Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Bringing CPE to NSE
From: Henri Doreau <henri.doreau () greenbone net>
Date: Tue, 18 Oct 2011 23:16:16 +0200

Hello,

now that nmap is CPE-aware[1] it would be interesting to let NSE see
(and eventually set) CPEs. I am thinking about the best API for that.
I've experimented some things but I'm not entirely satisfied with the
API and would like to discuss it here to gather comments and
suggestions.

My approach was to add a new "cpe" table to port.version, table that
could contain three items: one slot per CPE type actually.
  - application (named "app")
  - operating system (named "os")
  - hardware (named "hw")

Another option would be to directly add the CPEs as fields of
port.version ("app_cpe", "os_cpe" and "hw_cpe" for instance).
In both cases, the CPEs can be set/modified from within a script by
calling set_port_version(), just like the other version detection
fields.

Concerning the OS results originating from the OS fingerprinting
phase, I presume that associating a table of (read only) CPEs to each
entry would be the most convenient option. The strings which are
currently the values of the host.os table would then become the keys.

Any thought?

Regards.


[1] http://seclists.org/nmap-dev/2011/q3/744

-- 
Henri
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]