Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Shared Script Environments for Threads & Universal Awareness
From: jah <jah () zadkiel plus com>
Date: Tue, 01 Jul 2008 01:16:53 +0100

On 30/06/2008 04:57, Patrick Donnelly wrote:
Universal Awareness (comments please)

With this change I have considered a possibly useful addition to make
a thread aware of other threads running for the script. Specifically,
the _S table would hold another table, say "threads", which would be:

_S.threads = {[Thread 1] = {host, port}, [Thread 2] = {host, port}}.

This construct would allow scripts to better format output (solving a
problem discussed here:
http://seclists.org/nmap-dev/2008/q2/0897.html).

I'm interested in hearing thoughts on this.
In whois.nse, there's a need for at least one thread to be aware of the
host.ip for other threads and the script achieves this by having a table
of host.ips.  Currently each thread must insert its own host.ip and
populating the table with every target relies heavily the process of
yielding after a call to NSOCK or when reaching a locked mutex object. 
Each thread must start, table.insert and then yield to allow the next
thread to start.
I'm not sure how many threads are able to start in this way in the short
time between a call to NSOCK and the resulting callback (it's probably
thousands), but it might, under some circumstances, be unsafe to rely on
this method.  Therefore, I think Universal Awareness could be a good
thing and could enable threads to cooperate with each other in a way
that removes the reliance on expected behaviours and reduces the need to
carefully observe these behaviours .  Currently, I believe there's only
two pending scripts that might take advantage this functionality - whois
and Michael's ASN numbers.  These both retrieve information about a
target from a third party, rather than directly, and universal awareness
would be most useful to this type of script.

Regards,

jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]