'
-- Version 0.3 -- Version 0.3
-- Created 01/15/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net> -- Created 01/15/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
-- Revised 01/23/2010 - v0.2 - revised by Patrik Karlsson, changed username, password loop, added credential storage for other mysql scripts, added timelimit -- Revised 01/23/2010 - v0.2 - revised by Patrik Karlsson, changed username, password loop, added credential storage for other mysql scripts, added timelimit
-- Revised 01/23/2010 - v0.3 - revised by Patrik Karlsson, fixed bug showing account passwords detected twice -- Revised 01/23/2010 - v0.3 - revised by Patrik Karlsson, fixed bug showing account passwords detected twice
-- ripped from ssh-hostkey.nse
-- openssl is required for this script
if not pcall(require,"openssl") then
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(3306, "mysql") portrule = shortport.port_or_service(3306, "mysql")
action = function( host, port ) action = function( host, port )

12
scripts/mysql-databases.nse
View File

@@ -27,20 +27,10 @@ categories = {"discovery", "intrusive"}
require 'shortport' require 'shortport'
require 'stdnse' require 'stdnse'
require 'mysql' require 'mysql'
require 'openssl'
dependencies = {"mysql-brute", "mysql-empty-password"} dependencies = {"mysql-brute", "mysql-empty-password"}
-- ripped from ssh-hostkey.nse
-- openssl is required for this script
if not pcall(require,"openssl") then
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
-- Version 0.1 -- Version 0.1
-- Created 01/23/2010 - v0.1 - created by Patrik Karlsson -- Created 01/23/2010 - v0.1 - created by Patrik Karlsson

11
scripts/mysql-users.nse
View File

@@ -30,22 +30,13 @@ categories = {"discovery", "intrusive"}
require 'shortport' require 'shortport'
require 'stdnse' require 'stdnse'
require 'mysql' require 'mysql'
require 'openssl'
dependencies = {"mysql-brute", "mysql-empty-password"} dependencies = {"mysql-brute", "mysql-empty-password"}
-- Version 0.1 -- Version 0.1
-- Created 01/23/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net> -- Created 01/23/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
-- ripped from ssh-hostkey.nse
-- openssl is required for this script
if not pcall(require,"openssl") then
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(3306, "mysql") portrule = shortport.port_or_service(3306, "mysql")
action = function( host, port ) action = function( host, port )

12
scripts/mysql-variables.nse
View File

@@ -38,23 +38,13 @@ categories = {"discovery", "intrusive"}
require 'shortport' require 'shortport'
require 'stdnse' require 'stdnse'
require 'mysql' require 'mysql'
require 'openssl'
dependencies = {"mysql-brute", "mysql-empty-password"} dependencies = {"mysql-brute", "mysql-empty-password"}
-- Version 0.1 -- Version 0.1
-- Created 01/23/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net> -- Created 01/23/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
-- ripped from ssh-hostkey.nse
-- openssl is required for this script
if not pcall(require,"openssl") then
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(3306, "mysql") portrule = shortport.port_or_service(3306, "mysql")
action = function( host, port ) action = function( host, port )

11
scripts/oracle-brute.nse
View File

@@ -37,15 +37,8 @@ categories = {"intrusive", "auth"}
require 'shortport' require 'shortport'
require 'brute' require 'brute'
if pcall(require,"openssl") then require 'openssl'
require("tns") require 'tns'
else
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(1521, "oracle-tns", "tcp", "open") portrule = shortport.port_or_service(1521, "oracle-tns", "tcp", "open")

11
scripts/oracle-enum-users.nse
View File

@@ -34,15 +34,8 @@ categories = {"intrusive", "auth"}
require 'shortport' require 'shortport'
require 'unpwdb' require 'unpwdb'
if pcall(require,"openssl") then require 'openssl'
require("tns") require 'tns'
else
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(1521, 'oracle-tns' ) portrule = shortport.port_or_service(1521, 'oracle-tns' )

16
scripts/path-mtu.nse
View File

@@ -268,18 +268,14 @@ end
hostrule = function(host) hostrule = function(host)
if not nmap.is_privileged() then if not nmap.is_privileged() then
if not nmap.registry['pathmtu'] then nmap.registry[SCRIPT_NAME] = nmap.registry[SCRIPT_NAME] or {};
nmap.registry['pathmtu'] = {} if not nmap.registry[SCRIPT_NAME].rootfail then
stdnse.print_verbose("%s not running for lack of privileges.", SCRIPT_NAME);
end end
if nmap.registry['pathmtu']['rootfail'] then nmap.registry[SCRIPT_NAME].rootfail = true;
return false return nil;
end
nmap.registry['pathmtu']['rootfail'] = true
if nmap.verbosity() > 0 then
stdnse.print_debug("%s not running for lack of privileges.", SCRIPT_NAME)
end
return false
end end
if nmap.address_family() ~= 'inet' then if nmap.address_family() ~= 'inet' then
stdnse.print_debug("%s is IPv4 compatible only.", SCRIPT_NAME) stdnse.print_debug("%s is IPv4 compatible only.", SCRIPT_NAME)
return false return false

13
scripts/pgsql-brute.nse
View File

@@ -29,6 +29,7 @@ categories = {"intrusive", "auth"}
require 'shortport' require 'shortport'
require 'stdnse' require 'stdnse'
require 'unpwdb' require 'unpwdb'
require 'openssl'
-- Version 0.3 -- Version 0.3
-- Created 01/15/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net> -- Created 01/15/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
@@ -36,18 +37,6 @@ require 'unpwdb'
-- Revised 03/04/2010 - v0.3 - added code from ssh-hostkey.nse to check for SSL support -- Revised 03/04/2010 - v0.3 - added code from ssh-hostkey.nse to check for SSL support
-- - added support for trusted authentication method -- - added support for trusted authentication method
-- ripped from ssh-hostkey.nse
-- openssl is required for this script
if pcall(require,"openssl") then
require("pgsql")
else
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(5432, "postgresql") portrule = shortport.port_or_service(5432, "postgresql")
--- Connect a socket to the server with or without SSL --- Connect a socket to the server with or without SSL

22
scripts/qscan.nse
View File

@@ -364,21 +364,17 @@ local setreg = function(host, ports)
end end
hostrule = function(host) hostrule = function(host)
if not nmap.is_privileged() then
nmap.registry[SCRIPT_NAME] = nmap.registry[SCRIPT_NAME] or {};
if not nmap.registry[SCRIPT_NAME].rootfail then
stdnse.print_verbose("%s not running for lack of privileges.", SCRIPT_NAME);
end
nmap.registry[SCRIPT_NAME].rootfail = true;
return nil;
end
local numopen, numclosed = NUMOPEN, NUMCLOSED local numopen, numclosed = NUMOPEN, NUMCLOSED
if not nmap.is_privileged() then
if not nmap.registry['qscan'] then
nmap.registry['qscan'] = {}
end
if nmap.registry['qscan']['rootfail'] then
return false
end
nmap.registry['qscan']['rootfail'] = true
if nmap.verbosity() > 0 then
stdnse.print_debug("%s not running for lack of privileges.", SCRIPT_NAME)
end
return false
end
if nmap.address_family() ~= 'inet' then if nmap.address_family() ~= 'inet' then
stdnse.print_debug("%s is IPv4 compatible only.", SCRIPT_NAME) stdnse.print_debug("%s is IPv4 compatible only.", SCRIPT_NAME)
return false return false

11
scripts/ssh-hostkey.nse
View File

@@ -56,18 +56,9 @@ categories = {"safe","default","discovery"}
require("shortport") require("shortport")
require("stdnse") require("stdnse")
require("openssl")
-- openssl is required for this script
if pcall(require,"openssl") then
require("ssh1") require("ssh1")
require("ssh2") require("ssh2")
else
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(22, "ssh") portrule = shortport.port_or_service(22, "ssh")

10
scripts/ssh2-enum-algos.nse
View File

@@ -57,15 +57,7 @@ categories = {"safe", "discovery"}
require "shortport" require "shortport"
require "stdnse" require "stdnse"
if pcall(require,"openssl") then require "openssl"
require("ssh2")
else
portrule = function() return false end
action = function() end
stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.",
SCRIPT_NAME)
return;
end
portrule = shortport.port_or_service(22, "ssh") portrule = shortport.port_or_service(22, "ssh")