mailing list archives
Bringing CPE to NSE
From: Henri Doreau <henri.doreau () greenbone net>
Date: Tue, 18 Oct 2011 23:16:16 +0200
now that nmap is CPE-aware it would be interesting to let NSE see
(and eventually set) CPEs. I am thinking about the best API for that.
I've experimented some things but I'm not entirely satisfied with the
API and would like to discuss it here to gather comments and
My approach was to add a new "cpe" table to port.version, table that
could contain three items: one slot per CPE type actually.
- application (named "app")
- operating system (named "os")
- hardware (named "hw")
Another option would be to directly add the CPEs as fields of
port.version ("app_cpe", "os_cpe" and "hw_cpe" for instance).
In both cases, the CPEs can be set/modified from within a script by
calling set_port_version(), just like the other version detection
Concerning the OS results originating from the OS fingerprinting
phase, I presume that associating a table of (read only) CPEs to each
entry would be the most convenient option. The strings which are
currently the values of the host.os table would then become the keys.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- Bringing CPE to NSE Henri Doreau (Oct 18)