Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: NSE console script help
From: Kris Katterjohn <katterjohn () gmail com>
Date: Tue, 18 Jan 2011 20:41:29 -0600

Hash: SHA1

On 01/18/2011 08:24 PM, Fyodor wrote:
Well, the way I see it, there are four main script help selection

1) Print the script help info for all scripts known by Nmap

2) Print the info for all scripts selected (by a specifier, like
   "default" or "safe" or "broadcast" or "asn-query" or whatever).  In
   this case, you can get behavior #1 by specifying "all".

3) Print just the scripts which pass their rule (portrule, hostrule,
   prerule, or postrule) and thus would be (or are) actually run by Nmap.

4) Print just the help for the scripts which actually produced output.
   That way users don't end up with output from scripts they don't
   really understand.

One question is how much work you want Nmap to do when you ask for
help.  With #1 and #2, you could either print the information
immediately and then stop, or you could let the scan continue.  The
advantage of stopping is that it lets people see their script options
before committing to running them.  I suppose the advantages of
continuing are that it puts the information there in the Nmap report
along with the results (avoids running Nmap twice), and (more
importantly) might be more consistent if we also offer #3 and #4.

For #3, Nmap needs to do its port scanning, OS detection, version
detection, and run at least the script portrules.  For #4, Nmap needs
to completely execute.  So if we want to support these, it pretty much
dictates an interface which runs the scan AND produces help.

It is worth noting that each one is a superset of the higher-numbered
options.  So #2 contains all the scripts (and possibly more) in #3,
and so on.

I've been busy lately and I don't currently have the time to think about the
best way to specify the option (--script-help, etc); however, I do want to at
least throw my opinion in for which help types I prefer.

I don't currently see a reason to not just print the help and stop (or at
least I don't want to be forced to have Nmap run the scan just to see the help
information).  I mean, why would I want help info in my output when I'm
already running the scan I wanted help with?  I guess I can see some use for
that, but I think printing the help and stopping should be the default behavior.

In the case that the scan runs and help is printed, I think #4 is good.

Overall, I currently like #2 the best (and specifying "all" for the behavior
for #1).  So I think #2 should be default, and #4 should be the behavior if
there's going to be an option to run the scan and print the help together.


Kris Katterjohn

Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]