From b281e0bf1d330c63dfd752f0412a1597cd69c167 Mon Sep 17 00:00:00 2001 From: jay Date: Sat, 9 Aug 2014 19:09:06 +0000 Subject: [PATCH] Get rid of unnecessary spaces at the end of lines --- lpeg.c | 16 ++++++++-------- nse_main.lua | 10 +++++----- nse_nmaplib.cc | 2 +- nselib/json.lua | 6 +++--- nselib/stdnse.lua | 10 +++++----- scripts/http-affiliate-id.nse | 4 ++-- scripts/http-cisco-anyconnect.nse | 2 +- scripts/http-generator.nse | 2 +- scripts/http-passwd.nse | 2 +- scripts/http-vuln-cve2006-3392.nse | 10 +++++----- scripts/http-vuln-cve2014-2126.nse | 6 +++--- scripts/http-vuln-cve2014-2127.nse | 6 +++--- scripts/http-vuln-cve2014-2128.nse | 4 ++-- scripts/http-vuln-cve2014-2129.nse | 6 +++--- scripts/http-vuln-wnr1000-creds.nse | 14 +++++++------- scripts/mikrotik-routeros-brute.nse | 10 +++++----- 16 files changed, 55 insertions(+), 55 deletions(-) diff --git a/lpeg.c b/lpeg.c index 1c8b4d135..0c7c107ac 100644 --- a/lpeg.c +++ b/lpeg.c @@ -145,7 +145,7 @@ typedef struct Charset { #endif -/* +/* ** $Id: lptree.h,v 1.2 2013/03/24 13:51:12 roberto Exp $ */ @@ -900,7 +900,7 @@ static int pushcapture (CapState *cs) { /* ** Prepare a CapState structure and traverse the entire list of ** captures in the stack pushing its results. 's' is the subject -** string, 'r' is the final position of the match, and 'ptop' +** string, 'r' is the final position of the match, and 'ptop' ** the index in the stack where some useful values were pushed. ** Returns the number of results pushed. (If the list produces no ** results, push the final position of the match.) @@ -1306,7 +1306,7 @@ static int needfollow (TTree *tree) { case TSeq: tree = sib2(tree); goto tailcall; default: assert(0); return 0; - } + } } /* }====================================================== */ @@ -1327,7 +1327,7 @@ int sizei (const Instruction *i) { switch((Opcode)i->i.code) { case ISet: case ISpan: return CHARSETINSTSIZE; case ITestSet: return CHARSETINSTSIZE + 1; - case ITestChar: case ITestAny: case IChoice: case IJmp: + case ITestChar: case ITestAny: case IChoice: case IJmp: case ICall: case IOpenCall: case ICommit: case IPartialCommit: case IBackCommit: return 2; default: return 1; @@ -1561,7 +1561,7 @@ static void codechoice (CompileState *compst, TTree *p1, TTree *p2, int opt, int jmp = NOINST; codegen(compst, p1, 0, test, fl); if (!emptyp2) - jmp = addoffsetinst(compst, IJmp); + jmp = addoffsetinst(compst, IJmp); jumptohere(compst, test); codegen(compst, p2, opt, NOINST, fl); jumptohere(compst, jmp); @@ -1572,7 +1572,7 @@ static void codechoice (CompileState *compst, TTree *p1, TTree *p2, int opt, codegen(compst, p1, 1, NOINST, fullset); } else { - /* == + /* == test(fail(p1)) -> L1; choice L1; ; commit L2; L1: ; L2: */ int pcommit; int test = codetestset(compst, &cs1, e1); @@ -2144,7 +2144,7 @@ void printktable (lua_State *L, int idx) { /* number of siblings for each tree */ const byte numsiblings[] = { 0, 0, 0, /* char, set, any */ - 0, 0, /* true, false */ + 0, 0, /* true, false */ 1, /* rep */ 2, 2, /* seq, choice */ 1, 1, /* not, and */ @@ -3657,7 +3657,7 @@ const char *match (lua_State *L, const char *o, const char *s, const char *e, capsize = 2 * captop; } /* add new captures to 'capture' list */ - adddyncaptures(s, capture + captop - n - 2, n, fr); + adddyncaptures(s, capture + captop - n - 2, n, fr); } p++; continue; diff --git a/nse_main.lua b/nse_main.lua index 9bfa3ed37..c5a997b34 100644 --- a/nse_main.lua +++ b/nse_main.lua @@ -736,7 +736,7 @@ local function get_chosen_scripts (rules) local T = locale { V "space"^0 * V "expression" * V "space"^0 * P(-1); - + expression = V "disjunct" + V "conjunct" + V "value"; disjunct = (V "conjunct" + V "value") * V "space"^0 * K "or" * V "space"^0 * V "expression" / function (a, b) return a or b end; conjunct = V "value" * V "space"^0 * K "and" * V "space"^0 * V "expression" / function (a, b) return a and b end; @@ -746,7 +746,7 @@ local function get_chosen_scripts (rules) K "false" * Cc(false) + V "category" + V "path"; - + category = K "all" * Cc(true); -- pseudo-category "all" matches everything path = R("\033\039", "\042\126")^1 / match_script; -- all graphical characters not '(', ')' }; @@ -1159,14 +1159,14 @@ end nmap.registry.args = {}; do local args = {}; - + if cnse.scriptargsfile then local t, path = cnse.fetchfile_absolute(cnse.scriptargsfile) assert(t == 'file', format("%s is not a file", path)) print_debug(1, "Loading script-args from file `%s'", cnse.scriptargsfile); args[#args+1] = assert(assert(open(path, 'r')):read "*a"):gsub("\n", ","):gsub(",*$", ""); end - + if cnse.scriptargs then -- Load script arguments (--script-args) print_debug(1, "Arguments from CLI: %s", cnse.scriptargs); args[#args+1] = cnse.scriptargs; @@ -1209,7 +1209,7 @@ do end end end - + -- Update Missing Script Database? if script_database_type ~= "file" then print_verbose(1, "Script Database missing, will create new one."); diff --git a/nse_nmaplib.cc b/nse_nmaplib.cc index c63aff7ff..6020c43d6 100644 --- a/nse_nmaplib.cc +++ b/nse_nmaplib.cc @@ -666,7 +666,7 @@ static int l_get_version_intensity (lua_State *L) if (is_script_intensity_set) { if (script_intensity < 0 || script_intensity > 9) error("Warning: Valid values of script arg script-intensity are between " - "0 and 9. Using %d nevertheless.\n", script_intensity); + "0 and 9. Using %d nevertheless.\n", script_intensity); intensity = script_intensity; } else { intensity = o.version_intensity; diff --git a/nselib/json.lua b/nselib/json.lua index a5d32440a..108b5792d 100644 --- a/nselib/json.lua +++ b/nselib/json.lua @@ -61,7 +61,7 @@ _M.NULL = NULL; local function utf8_enc (cp) local result = {}; local n, mask; - + if cp % 1.0 ~= 0.0 or cp < 0 then -- Only defined for nonnegative integers. error("utf code point defined only for non-negative integers"); @@ -80,14 +80,14 @@ local function utf8_enc (cp) else assert(false); end - + while n > 1 do result[n] = 0x80 + bit.band(cp, 0x3F); cp = bit.rshift(cp, 6); n = n - 1; end result[1] = mask + cp; - + return string.char(unpack(result)); end diff --git a/nselib/stdnse.lua b/nselib/stdnse.lua index f30e7e4a1..c0fef8017 100644 --- a/nselib/stdnse.lua +++ b/nselib/stdnse.lua @@ -78,7 +78,7 @@ local function debug (level, ...) prefix = prefix .. ":" .. port.number end prefix = prefix .. "] " - if prefix ~= "[] " then + if prefix ~= "[] " then nmap.log_write("stdout", prefix..format(...)) else nmap.log_write("stdout", format(...)) @@ -96,7 +96,7 @@ end -- arguments are processed with Lua's string.format function. -- -- If known, the output includes some context based information: the script --- identifier and the target ip/port (if there is one). If the debug level is +-- identifier and the target ip/port (if there is one). If the debug level is -- at least 2, it also prints the base thread identifier and whether it is a -- worker thread or the master thread. -- @@ -115,7 +115,7 @@ function debug4 (...) return debug(4, ...) end function debug5 (...) return debug(5, ...) end --- --- Deprecated version of debug(), kept for now to prevent the script id from being +-- Deprecated version of debug(), kept for now to prevent the script id from being -- printed twice. Scripts should use debug() and not pass SCRIPT_NAME print_debug = function(level, fmt, ...) local l, d = tonumber(level), nmap.debugging(); @@ -154,7 +154,7 @@ end --- -- Prints a formatted verbosity message if the current verbosity level is greater -- than or equal to a given level. --- +-- -- This is a convenience wrapper around nmap.log_write. The first -- optional numeric argument, level, is used as the verbosity level -- necessary to print the message (it defaults to 1 if omitted). All remaining @@ -179,7 +179,7 @@ function verbose4 (...) return verbose(4, ...) end function verbose5 (...) return verbose(5, ...) end --- --- Deprecated version of verbose(), kept for now to prevent the script id from being +-- Deprecated version of verbose(), kept for now to prevent the script id from being -- printed twice. Scripts should use verbose() and not pass SCRIPT_NAME print_verbose = function(level, fmt, ...) local l, d = tonumber(level), nmap.verbosity(); diff --git a/scripts/http-affiliate-id.nse b/scripts/http-affiliate-id.nse index 99dc89d68..c4a212ea9 100644 --- a/scripts/http-affiliate-id.nse +++ b/scripts/http-affiliate-id.nse @@ -95,14 +95,14 @@ portaction = function(host, port) for shortener, pattern in pairs(URL_SHORTENERS) do for i, shortened in ipairs(pattern:match(body)) do - stdnse.debug1("Found shortened Url: " .. shortened) + stdnse.debug1("Found shortened Url: " .. shortened) local response = http.get(shortener, 80, shortened) stdnse.debug1("status code: %d", response.status) if (response.status == 301 or response.status == 302) and response.header['location'] then followed[#followed + 1] = response.header['location'] end end - end + end followed = table.concat(followed, "\n") -- Here goes affiliate matching diff --git a/scripts/http-cisco-anyconnect.nse b/scripts/http-cisco-anyconnect.nse index 932c5c49c..b3383dd9e 100644 --- a/scripts/http-cisco-anyconnect.nse +++ b/scripts/http-cisco-anyconnect.nse @@ -16,7 +16,7 @@ and tunnel information. -- @output -- PORT STATE SERVICE REASON -- 443/tcp open https syn-ack --- | http-cisco-anyconnect: +-- | http-cisco-anyconnect: -- | version: 9.1(5) -- | tunnel-group: VPN -- | group-alias: vpn diff --git a/scripts/http-generator.nse b/scripts/http-generator.nse index 792595734..8c002cc9a 100644 --- a/scripts/http-generator.nse +++ b/scripts/http-generator.nse @@ -4,7 +4,7 @@ local stdnse = require "stdnse" local string = require "string" description = [[ -Displays the contents of the "generator" meta tag of a web page (default: /) +Displays the contents of the "generator" meta tag of a web page (default: /) if there is one. ]] diff --git a/scripts/http-passwd.nse b/scripts/http-passwd.nse index c5a481e11..716e80fc8 100644 --- a/scripts/http-passwd.nse +++ b/scripts/http-passwd.nse @@ -173,7 +173,7 @@ action = function(host, port) -- Check for something that looks like a query referring to a file name, like -- "index.php?page=next.php". Replace the query value with each of the test - -- vectors. + -- vectors. local response = http.get(host, port, root) if response.body then local page_var = response.body:match ("[%?%&](%a-)=%a-%.%a") diff --git a/scripts/http-vuln-cve2006-3392.nse b/scripts/http-vuln-cve2006-3392.nse index fb7abb15b..f87c820f7 100644 --- a/scripts/http-vuln-cve2006-3392.nse +++ b/scripts/http-vuln-cve2006-3392.nse @@ -8,7 +8,7 @@ description = [[ Exploits a file disclosure vulnerability in Webmin (CVE-2010-0738) Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML. -This allows arbitrary files to be read, without requiring authentication, using "..%01" sequences +This allows arbitrary files to be read, without requiring authentication, using "..%01" sequences to bypass the removal of "../" directory traversal sequences. ]] --- @@ -18,14 +18,14 @@ to bypass the removal of "../" directory traversal sequences. -- @output -- PORT STATE SERVICE REASON -- 10000/tcp open webmin syn-ack --- | http-vuln-cve2006-3392: +-- | http-vuln-cve2006-3392: -- | VULNERABLE: -- | Webmin File Disclosure -- | State: VULNERABLE (Exploitable) -- | IDs: CVE:CVE-2006-3392 -- | Description: -- | Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML. --- | This allows arbitrary files to be read, without requiring authentication, using "..%01" sequences +-- | This allows arbitrary files to be read, without requiring authentication, using "..%01" sequences -- | to bypass the removal of "../" directory traversal sequences. -- | Disclosure date: 2006 -- | Extra information: @@ -52,7 +52,7 @@ action = function(host, port) IDS = {CVE = 'CVE-2006-3392'}, description = [[ Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML. -This allows arbitrary files to be read, without requiring authentication, using "..%01" sequences +This allows arbitrary files to be read, without requiring authentication, using "..%01" sequences to bypass the removal of "../" directory traversal sequences. ]], references = { @@ -67,7 +67,7 @@ to bypass the removal of "../" directory traversal sequences. local vuln_report = vulns.Report:new(SCRIPT_NAME, host, port) local url = "/unauthenticated/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01" .. file_var - stdnse.debug1("Getting " .. file_var) + stdnse.debug1("Getting " .. file_var) local detection_session = http.get(host, port, url) diff --git a/scripts/http-vuln-cve2014-2126.nse b/scripts/http-vuln-cve2014-2126.nse index 7d3f6063e..32f5a5449 100644 --- a/scripts/http-vuln-cve2014-2126.nse +++ b/scripts/http-vuln-cve2014-2126.nse @@ -6,7 +6,7 @@ local sslcert = require('sslcert') description = [[ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA ASDM Privilege Escalation Vulnerability (CVE-2014-2126). -]] +]] --- -- @usage @@ -15,14 +15,14 @@ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA ASDM Priv -- @output -- PORT STATE SERVICE -- 443/tcp open https --- | http-vuln-cve2014-2126: +-- | http-vuln-cve2014-2126: -- | VULNERABLE: -- | Cisco ASA ASDM Privilege Escalation Vulnerability -- | State: VULNERABLE -- | Risk factor: High CVSSv2: 8.5 (HIGH) (AV:N/AC:M/AU:S/C:C/I:C/A:C) -- | Description: -- | Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 before 8.4(7.5), 8.7 before 8.7(1.11), 9.0 before 9.0(3.10), and 9.1 before 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496. --- | +-- | -- | References: -- | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa -- |_ http://cvedetails.com/cve/2014-2126/ diff --git a/scripts/http-vuln-cve2014-2127.nse b/scripts/http-vuln-cve2014-2127.nse index fe4645152..612223661 100644 --- a/scripts/http-vuln-cve2014-2127.nse +++ b/scripts/http-vuln-cve2014-2127.nse @@ -6,7 +6,7 @@ local sslcert = require('sslcert') description = [[ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN Privilege Escalation Vulnerability (CVE-2014-2127). -]] +]] --- -- @usage @@ -15,14 +15,14 @@ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN P -- @output -- PORT STATE SERVICE -- 443/tcp open https --- | http-vuln-cve2014-2127: +-- | http-vuln-cve2014-2127: -- | VULNERABLE: -- | Cisco ASA SSL VPN Privilege Escalation Vulnerability -- | State: VULNERABLE -- | Risk factor: High CVSSv2: 8.5 (HIGH) (AV:N/AC:M/AU:S/C:C/I:C/A:C) -- | Description: -- | Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099. --- | +-- | -- | References: -- | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa -- |_ http://cvedetails.com/cve/2014-2127/ diff --git a/scripts/http-vuln-cve2014-2128.nse b/scripts/http-vuln-cve2014-2128.nse index b88fd0619..6d7df3048 100644 --- a/scripts/http-vuln-cve2014-2128.nse +++ b/scripts/http-vuln-cve2014-2128.nse @@ -15,14 +15,14 @@ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN A -- @output -- PORT STATE SERVICE -- 443/tcp open https --- | http-vuln-cve2014-2128: +-- | http-vuln-cve2014-2128: -- | VULNERABLE: -- | Cisco ASA SSL VPN Authentication Bypass Vulnerability -- | State: VULNERABLE -- | Risk factor: Medium CVSSv2: 5.0 (MEDIUM) (AV:N/AC:L/AU:N/C:P/I:N/A:N) -- | Description: -- | The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted cookie value within modified HTTP POST data or (2) a crafted URL, aka Bug ID CSCua85555. --- | +-- | -- | References: -- | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa -- |_ http://cvedetails.com/cve/2014-2128/ diff --git a/scripts/http-vuln-cve2014-2129.nse b/scripts/http-vuln-cve2014-2129.nse index 5a4964767..e4d9fecc0 100644 --- a/scripts/http-vuln-cve2014-2129.nse +++ b/scripts/http-vuln-cve2014-2129.nse @@ -6,7 +6,7 @@ local sslcert = require('sslcert') description = [[ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SIP Denial of Service Vulnerability (CVE-2014-2129). -]] +]] --- -- @usage @@ -15,14 +15,14 @@ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SIP Denia -- @output -- PORT STATE SERVICE -- 443/tcp open https --- | http-vuln-cve2014-2129: +-- | http-vuln-cve2014-2129: -- | VULNERABLE: -- | Cisco ASA SIP Denial of Service Vulnerability -- | State: VULNERABLE -- | Risk factor: High CVSSv2: 7.1 (HIGH) (AV:N/AC:M/AU:N/C:N/I:N/A:C) -- | Description: -- | The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052. --- | +-- | -- | References: -- | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa -- |_ http://cvedetails.com/cve/2014-2129/ diff --git a/scripts/http-vuln-wnr1000-creds.nse b/scripts/http-vuln-wnr1000-creds.nse index 44c679972..ccc3ee883 100644 --- a/scripts/http-vuln-wnr1000-creds.nse +++ b/scripts/http-vuln-wnr1000-creds.nse @@ -5,8 +5,8 @@ local string = require "string" local vulns = require "vulns" description = [[ -A vulnerability has been discovered in WNR 1000 series that allows an attacker -to retrieve administrator credentials with the router interface. +A vulnerability has been discovered in WNR 1000 series that allows an attacker +to retrieve administrator credentials with the router interface. Tested On Firmware Version(s): V1.0.2.60_60.0.86 (Latest) and V1.0.2.54_60.0.82NA Vulnerability discovered by c1ph04. @@ -18,14 +18,14 @@ Vulnerability discovered by c1ph04. -- @output -- PORT STATE SERVICE REASON -- 80/tcp open http syn-ack --- | http-vuln-wnr1000-creds: +-- | http-vuln-wnr1000-creds: -- | VULNERABLE: -- | Netgear WNR1000v3 Credential Harvesting Exploit -- | State: VULNERABLE (Exploitable) -- | IDs: None, 0-day -- | Description: --- | A vulnerability has been discovered in WNR 1000 series that allows an attacker --- | to retrieve administrator credentials with the router interface. +-- | A vulnerability has been discovered in WNR 1000 series that allows an attacker +-- | to retrieve administrator credentials with the router interface. -- | Tested On Firmware Version(s): V1.0.2.60_60.0.86 (Latest) and V1.0.2.54_60.0.82NA -- | Disclosure date: 26-01-2014 -- | References: @@ -49,8 +49,8 @@ action = function(host, port) title = 'Netgear WNR1000v3 Credential Harvesting Exploit', state = vulns.STATE.NOT_VULN, -- default description = [[ - A vulnerability has been discovered in WNR 1000 series that allows an attacker - to retrieve administrator credentials with the router interface. + A vulnerability has been discovered in WNR 1000 series that allows an attacker + to retrieve administrator credentials with the router interface. Tested On Firmware Version(s): V1.0.2.60_60.0.86 (Latest) and V1.0.2.54_60.0.82NA. Vulnerability discovered by c1ph04. ]], diff --git a/scripts/mikrotik-routeros-brute.nse b/scripts/mikrotik-routeros-brute.nse index c208e97b4..ff9c64825 100644 --- a/scripts/mikrotik-routeros-brute.nse +++ b/scripts/mikrotik-routeros-brute.nse @@ -8,7 +8,7 @@ Additional information: --- -- @usage -- nmap -p8728 --script mikrotik-routeros-brute --- +-- -- @output -- PORT STATE SERVICE REASON -- 8728/tcp open unknown syn-ack @@ -35,7 +35,7 @@ local openssl = stdnse.silent_require "openssl" portrule = shortport.portnumber(8728, "tcp") -Driver = +Driver = { new = function(self, host, port, options ) local o = { host = host, port = port, options = options } @@ -44,7 +44,7 @@ Driver = o.emptypass = true return o end, - + connect = function( self ) self.s = nmap.new_socket("tcp") self.s:set_timeout(self.options['timeout']) @@ -81,10 +81,10 @@ Driver = end return false, brute.Error:new( "Incorrect password" ) end, - + disconnect = function( self ) return self.s:close() - end + end } action = function(host, port)