Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [nmap-svn] r27349 - in nmap: . nselib scripts
From: Patrick Donnelly <batrick () batbytes com>
Date: Tue, 6 Dec 2011 18:21:56 -0500

Some standard Lua idiom suggestions below for the httpspider.lua library:

On Tue, Dec 6, 2011 at 5:47 PM,  <commit-mailer () insecure org> wrote:
Added: nmap/nselib/httpspider.lua
[...]
+module(... or "httpspider", package.seeall)
+
+require 'http'
+
+local LIBRARY_NAME = "httpspider"

You can also use _PACKAGE which is set by module [1] instead of
LIBRARY_NAME. Also, the '... or "httpspider"' idiom is something silly
I encouraged a long time ago. In the future it will probably be a hard
coded value when we switch to Lua 5.2.  (Feel free to stop doing it.)

[1] http://www.lua.org/manual/5.1/manual.html#pdf-module

+               for _, pattern in ipairs(patterns) do
+                       for l in self.html:gfind(pattern) do

gfind was renamed gmatch in Lua 5.1. (It still works with
compatibility flags set, as is often the case.)

+               -- pull links from the queue until we get a valid one
+               local url
+               repeat
+                       url = self.urlqueue:getNext()
+               until( not(url) or not(self.processed[tostring(url)]) )

url remains in scope in the until terminating expression. You can do instead:

+               -- pull links from the queue until we get a valid one
+               repeat
+                       local url = self.urlqueue:getNext()
+               until( not(url) or not(self.processed[tostring(url)]) )

Added: nmap/scripts/http-email-harvest.nse
[...]
+function action(host, port)
+       local EMAIL_PATTERN = "[A-Za-z0-9%.%%%+%-]+ () [A-Za-z0-9% %%%+%-]+% %w%w%w?%w?"
+
+       -- by default, we cap the script at a maximum depth of 3
+       local maxdepth          = tonumber(stdnse.get_script_args("http-email-harvest.maxdepth")) or 3
+       -- by default, we cap the script at a maximum pagecount of 20
+       local maxpagecount      = tonumber(stdnse.get_script_args("http-email-harvest.maxpagecount")) or 20
+
+       local url                       = stdnse.get_script_args("http-email-harvest.url") or "/"
+       local withinhost        = stdnse.get_script_args("http-email-harvest.withinhost")
+       local withindomain      = stdnse.get_script_args("http-email-harvest.withindomain")

I see this done a lot in scripts. These constants/script arguments can
be pulled out of the action function. Script argument parsing is
always done before scripts are loaded.


It's good to see this in the trunk now! Thanks Patrik and Paulino for
your work on this.

-- 
- Patrick Donnelly
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault