Nmap Development mailing list archives

Re: NMAP NSE script for iSCSI enumeration

From: Patrick Donnelly <batrick () batbytes com>
Date: Sat, 10 Oct 2009 22:27:38 -0400

On Sat, Oct 10, 2009 at 7:48 PM, Fyodor <fyodor () insecure org> wrote:

2) I'm not sure that this approach of table.insert followed by a
  .concat into a string is an efficient or desirable way to fill out
  the request payload.  You might have gotten this approach from
  sslv2.nse, but that is an ancient script and I'm not sure that it
  serves as a good example in this respect.  Perhaps the approach
  shown in this dns-random-srcport.nse snippet is better:

  local query =   string.char(0xbe, 0xef, -- TXID
                              0x01, 0x00, -- Flags
                              0x00, 0x01, -- Questions
                              0x00, 0x00, -- Answer RRs
                              0x00, 0x00, -- Authority RRs
                              0x00, 0x00, -- Additional RRs
                              0x08) .. "porttest" ..
                  string.char(0x08) .. "dns-oarc" ..
                  string.char(0x03) .. "net" ..
                  string.char(0x00, -- Name terminator
                              0x00, 0x10, -- Type (TXT)
                              0x00, 0x01) -- Class (IN)

Another option is bin.pack (http://nmap.org/nsedoc/lib/bin.html).


table.insert is generally used when the number of concatenations
cannot be known or is unwieldy. The above use of explicit
concatenations of each result from string.char is the most efficient
(table.concat is always less efficient than explicit concatenation).
However, Michael's code could use one single string.char to achieve
the same result:

        hs1 = string.char(0x43, 0x87, 0x00, 0x00, 0x00, 0x00, 0x00,
0xf7, -- comment
                          0x00, 0x02, 0x3d, 0x00, 0x00, 0x00, 0x00,
0x00, -- comment2
                          --[[ ... ]]
                         );

This is all over optimizing what is very simple code but setting a
good example for others to follow is important too.

As Fyodor suggested, bin.pack will probably produce the neatest looking code.

-- 
-Patrick Donnelly

"Let all men know thee, but no man know thee thoroughly: Men freely
ford that see the shallows."

- Benjamin Franklin

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

NMAP NSE script for iSCSI enumeration Michel Chamberland (Oct 10)
- Re: NMAP NSE script for iSCSI enumeration Fyodor (Oct 10)
  - Re: NMAP NSE script for iSCSI enumeration Michel Chamberland (Oct 10)
  - Re: NMAP NSE script for iSCSI enumeration Patrick Donnelly (Oct 10)
    - Re: NMAP NSE script for iSCSI enumeration Michel Chamberland (Oct 10)
    - Re: NMAP NSE script for iSCSI enumeration David Fifield (Oct 11)
    - Re: NMAP NSE script for iSCSI enumeration Michel Chamberland (Oct 11)
- Re: NMAP NSE script for iSCSI enumeration Ron (Oct 10)
- Re: NMAP NSE script for iSCSI enumeration Arturo 'Buanzo' Busleiman (Oct 10)