Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts

From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 23 Mar 2010 10:14:16 +0100

On 22 mar 2010, at 21.57, Ron wrote:


On Mon, 22 Mar 2010 13:45:00 -0700 Fyodor <fyodor () insecure org> wrote:

So this is a larger issue than mssql-*.  For scripts which gather
information from a service, do people think we should generally have
one gathering script controlled by --script-args, or have a separate
scripts for gathering different pieces of information?


I'd be concerned about using --script-args to control the information, because I have a feeling a lot of people don't 
know about --script-args.

I agree. I also think the args can be a little difficult/complex sometimes, especially when dealing with table values.


As script integration into Zenmap improves, though, that'll be a smaller concern. It seems like it makes more sense 
to have multiple scripts rather giant scripts -- having smaller ones is more flexible. 

I think I have to agree with Ron here as well, that I rather have a number of smaller task oriented scripts than bigger 
ones that would almost always require some parameters.



That being said, my smb-* scripts (as well as these mssql-* scripts and a lot of others) offload most of their work 
to nselibs anyways. The scripts themselves can almost be seen as the presentation layer. That doesn't really change 
anything, it's just a random thought. 

As random as it may be it's the way I have tried to build stuff lately ie. do the dirty work inside the lib and simply 
do formatting and a few loops (where required) in the script.
What I *hope* to achieve by this is to make the script easy to read and follow so that it can inspire new developers to 
add more scripts.
This way, if someone was to make a new script that queries some table or runs some procedure in SQL Server they could 
simply take the mssql-database script and change the line holding the query.



One advantage I can see to combining these scripts is re-use of connections. Rather than 10 scripts each making a 
connection to the service, only one script has to. 

A disadvantage would be speed, since NSE's biggest strength is being able to parallelize itself. 

I'm not arguing one way or the other.. just putting some facts out there. 

I'm (obviously) leaning towards multiple smaller/less complex scripts over fewer bigger ones.
But as always I'm open to new ideas, suggestions and adventures :)


-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



//Patrik

--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: