Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ncat + Lua - GSOC feedback request

From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 17 Jun 2013 12:25:10 -0500
On 06/17/2013 11:46 AM, David Fifield wrote:

What I'm saying is that trading the syntax
        ncat -t
for something like
        ncat --lua-script telnet.lua
is bad. Lua code could be used internally to do some of the things we do
now with code in the middle of read/write loops. On the other hand, C
code could also be used to do that, with better factoring of the main
program.
Do you suppose that (farther down the road,) Ncat could expose an API for adding and consuming command-line options within Lua? The model I'm imagining would treat the Lua components more as "modules" than "scripts," enabling a different set of features depending on which are "loaded." For example, this simple connection: 

     ncat nmap.org 12345

Could become a connection to a Telnet server over SSL like so:

    ncat --with telnet,ssl nmap.org 12345

Or via a SOCKS proxy like:

    ncat --with socks5 --via proxy.example.com nmap.org 12345
where the --via option is valid because a --with module of "proxy" type was loaded. Alternatively, existing short options (-t, -C, etc) could be "shortcuts" that imply the loading of a specific feature set.
Caveat: This is a brainstorm post. I'm not suggesting that this exact syntax be adopted. The idea was inspired by the way Ruby modules are used as Mixins, especially within Metasploit (e.g. include Msf::Exploit::Remote::TCP) 

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: