mailing list archives
Re: Script path lookup order
From: David Fifield <david () bamsoftware com>
Date: Tue, 19 Jun 2012 08:59:01 -0700
On Wed, Jun 13, 2012 at 04:11:41PM +0100, Hani Benhabiles wrote:
I have noticed that when using --script=scriptname, the script is
looked for in the Nmap scripts directory first, before looking in
the current working directory afterward.
Even using --script=./scriptname keeps the same order of path lookup
and we have to provide the full path to the script in the current
directory in order to run it.
So, is there any logic behind this ? I believe that searching for
the script in the current directory first is more logical for
different needs (e.g testing a new version of a script.).
I think it is to be consistent with the other files that are found
through nmap_fetchfile. Like if you happen to have an nmap-services in
the current directory,
Warning: File ./nmap-services exists, but Nmap is using /usr/local/bin/../share/nmap/nmap-services for security and
consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files
I don't think checking in the current working directory first will
happen, but you can get something similar by using --datadir or by
running nmap from your working directory.
When you run nmap like this, it puts the current working directory at
the beginning of the list of search paths. You might have to put your
script-under-development in the working copy's scripts directory.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/