Home page logo

nmap-dev logo Nmap Development mailing list archives

RE: [RFC] New NSE script for MySQL database servers
From: "Thomas Buchanan" <TBuchanan () thecompassgrp net>
Date: Sun, 6 Apr 2008 20:12:12 -0500

-----Original Message-----
From: nmap-dev-bounces () insecure org 
[mailto:nmap-dev-bounces () insecure org] On Behalf Of Fyodor
Sent: Saturday, April 05, 2008 3:23 PM
To: Thomas Buchanan
Cc: Nmap-dev
Subject: Re: [RFC] New NSE script for MySQL database servers

Nice.  What is the status on this script?  Is it nearing a state where
you think it could be included with Nmap?


There are still a couple of things that I think need to be addressed
before it should be included with Nmap, and I'm not sure how to proceed
on them.  First off, the script relies on an interface from NSE to the
OpenSSL library, which I posted about a few months ago [1].  The patches
attached to that email only supported *nix-based systems, they did not
include an option to build for Windows.  Since then, I've worked some
more on building Nmap on Windows with OpenSSL support, and came up with
a repeatable solution for compiling OpenSSL from source, and then
compiling Nmap to link against that [2].  This worked well for me, and I
updated my NSE / OpenSSL patches to include the Windows build system as
well, but I haven't gotten around to posting that patch to the list yet.

However, I'm not convinced that my simplistic attempt at creating NSE
bindings for OpenSSL were very suitable.  They only provide an interface
to two functions (md5 and sha1), which were all I needed for the NSE
scripts that I was working on at the time.

I wonder if any of the SoC students might be interested in developing a
more comprehensive OpenSSL binding for NSE.  I'd be happy to go into
more detail about what I've done so far if anybody is interested and has
questions about it.  If there doesn't appear to any interest, I'll take
a look at updating my patches to the latest SVN code, and posting them
to the list for review.  If I go this route, I'll probably try to expand
the coverage of my bindings, as Brandon recently indicated some
additional OpenSSL routines that might be handy to have [3].



[1] http://seclists.org/nmap-dev/2007/q4/0472.html
[2] http://seclists.org/nmap-dev/2008/q1/0260.html
[3] http://seclists.org/nmap-dev/2008/q1/0533.html

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]