PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-25 00:49:01 +00:00
Code Issues Projects Releases Wiki Activity
Files
a42ea72a9709e62b58881929adaa8ec8b2690f6a
nmap/nselib/nmap.luadoc
kris a42ea72a97 Merge through r16884 from /nmap-exp/kris/nse-rawip plus the following changelog 
entries:

o [NSE] Raw packet sending at the IP layer is now supported, in addition to
  the Ethernet sending functionality.  Packets to send start with an IPv4
  header and can be sent to arbitrary hosts. [Kris]

o [NSE] Added the ipidseq script to classify a host's IP ID sequence numbers
  in the same way Nmap does.  This can be used to test hosts' suitability for
  Nmap's Idle Scan (-sI), i.e. check if a host is an idle zombie.  This is
  the first script to use the new raw IP sending functionality in NSE. [Kris]

o [NSE] Added the function nmap.is_privileged() to tell a script if, as far
  as Nmap's concerned, it can do privileged operations.  For instance, this
  can be used to see if a script should be able to open a raw socket or
  Ethernet interface. [Kris]

o [NSE] Added the function nmap.get_ports() to allow a script to iterate
  over a host's port tables matching a certain protocol and state. [Kris,
  Patrick]
2010-02-26 20:42:10 +00:00

684 lines
33 KiB
Plaintext
Raw Blame History

--- Interface with Nmap internals.
--
-- The <code>nmap</code> module is an interface with Nmap's internal functions
-- and data structures. The API provides target host details such as port
-- states and version detection results. It also offers an interface to the
-- Nsock library for efficient network I/O.
-- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html
module "nmap"
--- Returns the debugging level as a non-negative integer.
--
-- The debugging level can be set with the <code>-d</code> option.
-- @return The debugging level.
-- @usage if nmap.debugging() > 0 then ... end
function debugging()
--- Determines whether Nmap was compiled with SSL support.
--
-- This can be used to avoid sending SSL probes when SSL is not available.
-- @return True if Nmap was compiled with SSL support, false otherwise.
function have_ssl()
--- Returns the verbosity level as a non-negative integer.
--
-- The verbosity level can be set with the <code>-v</code> option. When
-- a script is given by name with the <code>--script</code> option, as
-- opposed to being selected by default or by category, its verbosity
-- level is automatically increased by one.
-- @return The verbosity level.
-- @usage if nmap.verbosity() > 0 then ... end
function verbosity()
--- Returns whether a script should be able to perform privileged operations
--
-- @return True if Nmap is running privileged, false otherwise.
function is_privileged()
--- Searches for the specified file and returns a string containing its path if
-- it is found and readable (to the process).
--
-- If the file is not found, not readable, or is a directory, <code>nil</code>
-- is returned.
-- @usage
-- nmap.fetchfile("nmap-rpc") --> "/usr/local/share/nmap/nmap-rpc"
-- @param filename Filename to search for.
-- @return String representing the full path to the file or <code>nil</code>.
function fetchfile(filename)
--- Returns the timing level as a non-negative integer.
--
-- Possible return values vary from <code>0</code> to <code>5</code>,
-- corresponding to the six built-in Nmap timing templates. The timing level
-- can be set with the <code>-T</code> option.
-- @return The timing level.
function timing_level()
--- Gets a port table for a port on a given host.
--
-- This function takes a host table and a port table and returns a port table
-- for the queried port. The port table returned is similar in structure to the
-- ones passed to the <code>hostrule</code>, <code>portrule</code>, and
-- <code>action</code> functions. If the given port was not scanned the function
-- returns <code>nil</code>.
--
-- You can of course reuse the host and port tables passed to a script's rule
-- function. The purpose of this call is to be able to match scripts against
-- more than one open port. For example if the target host has an open port 22
-- and a running identd server, then you can write a script which will only fire
-- if both ports are open and there is an identification server on port 113.
-- While it is possible to specify IP addresses different to the currently
-- scanned target, the result will only be correct if the target is in the
-- currently scanned group of hosts.
-- @param host Host table, containing an <code>ip</code> field.
-- @param port Port table, containing <code>number</code> and
-- <code>protocol</code> fields.
-- @return A new port table holding the status and information for the port, or <code>nil</code>.
-- @usage p = nmap.get_port_state({ip="127.0.0.1"}, {number="80", protocol="tcp"})
function get_port_state(host, port)
--- Iterates over port tables matching protocol and state for a given host
--
-- This function takes a host table, previous port table, port protocol and
-- port state to return matching port tables on a host.
--
-- The first time you call this function, pass <code>nil</code> for the port
-- parameter to get the first matching port table. From then on, pass the
-- previous port table returned by this function to the port parameter for the
-- next matching port table.
--
-- @param host Host table, containing an <code>ip</code> field
-- @param port Port table, containing a <code>number</code> field; or <code>nil</code>
-- for first port
-- @param proto Port protocol, such as <code>"tcp"</code>
-- @param state Port state, such as <code>"open"</code>
-- @return Next port table for host, or <code>nil</code> when exhausted
-- @usage port = nmap.get_ports(host, port, "tcp", "open")
function get_ports(host, port, proto, state)
--- Sets the state of a port on a given host.
--
-- Using this function, the final port state, reflected in Nmap's results, can
-- be changed for a target. This is useful when Nmap detects a port as
-- <code>open|filtered</code>, but the script successfully connects to that
-- port. In this case, the script can set the port state to <code>open</code>.
-- This function doesn't change the original port table passed a script's
-- action function.
-- @param host Host table, containing an <code>ip</code> field.
-- @param port Port table, containing <code>number</code> and
-- <code>protocol</code> fields.
-- @param state Port state, like <code>"open"</code> or <code>"closed"</code>.
function set_port_state(host, port, state)
--- Sets version information on a port.
--
-- NSE scripts are sometimes able to determine the service name and application
-- version listening on a port. A whole script category (<code>version</code>)
-- was designed for this purpose. This function is used to record version
-- information when it is discovered.
--
-- The host and port arguments to this function should either be the tables
-- passed to the action method or they should have the same structure. The port
-- argument specifies the port to operate on through its <code>number</code>
-- and <code>protocol</code> fields. and also contains the new version
-- information to set. The version detection fields this function looks at are
-- <code>name</code>, <code>product</code>, <code>version</code>,
-- <code>extrainfo</code>, <code>hostname</code>, <code>ostype</code>,
-- <code>devicetype</code>, and <code>service_tunnel</code>. All these keys are
-- optional.
--
-- The <code>probestate</code> argument describes the state in which the script
-- completed. It is a string, one of: <code>"hardmatched"</code>,
-- <code>"softmatched"</code>, <code>"nomatch"</code>,
-- <code>"tcpwrapped"</code>, or <code>"incomplete"</code>.
-- <code>"hardmatched"</code> is almost always used (and is the default),
-- as it signifies a
-- successful match. The other possible states are generally only used for
-- standard version detection rather than the NSE enhancement.
-- @param host Host table, containing an <code>ip</code> field.
-- @param port Port table, containing <code>number</code> and
-- <code>protocol</code> fields, as well as any additional version information
-- fields.
-- @param probestate The state of the probe: <code>"hardmatched"</code>,
-- <code>"softmatched"</code>, <code>"nomatch"</code>,
-- <code>"tcpwrapped"</code>, or <code>"incomplete"</code>.
function set_port_version(host, port, probestate)
--- Returns the current date and time in milliseconds.
-- @return The number of milliseconds since the epoch (on most systems this is
-- 01/01/1970).
-- @usage local now = nmap.clock_ms()
function clock_ms()
--- Gets the link-level hardware type of an interface.
--
-- This function takes a dnet-style interface name and returns a string
-- representing the hardware type of the interface. Possible return values are
-- <code>"ethernet"</code>, <code>"loopback"</code>, <code>"p2p"</code>, or
-- <code>nil</code> if none of the other types apply.
-- @param interface_name The name of the interface.
-- @return <code>"ethernet"</code>, <code>"loopback"</code>,
-- <code>"p2p"</code>, or <code>nil</code>.
-- @usage iface_type = nmap.get_interface_list("eth0")
function get_interface_link(interface_name)
--- Create a mutex on an object.
--
-- This function returns another function that works as a mutex on the object
-- passed. This object can be any Lua data type except <code>nil</code>,
-- Booleans, and Numbers. The Mutex (the returned function) allows you to lock,
-- try to lock, and release the mutex. The Mutex function takes only one
-- argument, which must be one of
-- * <code>"lock"</code>: makes a blocking lock on the mutex. If the mutex is busy then the thread will yield and wait. The function returns with the mutex locked.
-- * <code>"trylock"</code>: makes a non-blocking lock on the mutex. If the mutex is busy then it immediately returns a false value. Otherwise, the mutex locks the mutex and returns true.
-- * <code>"done"</code>: releases the mutex and allows another thread to lock it. If the thread does not have a lock on the mutex, an error will be raised.
-- * <code>"running"</code>: returns the thread locked on the mutex or <code>nil</code> if no thread is locked. This should only be used for debugging as it interferes with finished threads from being collected.
--
-- NSE maintains a weak reference to the Mutex function so other calls to
-- nmap.mutex with the same object will return the same function (Mutex);
-- however, if you discard your reference to the Mutex then it may be collected
-- and subsequent calls to nmap.mutex with the object will return a different
-- Mutex!
-- @param object Object to create a mutex for.
-- @return Mutex function which takes one of the following arguments:
-- <code>"lock"</code>, <code>"trylock"</code>, <code>"done"</code>, or
-- <code>"running"</code>.
-- @usage
-- id = "My Script's Unique ID"
--
-- local mutex = nmap.mutex(id)
-- function action(host, port)
-- mutex "lock"
-- -- do stuff
-- mutex "done"
-- return script_output
-- end
function mutex(object)
--- Create a condition variable for an object.
--
-- This function returns a function that works as a Condition Variable for the
-- given object parameter. The object can be any Lua data type except
-- <code>nil</code>, Booleans, and Numbers. The Condition Variable (returned
-- function) allows you wait, signal, and broadcast on the condition variable.
-- The Condition Variable function takes only one argument, which must be one of
-- * <code>"wait"</code>: Wait on the condition variable until another thread wakes us.
-- * <code>"signal"</code>: Wake up a single thread from the waiting set of threads for this condition variable.
-- * <code>"broadcast"</code>: Wake up all threads in the waiting set of threads for this condition variable.
--
-- NSE maintains a weak reference to the Condition Variable so other calls to
-- nmap.condvar with the same object will return the same function (Condition
-- Variable); however, if you discard your reference to the Condition
-- Variable then it may be collected; and, subsequent calls to nmap.condvar with
-- the object will return a different Condition Variable function!
--
-- In NSE, Condition Variables are typically used to coordinate with threads
-- created using the stdnse.new_thread facility. The worker threads must
-- wait until work is available that the master thread (the actual running
-- script) will provide. Once work is created, the master thread will awaken
-- one or more workers so that the work can be done.
--
-- It is important to check the predicate (the test to see if your worker
-- thread should "wait" or not) BEFORE and AFTER the call to wait. You are
-- not guaranteed spurious wakeups will not occur (that is, there is no
-- guarantee your thread will not be awakened when no thread called
-- <code>"signal"</code> or <code>"broadcast"</code> on the condition variable).
-- One important check for your worker threads, before and after waiting,
-- should be to check that the master script thread is still alive.
-- (To check that the master script thread is alive, obtain the "base" thread
-- using stdnse.base and use coroutine.status). You do not want your worker
-- threads to continue when the script has ended for reasons unknown to your
-- worker thread. You are guaranteed that all threads waiting on a
-- condition variable will be awakened if any thread that has accessed
-- the condition variable via <code>nmap.condvar</code> ends for any
-- reason. This is essential to prevent deadlock with threads
-- waiting for another thread to awaken
-- them that has ended unexpectedly.
-- @see stdnse.new_thread
-- @see stdnse.base
-- @param object Object to create a condition variable for.
-- @return ConditionVariable Condition variable function.
-- @usage
-- local myobject = {}
-- local cv = nmap.condvar(myobject)
-- cv "wait" -- waits until another thread calls cv "signal"
function condvar(object)
--- Creates a new exception handler.
--
-- This function returns an exception handler function. The exception handler is
-- meant to be wrapped around other function calls that may raise an exception.
-- A function raises an exception by making its first return value false and its
-- second return value a message describing the error. When an exception occurs,
-- the exception handler optionally calls a user-provided cleanup function, then
-- terminates the script. When an exception does not occur (the wrapped
-- function's first return value is true), the exception handler strips off the
-- first return value and returns the rest.
--
-- The optional cleanup function is passed as the sole argument to
-- <code>new_try</code>. It can be used to release sockets or other resources
-- before the script terminates.
--
-- A function that may raise an exception must follow the return protocol
-- understood by this function: on an exception its return values are
-- <code>false</code> or <code>nil</code> followed by an error message; on
-- success its return values are any true value followed by any other results.
-- @param handler User cleanup function (optional).
-- @usage
-- local result, socket, try, catch
--
-- result = ""
-- socket = nmap.new_socket()
-- catch = function()
-- socket:close()
-- end
-- try = nmap.new_try(catch)
-- try(socket:connect(host.ip, port.number))
-- result = try(socket:receive_lines(1))
-- try(socket:send(result))
function new_try(handler)
--- Returns a new NSE socket object.
--
-- To allow for efficient and parallelizable network I/O, NSE provides an
-- interface to Nsock, the Nmap socket library. The smart callback mechanism
-- Nsock uses is fully transparent to NSE scripts. The main benefit of NSE's
-- sockets is that they never block on I/O operations, allowing many scripts to
-- be run in parallel. The I/O parallelism is fully transparent to authors of
-- NSE scripts. In NSE you can either program as if you were using a single
-- non-blocking socket or you can program as if your connection is blocking.
-- Seemingly blocking I/O calls still return once a specified timeout has been
-- exceeded.
--
-- NSE sockets are the recommended way to do network I/O. They support
-- <code>connect</code>-style sending and receiving over TCP and UDP (and SSL),
-- as well as raw socket receiving.
-- @return A new NSE socket.
-- @see pcap_open
-- @usage local socket = nmap.new_socket()
function new_socket()
--- Sets the local address of a socket.
--
-- This socket method sets the local address and port of a socket. It must be
-- called before <code>connect</code>. The address set by <code>bind</code>
-- overrides Nmap's source address and port set by the <code>-S</code> and
-- <code>-g</code> options.
-- @param addr Address string or <code>nil</code> (optional).
-- @param port Port number or <code>nil</code> (optional).
-- @return Status (true or false).
-- @return Error string (if status is false).
-- @usage
-- try = nmap.new_try()
-- try(socket:bind(nil, 53))
-- try(socket:bind("1.2.3.4"))
-- try(socket:bind("2001:db8::1"))
-- try(socket:bind("1.2.3.4", 53))
function bind(addr, port)
--- Establishes a connection.
--
-- This method puts a socket in a state ready for communication. It takes as
-- arguments a host descriptor (either an IP address or a hostname), a port
-- number and optionally a protocol. The protocol must be one of
-- <code>"tcp"</code>, <code>"udp"</code> or <code>"ssl"</code>; it is
-- <code>"tcp"</code> if not specified.
--
-- On success the function returns a true value. On failure it returns a false
-- value (<code>false</code> or <code>nil</code>) and an error string. Those
-- strings are taken from the <code>gai_strerror</code> C function. They are
-- (with the error code in parentheses):
-- * <code>"Address family for hostname not supported"</code> (<code>EAI_ADDRFAMILY</code>)
-- * <code>"Temporary failure in name resolution"</code> (<code>EAI_AGAIN</code>)
-- * <code>"Bad value for ai_flags"</code> (<code>EAI_BADFLAGS</code>)
-- * <code>"Non-recoverable failure in name resolution"</code> (<code>EAI_FAIL</code>)
-- * <code>"ai_family not supported"</code> (<code>EAI_FAMILY</code>)
-- * <code>"Memory allocation failure"</code> (<code>EAI_MEMORY</code>)
-- * <code>"No address associated with hostname"</code> (<code>EAI_NODATA</code>)
-- * <code>"Name or service not known"</code> (<code>EAI_NONAME</code>)
-- * <code>"Servname not supported for ai_socktype"</code> (<code>EAI_SERVICE</code>)
-- * <code>"ai_socktype not supported"</code> (<code>EAI_SOCKTYPE</code>)
-- * <code>"System error"</code> (<code>EAI_SYSTEM</code>)
-- In addition to these standard system error messages there are two
-- NSE-specific errors:
-- * <code>"Sorry, you don't have OpenSSL"</code>: The protocol is <code>"ssl"</code> but Nmap was compiled without OpenSSL support.
-- * <code>"invalid connection method"</code>: The second parameter is not one of <code>"tcp"</code>, <code>"udp"</code>, and <code>"ssl"</code>.
-- @param hostid Hostname or IP address.
-- @param port Port number.
-- @param protocol <code>"tcp"</code>, <code>"udp"</code>, or
-- <code>"ssl"</code> (default <code>"tcp"</code>).
-- @return Status (true or false).
-- @return Error code (if status is false).
-- @see new_socket
-- @usage
-- local status, err = socket:connect(host.ip, port, "udp")
-- if not status then
-- return string.format("Can't connect: %s", err)
-- end
function connect(hostid, port, protocol)
--- Reconnect the open (connected) socket with SSL.
--
-- It is sometimes desirable to request SSL over an established connection.
-- The internal buffers for the socket are cleared when the reconnection is
-- made. Any received data that has not yet been read through a call to receive
-- is lost.
-- @usage
-- local status, err = socket:reconnect_ssl()
-- if not status then
-- return string.format("Can't reconnect with ssl: %s", err)
-- end
function reconnect_ssl()
--- Sends data on an open socket.
--
-- This socket method sends the data contained in the data string through an
-- open connection. On success the function returns a true value. If the send
-- operation fails, the function returns a false value (<code>false</code> or
-- <code>nil</code>) along with an error string. The error strings are
-- * <code>"Trying to send through a closed socket"</code>: There was no call to <code>socket:connect</code> before the send operation.
-- * <code>"TIMEOUT"</code>: The operation took longer than the specified timeout for the socket.
-- * <code>"ERROR"</code>: An error occurred inside the underlying Nsock library.
-- * <code>"CANCELLED"</code>: The operation was cancelled.
-- * <code>"KILL"</code>: For example the script scan is aborted due to a faulty script.
-- * <code>"EOF"</code>: An EOF was read (probably will not occur for a send operation).
-- @param data The data to send.
-- @return Status (true or false).
-- @return Error code (if status is false).
-- @see new_socket
-- @usage local status, err = socket:send(data)
function send(data)
--- Receives data from an open socket.
--
-- The receive method does a non-blocking receive operation on an open socket.
-- On success the function returns true along with the received data. On
-- failure the function returns a false value (<code>false</code> or
-- <code>nil</code>) along with an error string. A failure occurs for example if
-- <code>receive</code> is called on a closed socket. The receive call returns
-- to the NSE script all the data currently stored in the receive buffer of the
-- socket. Error conditions are the same as for <code>send</code>.
-- @return Status (true or false).
-- @return Data (if status is true) or error string (if status is false).
-- @see new_socket
-- @usage local status, data = socket:receive()
function receive()
--- Receives lines from an open connection.
--
-- Tries to receive at least <code>n</code> lines from an open connection. A
-- line is a string delimited with <code>\n</code> characters. If no data was
-- was received before the operation times out a <code>"TIMEOUT"</code> error
-- occurs. If even one character was received then it is returned with success.
-- On the other hand, if more than <code>n</code> lines were received, all are
-- returned, not just <code>n</code>. Use <code>stdnse.make_buffer</code> to
-- guarantee only one line is returned per call.
--
-- The return values and error codes are the same as for <code>send</code>.
-- @param n Minimum number of lines to read.
-- @return Status (true or false).
-- @return Data (if status is true) or error string (if status is false).
-- @see new_socket
-- @usage local status, lines = socket:receive_lines(1)
function receive_lines(n)
--- Receives bytes from an open connection.
--
-- Tries to receive at least <code>n</code> bytes from an open connection. Like
-- in <code>receive_lines</code>, <code>n</code> is the minimum amount of
-- characters we would like to receive. If more arrive, we get all of them. If
-- even one is received then it is returned. If no characters arrive before the
-- operation times out, a <code>"TIMEOUT"</code> error occurs.
--
-- The return values and error codes are the same as for <code>send</code>.
-- @param n Minimum number of bytes to read.
-- @return Status (true or false).
-- @return Data (if status is true) or error string (if status is false).
-- @see new_socket
-- @usage local status, bytes = socket:receive_bytes(1)
function receive_bytes(n)
--- Reads from a socket using a buffer and an arbitrary delimiter.
--
-- This method reads data from the network until it encounters the given
-- delimiter string (or matches the function passed in). This function
-- continues to read from the network until the delimiter is found or the
-- function times out. If data is read beyond the delimiter, that data is
-- saved in a buffer for the next call to <code>receive_buf</code>. This
-- buffer is cleared on subsequent calls to other Network I/O API functions.
--
-- The first argument may be either a pattern or a function. If a pattern, that
-- pattern is used to separate the data. If a function, it must take exactly
-- one parameter (the buffer) and its return values must be in the same format
-- as those of <code>string.find</code> (offsets to the start and the end of
-- the delimiter inside the buffer, or <code>nil</code> if the delimiter is not
-- found). The nselib <code>match.lua</code> module provides functions for
-- matching against regular expressions or byte counts. These functions are
-- suitable as arguments to <code>receive_buf</code>.
--
-- The second argument to <code>receive_buf</code> is a Boolean value
-- controlling whether the delimiting string is returned along with the
-- received data (true) or discarded (false).
--
-- On success the function returns true along with the received data. On failure
-- the function returns <code>false</code> or <code>nil</code> along with an
-- error string. Possible error messages are the same as those that the other
-- receive functions can return, with the addition of
-- * <code>"Error inside splitting-function"</code>: The first argument was a function which caused an error while being called.
-- * <code>"Error in string.find (nsockobj:receive_buf)!"</code>: A string was provided as the first argument, and string.find() yielded an error while being called.
-- * <code>"Expected either a function or a string!"</code>: The first argument was neither a function nor a string.
-- * <code>"Delimiter has negative size!"</code>: The returned start offset is greater than the end offset.
-- @param delimiter A Lua pattern or a function with return values like those of
-- <code>string.find</code>.
-- @param keeppattern Whether to return the delimiter string with any returned
-- data.
-- @return Status (true or false).
-- @return Data (if status is true) or error string (if status is false).
-- @see new_socket
-- @usage local status, line = socket:receive_buf("\r?\n", false)
function receive_buf(delimiter, keeppattern)
--- Closes an open connection.
--
-- On success the function returns true. If the close fails, the function
-- returns <code>false</code> or <code>nil</code> and an error string. Currently
-- the only error message is <code>"Trying to close a closed socket"</code>,
-- which is issued if the socket has already been closed.
--
-- Sockets are subject to garbage collection. Should you forget to close a
-- socket, it will get closed before it gets deleted (on the next occasion Lua's
-- garbage collector is run). However since garbage collection cycles are
-- difficult to predict, it is considered good practice to close opened sockets.
-- @return Status (true or false).
-- @return Error code (if status is false).
-- @see new_socket
-- @usage socket:close()
function close()
--- Gets information about a socket.
--
-- This function returns information about a socket object. It returns five
-- values. If an error occurred, the first value is <code>false</code> or
-- <code>nil</code> and the second value is an error string. Otherwise the first
-- value is true and the remaining 4 values describe both endpoints of the TCP
-- connection. If you put the call inside an exception handler created by
-- <code>new_try</code> the status value is consumed. The call can be used for
-- example if you want to query an authentication server.
-- @return Status (true or false).
-- @return Local IP address (if status is true) or error string (if status is
-- false).
-- @return Local port number (if status is true).
-- @return Remote IP address (if status is true).
-- @return Remote port number (if status is true).
-- @see new_socket
-- @usage local status, lhost, lport, rhost, rport = socket:get_info()
function get_info()
--- Sets a timeout for socket input and output operations.
--
-- After this time, given in milliseconds, socket operations will time out and
-- return. The default value is 30,000 (30 seconds). The lowest allowed value is
-- 10 ms, since this is the granularity of NSE network I/O.
-- @param t Timeout in milliseconds.
-- @see new_socket
-- @usage socket:set_timeout(10000)
function set_timeout(t)
--- Opens a socket for raw packet capture.
--
-- The callback function is a function that receives a packet with headers and
-- computes a "packet hash", some value derived from the packet. For example,
-- the callback function could extract the source IP address from a packet. The
-- hash of each packet received is compared against all the strings registered
-- with the <code>pcap_register</code> function.
-- @param device The dnet-style interface name of the device you want to capture
-- from.
-- @param snaplen The length of each packet you want to capture (similar to the
-- <code>-s</code> option to tcpdump)
-- @param promisc Set to 1 if the interface should activate promiscuous mode,
-- and 0 otherwise.
-- @param test_function Callback function used to compute the packet hash.
-- @param bpf A string describing a Berkeley Packet Filter expression (like
-- those provided to tcpdump).
-- @see new_socket, pcap_register, pcap_receive
-- @usage
-- local socket = nmap.new_socket()
-- socket:pcap_open("eth0", 64, 0, callback, "tcp")
function pcap_open(device, snaplen, promisc, test_function, bpf)
--- Starts listening for incoming packets.
--
-- The provided <code>packet_hash</code> is a binary string which has to match
-- the hash returned by the <code>test_function</code> parameter provided to
-- <code>pcap_open</code>. If you want to receive all packets, just provide
-- the empty string (<code>""</code>). There has to be a call to
-- <code>pcap_register</code> before a call to <code>pcap_receive</code>.
-- @param packet_hash A binary string that is compared against packet hashes.
-- @see pcap_open, pcap_receive
-- @usage socket:pcap_register("")
function pcap_register(packet_hash)
--- Receives a captured packet.
--
-- If an error or timeout occurs, the function returns false and an error
-- message. Otherwise, the function returns true followed by the packet length,
-- the layer two header, and the layer three header.
-- @return Status (true or false).
-- @return The length of the captured packet (this may be smaller than the
-- actual packet length since packets are truncated when the Libpcap snaplen
-- parameter is smaller than the total packet length).
-- @return Data from the second OSI layer (e.g. ethernet headers).
-- @return Data from the third OSI layer (e.g. IPv4 headers).
-- @see pcap_open, pcap_register
-- @usage status, plen, l2_data, l3_data = socket:pcap_receive()
function pcap_receive()
--- Closes a pcap device.
-- @see close, pcap_close
-- @usage socket:pcap_close()
function pcap_close()
---
-- Retrieves the SSL certificate of the peer. The returned value can be accessed
-- like a table and has the following members:
--
-- <code>
-- subject = { commonName = "...", countryName = "...",
-- { "2", "5", "4", "15" } = "...", ... },
-- issuer = { commonName = "...", ... },
-- validity = { notBefore = { year = 2020, month = 5, day = 5,
-- hour = 0, min = 0, sec = 0 },
-- notAfter = { year = 2021, month = 5, day = 5,
-- hour = 0, min = 0, sec = 0 } },
-- pem = "-----BEGIN CERTIFICATE-----\nMIIFxzCCBK+gAwIBAgIQX02QuADDB7CVj..."
-- </code>
--
-- It also has the following member functions:
--
-- * <code>digest(algorithm)</code> returns the digest of the certificate using the given digest algorithm, which is any of the strings returned by <code>openssl.supported_digests</code>, typicaly something like <code>"md5"</code> or <code>"sha1"</code>.
--
-- The <code>"subject"</code> and <code>"issuer"</code> fields hold each
-- distinguished name. Fields with an unknown OID are represented as an array
-- whose elements are the numeric components of the OID, encoded as strings.
--
-- The <code>"validity"</code> table has the members <code>"notBefore"</code>
-- and <code>"notAfter"</code>. Each of these is a table as returned by
-- <code>os.date("!*t")</code> if the date in the certificate could be parsed,
-- except that they lack the <code>"wday"</code> and <code>"yday"</code>
-- members. If the date could not be parsed, the value will be a string
-- containing the raw byte values of the field. If absent, the value will be
-- <code>nil</code>.
--
-- The <code>"pem"</code> field contains a PEM-encoded string of the entire
-- contents of the certificate.
-- @return A table as described above.
-- @usage
-- local s = nmap.new_socket()
-- local status, error = s:connect(host.ip, port.number, "ssl")
-- if status then
-- local cert = s:get_ssl_certificate()
-- local digest = s:digest("md5")
-- end
function get_ssl_certificate()
--- Creates a new dnet object, used to send raw packets.
-- @usage local dnet = nmap.new_dnet()
function new_dnet()
--- Opens an ethernet interface for raw packet sending.
--
-- An error (<code>"device is not valid ethernet interface"</code>) is thrown
-- in case the provided argument is not valid.
-- @param interface_name The dnet-style name of the interface to open.
-- @see new_dnet
-- @usage dnet:ethernet_open("eth0")
function ethernet_open(interface_name)
--- Sends a raw ethernet frame.
--
-- The dnet object must be associated with a previously opened interface. The
-- packet must include the IP and ethernet headers. If there was no previous
-- valid call to <code>ethernet_open</code> an error is thrown
-- (<code>"dnet is not valid opened ethernet interface"</code>).
-- @param packet An ethernet frame to send.
-- @see new_dnet
-- @usage dnet:ethernet_send(packet)
function ethernet_send(packet)
--- Closes an ethernet interface.
--
-- An error (<code>"device is not valid ethernet interface"</code>) is thrown
-- in case the provided argument is not valid.
-- @see new_dnet, ethernet_open
-- @usage dnet:ethernet_close()
function ethernet_close()
--- Opens a socket for raw IPv4 packet sending.
-- @see new_dnet
-- @usage dnet:ip_open()
function ip_open()
--- Sends a raw IPv4 packet.
--
-- The dnet object must be associated with a previously opened socket. The
-- packet must begin with an IP header. If there was no previous valid call
-- to <code>ip_open</code> an error is thrown.
-- @param packet An IP packet to send.
-- @see new_dnet
-- @usage dnet:ip_send(packet)
function ip_send(packet)
--- Closes a raw IPv4 socket.
-- @see new_dnet, ip_open
-- @usage dnet:ip_close()
function ip_close()
--- Writes to a log file.
--
-- Writes <code>string</code> to <code>file</code> ("stdout" or "stderr").
-- Use stdnse.print_debug to print debug information based on the
-- debugging level.
-- @see stdnse.print_debug
function log_write(file, string)
Reference in New Issue View Git Blame Copy Permalink