Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts
From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 12 May 2008 18:22:53 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kris Katterjohn wrote:
Fyodor wrote:
Does anyone have concrete reasons why it is important to enumerate the
full list of supported SSL2 ciphers?  If not, I suggest that we change
the script to only print those in debugging mode or when verbosity
level is at least 2.  With that change, I think it is reasonable to
keep the script default.


I've attached a patch to change this.

Whoops, I seem to have initially misread the code (the previous patch
stopped the script from possibly printing the available ciphers if SSLv2
was /not/ supported).  I've attached a simple, proper patch.

Sorry about that :)

Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSCjRS/9K37xXYl36AQIsXA//aiYnBLWfGiXKv8JRsdE7gQPbF0V5TRrG
tTuZnq9y3KgpVdqK1aMKzqTZyboGy49ixcToRX2Jbvu87+SKYzzST6jYa4875S6S
UYj3kBxnO6Fny4usPYrtwlxEzOQRN+k10/2mgUpX+biOXbYkyS+ycVIDvEUaBDjV
MPr3PgHqr4QkKPmUTj9SiY7FX4Z2b3jcaDtmqsYEsMC5BlsL7P4BwaytHEQZhu2j
kqLhzBEG1mBYZa6rl+EklqmvPsKkgaTjTYTe7fxfxNevl8u9JqgH3tHtGfzVUsWp
d+Yv2GIVgxvRzljBRLA8YTv64nvd4q5vqjHIJFrxDbgnKzr2BL5oNg/eqSIETPfH
1mtvDTePBQOEDVptGp5Q6z2NmvxI/X283PAHdfSYRGzrVyw4EyajYhKbNvJmy/ZB
UIReEIfZK38qmXIU4WIdyiLSjRfsQ1WIJYQzoxaJH87KKzxbO0bpOChXgJ3X5wQn
/PoB3WWMFACdnobWW184MMvh0ZqHCj61ZShfi7UzDevbsf/32XRTog0TZ67H97Cy
Ii1ZSUroUdcZ017mc3m+86ibHbRqv1SdJ2JAbeEEocPSyXpPFErgRhFrTnrRRLkE
lJz0MbjNFAW4HekhN7JFmyHeoOAkasBEJ/zVxsHRNGcNl0Da4qpSbX/wi6b6+uN3
hB+qlOW7QHA=
=IxU/
-----END PGP SIGNATURE-----
Index: scripts/SSLv2-support.nse
===================================================================
--- scripts/SSLv2-support.nse   (revision 7480)
+++ scripts/SSLv2-support.nse   (working copy)
@@ -204,7 +204,9 @@
                return_string = "server still supports SSLv2\n";
        end
 
-       available_cyphers = cyphers(cypher_list, cyphers_len);
+       if (nmap.verbosity() > 1 or nmap.debugging() > 0) then
+               available_cyphers = cyphers(cypher_list, cyphers_len);
+       end
 
        if (    string.len(return_string) > 0
        or      string.len(available_cyphers) > 0) then

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]