Changes fall into these categories:
1. Avoid pathological string building. Loops over x = x .. "foo" can
become very slow. Instead, use strbuf.lua, table.concat, or just one
continuous concatenation; a = x .. y .. z is one operation, better than
a = x .. y; a = a .. z
2. Use hex-escaped strings instead of string.char. I find this more
readable in many cases, and it avoids a table lookup and function call.
3. Don't duplicate code. A few libraries and scripts had re-implemented
stdnse.generate_random_string or openssl.rand_bytes.
This one also fixes format string bugs:
stdnse.print_debug(foo) --> stdnse.debug1("%s", foo)
$ sed -i 's/stdnse.print_debug( *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug1("%s", \1)/' *.nse
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug\1("%s", \2)/' *.nse
stdnse.print_debug accepts a format string and arguments, making
string.format redundant in calls of this form:
stdnse.print_debug(1, string.format("%s: error", SCRIPT_NAME))
stdnse.print_debug(("length %d"):format(#tab))
These can be rewritten as:
stdnse.print_debug(1, "%s: error", SCRIPT_NAME)
stdnse.print_debug("length %d", #tab)
attributename:ruleOID:=value
for example the following finds AD Domain controllers:
(userAccountControl:1.2.840.113556.1.4.803:=8192)
Also added the above as a quickfilter (ad_dcs) to ldap-search.nse to serve as a code example.
Added documentation to explain the values used in some field.
Added a new quick filter (qfilter) to ldap-search.nse that allows the user to specify, on the command line, an attribute and corresponding value to search the LDAP directory for. The use of the asterisk '*' as a wildcard is permitted in the value parameter.
Updated asn1.lua with some minor notes on a hex value that was used.
socket:connect(host.ip, port.number)
socket:connect(host.ip, port.number, port.protocol)
to this:
socket:connect(host, port)
connect can take host and port tables now, and the default protocol is
taken from the port table if possible.
