From baa404b050841700fdcb35c0e3024e873592ba97 Mon Sep 17 00:00:00 2001 From: patrik Date: Mon, 27 Jun 2011 21:00:11 +0000 Subject: [PATCH] improved documentation and added sample code add getCredentials function [Patrik] --- nselib/creds.lua | 77 ++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 71 insertions(+), 6 deletions(-) diff --git a/nselib/creds.lua b/nselib/creds.lua index b487e8b2b..db06fe73f 100644 --- a/nselib/creds.lua +++ b/nselib/creds.lua @@ -1,11 +1,46 @@ --- The credential class stores found credentials in the Nmap registry -- +-- The credentials library may be used by scripts to store credentials in +-- a common format in the nmap registry. The Credentials class serves as +-- a primary interface for scripts to the library. +-- +-- The State table keeps track of possible account states and a corresponding +-- message to return for each state. +-- +-- The following code illustrates how a script may add discovered credentials +-- to the database: +-- +-- local c = creds.Credentials:new( SCRIPT_NAME, host, port ) +-- c:add("patrik", "secret", creds.State.VALID ) +-- +-- +-- The following code illustrates how a script can return a table of discovered +-- credentials at the end of execution: +-- +-- return tostring(creds.Credentials:new(SCRIPT_NAME, host, port)) +-- +-- +-- The following code illustrates how a script may iterate over discovered +-- credentials: +-- +-- local c = creds.Credentials:new(creds.ALL_DATA, host, port) +-- for _, cred in pairs(c:getCredentials(creds.State.VALID)) do +-- chowContentForUser(cred.user, cred.pass) +-- end +-- +-- + -- -- @author "Patrik Karlsson " -- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html -- Version 0.1 -- Created 2011/02/06 - v0.1 - created by Patrik Karlsson +-- Revised 2011/27/06 - v0.2 - revised by Patrik Karlsson +-- added documentation +-- added getCredentials function +-- + module(... or "creds", package.seeall) require('ipOps') @@ -60,10 +95,12 @@ RegStorage = { --- Sets the storage filter -- -- @param host table containing the host - -- @param port table containign the port - setFilter = function( self, host, port ) + -- @param port table containing the port + -- @param state table containing the account state + setFilter = function( self, host, port, state ) self.filter.host = host self.filter.port = port + self.filter.state = state end, --- Retrieves the table containing all credential records @@ -79,13 +116,21 @@ RegStorage = { for _, v in pairs(tbl) do local h = ( v.host.ip or v.host ) if ( not(host) and not(port) ) then - table.insert(new_tbl, v) + if ( not(self.filter.state) or ( v.state == self.filter.state ) ) then + table.insert(new_tbl, v) + end elseif ( not(host) and ( port == v.port ) ) then - table.insert(new_tbl, v) + if ( not(self.filter.state) or ( v.state == self.filter.state ) ) then + table.insert(new_tbl, v) + end elseif ( ( host and ( h == host or h == host.ip ) ) and not(port) ) then - table.insert(new_tbl, v) + if ( not(self.filter.state) or ( v.state == self.filter.state ) ) then + table.insert(new_tbl, v) + end elseif ( ( host and ( h == host or h == host.ip ) ) and port.number == v.port ) then - table.insert(new_tbl, v) + if ( not(self.filter.state) or ( v.state == self.filter.state ) ) then + table.insert(new_tbl, v) + end end end return new_tbl @@ -135,6 +180,26 @@ Credentials = { end end, + --- Returns all accounts for a given state, or all states if no filter is set + -- + -- @param state table containing a value from the State table + -- @return table containing accounts matching the state, or all accounts if + -- no state was given. Accounts have the following fields: + -- host - table as received by the action function + -- port - number containing the port number + -- user - string containing the user name + -- pass - string containing the user password + -- state - a state table @see State + -- service - string containing the name of the service + -- scriptname - string containing the name of the + -- script that added the credential + getCredentials = function(self, state) + if ( state ) then + self.storage:setFilter(self.host, { number=self.port, service = self.service }, state) + end + return self.storage:getAll() + end, + --- Returns a table of credentials -- -- @return tbl table containing the discovered credentials