diff --git a/Makefile.in b/Makefile.in index 889be7bca..2a7c317c1 100644 --- a/Makefile.in +++ b/Makefile.in @@ -187,9 +187,12 @@ install-nmapfe: $(TARGETNMAPFE) -test -f nmapfe/nmapfe && $(INSTALL) -c -m 755 -s nmapfe/nmapfe $(DESTDIR)$(bindir)/nmapfe && rm -f $(DESTDIR)$(bindir)/xnmap && $(SHTOOL) mkln -f -s $(DESTDIR)$(bindir)/nmapfe $(DESTDIR)$(bindir)/xnmap && $(INSTALL) -c -m 644 nmapfe.desktop $(DESTDIR)$(deskdir)/nmapfe.desktop && $(INSTALL) -c -m 644 docs/nmapfe.1 $(DESTDIR)$(mandir)/man1/nmapfe.1 && $(INSTALL) -c -m 644 docs/xnmap.1 $(DESTDIR)$(mandir)/man1/xnmap.1 NSE_FILES = scripts/script.db scripts/*.nse +NSE_LIB_FILES = nselib/*lua install-nse: $(TARGET) $(SHTOOL) mkdir -f -p -m 755 $(DESTDIR)$(nmapdatadir)/scripts cp -f $(NSE_FILES) $(DESTDIR)$(nmapdatadir)/scripts + $(SHTOOL) mkdir -f -p -m 755 $(DESTDIR)$(nmapdatadir)/nselib + cp -f $(NSE_LIB_FILES) $(DESTDIR)$(nmapdatadir)/nselib install: install-nmap $(INSTALLNMAPFE) $(INSTALLNSE) diff --git a/nse_init.cc b/nse_init.cc index 6152521bf..b55a009df 100644 --- a/nse_init.cc +++ b/nse_init.cc @@ -18,7 +18,7 @@ #include "errno.h" #include - +int init_setlualibpath(lua_State* l); int init_loadfile(lua_State* l, char* filename); int init_loaddir(lua_State* l, char* dirname); int init_loadcategories(lua_State* l, std::vector categories, std::vector &unusedTags); @@ -61,10 +61,57 @@ int init_lua(lua_State* l) { lua_newtable(l); SCRIPT_ENGINE_TRY(set_nmaplib(l)); lua_setglobal(l, "nmap"); + SCRIPT_ENGINE_TRY(init_setlualibpath(l)); return SCRIPT_ENGINE_SUCCESS; } +/*sets two variables, which control where lua looks for modules (implemented in C or lua */ +int init_setlualibpath(lua_State* l){ + char path[MAX_FILENAME_LEN]; + const char*oldpath, *oldcpath; + std::string luapath, luacpath; + /* set the path lua searches for modules*/ + if(nmap_fetchfile(path, MAX_FILENAME_LEN, SCRIPT_ENGINE_LIB_DIR)!=2){ + /*SCRIPT_ENGINE_LIB_DIR is not a directory - error */ + error("%s: %s not a directory\n", SCRIPT_ENGINE, SCRIPT_ENGINE_LIB_DIR); + return SCRIPT_ENGINE_ERROR; + } + /* the path lua uses to search for modules is setted to the + * SCRIPT_ENGINE_LIBDIR/ *.lua with the default path + * (which is read from the package-module) appended - + * the path for C-modules is as above but it searches for shared libs (*.so) */ + luapath= std::string(path) + "?.lua;"; + luacpath= std::string(path) + "?.so;"; + lua_getglobal(l,"package"); + if(!lua_istable(l,-1)){ + error("%s: the lua global-variable package is not a table?!", SCRIPT_ENGINE); + return SCRIPT_ENGINE_ERROR; + } + lua_getfield(l,-1, "path"); + lua_getfield(l,-2, "cpath"); + if(!lua_isstring(l,-1)||!lua_isstring(l,-2)){ + error("%s: no default paths setted in package table (needed in %s at line %d) -- probably a problem of the lua-configuration?!", SCRIPT_ENGINE, __FILE__, __LINE__); + return SCRIPT_ENGINE_ERROR; + } + oldcpath= lua_tostring(l,-1); + oldpath = lua_tostring(l,-2); + luacpath= luacpath + oldcpath; + luapath= luapath + oldpath; + lua_pop(l,2); + lua_pushstring(l, luapath.c_str()); + lua_setfield(l, -2, "path"); + lua_pushstring(l, luacpath.c_str()); + lua_setfield(l, -2, "cpath"); + lua_getfield(l,-1, "path"); + lua_getfield(l,-2, "cpath"); + SCRIPT_ENGINE_DEBUGGING(log_write(LOG_STDOUT, "%s: Using %s to search for C-modules and %s for Lua-modules\n", SCRIPT_ENGINE, lua_tostring(l,-1), lua_tostring(l,-2));) + /*pop the two strings (luapath and luacpath) and the package table off + * the stack */ + lua_pop(l,3); + return SCRIPT_ENGINE_SUCCESS; +} + /* if there were no command line arguments specifying * which scripts should be run, a default script set is * chosen diff --git a/nse_macros.h b/nse_macros.h index dab99a51e..484671f01 100644 --- a/nse_macros.h +++ b/nse_macros.h @@ -25,6 +25,12 @@ #define SCRIPT_ENGINE_LUA_DIR "scripts/" #endif +#ifdef WIN32 + #define SCRIPT_ENGINE_LIB_DIR "nselib\\" +#else + #define SCRIPT_ENGINE_LIB_DIR "nselib/" +#endif + #define SCRIPT_ENGINE_DATABASE "script.db" #define SCRIPT_ENGINE_EXTENSION ".nse" diff --git a/nse_nmaplib.cc b/nse_nmaplib.cc index e6635bd8e..5755539eb 100644 --- a/nse_nmaplib.cc +++ b/nse_nmaplib.cc @@ -8,6 +8,7 @@ #include "NmapOps.h" #include "nmap_rpc.h" #include "Target.h" +#include "output.h" #define SCRIPT_ENGINE_GETSTRING(name) \ char* name; \ @@ -394,7 +395,7 @@ static int l_set_port_version(lua_State* l, Target* target, Port* port) { } static int l_print_debug_unformatted(lua_State *l) { - int verbosity(0), stack_counter(1); + int verbosity=1, stack_counter(1); const char *out; if (lua_isnumber (l, 1) && (lua_gettop(l) > 1)) { @@ -403,8 +404,7 @@ static int l_print_debug_unformatted(lua_State *l) { stack_counter++; } out = luaL_checkstring(l, stack_counter); - - error("%s NSE DEBUG: %s", SCRIPT_ENGINE, out); + log_write(LOG_STDOUT, "%s NSE DEBUG: %s\n", SCRIPT_ENGINE, out); return 0; } diff --git a/nselib/ipOps.lua b/nselib/ipOps.lua new file mode 100644 index 000000000..9531f64c7 --- /dev/null +++ b/nselib/ipOps.lua @@ -0,0 +1,32 @@ +module(...,package.seeall) + + +isPrivate = function(ip) + -- check to see if ip is part of RFC 1918 address space + -- if so, don't bother with the RIPE lookup + local a, b + a, b = get_parts_as_number(ip) + if a == 10 then + return true + elseif a == 172 and (b>15 and b<32) then + return true + elseif a == 192 and b == 168 then + return true + end + return false +end + +todword = function(ip) + local a, b, c, d + a,b,c,d = get_parts_as_number(ip) + return (((a*256+b))*256+c)*256+d +end + +get_parts_as_number = function(ip) + local a,b,c,d = string.match(ip, "(%d+)%.(%d+)%.(%d+)%.(%d+)") + a = tonumber(a); + b = tonumber(b); + c = tonumber(c); + d = tonumber(d); + return a,b,c,d +end diff --git a/nselib/shortport.lua b/nselib/shortport.lua new file mode 100644 index 000000000..4edeaf7e2 --- /dev/null +++ b/nselib/shortport.lua @@ -0,0 +1,54 @@ +module(...) + +protorule = function(porttab, service, proto, state) + state = state or "open" + proto = proto or "tcp" + if porttab.service==service + and porttab.protocol == proto + and porttab.state == state + then + return true; + else + return false; + end +end + +portnumber = function(porttab, number, proto, state) + state = state or "open" + proto = proto or "tcp" + if porttab.number==number + and porttab.protocol == proto + and porttab.state ==state + then + return true; + else + return false; + end + +end + +port_in_list = function(porttab, proto, ...) + if not porttab.protocol==proto + then + return false + end + for i, v in ipairs{...} do + if porttab.number == v then + return true + end + end + return false +end + +port_or_service = function(porttab, number, service, proto, state) + state= state or "open" + proto = proto or "tcp" + if (porttab.number==number or porttab.service==service) + and porttab.protocol==proto + and porttab.state == state + then + return true + else + return false + end +end diff --git a/scripts/ripeQuery.nse b/scripts/ripeQuery.nse index c553ea713..8535400b2 100644 --- a/scripts/ripeQuery.nse +++ b/scripts/ripeQuery.nse @@ -1,3 +1,5 @@ +require "ipOps" + id = "RIPE query" description = "Connects to the RIPE database, extracts and prints the role: entry for the IP." author = "Diman Todorov " @@ -6,7 +8,7 @@ license = "See nmaps COPYING for licence" categories = {"discovery"} hostrule = function(host, port) - return true + return not ipOps.isPrivate(host.ip) end action = function(host, port) diff --git a/scripts/showHTMLTitle.nse b/scripts/showHTMLTitle.nse index 25624e903..8819cf849 100644 --- a/scripts/showHTMLTitle.nse +++ b/scripts/showHTMLTitle.nse @@ -11,19 +11,10 @@ license = "See nmaps COPYING for licence" categories = {"demo", "safe"} +require "shortport" + portrule = function(host, port) - if - ( port.number == 80 - or port.service == "http") - and port.protocol == "tcp" - and port.state == "open" - -- and host.name ~= nil - -- and string.match(host.name, "www.+") - then - return true - else - return false - end + return shortport.port_or_service(port, 80, "http") end action = function(host, port) @@ -57,7 +48,7 @@ action = function(host, port) if title ~= nil then result = string.gsub(title , "[\n\r\t]", "") if string.len(title) > 50 then - nmap.print_debug_unformatted("showHTMLTitle.nse: title was truncated!"); + nmap.print_debug_unformatted("showHTMLTitle.nse: Title got truncated!"); result = string.sub(result, 1, 62) .. "..." end else