Add ftp-anon and ftp-banner nmap scripts and support for portrule scripts#692
Merged
nigthknight merged 1 commit intosecureCodeBox:mainfrom Oct 4, 2021
EndPositive:nmap-scripts
Merged
Add ftp-anon and ftp-banner nmap scripts and support for portrule scripts#692nigthknight merged 1 commit intosecureCodeBox:mainfrom EndPositive:nmap-scripts
ftp-anon and ftp-banner nmap scripts and support for portrule scripts#692nigthknight merged 1 commit intosecureCodeBox:mainfrom
EndPositive:nmap-scripts
Conversation
…anner examples. Make parser selection generic. Signed-off-by: Jop Zitman <[email protected]>
Contributor
Author
|
CodeClimate issues not introduced in this PR. |
nigthknight
approved these changes
Oct 4, 2021
Member
nigthknight
left a comment
There was a problem hiding this comment.
Looks great! Thanks for contributing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR, if applied, adds Nmap script support for
ftp-anonandftp-banner. To achieve this, parser support has been added for portrule scripts. This PR also introduced a generic way for maintainers to add more parsers.Context
Nmap has prerule, postrule, hostrule, and portrule scripts. Each of these script types output the script result under a different XML field.
For example, the smb-protocols script is a hostrule script and outputs the script results under the
<hostscript>field within<hosts>. However, the ftp-anon scan is a portrule script and will output the script results under the<port>field within . When parsing and extracting script results, this will need to be taken into account in order to detect whether or not a script was successful and did indeed produce output.Originally in the SecureCodeBox parser, only the parsing function for one example script was present. This was a hostrule script, and thus got its script results from the subtitle. This caused some confusion when implementing an additional script parsing function, as that script happened to be a portrule script and thus never produced output within , meaning it did not get picked up by the parser as script output.
Pre-rule scripts and post-rule scripts can also have their seperate XML field, namely and respectively, but these are rarely, if ever, relevant to the creation of a finding for a target host, that special support for these has not been implemented. Note: post-rule scripts often edit output in port-rule or host-rule script fields, which is supported by this merge.
Example host-rule script output
Example port-rule script output
Checklist
npm testruns for the whole project.