mailing list archives
From: Vasiliy Kulikov <segooon () gmail com>
Date: Sun, 8 May 2011 19:34:08 +0400
On Sat, May 07, 2011 at 23:15 +0200, Henri Doreau wrote:
Make it a bit more robust against unexpected input. It would be nice
to track context more thoroughly while parsing tags. For instance the
"required" tag should be ignored if not a child of "starttls" element.
Your parsing function already offers everything to do it properly.
Yes, I thought about it too. At first I wanted to do full XML parsing
and validation, but then realized that it would be overhead for such a
simple parsing and would bloat the code. The only potential issue I see
is using these names in another tags as additional nonofficial features.
The simplest way to better handle tag positions I see is flagging
whether we are in some tag. Or if there are more potential users of
XML data I can write library for XML parsing, but for xmpp only it would
You might also try to standardize the output to harmonize it with
other scripts. The stdnse.format_output() function is the standard way
to display nested named tables . I am thinking about the XMPP
server mechanisms, that could be displayed under a single "Mechanisms"
label (as ssl-enum-ciphers.nse does for instance ).
This makes sense. Also I'm thinking about "decrypting" X-GOOGLE-TOKEN
mechanism: it means a support of GoogleTalk (does google wave use
similar thing?). Smth like this:
| mechanism: X-GOOGLE-TOKEN
| GoogleTalk: supported
| Supports: GoogleTalk GoogleWave
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
Re: xmpp.nse David Fifield (May 07)