Re: why nmap script is so buggy?

[Daniel Miller <bonsaiviking () gmail com>]

On Mon, Oct 13, 2014 at 1:58 PM, Alva Yi <alva.yi () gmail com> wrote:
> Hi,every one:
> I have been learning nmap these days, the features are good, the
> nselib is extendable, but there is one thing that confuse me, why the
> script is so buggy. Here are some examples:
> ftp-brute.nse,line 73,
> Should be ends with \r\n not \n\n, or you cannot get it work.

Thank you for this report. I have amended the script in r33722.

> Mysql-cis.audit, syntax error; and in the 'check' functions, so many
> errors, so you never can get right output!

Do you have specific examples that we can fix? The Lua syntax checks out for me.

> Nmap is such a popular open source software , why so buggy?

All software is buggy. Nmap as a whole is probably not worse than
others, given how many platforms we support and the size of the
program. But as you pointed out, many of our bugs are in the Nmap
Scripting Engine. A big reason why is that NSE scripts and libraries
interact with so many different types of systems that there is no way
to test everything. When a new feature is implemented, we try to test
it against the most popular implementations of a protocol, but
sometimes that isn't even an option. The ftp-brute bug you mentioned
probably works against many FTP servers, but since it is technically
incorrect, it will break with some other servers.

In general, we try our best to first do no harm; if there's a chance
that some script could be dangerous to a target system, we test it
more thoroughly and use defensive programming to catch any
abnormalities. Beyond that, we rely on our users to report bugs. After
all, most of Nmap's features have been written by users; that's the
beauty of open source.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/