Re: Pcre Binding

[Patrick Donnelly <batrick () batbytes com>]

Hi nnposter,

On Sat, Jan 31, 2015 at 6:59 PM,  <nnposter () users sourceforge net> wrote:
> It seems to me that LPEG is not the right tool for this particular
> case because we are not dealing with well structured input, such as
> HTML, but with haphazard snippets from various telnet servers.

Hah, I wouldn't say html is well structured (or in particular, well
formed)... at least I wouldn't rely on it to be.

> PCRE
> is a much more concise way to deal with it and if there is a desire
> to discontinue PCRE support then maybe Lua patterns might still be
> preferable over LPEG.

So it appears the key issue here is not that PCRE or Lua patterns are
better, it's that we (I) oopsed on "matching anywhere" rather matching
at the start. I cannot recall clearly but I was probably confused
because only some of the patterns were anchored at the start.

> I am attaching a counter-proposal for addressing the current issues.
> It has been created from the functional pre-LPEG version of the script
> by converting all PCRE patterns to Lua patterns. Of course they are
> not fully equivalent but I was able to test the script against:
>
> * Linux telnetd
> * Windows 2003
> * Cisco IOS
> * Nortel Contivity
> * Digital Sprite DVR
> * NetGear RM356
>
> The patch should be applied on top of Dan's patch. This way it is
> easier to judge whether we should take the LPEG route or stick with
> native Lua patterns.

I appreciate you took the time to convert these to Lua patterns.
That's okay with me to merge into the script although I'd like to
convince you otherwise. We really need scripts using lpeg which act as
a template for future work. I can understand if converting
telnet-brute seems like a pointless exercise (and damaging to the
stability of the script), but I speak from experience that this is the
best way to get new authors to use new enhancements in NSE. lpeg
brings a lot of potential for future work and we may miss out on a lot
of fantastic scripts leveraging it because no one sees it in use.

With that said, I believe a correction to the script is little more
simple than Dan's patch. I've attached a patch. The main liberty I
took was changing all the login prompts to match unanchored. [I don't
really think any of the anchored matches were actually necessary?]

-- 
Patrick Donnelly

Attachment: telnet-brute.patch
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/