Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: GSoC idea
From: David Fifield <david () bamsoftware com>
Date: Fri, 26 Mar 2010 13:23:26 -0600

On Fri, Mar 26, 2010 at 03:46:20PM +0530, kirubakaran S wrote:
This is for Gsoc. I have an idea of developing a feature for nmap.But
I have only rough idea about its implementation.Normally scripts are
executed only as command line commands with arguments supplied
corresponding to the script run. As the number of scripts are
increasing due to large user community it is very hard to remember all
the scripts and its arguments for a naive user or else he/she has to
refer NSEdoc for its arguments.

I suggest adding a feature to zenmap that provides neat interface for
selecting a script and providing arguments , with default arguments
are already filled up in boxes in interface. In addition we can add
several functionality like showing alert message when the user runs
intrusive,not safe category etc.. scripts.

This is a highly desired feature and is one of the things I'm most
excited about for this summer. A proposal for script selection in Zenmap
is very welcome. To improve your chances of being selected, you should
include in your proposal a graphic that shows what you want the
interface to look like. You should give a high-level description of how
you plan to implement it; for example, how will you extract script
arguments from scripts? Simple parsing of the script source files is one
way; loading the scripts in a Lua interpreter is another. Adding an
option to Nmap to extract the information and then parsing it from
Zenmap is a third.

if possible the script results can also be aggregated in to Zenmap
topology and hosts viewer. We can also add a search feature in Zenmap
that searches the script based on the keywords provided by user and
description in each script.

This is a good idea too. I estimate that it is a lot easier than the
script selection interface. It is true that Zenmap doesn't even parse
script results from the XML file. It should do so, and find a place to
display them. The search and filter functions should be able to examine
script results.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]