Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Bringing CPE to NSE
From: Djalal Harouni <tixxdz () opendz org>
Date: Sat, 22 Oct 2011 16:08:25 +0100

On Tue, Oct 18, 2011 at 11:16:16PM +0200, Henri Doreau wrote:
Hello,

now that nmap is CPE-aware[1] it would be interesting to let NSE see
(and eventually set) CPEs. I am thinking about the best API for that.
I've experimented some things but I'm not entirely satisfied with the
API and would like to discuss it here to gather comments and
suggestions.

My approach was to add a new "cpe" table to port.version, table that
could contain three items: one slot per CPE type actually.
  - application (named "app")
  - operating system (named "os")
  - hardware (named "hw")

Another option would be to directly add the CPEs as fields of
port.version ("app_cpe", "os_cpe" and "hw_cpe" for instance).
In both cases, the CPEs can be set/modified from within a script by
calling set_port_version(), just like the other version detection
fields.
In case the CPE "app" is just a string then just doing
"port.version.app_cpe" would be better.

Another option would be to do port.cpe_version.{app,os,hw}, but since we
are trying to integrate CPE in Nmap version detection I prefer the
former.

-- 
tixxdz
http://opendz.org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault