Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Script force
From: Djalal Harouni <tixxdz () opendz org>
Date: Wed, 16 Nov 2011 02:01:23 +0100


On Tue, Nov 15, 2011 at 03:24:12PM +0100, Martin Holst Swende wrote:

Due to some interest shown off-list, I have made a new patch to enable
the feature to force a script to run, the patch is basically the same as
earlier but since the svn-version of nse_main has changed, so does the

Usage :
nmap -p2424 target.com --script ms-sql-config --script-args force

The primary usecase people seem to have is that they e.g. do a
configuration review of a lot of ms-sql servers, say you have a list of
20 servers where the database is located on an uncomon port. They don't
want to have to do -sV --version-all just to run a script, since they
already know what's on the port.

Attached is the svn diff and the complete nse_main.lua file.

Martin Holst Swende

Index: nse_main.lua
--- nse_main.lua      (revision 27093)
+++ nse_main.lua      (working copy)
@@ -344,13 +344,19 @@
     -- This thread allows us to load the script's globals in the
     -- same Lua thread the action and rule functions will execute in.
     local co = create(main);
+    -- If the script-argument "force" is used, we will ignore the portrule and run it even 
+    -- if the portrule says no. This is useful if a service is known by the user, but runs at a 
+    -- uncommon port which may not be identified by service discovery or takes very long
+    -- time to discover due to the amount of probes that needs to be sent. 
+    local force = stdnse.get_script_args("force")
You can also do:
local force = stdnse.get_script_args(self.short_basename..".force")

This way you can select which scripts to run "script_name.force" or
force them all when "force" is specified.

But this is not a clean solution since you will specify the script name
twice. A better one would be to do it in the --script switch, perhaps
with a one char (e.g: '#', --script='ms-sql-*#' to force ms-sql* scripts)
or anything else ...  (making sure to escape those chars!)

Perhaps then you will get an approval :)


Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]