directories that nmap will search, e.g. ~/.nmap/nselib $NMAPDIR/nselib
/usr/share/nmap/nselib etc.
Resolves Daniel Miller's request [1].
[1] http://seclists.org/nmap-dev/2011/q3/817
where the Script.new failed:
chosen_scripts[#chosen_scripts+1] = Script.new(path);
if Script.new returns nil, then the operation is a no-op (as intended). So,
just add the script to the array. Script.new now accepts a selected_by_name
argument so we don't set it manually.
then looks in the scripts subdirectory, then in the current directory.
cnse.fetchfile_absolute now checks for an absolute path, then calls
nmap_fetchfile if that fails (and no longer looks in scripts/). Use
cnse.fetchscript when accessing files that should be in the scripts
subdirectory.
instituted to keep memory under control when there are many open
ports. Nathan reported 3 GB of memory use (with an out-of-memory NSE
crash) for one host with tens of thousands of open ports. This limit
can be controlled with the variable CONCURRENCY_LIMIT in
nse_main.lua. [David]
o Add two new Script scan phases:
Script Pre-scanning phase: before any Nmap scan operation, activated by the new "prerule".
Script Post-scanning phase: after all Nmap scan operations, activated by the new "postrule".
o New environment variables:
SCRIPT_PATH
SCRIPT_NAME
SCRIPT_TYPE: the type of the rule that activated the script.
completed." due to two issues. One is that we already have a
different line printed in verbose mode which looks like "Completed NSE
at 14:31, 0.27s elapsed". The other problem is that this was being
printed in non-verbose mode when you specified an argument like
"--script ssl-cert". We intentionally bump the verbose mode of
scripts when they are specified individually like that so they can
report more script results, but I don't think we need the NSE
infrastructure itself to become more verbose.
custom libraries that must be used instead. (So, try to load our libaries
first, then look through system paths.) This bug is very rare since these
optional libraries are very rarely installed in most distributions.
Bug found by Onur K. [1].
[1] http://seclists.org/nmap-dev/2010/q1/197
with modifications from [2].
** Short description from [1] **
I have created a patch to NSE that replaces runlevels with a table of
dependencies that clearly outlines what other scripts the script
depends on. The table is of the form:
dependences = {"script1", script2", ...}
Runlevels become an internal representation of the order of scripts
that are generated by the dependencies. Dependencies only enforce
an execution order and not a requirement for execution.
[1] http://seclists.org/nmap-dev/2009/q4/295
[2] http://seclists.org/nmap-dev/2009/q4/446
