Lua 5.3 adds several awesome features of particular interest to nmap including
bitwise operators and integers, a utf8 library, and standard binary pack/unpack
functions.
In addition to adding Lua 5.3, this branch changes:
o Complete removal of the NSE bit library (in C), It has been replaced with
a new Lua library wrapping Lua 5.3's bit-wise operators.
o Complete removal of the NSE bin library (in C). It has been replaced with a
new Lua library wrapping Lua 5.3's string.pack|unpack functions.
o The bin.pack "B" format specifier (which has never worked correctly) is
unimplemented. All scripts/libraries which use it have been updated. Most
usage of this option was to allow string based bit-wise operations which are no
longer necessary now that Lua 5.3 provides integers and bit-wise operators.
o The base32/base64 libraries have been reimplemented using Lua 5.3's new
bitwise operators. (This library was the main user of the bin.pack "B" format
specifier.)
o A new "bits" library has been added for common bit hacks. Currently only has
a reverse function.
Thanks to David Fifield, Daniel Miller, Jacek Wielemborek, and Paulino
Calderon for testing this branch.
Changes fall into these categories:
1. Avoid pathological string building. Loops over x = x .. "foo" can
become very slow. Instead, use strbuf.lua, table.concat, or just one
continuous concatenation; a = x .. y .. z is one operation, better than
a = x .. y; a = a .. z
2. Use hex-escaped strings instead of string.char. I find this more
readable in many cases, and it avoids a table lookup and function call.
3. Don't duplicate code. A few libraries and scripts had re-implemented
stdnse.generate_random_string or openssl.rand_bytes.
This one also fixes format string bugs:
stdnse.print_debug(foo) --> stdnse.debug1("%s", foo)
$ sed -i 's/stdnse.print_debug( *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug1("%s", \1)/' *.nse
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug\1("%s", \2)/' *.nse
In the case of a few of these scripts the only thing that was updated was the example text as the scripts relied on the creds library which handles the strings internally.
Added detection of accounts where the credentials are correct, but the account is expired, not allowed to log on at the time of the scan or has been limited to logging in from particular hosts.
Notes on these changes were sent to the mailing list.
./scripts/ldap-brute.nse:75: attempt to get length of local 'contexts' (a nil value)
stack traceback:
./scripts/ldap-brute.nse:75: in function 'get_naming_context'
./scripts/ldap-brute.nse:121: in function <./scripts/ldap-brute.nse:95>
(tail call): ?
socket:connect(host.ip, port.number)
socket:connect(host.ip, port.number, port.protocol)
to this:
socket:connect(host, port)
connect can take host and port tables now, and the default protocol is
taken from the port table if possible.
