diff --git a/nselib/http.lua b/nselib/http.lua index 67ed8431a..a1bc9944d 100644 --- a/nselib/http.lua +++ b/nselib/http.lua @@ -201,7 +201,7 @@ local function get_quoted_string(s, offset, crlf) c = s:sub(i, i) if c == "" then -- No character following. - error(string.format("\\ escape at end of input while parsing quoted-string.")) + error("\\ escape at end of input while parsing quoted-string.") end -- Only CHAR may follow a backslash. if c:byte(1) > 127 then @@ -2543,13 +2543,13 @@ function identify_404(host, port) if(clean_body ~= clean_body2) then stdnse.debug1("HTTP: Two known 404 pages returned valid and different pages; unable to identify valid response.") stdnse.debug1("HTTP: If you investigate the server and it's possible to clean up the pages, please post to nmap-dev mailing list.") - return false, string.format("Two known 404 pages returned valid and different pages; unable to identify valid response.") + return false, "Two known 404 pages returned valid and different pages; unable to identify valid response." end if(clean_body ~= clean_body3) then stdnse.debug1("HTTP: Two known 404 pages returned valid and different pages; unable to identify valid response (happened when checking a folder).") stdnse.debug1("HTTP: If you investigate the server and it's possible to clean up the pages, please post to nmap-dev mailing list.") - return false, string.format("Two known 404 pages returned valid and different pages; unable to identify valid response (happened when checking a folder).") + return false, "Two known 404 pages returned valid and different pages; unable to identify valid response (happened when checking a folder)." end return true, 200, clean_body diff --git a/nselib/jdwp.lua b/nselib/jdwp.lua index 92a05b08c..55dee9f2c 100644 --- a/nselib/jdwp.lua +++ b/nselib/jdwp.lua @@ -170,7 +170,7 @@ JDWPReplyPacket = { if flags == 0x80 then return true, JDWPReplyPacket:new(length,id,error_code,data) end - stdnse.debug2("JDWP error parsing reply. Wrong reply packet flag. Raw data: ", stdnse.tohex(reply_packet)) + stdnse.debug2("JDWP error parsing reply. Wrong reply packet flag. Raw data: %s", stdnse.tohex(reply_packet)) return false, "JDWP error parsing reply." end diff --git a/nselib/msrpc.lua b/nselib/msrpc.lua index b6bfa0dd1..a84ab47a7 100644 --- a/nselib/msrpc.lua +++ b/nselib/msrpc.lua @@ -1659,7 +1659,7 @@ function samr_querydisplayinfo(smbstate, domain_handle, index, count) return false, result end - stdnse.debug3("MSRPC: QueryDisplayInfo() returned successfully", i) + stdnse.debug3("MSRPC: QueryDisplayInfo() returned successfully") -- Make arguments easier to use arguments = result['arguments'] @@ -4313,7 +4313,7 @@ function service_create(host, servicename, path) end -- Create the service - stdnse.debug2("Creating the service", servicename) + stdnse.debug2("Creating the service") status, create_result = svcctl_createservicew(smbstate, open_result['handle'], servicename, servicename, path) if(status == false) then smb.stop(smbstate) diff --git a/nselib/rpc.lua b/nselib/rpc.lua index 7bead8ec3..d78418e6d 100644 --- a/nselib/rpc.lua +++ b/nselib/rpc.lua @@ -374,8 +374,7 @@ Comm = { local tmp status, tmp = self:GetAdditionalBytes( data, pos, HEADER_LEN - ( data:len() - pos ) ) if not status then - stdnse.debug4( - string.format("Comm.DecodeHeader: failed to call GetAdditionalBytes")) + stdnse.debug4("Comm.DecodeHeader: failed to call GetAdditionalBytes") return -1, nil end data = data .. tmp @@ -394,8 +393,7 @@ Comm = { if header.verifier.length - 8 > 0 then status, data = self:GetAdditionalBytes( data, pos, header.verifier.length - 8 ) if not status then - stdnse.debug4( - string.format("Comm.DecodeHeader: failed to call GetAdditionalBytes")) + stdnse.debug4("Comm.DecodeHeader: failed to call GetAdditionalBytes") return -1, nil end pos, header.verifier.data = bin.unpack("A" .. header.verifier.length - 8, data, pos ) diff --git a/scripts/afp-ls.nse b/scripts/afp-ls.nse index 7e9e82422..e9761082e 100644 --- a/scripts/afp-ls.nse +++ b/scripts/afp-ls.nse @@ -135,7 +135,7 @@ action = function(host, port) end if ( not status ) then - stdnse.debug1("Login failed", response) + stdnse.debug1("Login failed") stdnse.debug3("Login error: %s", response) return end diff --git a/scripts/afp-path-vuln.nse b/scripts/afp-path-vuln.nse index 2d34886dc..6415c2019 100644 --- a/scripts/afp-path-vuln.nse +++ b/scripts/afp-path-vuln.nse @@ -176,7 +176,7 @@ Directory traversal vulnerability in AFP Server in Apple Mac OS X before status, response = afp_helper:Login(nil, nil) end if ( not(status) ) then - stdnse.debug1("Login failed", response) + stdnse.debug1("Login failed") stdnse.debug3("Login error: %s", response) return end diff --git a/scripts/afp-showmount.nse b/scripts/afp-showmount.nse index f73018461..865fc463b 100644 --- a/scripts/afp-showmount.nse +++ b/scripts/afp-showmount.nse @@ -73,7 +73,7 @@ action = function(host, port) end if ( not status ) then - stdnse.debug1("Login failed", response) + stdnse.debug1("Login failed") stdnse.debug3("Login error: %s", response) return end diff --git a/scripts/http-form-brute.nse b/scripts/http-form-brute.nse index b0e5f5117..c907cc2f0 100644 --- a/scripts/http-form-brute.nse +++ b/scripts/http-form-brute.nse @@ -324,7 +324,7 @@ action = function (host, port) return stdnse.format_output(false, string.format("Failed to submit the form to path %q", path)) end if success then - return stdnse.format_output(false, string.format("Failed to recognize failed authentication. See http-form-brute.onsuccess and http-form-brute.onfailure")) + return stdnse.format_output(false, "Failed to recognize failed authentication. See http-form-brute.onsuccess and http-form-brute.onfailure") end local engine = brute.Engine:new(Driver, host, port, options) diff --git a/scripts/http-tplink-dir-traversal.nse b/scripts/http-tplink-dir-traversal.nse index 23784a526..2aac55d4f 100644 --- a/scripts/http-tplink-dir-traversal.nse +++ b/scripts/http-tplink-dir-traversal.nse @@ -98,7 +98,7 @@ local function check_vuln(host, port) stdnse.debug1("HTTP GET %s", evil_uri) local response = http.get(host, port, evil_uri) if response.body and response.status==200 and response.body:match("root:") then - stdnse.debug1("Pattern 'root:' found.", response.body) + stdnse.debug1("Pattern 'root:' found.") return true end return false diff --git a/scripts/http-vuln-cve2011-3368.nse b/scripts/http-vuln-cve2011-3368.nse index 4e3e6e7bd..6a47a95ad 100644 --- a/scripts/http-vuln-cve2011-3368.nse +++ b/scripts/http-vuln-cve2011-3368.nse @@ -152,7 +152,7 @@ servers to remote users who send carefully crafted requests.]], end -- TEST 3: The external website test. This does not mean that you can reach a LAN ip, but this is a relevant issue anyway. - local external = http.get(host,port, ("@scanme.nmap.org"):format(prefix)) + local external = http.get(host,port, ("%s@scanme.nmap.org"):format(prefix)) if ( external.status == 200 and string.match(external.body,"Go ahead and ScanMe") ) then vuln.extra_info = "Proxy allows requests to external websites" end diff --git a/scripts/http-wordpress-enum.nse b/scripts/http-wordpress-enum.nse index 4f0a19167..2b6586bac 100644 --- a/scripts/http-wordpress-enum.nse +++ b/scripts/http-wordpress-enum.nse @@ -125,7 +125,7 @@ local function get_version(path, typeof, host, port) if versioncheck.body then version = versioncheck.body:match(pattern) end - stdnse.debug1("Version found:", version) + stdnse.debug1("Version found: %s", version) return version end diff --git a/scripts/ipv6-ra-flood.nse b/scripts/ipv6-ra-flood.nse index 1778a875f..5a35214da 100644 --- a/scripts/ipv6-ra-flood.nse +++ b/scripts/ipv6-ra-flood.nse @@ -61,7 +61,7 @@ prerule = function() end if not stdnse.get_script_args(SCRIPT_NAME .. ".interface") and not nmap.get_interface() then - stdnse.debug1("No interface was selected, aborting...", SCRIPT_NAME) + stdnse.debug1("No interface was selected, aborting...") return false end diff --git a/scripts/ms-sql-empty-password.nse b/scripts/ms-sql-empty-password.nse index 7cfb6fefb..3fefe9506 100644 --- a/scripts/ms-sql-empty-password.nse +++ b/scripts/ms-sql-empty-password.nse @@ -81,7 +81,7 @@ local function test_credentials( instance, helper, username, password ) if ( loginErrorCode == mssql.LoginErrorType.PasswordMustChange ) then passwordIsGood = true end if ( loginErrorCode == mssql.LoginErrorType.AccountLockedOut ) then stdnse.debug1("Account %s locked out on %s", username, instance:GetName() ) - table.insert( instance.ms_sql_empty, string.format("'sa' account is locked out.", result ) ) + table.insert( instance.ms_sql_empty, "'sa' account is locked out." ) end if ( mssql.LoginErrorMessage[ loginErrorCode ] == nil ) then stdnse.debug2("Attemping login to %s: Unknown login error number: %s", instance:GetName(), loginErrorCode ) diff --git a/scripts/p2p-conficker.nse b/scripts/p2p-conficker.nse index e1358a845..6837a44e4 100644 --- a/scripts/p2p-conficker.nse +++ b/scripts/p2p-conficker.nse @@ -605,7 +605,7 @@ action = function(host) udp_ports[generated_ports[2]] = true udp_ports[generated_ports[4]] = true - table.insert(response, string.format("Checking for Conficker.C or higher...")) + table.insert(response, "Checking for Conficker.C or higher...") -- Check the TCP ports for port in pairs(tcp_ports) do diff --git a/scripts/rtsp-url-brute.nse b/scripts/rtsp-url-brute.nse index 37f1d8b8a..8b7c3b1a8 100644 --- a/scripts/rtsp-url-brute.nse +++ b/scripts/rtsp-url-brute.nse @@ -115,7 +115,7 @@ action = function(host, port) local url_iter = urlIterator(f) if ( not(url_iter) ) then - return stdnse.format_output(false, ("Could not open the URL dictionary: "):format(f)) + return stdnse.format_output(false, ("Could not open the URL dictionary: %s"):format(f)) end local threads = {} diff --git a/scripts/smb-enum-domains.nse b/scripts/smb-enum-domains.nse index 9337b1d58..3fd4e4630 100644 --- a/scripts/smb-enum-domains.nse +++ b/scripts/smb-enum-domains.nse @@ -84,13 +84,13 @@ action = function(host) if(#data.groups > 0) then table.insert(piece, string.format("Groups: %s", stdnse.strjoin(", ", data.groups))) else - table.insert(piece, string.format("Groups: n/a")) + table.insert(piece, "Groups: n/a") end if(#data.users > 0) then table.insert(piece, string.format("Users: %s", stdnse.strjoin(", ", data.users))) else - table.insert(piece, string.format("Users: n/a")) + table.insert(piece, "Users: n/a") end -- Floor data.max_password_age, if possible @@ -111,7 +111,7 @@ action = function(host) if(data.lockout_threshold) then table.insert(piece, string.format("Account lockout: %s attempts in %s minutes will lock out the account for %s minutes", data.lockout_threshold, data.lockout_window or "unlimited", data.lockout_duration or "unlimited")) else - table.insert(piece, string.format("Account lockout disabled")) + table.insert(piece, "Account lockout disabled") end table.insert(response, piece) diff --git a/scripts/smb-psexec.nse b/scripts/smb-psexec.nse index aa7f73b64..3d8920380 100644 --- a/scripts/smb-psexec.nse +++ b/scripts/smb-psexec.nse @@ -948,7 +948,7 @@ local function get_config(host, config) enabled = false mod.disabled_message = {} table.insert(mod.disabled_message, string.format("Configuration error: Required argument(s) ('%s') weren't given.", stdnse.strjoin("', '", missing_args))) - table.insert(mod.disabled_message, string.format("Please add --script-args=[arg]=[value] to your commandline to run this module")) + table.insert(mod.disabled_message, "Please add --script-args=[arg]=[value] to your commandline to run this module") if(#missing_args == 1) then table.insert(mod.disabled_message, string.format("For example: --script-args=%s=123", missing_args[1])) else @@ -1188,7 +1188,7 @@ local function create_service(host, config) cleanup(host, config) if(string.find(err, "MARKED_FOR_DELETE")) then - return false, string.format("Service is stuck in 'being deleted' phase on remote machine; try setting script-args=randomseed=abc for now", err) + return false, "Service is stuck in 'being deleted' phase on remote machine; try setting script-args=randomseed=abc for now" else return false, string.format("Couldn't create the service on the remote machine: %s", err) end @@ -1278,7 +1278,7 @@ local function get_output_file(host, config) stdnse.debug1("Error in remote service: output file was never created!") cleanup(host, config) - return false, string.format("Error in remote service: output file was never created") + return false, "Error in remote service: output file was never created" end stdnse.debug1("Output file %s doesn't exist yet, waiting for %d more seconds", config.output_file, i)