Two changes here, both minor. First, explicitly assigning a new key to
nil does not add the key to the ordered set of keys. This better
emulates the behavior of regular tables.
> o = stdnse.output_table()
> o["test"] = nil
This previously resulted in output like this:
|_ test: nil
Now it simply omits the "test:" key.
Second, I needed a way to tell whether an output table was empty or not.
Since Lua's next() function doesn't call the __pairs metamethod, it was
always returning nil. Instead, I used the __call metamethod, since it
had the least preexisting semantic meaning:
> o = stdnse.output_table()
> =o()
false
> o["test"] = 1
> =o()
true
There was a reverse table that was meant to map keys to their position
in the order table, to make it easy to table.remove an entry from order.
But removing something from order would shift the indices of all
following elements by 1, and those elements were not updated
correspondingly in the reverse table. Instead, do a linear lookup for
the the element to remove from order, after checking that the element
exists at all.
http://seclists.org/nmap-dev/2012/q3/905
This takes a broken-down date table, as produced by os.date("*t"), and
converts it into an integer number of seconds since the epoch UTC,
interpreting it as a time in a given time zone. Simply passing a date
table to os.time is not good enough, because os.time always assumes the
date table represents a local time; i.e., you will get different results
from running os.time({year=2012,month=1,day=1,hour=12,min=0,sec=0})
depending on what time zone you run it in.
Scripts may now return a key–value table, or such a table in addition to
a string. The table will be automatically formatted for normal output
and will appear as a hierarchy of elements in XML output.
Some history and discussion of this development can be found at
https://secwiki.org/w/Nmap/Structured_Script_Output.
This is a merge of r29484:29569 from /nmap-exp/david/xml-output.
There are various functions in the internal nmap.socket and nmap.dnet
libraries that are there for technical reasons:
http://seclists.org/nmap-dev/2012/q1/318
The sleep function is exposed through the stdnse namespace because it
fits that library better.
Some code comments said that names such as nmap.new_socket were
deprecated in favor of e.g. nmap.socket.new, but the old names were
never formally deprecated, so I removed those comments.
indent and prefix before each line, not just at the beginning. If the
indent was ">>>>", then formatting the line "AB\nCD" would result in
| >>>> AB
|_CD
Now it will be
| >>>> AB
|_>>>> CD
Some script were working around this by relying on an invisible blank
first line and manually indenting following lines.
This should be handled by the generic case, and I don't think it was
used anyway because the logic was wrong:
if(indent == nil and #data == 1 and type(data) == 'string' and not(data['name']) and not(data['warning'])) then
return data[1]
end
This seems to be checking for a one-element table whose single element
is a string. But the test "#data == 1 and type(data) == 'string'" is
actually testing for a one-byte string. I think this is supposed to be
"type(data[1]) == 'string'", but anyway it should be handled by the
generic case.
point seconds since the epoch, and add clock_ms() and clock_us() to stdnse
for convenience (millisecond and microsecond).
qscan.nse now provides microsecond resolution.
it was returning an empty string, causing blank output entries for
scripts with no output:
80/tcp open http
|_citrix-enum-apps-xml:
|_citrix-enum-servers-xml:
| http-headers:
| Date: Sun, 31 Jan 2010 19:28:13 GMT
| Server: Apache/2.2.3 (CentOS)
| Accept-Ranges: bytes
| Content-Length: 739
| Connection: close
| Content-Type: text/html; charset=UTF-8
|
|_ (Request type: HEAD)
|_http-date: Sun, 31 Jan 2010 19:28:14 GMT; +1s from local time.
|_html-title: Go ahead and ScanMe!
1) I wrote a function that formats output from scripts in a consistent way. Although we haven't really come to a concensus on how it should look yet, it's easy to change when we do.
2) New script: smb-enum-groups.nse. Enumerate the local groups on a system and their membership.
now a script is limited in parallelism to working on one socket at any
time. A script can now create a worker thread that will be capable of
doing work on sockets in parallel with the parent script. See [1] for
more information.
This patch also comes with condition variables that are similar to
POSIX condition variables. They are used in the same fashion as
NSE's mutexes (nmap.mutex).
[1] http://seclists.org/nmap-dev/2009/q4/294
