Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Username/Password NSE library
From: Kris Katterjohn <katterjohn () gmail com>
Date: Wed, 25 Jun 2008 01:25:48 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Patrick Donnelly wrote:
Hi Kris,


Hi Patrick,

I took the liberty of making some improvements to your unpwdb.lua
module. Notably, if the module can't find a password/username database
immediately upon being loaded it will error. Also, I changed the two
functions, usernames and passwords, to be usable by Lua's generic for
loop construct to provide functionality I think you guys have been
looking for.
<snip>
I've attached the file for you to look at, hopefully it's what you
guys are looking for. It should be easy to modify usernames and
passwords to return longer or shorter lists based on a parameter.


I welcome all improvements, especially since I'm learning Lua as I go along.

My initial reactions:

* I mentioned the functionality of returning a table of usernames and
passwords, and the option of returning a table of only a certain size, but
nobody thought this was best next to the closure (e.g. [1]).  Of course, if
this is the new desired functionality, then by all means let's use it.

* The third return value from the functions, which tells the caller whether
we're using a user-defined list or not, is always nil in yours.

Aside from these, your changes seem to work fine after I modified my test
script to handle them.

Cheers,


Thanks,
Kris Katterjohn

[1] http://seclists.org/nmap-dev/2008/q2/0754.html


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSGHivP9K37xXYl36AQKDvQ/+OGzgEACI7yE5GTCZwNDxVzIMgRpNVcnD
vK1bqtBQPUrlCjb3vZIbfA1aRj0WLM9LzqLS0XB+cnWrx9+A2MvWZaL3RYlhmMTw
lTS/AGAb9gM1/mQWU28NxG5wcebbw5XeFl8erYV13oWhER00QUH6J2yWaHILbdN/
NM92WP//Ga/filRtd4KalszEMJ3AfSz3oikYvpc5BESO2IlEBZ/E7vPEkMTiQ2rw
DDambkd8mnfhdbrvhmEbOtcGYYH7znOrOKny+1kUAmFTzRrIb4zKc4Gg9ZSkYElq
RqyBtkvmpBbfP5NrN01ge9L+hIWcdIdMx1IM0m86x4Mzjl/PO4cbqGl/VyeRM4Dz
NAUcsGYv7ujlRrTEq+tbluIzf2To479XEkWvRyiCxrXjXgib324/n8nezepkHEWM
lWdgkxYGDaJEHA/Rhmpy9VFcxW9edr5+hwy78Fs7dP5K7RbrxU0BbK4ZKDcvwJu3
jX1TIyMJGcAmtRprhrDjnORT9yVhEv38kj3ZNecKAERJZaXsU+lFNPAxEaHQYBsE
fW9IS746hezyG039YBglWfZnChkPy5trANI3Du0JU9ZqWZXZSfKVNNaW91pHw1uz
N8DpbLweVTx6VSglNwnD3MJO+UEmioiFSrDUlMLxb6PA5Dil1+WqitVhhzKIFsCv
yMyDn/3u670=
=CqDP
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]