Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Several changes to mssql.lua and SQL Server scripts
From: Chris Woodbury <woodbusy () gmail com>
Date: Wed, 16 Feb 2011 18:16:00 -0600

On Tue, Feb 15, 2011 at 3:54 PM, Patrik Karlsson <patrik () cqure net> wrote:

Before you do, be sure to check out the changes I made to the code in
The initial commit is your code, but in the following commits I've made a
few changes that change the way some things worked, mainly:
* the ms-sql-info will now return results, even though the ms-sql-discover
script wasn't run.
* the ms-sql-discover script will now fingerprint the ports discovered
through the browser as ms-sql-s so that the portrule will be triggered in
each of the scripts.

This is a good idea. I was already doing it in ms-sql-info, but it ought to
be done during discovery too. We can re-use some code, though:
-   if ( instance.port and instance.port.number ) then
-    local port = { number = instance.port.number, protocol = "tcp", version
= {}, state="open" }
-    port.version.name = "ms-sql-s"
-       nmap.set_port_version(host, port, "hardmatched")
+   -- Give some version info back to Nmap
+   if ( instance.port and instance.version ) then
+    instance.version:PopulateNmapPortVersion( instance.port )
+    nmap.set_port_version( host, instance.port, "hardmatched" )
Unless you have objections, I'll use the latter form when I move that logic
into mssql.lua.

* added the mssql.instance argument, that allows connecting by instance
name or to 'all' instances.
* added the mssql.protocol argument through which named pipes or tcp can be
forced on a specific instance.
* added integrated authentication which may be forced by using the
mssql.domain argument.
* All scripts will now run against a single instance, with the exception of
ms-sql-info, unless forced by setting the mssql.instance to all.

Is it going to be confusing to users that -info runs against all instances
while the other scripts don't? I'm not sure if it's better to make it
consistent, or if it's worthwhile to just get all of that info by default

I think that's all. Let me know what you think about these changes.

They look good to me. I think I'm all caught-up with your changes now.


Patrik Karlsson

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]