Description

This PR, if applied, adds Nmap script support for ftp-anon and ftp-banner. To achieve this, parser support has been added for portrule scripts. This PR also introduced a generic way for maintainers to add more parsers.

Context

Nmap has prerule, postrule, hostrule, and portrule scripts. Each of these script types output the script result under a different XML field.

For example, the smb-protocols script is a hostrule script and outputs the script results under the <hostscript> field within <hosts>. However, the ftp-anon scan is a portrule script and will output the script results under the <port> field within . When parsing and extracting script results, this will need to be taken into account in order to detect whether or not a script was successful and did indeed produce output.

Originally in the SecureCodeBox parser, only the parsing function for one example script was present. This was a hostrule script, and thus got its script results from the subtitle. This caused some confusion when implementing an additional script parsing function, as that script happened to be a portrule script and thus never produced output within , meaning it did not get picked up by the parser as script output.

Pre-rule scripts and post-rule scripts can also have their seperate XML field, namely and respectively, but these are rarely, if ever, relevant to the creation of a finding for a target host, that special support for these has not been implemented. Note: post-rule scripts often edit output in port-rule or host-rule script fields, which is supported by this merge.

Example host-rule script output

<hostscript>
    <script id="smb-protocols" output="&#xa;  dialects: &#xa;    NT LM 0.12 (SMBv1) [dangerous, but default]&#xa;    2.02&#xa;    2.10&#xa;    3.00&#xa;    3.02&#xa;    3.11">
        <table key="dialects">
            <elem>NT LM 0.12 (SMBv1) [dangerous, but default]</elem>
            <elem>2.02</elem>
            <elem>2.10</elem>
            <elem>3.00</elem>
            <elem>3.02</elem>
            <elem>3.11</elem>
        </table>
    </script>
</hostscript>

Example port-rule script output

<port protocol="tcp" portid="21">
    <state state="open" reason="syn-ack" reason_ttl="0"/>
    <service name="ftp" method="table" conf="3"/>
    <script id="ftp-anon" output="Anonymous FTP login allowed (FTP code 230)"/>
</port>

Checklist

• Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
• Make sure npm test runs for the whole project.
• Make codeclimate checks happy