Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE][patch] Load script-args from a file
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Sun, 19 Jun 2011 13:06:58 -0500

I currently use the smb-hash argument to avoid putting the password on the
command-line since I have all of my PuTTY sessions logged.
Rreading passwords from a file would make it far easier to update for new
accounts than creating new shell scripts with NTLM hashes in them.

-Jason

On Jun 18, 2011 10:13 PM, "Daniel Miller" <bonsaiviking () gmail com> wrote:

Fyodor,

I agree that a separate option would probably be better. My main reason for
choosing the file= syntax was that it made for a very simple, Lua-only,
11-line patch.

Pros:

  - already written
  - simple

Cons:

  - I imagine it would be hard to describe in one line for the short-form
  nmap doc output.
  - inconsistent with other option formats

I, too, would be interested in how many others would use this. I think
admins would like to use it to keep passwords off the command line on
long-running scans, especially the ever-useful smb scripts (psexec, etc).

Dan


On Sat, Jun 18, 2011 at 4:42 PM, Fyodor <fyodor () insecure org> wrote:


Thanks Dan. That does so...
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]