Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Bug in stdnse.get_script_args
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 19 Feb 2011 12:46:10 +0100

On Feb 19, 2011, at 11:17 , Patrick Donnelly wrote:

On Sat, Feb 19, 2011 at 3:46 AM, Patrik Karlsson <patrik () cqure net> wrote:

While working on the mssql scripts I ran into a bug when using the get_script_args function.
When I supply an empty string or a string containing only spaces I receive the following stack trace:
./nse_main.lua:928: Value around '}' is invalid or is unterminated by a valid seperator
stack traceback:
       [C]: in function 'error'
       ./nse_main.lua:928: in function 'parse_string'
       ./nse_main.lua:959: in function 'parse_table'
       ./nse_main.lua:969: in main chunk
       [C]: ?


Can you give an example command that reproduces this?

Sorry, I missed that. The following example produces the error:
nmap -p 1433 --script ms-sql-info --script-args mssql.username='sa',mssql.password=''

When looking into it now, I noticed the same occurs when the argument is fetched from the registry:
nmap -p 445 --script smb-enum-shares --script-args smbuser='guest',smbpass=''

Leaving the quotes out when using an empty string or a string containing only spaces produces the same error.
Am I missing something truly obvious here?

- Patrick Donnelly
Patrik Karlsson

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]