Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Bug in stdnse.get_script_args
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 19 Feb 2011 12:46:10 +0100


On Feb 19, 2011, at 11:17 , Patrick Donnelly wrote:

On Sat, Feb 19, 2011 at 3:46 AM, Patrik Karlsson <patrik () cqure net> wrote:
Hi,

While working on the mssql scripts I ran into a bug when using the get_script_args function.
When I supply an empty string or a string containing only spaces I receive the following stack trace:
./nse_main.lua:928: Value around '}' is invalid or is unterminated by a valid seperator
stack traceback:
       [C]: in function 'error'
       ./nse_main.lua:928: in function 'parse_string'
       ./nse_main.lua:959: in function 'parse_table'
       ./nse_main.lua:969: in main chunk
       [C]: ?

QUITTING!

Can you give an example command that reproduces this?

Sorry, I missed that. The following example produces the error:
nmap -p 1433 127.0.0.1 --script ms-sql-info --script-args mssql.username='sa',mssql.password=''

When looking into it now, I noticed the same occurs when the argument is fetched from the registry:
nmap -p 445 127.0.0.1 --script smb-enum-shares --script-args smbuser='guest',smbpass=''

Leaving the quotes out when using an empty string or a string containing only spaces produces the same error.
Am I missing something truly obvious here?

-- 
- Patrick Donnelly
//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault