Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Boolean Operators for --script (again)
From: Patrick Donnelly <batrick () batbytes com>
Date: Thu, 9 Apr 2009 09:33:10 -0600

On Thu, Apr 9, 2009 at 1:50 AM, Fyodor <fyodor () insecure org> wrote:
It is probably worth making these case insensitive too.  We can still
document them using the lower case form if that is preferred, but
there is no need to fail just because someone forgot whether to use
"NOT" or "not".

Ok I'll get this added in.

A couple examples:

Examples are great and I'm glad you included them.  But can you also
document the syntax?  It is a relatively simple grammar, so it doesn't
need to be long documentation.  But people need to know the operator
list, precedence rules, whether parenthetical expressions are allowed,
how they interact with comma-separated lists, allowed whitespace
rules, etc.  It is hard to focus on the high level when you're forced
to read the code patch to figure out how the new system works.  We'll
need such documentation when boolean ops are integrated anyway, so we
might as well write at least a draft of the syntax for now.

Here's a rough draft of the Augmented BNF syntax:

; Note string literals in ABNF are case-insensitive
ruleset = rule *("," rule)
rule    = exp
exp     = "nil" / "false" / "true" / name / exp binop exp / unop exp
binop   = "and" / "or"
unop    = "not"
name    = %x21-%x2b /
          %x2d-%x3a /
          %x3c-%x7e ; All visible characteres except ',' and ';'

While this describes the syntax, the semantics are:

The binary and unary operators follow the same semantics and
precedence as in Lua.

A `name` can be a case-insensitive Category ("intrusive", "default",
etc.), a case-sensitive (is this ok?) filename with optional greedy
"*" (asterisk) wildcards to match many files. A filename may also have
an optional (ignored) .nse extension. Directories are not considered
valid in the above ruleset and are handled separately (we include all
script files in a directory).

-Patrick Donnelly

"One of the lessons of history is that nothing is often a good thing
to do and always a clever thing to say."

-Will Durant

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]