From 91a106e7d534a123fc0aff0252083d3ac7f1d699 Mon Sep 17 00:00:00 2001 From: batrick Date: Sat, 2 Aug 2014 03:15:44 +0000 Subject: [PATCH] more stdnse.print_debug -> stdnse.debug Manual corrections. --- scripts/bacnet-info.nse | 12 +--- scripts/banner.nse | 3 +- scripts/bittorrent-discovery.nse | 4 +- scripts/dns-brute.nse | 4 +- scripts/dns-zone-transfer.nse | 26 ++----- scripts/fcrdns.nse | 6 -- scripts/flume-master-info.nse | 12 ++-- scripts/ftp-vsftpd-backdoor.nse | 16 ++--- scripts/ftp-vuln-cve2010-4221.nse | 6 +- scripts/http-coldfusion-subzero.nse | 4 +- scripts/http-gitweb-projects-enum.nse | 3 +- scripts/http-vuln-cve2011-3192.nse | 3 +- scripts/irc-sasl-brute.nse | 10 +-- scripts/ms-sql-empty-password.nse | 3 +- scripts/ntp-monlist.nse | 97 +++++++-------------------- scripts/resolveall.nse | 4 +- scripts/s7-info.nse | 8 +-- scripts/smb-check-vulns.nse | 8 +-- scripts/smtp-vuln-cve2010-4344.nse | 19 ++---- scripts/smtp-vuln-cve2011-1720.nse | 3 +- scripts/smtp-vuln-cve2011-1764.nse | 6 +- scripts/snmp-brute.nse | 6 +- scripts/snmp-interfaces.nse | 4 +- scripts/ssl-ccs-injection.nse | 9 +-- scripts/targets-traceroute.nse | 11 +-- scripts/ventrilo-info.nse | 2 +- 26 files changed, 80 insertions(+), 209 deletions(-) diff --git a/scripts/bacnet-info.nse b/scripts/bacnet-info.nse index 322c27ab3..1e7ccba50 100644 --- a/scripts/bacnet-info.nse +++ b/scripts/bacnet-info.nse @@ -1000,24 +1000,18 @@ action = function(host, port) -- local status, err = sock:bind(nil, 47808) if(status == false) then - stdnse.print_debug(1, - "Couldn't bind to 47808/udp. Continuing anyway, results may vary") + stdnse.debug1("Couldn't bind to 47808/udp. Continuing anyway, results may vary") end -- connect to the remote host local constatus, conerr = sock:connect(host, port) if not constatus then - stdnse.print_debug(1, - 'Error establishing a UDP connection for %s - %s', host, conerr - ) + stdnse.debug1('Error establishing a UDP connection for %s - %s', host, conerr) return nil end -- send the original query to see if it is a valid BACNet Device local sendstatus, senderr = sock:send(orig_query) if not sendstatus then - stdnse.print_debug(1, - 'Error sending BACNet request to %s:%d - %s', - host.ip, port.number, senderr - ) + stdnse.debug1('Error sending BACNet request to %s:%d - %s', host.ip, port.number, senderr) return nil end diff --git a/scripts/banner.nse b/scripts/banner.nse index c43679c1d..b78dc5dde 100644 --- a/scripts/banner.nse +++ b/scripts/banner.nse @@ -71,8 +71,7 @@ function grab_banner(host, port) if not status then local errlvl = { ["EOF"]=3,["TIMEOUT"]=3,["ERROR"]=2 } - stdnse.print_debug(errlvl[response] or 1, "%s failed for %s on %s port %s. Message: %s", - SCRIPT_NAME, host.ip, port.protocol, port.number, response or "No Message." ) + stdnse.debug(errlvl[response] or 1, "failed for %s on %s port %s. Message: %s", host.ip, port.protocol, port.number, response or "No Message.") return nil end diff --git a/scripts/bittorrent-discovery.nse b/scripts/bittorrent-discovery.nse index 32687ce69..1c42cc14a 100644 --- a/scripts/bittorrent-discovery.nse +++ b/scripts/bittorrent-discovery.nse @@ -50,9 +50,7 @@ categories = {"discovery","safe"} prerule = function() if not stdnse.get_script_args(SCRIPT_NAME..".torrent") and not stdnse.get_script_args(SCRIPT_NAME..".magnet") then - stdnse.print_debug(3, - "Skipping '%s' %s, No magnet link or torrent file arguments.", - SCRIPT_NAME, SCRIPT_TYPE) + stdnse.debug3("Skipping '%s' %s, No magnet link or torrent file arguments.", SCRIPT_NAME, SCRIPT_TYPE) return false end return true diff --git a/scripts/dns-brute.nse b/scripts/dns-brute.nse index e0f5f1c95..4426c0970 100644 --- a/scripts/dns-brute.nse +++ b/scripts/dns-brute.nse @@ -68,9 +68,7 @@ categories = {"intrusive", "discovery"} prerule = function() if not stdnse.get_script_args("dns-brute.domain") then - stdnse.print_debug(1, - "Skipping '%s' %s, 'dns-brute.domain' argument is missing.", - SCRIPT_NAME, SCRIPT_TYPE) + stdnse.debug1("Skipping '%s' %s, 'dns-brute.domain' argument is missing.", SCRIPT_NAME, SCRIPT_TYPE) return false end return true diff --git a/scripts/dns-zone-transfer.nse b/scripts/dns-zone-transfer.nse index 8cb12c4e1..5fd507927 100644 --- a/scripts/dns-zone-transfer.nse +++ b/scripts/dns-zone-transfer.nse @@ -101,16 +101,12 @@ prerule = function() ) if not dns_opts.domain then - stdnse.print_debug(3, - "Skipping '%s' %s, 'dnszonetransfer.domain' argument is missing.", - SCRIPT_NAME, SCRIPT_TYPE) + stdnse.debug3("Skipping '%s' %s, 'dnszonetransfer.domain' argument is missing.", SCRIPT_NAME, SCRIPT_TYPE) return false end if not dns_opts.server then - stdnse.print_debug(3, - "Skipping '%s' %s, 'dnszonetransfer.server' argument is missing.", - SCRIPT_NAME, SCRIPT_TYPE) + stdnse.debug3("Skipping '%s' %s, 'dnszonetransfer.server' argument is missing.", SCRIPT_NAME, SCRIPT_TYPE) return false end @@ -131,9 +127,7 @@ portrule = function(host, port) dns_opts.domain = host.name else -- can't do anything without a hostname - stdnse.print_debug(3, - "Skipping '%s' %s, 'dnszonetransfer.domain' argument is missing.", - SCRIPT_NAME, SCRIPT_TYPE) + stdnse.debug3("Skipping '%s' %s, 'dnszonetransfer.domain' argument is missing.", SCRIPT_NAME, SCRIPT_TYPE) return false end end @@ -600,9 +594,7 @@ function add_zone_info(response) end -- parse all available resource records - stdnse.print_debug(3, - "Script %s: parsing ANCOUNT == %d, NSCOUNT == %d, ARCOUNT == %d", - SCRIPT_NAME, answers, auth_answers, add_answers) + stdnse.debug3("Script %s: parsing ANCOUNT == %d, NSCOUNT == %d, ARCOUNT == %d", answers, auth_answers, add_answers) RR['Node Names'] = {} offset = parse_records(answers, data, RR, offset) offset = parse_records(auth_answers, data, RR, offset) @@ -638,8 +630,7 @@ function add_zone_info(response) if dns_opts.addall or not ipOps.isPrivate(rdata) then status, ret = target.add(rdata) if not status then - stdnse.print_debug(3, - "Error: failed to add all 'A' records.") + stdnse.debug3("Error: failed to add all 'A' records.") break end newhosts_count = newhosts_count + ret @@ -649,8 +640,7 @@ function add_zone_info(response) for rdata in pairs(RR[rectype]) do status, ret = target.add(rdata) if not status then - stdnse.print_debug(3, - "Error: failed to add all '%s' records.", rectype) + stdnse.debug3("Error: failed to add all '%s' records.", rectype) break end newhosts_count = newhosts_count + ret @@ -704,9 +694,7 @@ function dump_zone_info(table, response) end -- parse all available resource records - stdnse.print_debug(3, - "Script %s: parsing ANCOUNT == %d, NSCOUNT == %d, ARCOUNT == %d", - SCRIPT_NAME, answers, auth_answers, add_answers) + stdnse.debug3("parsing ANCOUNT == %d, NSCOUNT == %d, ARCOUNT == %d", answers, auth_answers, add_answers) offset = parse_records_table(answers, data, table, offset) offset = parse_records_table(auth_answers, data, table, offset) offset = parse_records_table(add_answers, data, table, offset) diff --git a/scripts/fcrdns.nse b/scripts/fcrdns.nse index edbd5c872..2fbccf62c 100644 --- a/scripts/fcrdns.nse +++ b/scripts/fcrdns.nse @@ -81,12 +81,6 @@ local function keys(t) return ret end -if stdnse.debug == nil then - -- Backwards compatibility. - -- TODO: remove this after next release - stdnse.debug = stdnse.print_debug -end - action = function(host) -- Do reverse-DNS lookup of the IP -- Can't just use host.name because some IPs have multiple PTR records diff --git a/scripts/flume-master-info.nse b/scripts/flume-master-info.nse index c6493a264..779564ea0 100644 --- a/scripts/flume-master-info.nse +++ b/scripts/flume-master-info.nse @@ -113,15 +113,13 @@ end parse_page = function( host, port, uri, interesting_keys ) local result = {} local response = http.get( host, port, uri ) - stdnse.print_debug(1, "%s: Status %s", - SCRIPT_NAME, response['status-line'] or "No Response") + stdnse.debug1("Status %s", response['status-line'] or "No Response") if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then local body = response['body']:gsub("%%","%%%%") for name,value in string.gmatch(body, "([^][<]+)%s*]+>([^][<]+)") do - stdnse.print_debug(1, "%s: %s=%s ", - SCRIPT_NAME, name, value:gsub("^%s*(.-)%s*$", "%1")) + stdnse.debug1("%s=%s ", name, value:gsub("^%s*(.-)%s*$", "%1")) if nmap.verbosity() > 1 then result[#result+1] = ("%s: %s"):format(name,value:gsub("^%s*(.-)%s*$", "%1")) else @@ -173,11 +171,9 @@ action = function( host, port ) local nodes = { } local zookeepers = { } local hbasemasters = { } - stdnse.print_debug(1, "%s:HTTP GET %s:%s%s", - SCRIPT_NAME, host.targetname or host.ip, port.number, uri) + stdnse.debug1("HTTP GET %s:%s%s", host.targetname or host.ip, port.number, uri) local response = http.get( host, port, uri ) - stdnse.print_debug(1, "%s: Status %s", - SCRIPT_NAME, response['status-line'] or "No Response") + stdnse.debug1("Status %s", response['status-line'] or "No Response") if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then local body = response['body']:gsub("%%","%%%%") diff --git a/scripts/ftp-vsftpd-backdoor.nse b/scripts/ftp-vsftpd-backdoor.nse index 6d583ea8a..7d92722f5 100644 --- a/scripts/ftp-vsftpd-backdoor.nse +++ b/scripts/ftp-vsftpd-backdoor.nse @@ -84,8 +84,7 @@ local function check_backdoor(host, shell_cmd, vuln) local status, ret = socket:connect(host, 6200, "tcp") if not status then - stdnse.print_debug(3, "%s: can't connect to tcp port 6200: NOT VULNERABLE", - SCRIPT_NAME) + stdnse.debug3("can't connect to tcp port 6200: NOT VULNERABLE") vuln.state = vulns.STATE.NOT_VULN return finish_ftp(socket, true) end @@ -103,9 +102,7 @@ local function check_backdoor(host, shell_cmd, vuln) end if not ret:match("uid=") then - stdnse.print_debug(3, - "%s: service on port 6200 is not the vsFTPd backdoor: NOT VULNERABLE", - SCRIPT_NAME) + stdnse.debug3("service on port 6200 is not the vsFTPd backdoor: NOT VULNERABLE") vuln.state = vulns.STATE.NOT_VULN return finish_ftp(socket, true) else @@ -167,8 +164,7 @@ vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04.]], {recv_before = false, timeout = 8000}) if not sock then - stdnse.print_debug(1, "%s: can't connect: %s", - SCRIPT_NAME, err) + stdnse.debug1("can't connect: %s", err) return nil end @@ -176,16 +172,14 @@ vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04.]], local buffer = stdnse.make_buffer(sock, "\r?\n") local code, message = ftp.read_reply(buffer) if not code then - stdnse.print_debug(1, "%s: can't read banner: %s", - SCRIPT_NAME, message) + stdnse.debug1("can't read banner: %s", message) sock:close() return nil end status, ret = sock:send(CMD_FTP .. "\r\n") if not status then - stdnse.print_debug(1, "%s: failed to send privilege escalation command: %s", - SCRIPT_NAME, ret) + stdnse.debug1("failed to send privilege escalation command: %s", ret) return nil end diff --git a/scripts/ftp-vuln-cve2010-4221.nse b/scripts/ftp-vuln-cve2010-4221.nse index 97fde5237..502a262a8 100644 --- a/scripts/ftp-vuln-cve2010-4221.nse +++ b/scripts/ftp-vuln-cve2010-4221.nse @@ -106,8 +106,7 @@ local function kill_proftpd(socket) local killed = false local TELNET_KILL = '\000'..'\255' -- TELNET_DUMMY..TELNET_IAC - stdnse.print_debug(2, "%s: sending evil TELNET_IAC commands.", - SCRIPT_NAME) + stdnse.debug2("sending evil TELNET_IAC commands.") local st, ret = socket:send(string.rep(TELNET_KILL, 4069).. '\255'..string.rep("Nmap", 256).."\n") if not st then @@ -118,8 +117,7 @@ local function kill_proftpd(socket) st, ret = socket:receive_lines(1) if not st then if ret == "EOF" then -- "connection closed" - stdnse.print_debug(2, "%s: remote proftpd child was killed.", - SCRIPT_NAME) + stdnse.debug2("remote proftpd child was killed.") killed = true else return st, ret diff --git a/scripts/http-coldfusion-subzero.nse b/scripts/http-coldfusion-subzero.nse index ca542ae5c..ef70bd15a 100644 --- a/scripts/http-coldfusion-subzero.nse +++ b/scripts/http-coldfusion-subzero.nse @@ -113,9 +113,7 @@ local function exploit(host, port, basepath) for i, vector in ipairs(CREDENTIALS_PAYLOADS) do local req = http.get(host, port, basepath..LFI_PAYLOAD_FRAG_1..vector..LFI_PAYLOAD_FRAG_2) if req.body and string.find(req.body, "encrypted=true") then - stdnse.print_debug(1, - "%s: String pattern found. Exploitation worked with vector '%s'.", - SCRIPT_NAME, vector) + stdnse.debug1("String pattern found. Exploitation worked with vector '%s'.", vector) return true, req.body end end diff --git a/scripts/http-gitweb-projects-enum.nse b/scripts/http-gitweb-projects-enum.nse index 1ec39ca80..a9ceb6244 100644 --- a/scripts/http-gitweb-projects-enum.nse +++ b/scripts/http-gitweb-projects-enum.nse @@ -56,8 +56,7 @@ action = function(host, port) if not response or not response.status or response.status ~= 200 or not response.body then - stdnse.print_debug(1, "%s: Failed to retrieve file: %s", - SCRIPT_NAME, path) + stdnse.debug1("Failed to retrieve file: %s", path) return end diff --git a/scripts/http-vuln-cve2011-3192.nse b/scripts/http-vuln-cve2011-3192.nse index c8675d8b0..248f85842 100644 --- a/scripts/http-vuln-cve2011-3192.nse +++ b/scripts/http-vuln-cve2011-3192.nse @@ -111,8 +111,7 @@ overlapping byte ranges are requested.]], response = http.head(host, port, path, request_opts) if not response.status then - stdnse.print_debug(1, "%s: Invalid response from server to the vulnerability check", - SCRIPT_NAME) + stdnse.debug1("Invalid response from server to the vulnerability check") elseif response.status == 206 then vuln.state = vulns.STATE.VULN else diff --git a/scripts/irc-sasl-brute.nse b/scripts/irc-sasl-brute.nse index fecf08037..c9d3a4733 100644 --- a/scripts/irc-sasl-brute.nse +++ b/scripts/irc-sasl-brute.nse @@ -42,7 +42,7 @@ categories={"brute","intrusive"} portrule = shortport.port_or_service({6666,6667,6697,6679},{"irc","ircs"}) -local dbg = stdnse.print_debug +local dbg = stdnse.debug -- some parts of the following class are taken from irc-brute written by Patrik Driver = { @@ -65,7 +65,7 @@ Driver = { end if string.find(r:lower(), "throttled") then -- we were reconnecting too fast - dbg(2, "%s, throttled.", SCRIPT_NAME) + dbg(2, "throttled.") return false, "We got throttled." end local status, _ = s:send("CAP END\r\n") @@ -91,7 +91,7 @@ Driver = { return false, err end challenge = string.match(response, "AUTHENTICATE (.*)") - dbg(3, "%s, challenge found: %s", SCRIPT_NAME, tostring(challenge)) + dbg(3, "challenge found: %s", tostring(challenge)) if challenge then status = false end until (not status) local msg = self.saslencoder:encode(username, password, challenge) @@ -150,7 +150,7 @@ local function check_sasl(host, port) local supported = {} for _,m in ipairs(to_check) do s:send("AUTHENTICATE "..m.."\r\n") - dbg(3, "%s, checking mechanism %s", SCRIPT_NAME, m) + dbg(3, "checking mechanism %s", m) repeat local status, lines = s:receive_lines(1) if string.find(lines, "AUTHENTICATE") then @@ -185,7 +185,7 @@ action = function(host, port) for _,m in ipairs(mechs) do if saslencoder:set_mechanism(m) then sasl_mech = m - dbg(2, "%s, supported mechanism found: %s", SCRIPT_NAME, m) + dbg(2, "supported mechanism found: %s", m) break end end diff --git a/scripts/ms-sql-empty-password.nse b/scripts/ms-sql-empty-password.nse index ee68403a2..7cfb6fefb 100644 --- a/scripts/ms-sql-empty-password.nse +++ b/scripts/ms-sql-empty-password.nse @@ -84,8 +84,7 @@ local function test_credentials( instance, helper, username, password ) table.insert( instance.ms_sql_empty, string.format("'sa' account is locked out.", result ) ) end if ( mssql.LoginErrorMessage[ loginErrorCode ] == nil ) then - stdnse.print_debug( 2, "%s: Attemping login to %s: Unknown login error number: %s", - SCRIPT_NAME, instance:GetName(), loginErrorCode ) + stdnse.debug2("Attemping login to %s: Unknown login error number: %s", instance:GetName(), loginErrorCode ) table.insert( instance.ms_sql_empty, string.format( "Unknown login error number: %s", loginErrorCode ) ) end else diff --git a/scripts/ntp-monlist.nse b/scripts/ntp-monlist.nse index cdb38c49e..1408a483f 100644 --- a/scripts/ntp-monlist.nse +++ b/scripts/ntp-monlist.nse @@ -159,10 +159,7 @@ function doquery(sock, host, port, inum, rcode, records) records.peerlist = records.peerlist or {} if #records + #records.peerlist >= MAX_RECORDS then - stdnse.print_debug(1, - 'MAX_RECORDS has been reached for target %s - only processing what we have already!', - target - ) + stdnse.debug1('MAX_RECORDS has been reached for target %s - only processing what we have already!', target) if sock then sock:close() end return nil end @@ -173,25 +170,17 @@ function doquery(sock, host, port, inum, rcode, records) sock:set_timeout(TIMEOUT) local constatus, conerr = sock:connect(host, port) if not constatus then - stdnse.print_debug(1, - 'Error establishing a UDP connection for %s - %s', target, conerr - ) + stdnse.debug1('Error establishing a UDP connection for %s - %s', target, conerr) return nil end end -- send - stdnse.print_debug(2, - 'Sending NTPv2 Mode 7 Request %d Implementation %d to %s.', - rcode, inum, target - ) + stdnse.debug2('Sending NTPv2 Mode 7 Request %d Implementation %d to %s.', rcode, inum, target) local ntpData = getPrivateMode(inum, rcode) local sendstatus, senderr = sock:send(ntpData) if not sendstatus then - stdnse.print_debug(1, - 'Error sending NTP request to %s:%d - %s', - host.ip, port.number, senderr - ) + stdnse.debug1('Error sending NTP request to %s:%d - %s', host.ip, port.number, senderr) sock:close() return nil end @@ -219,25 +208,16 @@ function doquery(sock, host, port, inum, rcode, records) if not track.errcond then local remain = parse_v2m7(packet_to_parse, records) if remain > 0 then - stdnse.print_debug(1, - 'MAX_RECORDS has been reached while parsing NTPv2 Mode 7 Code %d responses from the target %s.', - rcode, target - ) + stdnse.debug1('MAX_RECORDS has been reached while parsing NTPv2 Mode 7 Code %d responses from the target %s.', rcode, target) track.rcv_again = false elseif remain == -1 then - stdnse.print_debug(1, - 'Parsing of NTPv2 Mode 7 implementation number %d request code %d response from %s has not been implemented.', - inum, rcode, target - ) + stdnse.debug1('Parsing of NTPv2 Mode 7 implementation number %d request code %d response from %s has not been implemented.', inum, rcode, target) track.rcv_again = false end end records.badpkts = records.badpkts + track.evil_pkts if records.badpkts >= MAXIMUM_EVIL then - stdnse.print_debug(1, - 'Had %d bad packets from %s - Not continuing with this host!', - target, records.badpkts - ) + stdnse.debug1('Had %d bad packets from %s - Not continuing with this host!', target, records.badpkts) sock:close() return nil end @@ -306,9 +286,7 @@ function check(status, response, track) track.errcond = true track.rcv_again = false if track.rcv_again then -- we were expecting more responses - stdnse.print_debug(1, - 'Socket error while reading from %s - %s', track.target, response - ) + stdnse.debug1('Socket error while reading from %s - %s', track.target, response) end return nil end @@ -322,9 +300,7 @@ function check(status, response, track) if pkt == nil then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Failed to create a Packet object with response from %s', track.target - ) + stdnse.debug1('Failed to create a Packet object with response from %s', track.target) return nil end @@ -340,10 +316,7 @@ function check(status, response, track) if val < 8 then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Expected a response of at least 8 bytes from %s, got %d bytes.', - track.target, val - ) + stdnse.debug1('Expected a response of at least 8 bytes from %s, got %d bytes.', track.target, val) return nil end @@ -351,9 +324,7 @@ function check(status, response, track) if bit.rshift(pkt:u8(off), 7) ~= 1 then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Bad response from %s - did not have response bit set.', track.target - ) + stdnse.debug1('Bad response from %s - did not have response bit set.', track.target) return nil end -- version is as expected @@ -361,10 +332,7 @@ function check(status, response, track) if val ~= track.v then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Bad response from %s - expected NTP version %d, got %d', track.target, - track.v, val - ) + stdnse.debug1('Bad response from %s - expected NTP version %d, got %d', track.target, track.v, val) return nil end -- mode is as expected @@ -372,10 +340,7 @@ function check(status, response, track) if val ~= track.m then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Bad response from %s - expected NTP mode %d, got %d', track.target, - track.m, val - ) + stdnse.debug1('Bad response from %s - expected NTP mode %d, got %d', track.target, track.m, val) return nil end -- implementation number is as expected @@ -383,10 +348,7 @@ function check(status, response, track) if val ~= track.i then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Bad response from %s - expected NTP implementation number %d, got %d', - track.target, track.i, val - ) + stdnse.debug1('Bad response from %s - expected NTP implementation number %d, got %d', track.target, track.i, val) return nil end -- request code is as expected @@ -394,10 +356,7 @@ function check(status, response, track) if val ~= track.c then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Bad response from %s - expected NTP request code %d got %d.', track.target, - track.c, val - ) + stdnse.debug1('Bad response from %s - expected NTP request code %d got %d.', track.target, track.c, val) return nil end -- NTP error conditions - defined codes are not evil (bogus codes are). @@ -430,9 +389,7 @@ function check(status, response, track) end if fail then track.errcond = true - stdnse.print_debug(1, - 'Response from %s was NTP Error Code %d - "%s"', track.target, err, msg - ) + stdnse.debug1('Response from %s was NTP Error Code %d - "%s"', track.target, err, msg) return nil end @@ -447,32 +404,24 @@ function check(status, response, track) if icount < 1 then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'Expected at least one record from %s.', track.target - ) + stdnse.debug1('Expected at least one record from %s.', track.target) return nil elseif icount*isize + 8 > response:len() then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'NTP Mode 7 response from %s has invalid count (%d) and/or size (%d) values.', - track.target, icount, isize - ) + stdnse.debug1('NTP Mode 7 response from %s has invalid count (%d) and/or size (%d) values.', track.target, icount, isize) return nil elseif icount*isize > 500 then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, - 'NTP Mode 7 data section is larger than 500 bytes (%d) in response from %s.', - icount*isize, track.target - ) + stdnse.debug1('NTP Mode 7 data section is larger than 500 bytes (%d) in response from %s.', icount*isize, track.target) return nil end if track.c == 42 and track.i == 3 and isize ~= 72 then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, + stdnse.debug1( 'Expected item size of 72 bytes (got %d) for request code 42 implementation number 3 in response from %s.', isize, track.target ) @@ -480,7 +429,7 @@ function check(status, response, track) elseif track.c == 0 and track.i == 3 and isize ~= 32 then track.errcond = true track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, + stdnse.debug1( 'Expected item size of 32 bytes (got %d) for request code 0 implementation number 3 in response from %s.', isize, track.target ) @@ -508,7 +457,7 @@ function check(status, response, track) track.hseq = seq else -- seq <= hseq !duplicate! track.evil_pkts = track.evil_pkts+1 - stdnse.print_debug(1, + stdnse.debug1( 'Response from %s had a duplicate sequence number - dropping it.', track.target ) @@ -807,7 +756,7 @@ function interpret(recs, targetip) elseif r.flags == 4 then t.casts.m[af][r.daddr] = r.daddr else -- shouldn't happen - stdnse.print_debug(1, + stdnse.debug1( 'Host associated with %s had transmission flag value %d - Strange!', targetip, r.flags ) diff --git a/scripts/resolveall.nse b/scripts/resolveall.nse index f6ca493e8..6f0371566 100644 --- a/scripts/resolveall.nse +++ b/scripts/resolveall.nse @@ -36,9 +36,7 @@ categories = {"safe", "discovery"} prerule = function() if not stdnse.get_script_args("resolveall.hosts") then - stdnse.print_debug(3, - "Skipping '%s' %s, 'resolveall.hosts' argument is missing.", - SCRIPT_NAME, SCRIPT_TYPE) + stdnse.debug3("Skipping '%s' %s, 'resolveall.hosts' argument is missing.", SCRIPT_NAME, SCRIPT_TYPE) return false end return true diff --git a/scripts/s7-info.nse b/scripts/s7-info.nse index d44f0cf67..09224f0d0 100644 --- a/scripts/s7-info.nse +++ b/scripts/s7-info.nse @@ -204,9 +204,7 @@ action = function(host, port) -- connect to host local constatus, conerr = sock:connect(host, port) if not constatus then - stdnse.print_debug(1, - 'Error establishing connection for %s - %s', host, conerr - ) + stdnse.debug1('Error establishing connection for %s - %s', host, conerr) return nil end -- send and receive the COTP Packet @@ -247,9 +245,7 @@ action = function(host, port) -- re connect to the device ( a RST packet was sent in the previous attempts) local constatus, conerr = sock:connect(host, port) if not constatus then - stdnse.print_debug(1, - 'Error establishing connection for %s - %s', host, conerr - ) + stdnse.debug1('Error establishing connection for %s - %s', host, conerr) return nil end -- send and receive the alternate COTP Packet, the dst is 200 instead of 102( do nothing with result) diff --git a/scripts/smb-check-vulns.nse b/scripts/smb-check-vulns.nse index 72ab7cdb5..6bea6416c 100644 --- a/scripts/smb-check-vulns.nse +++ b/scripts/smb-check-vulns.nse @@ -481,9 +481,7 @@ function check_ms06_025(host) msrpc.stop_smb(smbstate) --sanity check if(status == false) then - stdnse.print_debug( - 3, - "check_ms06_025: RRAS_SubmitRequest failed") + stdnse.debug3("check_ms06_025: RRAS_SubmitRequest failed") if(sr_result == "NT_STATUS_PIPE_BROKEN") then return true, VULNERABLE else @@ -535,9 +533,7 @@ function check_ms07_029(host) --sanity check msrpc.stop_smb(smbstate) if(status == false) then - stdnse.print_debug( - 3, - "check_ms07_029: DNSSERVER_Query failed") + stdnse.debug3("check_ms07_029: DNSSERVER_Query failed") if(q_result == "NT_STATUS_PIPE_BROKEN") then return true, VULNERABLE else diff --git a/scripts/smtp-vuln-cve2010-4344.nse b/scripts/smtp-vuln-cve2010-4344.nse index 77d1283eb..39ec22093 100644 --- a/scripts/smtp-vuln-cve2010-4344.nse +++ b/scripts/smtp-vuln-cve2010-4344.nse @@ -111,8 +111,7 @@ local function escalate_privs(socket, smtp_opts) local exim_spool = "spool_directory = \\${run{/bin/sh -c 'id > ".. tmp_file.."' }}" - stdnse.print_debug(2, "%s: trying to escalate privileges", - SCRIPT_NAME) + stdnse.debug2("trying to escalate privileges") local status, ret = send_recv(socket, "id\n") if not status then @@ -145,9 +144,7 @@ local function escalate_privs(socket, smtp_opts) exploited = true results = results..string.format("\n After 'id': %s", string.gsub(ret, "^%$*%s*(.-)\n*%$*$", "%1")) - stdnse.print_debug(2, - "%s: successfully exploited the Exim privileges escalation.", - SCRIPT_NAME) + stdnse.debug2("successfully exploited the Exim privileges escalation.") end -- delete tmp file, should we care about this ? @@ -163,8 +160,7 @@ end local function exploit_heap(socket, smtp_opts) local exploited, ret = false, "" - stdnse.print_debug(2, "%s: exploiting the heap overflow", - SCRIPT_NAME) + stdnse.debug2("exploiting the heap overflow") local status, response = smtp.mail(socket, smtp_opts.mailfrom) if not status then @@ -230,8 +226,7 @@ local function exploit_heap(socket, smtp_opts) return status, msg end - stdnse.print_debug(1, "%s: sending forged mail, size: %dMB", - SCRIPT_NAME, msg_len / (1024*1024)) + stdnse.debug1("sending forged mail, size: %dMB", msg_len / (1024*1024)) -- use low socket level functions. status, ret = socket:send(hdrs) @@ -278,8 +273,7 @@ local function exploit_heap(socket, smtp_opts) end end - stdnse.print_debug(2, "%s: the forged mail was sent successfully.", - SCRIPT_NAME) + stdnse.debug2("the forged mail was sent successfully.") -- second round status, response = smtp.query(socket, "MAIL", @@ -295,8 +289,7 @@ local function exploit_heap(socket, smtp_opts) end if response:match("sh:%s") or ret:match("sh:%s") then - stdnse.print_debug(2, - "%s: successfully exploited the Exim heap overflow.", SCRIPT_NAME) + stdnse.debug2("successfully exploited the Exim heap overflow.") exploited = "heap-exploited" end diff --git a/scripts/smtp-vuln-cve2011-1720.nse b/scripts/smtp-vuln-cve2011-1720.nse index d595c43b3..a519f6efe 100644 --- a/scripts/smtp-vuln-cve2011-1720.nse +++ b/scripts/smtp-vuln-cve2011-1720.nse @@ -246,8 +246,7 @@ local function check_smtpd(smtp_opts) auth_tests)) end else - stdnse.print_debug(2, "%s: Authentication is not available", - SCRIPT_NAME) + stdnse.debug2("Authentication is not available") table.insert(vuln.check_results, "Authentication is not available") end diff --git a/scripts/smtp-vuln-cve2011-1764.nse b/scripts/smtp-vuln-cve2011-1764.nse index 3a3a44f62..b60d1b0c1 100644 --- a/scripts/smtp-vuln-cve2011-1764.nse +++ b/scripts/smtp-vuln-cve2011-1764.nse @@ -84,8 +84,7 @@ end local function check_dkim(socket, smtp_opts) local killed = false - stdnse.print_debug(2, "%s: checking the Exim DKIM Format String", - SCRIPT_NAME) + stdnse.debug2("checking the Exim DKIM Format String") local status, response = smtp.mail(socket, smtp_opts.mailfrom) if not status then @@ -123,8 +122,7 @@ local function check_dkim(socket, smtp_opts) status, response = smtp.query(socket, ".") if not status then if string.match(response, "connection closed") then - stdnse.print_debug(2, - "%s: Exim server is vulnerable to DKIM Format String", SCRIPT_NAME) + stdnse.debug2("Exim server is vulnerable to DKIM Format String") killed = true else return status, "failed to terminate the message, seems NOT VULNERABLE" diff --git a/scripts/snmp-brute.nse b/scripts/snmp-brute.nse index 59562d86e..0781ba53d 100644 --- a/scripts/snmp-brute.nse +++ b/scripts/snmp-brute.nse @@ -113,8 +113,7 @@ local communities = function() nmap.fetchfile("nselib/data/snmpcommunities.lst") if communities_file then - stdnse.print_debug(1, "%s: Using the %s as the communities file", - SCRIPT_NAME, communities_file) + stdnse.debug1("Using the %s as the communities file", communities_file) local status, iterator = communities_raw(communities_file) @@ -131,8 +130,7 @@ local communities = function() return true, unpwdb.limited_iterator(iterator, time_limit, count_limit) else - stdnse.print_debug(1, "%s: Cannot read the communities file, using the nmap username/password database instead", - SCRIPT_NAME) + stdnse.debug1("Cannot read the communities file, using the nmap username/password database instead") return unpwdb.passwords() end diff --git a/scripts/snmp-interfaces.nse b/scripts/snmp-interfaces.nse index 4081e67bc..1d2b9d753 100644 --- a/scripts/snmp-interfaces.nse +++ b/scripts/snmp-interfaces.nse @@ -54,9 +54,7 @@ dependencies = {"snmp-brute"} prerule = function() if not stdnse.get_script_args({"snmp-interfaces.host", "host"}) then - stdnse.print_debug(3, - "Skipping '%s' %s, 'snmp-interfaces.host' argument is missing.", - SCRIPT_NAME, SCRIPT_TYPE) + stdnse.debug3("Skipping '%s' %s, 'snmp-interfaces.host' argument is missing.", SCRIPT_NAME, SCRIPT_TYPE) return false end diff --git a/scripts/ssl-ccs-injection.nse b/scripts/ssl-ccs-injection.nse index 0d6715024..5dc5d7ca7 100644 --- a/scripts/ssl-ccs-injection.nse +++ b/scripts/ssl-ccs-injection.nse @@ -226,20 +226,17 @@ local function test_ccs_injection(host, port, version) -- Leave the target not vulnerable in case of an error. This could occur -- when running against a different TLS/SSL implementations (e.g., GnuTLS) if not status then - stdnse.print_debug( - 1, "Couldn't get reply from the server (probably not OpenSSL)") + stdnse.debug1("Couldn't get reply from the server (probably not OpenSSL)") s:close() return false end if not vulnerable then - stdnse.print_debug( - 1, "Server returned UNEXPECTED_MESSAGE alert, not vulnerable") + stdnse.debug1("Server returned UNEXPECTED_MESSAGE alert, not vulnerable") s:close() return false else - stdnse.print_debug( - 1, "Vulnerable - alert is not UNEXPECTED_MESSAGE") + stdnse.debug1("Vulnerable - alert is not UNEXPECTED_MESSAGE") s:close() return true end diff --git a/scripts/targets-traceroute.nse b/scripts/targets-traceroute.nse index db134a806..0138a6aa5 100644 --- a/scripts/targets-traceroute.nse +++ b/scripts/targets-traceroute.nse @@ -30,15 +30,11 @@ hostrule = function(host) -- print debug messages because the script relies on -- script arguments and traceroute results. if not target.ALLOW_NEW_TARGETS then - stdnse.print_debug(3, - "Skipping %s script, 'newtargets' script argument is missing.", - SCRIPT_NAME) + stdnse.debug3("Skipping %s script, 'newtargets' script argument is missing.", SCRIPT_NAME) return false end if not host.traceroute then - stdnse.print_debug(3, - "Skipping %s script because traceroute results are missing.", - SCRIPT_NAME) + stdnse.debug3("Skipping %s script because traceroute results are missing.", SCRIPT_NAME) return false end return true @@ -53,8 +49,7 @@ action = function(host) local status, ret = target.add(hop.ip) if status then ntargets = ntargets + ret - stdnse.print_debug(3, - "TRACEROUTE Scan Hops: Added new target "..host.ip.." from traceroute results") + stdnse.debug3("TRACEROUTE Scan Hops: Added new target "..host.ip.." from traceroute results") else stdnse.debug3("TRACEROUTE Scan Hops: " .. ret) end diff --git a/scripts/ventrilo-info.nse b/scripts/ventrilo-info.nse index 0b863498c..3404b2fca 100644 --- a/scripts/ventrilo-info.nse +++ b/scripts/ventrilo-info.nse @@ -600,7 +600,7 @@ action = function(host, port) if (fulldatalen > totpck) or (curlen > totlen) or (fulldatalen == totpck and curlen ~= totlen) or (curlen == totlen and fulldatalen ~= totpck) then - stdnse.print_debug("Invalid state (fulldatalen = " .. fulldatalen .. + stdnse.debug1("Invalid state (fulldatalen = " .. fulldatalen .. "; totpck = " .. totpck .. "; curlen = " .. curlen .. "; totlen = " .. totlen .. "). Aborting script.") cleanup()