Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Draft - targets-sniffer.nse
From: Nick Nikolaou <nikolasnikolaou1 () gmail com>
Date: Mon, 4 Apr 2011 18:53:35 +0100

Good evening folks,

Please find attached the latest version of the targets-sniffer script.

The two main changes are:

- The script prints the IP addresses when the newtargets argument is not
present. It also prints the total number of unique IP addresses and packets
captured.
- I changed the way IP addresses are added to newtargets in order to avoid
the "too many results to unpack" error. The script checks if each address is
unique and valid and adds them one by one.

I have tested the script with very large numbers of packets (more than
50.000) and it seems to be working fine.

On 3 April 2011 16:37, Djalal Harouni <tixxdz () opendz org> wrote:

since the pcap_receive() will yield, we can consider Lua coroutines


My experience with NSE and Lua is still limited but if you believe that the
script would benefit from coroutines I could do some more reading :)

Cheers,
Nick

On 3 April 2011 16:37, Djalal Harouni <tixxdz () opendz org> wrote:

On 2011-04-03 13:32:21 +0100, Nick Nikolaou wrote:
I also noticed that when the script captures a large number of IPs
(thousands - I tested this while on a Skype video call) it  won't add the
targets with target.add(unpack(sniffed_targets)) :

NSE: targets-sniffer threw an error!
./targets-sniffer.nse:109: too many results to unpack
stack traceback:
[C]: in function 'unpack'
 ./targets-sniffer.nse:109: in function <./targets-sniffer.nse:51>
(tail call): ?
Yes, you are adding lot of targets in a one call, actually there is a
check inside Lua 'LUAI_MAXCSTACK == 8000' to avoid consuming the stack,
and there is also another _global_ special argument 'max-newtargets',
wich can be used to limit the number of added targets to avoid memory
starvation, however this last one is subject of debate. I think an
argument like this can have its use case in this targets-sniffer script.
(remember 'max-newtargets' is a global one: for all the scripts).


We may have to change this back to the old method of adding one address
at a
time. That would also make output of IP address easier since we could
check
for duplicates before printing the addresses.

The script doesn't output the IP address for now (except with -d) but
I'll
add that functionality once we decide how I should go about adding
addresses
to newtargets.
Yes we must change it, and since the script can add lot of targets, and
since the pcap_receive() will yield, we can consider Lua coroutines [1].


[1] http://nmap.org/book/nse-parallelism.html

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


--
tixxdz
http://opendz.org

Attachment: targets-sniffer.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]