---
-- Standard Nmap Scripting Engine functions. This module contains various handy
-- functions that are too small to justify modules of their own.
--
-- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html
-- @class module
-- @name stdnse
local _G = require "_G"
local coroutine = require "coroutine"
local math = require "math"
local nmap = require "nmap"
local os = require "os"
local string = require "string"
local table = require "table"
local assert = assert;
local error = error;
local getmetatable = getmetatable;
local ipairs = ipairs
local pairs = pairs
local next = next
local rawset = rawset
local require = require;
local select = select
local setmetatable = setmetatable;
local tonumber = tonumber;
local tostring = tostring;
local print = print;
local type = type
local ceil = math.ceil
local max = math.max
local format = string.format;
local rep = string.rep
local concat = table.concat;
local insert = table.insert;
local pack = table.pack;
local unpack = table.unpack;
local difftime = os.difftime;
local time = os.time;
local EMPTY = {}; -- Empty constant table
_ENV = require "strict" {};
--- Sleeps for a given amount of time.
--
-- This causes the program to yield control and not regain it until the time
-- period has elapsed. The time may have a fractional part. Internally, the
-- timer provides millisecond resolution.
-- @name sleep
-- @class function
-- @param t Time to sleep, in seconds.
-- @usage stdnse.sleep(1.5)
_ENV.sleep = nmap.socket.sleep;
---
-- Prints a formatted debug message if the current debugging level is greater
-- than or equal to a given level.
--
-- This is a convenience wrapper around
-- nmap.log_write
. The first optional numeric
-- argument, level
, is used as the debugging level necessary
-- to print the message (it defaults to 1 if omitted). All remaining arguments
-- are processed with Lua's string.format
function.
-- @param level Optional debugging level.
-- @param fmt Format string.
-- @param ... Arguments to format.
print_debug = function(level, fmt, ...)
local l, d = tonumber(level), nmap.debugging();
if l and l <= d then
nmap.log_write("stdout", format(fmt, ...));
elseif not l and 1 <= d then
nmap.log_write("stdout", format(level, fmt, ...));
end
end
---
-- Prints a formatted verbosity message if the current verbosity level is greater
-- than or equal to a given level.
--
-- This is a convenience wrapper around
-- nmap.log_write
. The first optional numeric
-- argument, level
, is used as the verbosity level necessary
-- to print the message (it defaults to 1 if omitted). All remaining arguments
-- are processed with Lua's string.format
function.
-- @param level Optional verbosity level.
-- @param fmt Format string.
-- @param ... Arguments to format.
print_verbose = function(level, fmt, ...)
local l, d = tonumber(level), nmap.verbosity();
if l and l <= d then
nmap.log_write("stdout", format(fmt, ...));
elseif not l and 1 <= d then
nmap.log_write("stdout", format(level, fmt, ...));
end
end
--- Join a list of strings with a separator string.
--
-- This is Lua's table.concat
function with the parameters
-- swapped for coherence.
-- @usage
-- stdnse.strjoin(", ", {"Anna", "Bob", "Charlie", "Dolores"})
-- --> "Anna, Bob, Charlie, Dolores"
-- @param delimiter String to delimit each element of the list.
-- @param list Array of strings to concatenate.
-- @return Concatenated string.
function strjoin(delimiter, list)
assert(type(delimiter) == "string" or type(delimiter) == nil, "delimiter is of the wrong type! (did you get the parameters backward?)")
return concat(list, delimiter);
end
--- Split a string at a given delimiter, which may be a pattern.
-- @usage
-- stdnse.strsplit(",%s*", "Anna, Bob, Charlie, Dolores")
-- --> { "Anna", "Bob", "Charlie", "Dolores" }
-- @param pattern Pattern that separates the desired strings.
-- @param text String to split.
-- @return Array of substrings without the separating pattern.
function strsplit(pattern, text)
local list, pos = {}, 1;
assert(pattern ~= "", "delimiter matches empty string!");
while true do
local first, last, match = text:find(pattern, pos);
if first then -- found?
list[#list+1] = text:sub(pos, first-1);
pos = last+1;
else
list[#list+1] = text:sub(pos);
break;
end
end
return list;
end
--- Generate a random string.
-- You can either provide your own charset or the function will use
-- a default one which is [A-Z].
-- @param len Length of the string we want to generate.
-- @param charset Charset that will be used to generate the string.
-- @return A random string of length len
consisting of
-- characters from charset
if one was provided, otherwise
-- charset
defaults to [A-Z] letters.
function generate_random_string(len, charset)
local t = {}
local ascii_A = 65
local ascii_Z = 90
if charset then
for i=1,len do
t[i]=charset[math.random(#charset)]
end
else
for i=1,len do
t[i]=string.char(math.random(ascii_A,ascii_Z))
end
end
return table.concat(t)
end
--- Return a wrapper closure around a socket that buffers socket reads into
-- chunks separated by a pattern.
--
-- This function operates on a socket attempting to read data. It separates the
-- data by sep
and, for each invocation, returns a piece of the
-- separated data. Typically this is used to iterate over the lines of data
-- received from a socket (sep = "\r?\n"
). The returned string
-- does not include the separator. It will return the final data even if it is
-- not followed by the separator. Once an error or EOF is reached, it returns
-- nil, msg
. msg
is what is returned by
-- nmap.receive_lines
.
-- @param socket Socket for the buffer.
-- @param sep Separator for the buffered reads.
-- @return Data from socket reads or nil
on EOF or error.
-- @return Error message, as with receive_lines
.
function make_buffer(socket, sep)
local point, left, buffer, done, msg = 1, "";
local function self()
if done then
return nil, msg; -- must be nil for stdnse.lines (below)
elseif not buffer then
local status, str = socket:receive();
if not status then
if #left > 0 then
done, msg = not status, str;
return left;
else
return status, str;
end
else
buffer = left..str;
return self();
end
else
local i, j = buffer:find(sep, point);
if i then
local ret = buffer:sub(point, i-1);
point = j + 1;
return ret;
else
point, left, buffer = 1, buffer:sub(point), nil;
return self();
end
end
end
return self;
end
--[[ This function may be usable in Lua 5.2
function lines(socket)
return make_buffer(socket, "\r?\n"), nil, nil;
end --]]
do
local t = {
["0"] = "0000",
["1"] = "0001",
["2"] = "0010",
["3"] = "0011",
["4"] = "0100",
["5"] = "0101",
["6"] = "0110",
["7"] = "0111",
["8"] = "1000",
["9"] = "1001",
a = "1010",
b = "1011",
c = "1100",
d = "1101",
e = "1110",
f = "1111"
};
--- Converts the given number, n, to a string in a binary number format (12
-- becomes "1100").
-- @param n Number to convert.
-- @return String in binary format.
function tobinary(n)
assert(tonumber(n), "number expected");
return (("%x"):format(n):gsub("%w", t):gsub("^0*", ""));
end
end
--- Converts the given number, n, to a string in an octal number format (12
-- becomes "14").
-- @param n Number to convert.
-- @return String in octal format.
function tooctal(n)
assert(tonumber(n), "number expected");
return ("%o"):format(n)
end
--- Encode a string or number in hexadecimal (12 becomes "c", "AB" becomes
-- "4142").
--
-- An optional second argument is a table with formatting options. The possible
-- fields in this table are
-- * separator
: A string to use to separate groups of digits.
-- * group
: The size of each group of digits between separators. Defaults to 2, but has no effect if separator
is not also given.
-- @usage
-- stdnse.tohex("abc") --> "616263"
-- stdnse.tohex("abc", {separator = ":"}) --> "61:62:63"
-- stdnse.tohex("abc", {separator = ":", group = 4}) --> "61:6263"
-- stdnse.tohex(123456) --> "1e240"
-- stdnse.tohex(123456, {separator = ":"}) --> "1:e2:40"
-- stdnse.tohex(123456, {separator = ":", group = 4}) --> "1:e240"
-- @param s String or number to be encoded.
-- @param options Table specifiying formatting options.
-- @return String in hexadecimal format.
function tohex( s, options )
options = options or EMPTY
local separator = options.separator
local hex
if type( s ) == "number" then
hex = ("%x"):format(s)
elseif type( s ) == 'string' then
hex = ("%02x"):rep(#s):format(s:byte(1,#s))
else
error( "Type not supported in tohex(): " .. type(s), 2 )
end
-- format hex if we got a separator
if separator then
local group = options.group or 2
local fmt_table = {}
-- split hex in group-size chunks
for i=#hex,1,-group do
-- table index must be consecutive otherwise table.concat won't work
fmt_table[ceil(i/group)] = hex:sub(max(i-group+1,1),i)
end
hex = concat( fmt_table, separator )
end
return hex
end
---Either return the string itself, or return "" (or the value of the second parameter) if the string
-- was blank or nil.
--
--@param string The base string.
--@param blank The string to return if string
was blank
--@return Either string
or, if it was blank, blank
function string_or_blank(string, blank)
if(string == nil or string == "") then
if(blank == nil) then
return ""
else
return blank
end
else
return string
end
end
---
-- Parses a time duration specification, which is a number followed by a
-- unit, and returns a number of seconds. The unit is optional and
-- defaults to seconds. The possible units (case-insensitive) are
-- * ms
: milliseconds,
-- * s
: seconds,
-- * m
: minutes,
-- * h
: hours.
-- In case of a parsing error, the function returns nil
-- followed by an error message.
--
-- @usage
-- parse_timespec("10") --> 10
-- parse_timespec("10ms") --> 0.01
-- parse_timespec("10s") --> 10
-- parse_timespec("10m") --> 600
-- parse_timespec("10h") --> 36000
-- parse_timespec("10z") --> nil, "Can't parse time specification \"10z\" (bad unit \"z\")"
--
-- @param timespec A time specification string.
-- @return A number of seconds, or nil
followed by an error
-- message.
function parse_timespec(timespec)
if timespec == nil then return nil, "Can't parse nil timespec" end
local n, unit, t, m
local multipliers = {[""] = 1, s = 1, m = 60, h = 60 * 60, ms = 0.001}
n, unit = string.match(timespec, "^([%d.]+)(.*)$")
if not n then
return nil, string.format("Can't parse time specification \"%s\"", timespec)
end
t = tonumber(n)
if not t then
return nil, string.format("Can't parse time specification \"%s\" (bad number \"%s\")", timespec, n)
end
m = multipliers[unit]
if not m then
return nil, string.format("Can't parse time specification \"%s\" (bad unit \"%s\")", timespec, unit)
end
return t * m
end
-- Find the offset in seconds between local time and UTC. That is, if we
-- interpret a UTC date table as a local date table by passing it to os.time,
-- how much must be added to the resulting integer timestamp to make it
-- correct?
local function utc_offset(t)
-- What does the calendar say locally?
local localtime = os.date("*t", t)
-- What does the calendar say in UTC?
local gmtime = os.date("!*t", t)
-- Interpret both as local calendar dates and find the difference.
return difftime(os.time(localtime), os.time(gmtime))
end
--- Convert a date table into an integer timestamp. Unlike os.time, this does
-- not assume that the date table represents a local time. Rather, it takes an
-- optional offset number of seconds representing the time zone, and returns
-- the timestamp that would result using that time zone as local time. If the
-- offset is omitted or 0, the date table is interpreted as a UTC date. For
-- example, 4:00 UTC is the same as 5:00 UTC+1:
--
-- date_to_timestamp({year=1970,month=1,day=1,hour=4,min=0,sec=0}) --> 14400
-- date_to_timestamp({year=1970,month=1,day=1,hour=4,min=0,sec=0}, 0) --> 14400
-- date_to_timestamp({year=1970,month=1,day=1,hour=5,min=0,sec=0}, 1*60*60) --> 14400
--
-- And 4:00 UTC+1 is an earlier time:
--
-- date_to_timestamp({year=1970,month=1,day=1,hour=4,min=0,sec=0}, 1*60*60) --> 10800
--
function date_to_timestamp(date, offset)
offset = offset or 0
return os.time(date) + utc_offset(os.time(date)) - offset
end
local function format_tz(offset)
local sign, hh, mm
if not offset then
return ""
end
if offset < 0 then
sign = "-"
offset = -offset
else
sign = "+"
end
-- Truncate to minutes.
offset = math.floor(offset / 60)
hh = math.floor(offset / 60)
mm = math.floor(math.fmod(offset, 60))
return string.format("%s%02d:%02d", sign, hh, mm)
end
--- Format a date and time (and optional time zone) for structured output.
--
-- Formatting is done according to RFC 3339 (a profile of ISO 8601), except
-- that a time zone may be omitted to signify an unspecified local time zone.
-- Time zones are given as an integer number of seconds from UTC. Use
-- 0
to mark UTC itself. Formatted strings with a time zone look
-- like this:
--
-- format_timestamp(os.time(), 0) --> "2012-09-07T23:37:42+00:00"
-- format_timestamp(os.time(), 2*60*60) --> "2012-09-07T23:37:42+02:00"
--
-- Without a time zone they look like this:
--
-- format_timestamp(os.time()) --> "2012-09-07T23:37:42"
--
--
-- This function should be used for all dates emitted as part of NSE structured
-- output.
function format_timestamp(t, offset)
local tz_string = format_tz(offset)
offset = offset or 0
return os.date("!%Y-%m-%dT%H:%M:%S", t + offset) .. tz_string
end
--- Format the difference between times t2
and t1
-- into a string in one of the forms (signs may vary):
-- * 0s
-- * -4s
-- * +2m38s
-- * -9h12m34s
-- * +5d17h05m06s
-- * -2y177d10h13m20s
-- The string shows t2
relative to t1
; i.e., the
-- calculation is t2
minus t1
.
function format_difftime(t2, t1)
local d, s, sign, yeardiff
d = difftime(time(t2), time(t1))
if d > 0 then
sign = "+"
elseif d < 0 then
sign = "-"
t2, t1 = t1, t2
d = -d
else
sign = ""
end
-- t2 is always later than or equal to t1 here.
-- The year is a tricky case because it's not a fixed number of days
-- the way a day is a fixed number of hours or an hour is a fixed
-- number of minutes. For example, the difference between 2008-02-10
-- and 2009-02-10 is 366 days because 2008 was a leap year, but it
-- should be printed as 1y0d0h0m0s, not 1y1d0h0m0s. We advance t1 to be
-- the latest year such that it is still before t2, which means that its
-- year will be equal to or one less than t2's. The number of years
-- skipped is stored in yeardiff.
if t2.year > t1.year then
local tmpyear = t1.year
-- Put t1 in the same year as t2.
t1.year = t2.year
d = difftime(time(t2), time(t1))
if d < 0 then
-- Too far. Back off one year.
t1.year = t2.year - 1
d = difftime(time(t2), time(t1))
end
yeardiff = t1.year - tmpyear
t1.year = tmpyear
else
yeardiff = 0
end
local s, sec, min
s = ""
-- Seconds (pad to two digits).
sec = d % 60
d = math.floor(d / 60)
if d == 0 and yeardiff == 0 then
return sign .. string.format("%gs", sec) .. s
end
s = string.format("%02gs", sec) .. s
-- Minutes (pad to two digits).
min = d % 60
d = math.floor(d / 60)
if d == 0 and yeardiff == 0 then
return sign .. string.format("%dm", min) .. s
end
s = string.format("%02dm", min) .. s
-- Hours.
s = string.format("%dh", d % 24) .. s
d = math.floor(d / 24)
if d == 0 and yeardiff == 0 then
return sign .. s
end
-- Days.
s = string.format("%dd", d) .. s
if yeardiff == 0 then return sign .. s end
-- Years.
s = string.format("%dy", yeardiff) .. s
return sign .. s
end
--- Returns the current time in milliseconds since the epoch
-- @return The current time in milliseconds since the epoch
function clock_ms()
return nmap.clock() * 1000
end
--- Returns the current time in microseconds since the epoch
-- @return The current time in microseconds since the epoch
function clock_us()
return nmap.clock() * 1000000
end
---Get the indentation symbols at a given level.
local function format_get_indent(indent, at_end)
local str = ""
local had_continue = false
if(not(at_end)) then
str = rep(' ', #indent) -- Was: "| "
else
for i = #indent, 1, -1 do
if(indent[i] and not(had_continue)) then
str = str .. " " -- Was: "|_ "
else
had_continue = true
str = str .. " " -- Was: "| "
end
end
end
return str
end
local function splitlines(s)
local result = {}
local i = 0
while i <= #s do
local b, e
b, e = string.find(s, "\r?\n", i)
if not b then
break
end
result[#result + 1] = string.sub(s, i, b - 1)
i = e + 1
end
if i <= #s then
result[#result + 1] = string.sub(s, i)
end
return result
end
-- A helper for format_output (see below).
local function format_output_sub(status, data, indent)
if (#data == 0) then
return ""
end
-- Used to put 'ERROR: ' in front of all lines on error messages
local prefix = ""
-- Initialize the output string to blank (or, if we're at the top, add a newline)
local output = {}
if(not(indent)) then
insert(output, '\n')
end
if(not(status)) then
if(nmap.debugging() < 1) then
return nil
end
prefix = "ERROR: "
end
-- If a string was passed, turn it into a table
if(type(data) == 'string') then
data = {data}
end
-- Make sure we have an indent value
indent = indent or {}
if(data['name']) then
if(data['warning'] and nmap.debugging() > 0) then
insert(output, format("%s%s%s (WARNING: %s)\n",
format_get_indent(indent), prefix,
data['name'], data['warning']))
else
insert(output, format("%s%s%s\n",
format_get_indent(indent), prefix,
data['name']))
end
elseif(data['warning'] and nmap.debugging() > 0) then
insert(output, format("%s%s(WARNING: %s)\n",
format_get_indent(indent), prefix,
data['warning']))
end
for i, value in ipairs(data) do
if(type(value) == 'table') then
-- Do a shallow copy of indent
local new_indent = {}
for _, v in ipairs(indent) do
insert(new_indent, v)
end
if(i ~= #data) then
insert(new_indent, false)
else
insert(new_indent, true)
end
insert(output, format_output_sub(status, value, new_indent))
elseif(type(value) == 'string') then
local lines = splitlines(value)
for j, line in ipairs(lines) do
insert(output, format("%s %s%s\n",
format_get_indent(indent, i == #data and j == #lines),
prefix, line))
end
end
end
return concat(output)
end
---Takes a table of output on the commandline and formats it for display to the
-- user. This is basically done by converting an array of nested tables into a
-- string. In addition to numbered array elements, each table can have a 'name'
-- and a 'warning' value. The 'name' will be displayed above the table, and
-- 'warning' will be displayed, with a 'WARNING' tag, if and only if debugging
-- is enabled.
--
-- Here's an example of a table:
--
-- local domains = {}
-- domains['name'] = "DOMAINS"
-- table.insert(domains, 'Domain 1')
-- table.insert(domains, 'Domain 2')
--
-- local names = {}
-- names['name'] = "NAMES"
-- names['warning'] = "Not all names could be determined!"
-- table.insert(names, "Name 1")
--
-- local response = {}
-- table.insert(response, "Apple pie")
-- table.insert(response, domains)
-- table.insert(response, names)
--
-- return stdnse.format_output(true, response)
--
--
-- With debugging enabled, this is the output:
--
-- Host script results:
-- | smb-enum-domains:
-- | Apple pie
-- | DOMAINS
-- | Domain 1
-- | Domain 2
-- | NAMES (WARNING: Not all names could be determined!)
-- |_ Name 1
--
--
--@param status A boolean value dictating whether or not the script succeeded.
-- If status is false, and debugging is enabled, 'ERROR' is prepended
-- to every line. If status is false and debugging is disabled, no output
-- occurs.
--@param data The table of output.
--@param indent Used for indentation on recursive calls; should generally be set to
-- nil when callling from a script.
-- @return nil
, if data
is empty, otherwise a
-- multiline string.
function format_output(status, data, indent)
-- If data is nil, die with an error (I keep doing that by accident)
assert(data, "No data was passed to format_output()")
-- Don't bother if we don't have any data
if (#data == 0) then
return nil
end
local result = format_output_sub(status, data, indent)
-- Check for an empty result
if(result == nil or #result == "" or result == "\n" or result == "\n") then
return nil
end
return result
end
-- Get the value of a script argument, or nil if the script argument was not
-- given. This works also for arguments given as top-level array values, like
-- --script-args=unsafe; for these it returns the value 1.
local function arg_value(argname)
if nmap.registry.args[argname] then
return nmap.registry.args[argname]
else
-- if scriptname.arg is not there, check "arg"
local argument_frags = strsplit("%.", argname)
if #argument_frags > 0 then
if nmap.registry.args[argument_frags[2]] then
return nmap.registry.args[argument_frags[2]]
end
end
end
for _, v in ipairs(nmap.registry.args) do
if v == argname then
return 1
end
end
end
--- Parses the script arguments passed to the --script-args option.
--
-- @usage
-- --script-args 'script.arg1=value,script.arg3,script-x.arg=value'
-- local arg1, arg2, arg3 = get_script_args('script.arg1','script.arg2','script.arg3')
-- => arg1 = value
-- => arg2 = nil
-- => arg3 = 1
--
-- --script-args 'displayall,unsafe,script-x.arg=value,script-y.arg=value'
-- local displayall, unsafe = get_script_args('displayall','unsafe')
-- => displayall = 1
-- => unsafe = 1
--
-- --script-args 'dns-cache-snoop.mode=timed,dns-cache-snoop.domains={host1,host2}'
-- local mode, domains = get_script_args('dns-cache-snoop.mode',
-- 'dns-cache-snoop.domains')
-- => mode = 'timed'
-- => domains = {host1,host2}
--
-- @param Arguments Script arguments to check.
-- @return Arguments values.
function get_script_args (...)
local args = {}
for i, set in ipairs({...}) do
if type(set) == "string" then
set = {set}
end
for _, test in ipairs(set) do
local v = arg_value(test)
if v then
args[i] = v
break
end
end
end
return unpack(args, 1, select("#", ...))
end
---Get the best possible hostname for the given host. This can be the target as given on
-- the commandline, the reverse dns name, or simply the ip address.
--@param host The host table (or a string that'll simply be returned).
--@return The best possible hostname, as a string.
function get_hostname(host)
if type(host) == "table" then
return host.targetname or ( host.name ~= '' and host.name ) or host.ip
else
return host
end
end
---Retrieve an item from the registry, checking if each sub-key exists. If any key doesn't
-- exist, return nil.
function registry_get(subkeys)
local registry = nmap.registry
local i = 1
while(subkeys[i]) do
if(not(registry[subkeys[i]])) then
return nil
end
registry = registry[subkeys[i]]
i = i + 1
end
return registry
end
--Check if the given element exists in the registry. If 'key' is nil, it isn't checked.
function registry_exists(subkeys, key, value)
local subkey = registry_get(subkeys)
if(not(subkey)) then
return false
end
for k, v in pairs(subkey) do
if((key == nil or key == k) and (v == value)) then -- TODO: if 'value' is a table, this fails
return true
end
end
return false
end
---Add an item to an array in the registry, creating all sub-keys if necessary.
-- For example, calling:
-- registry_add_array({'192.168.1.100', 'www', '80', 'pages'}, 'index.html')
-- Will create nmap.registry['192.168.1.100'] as a table, if necessary, then add a table
-- under the 'www' key, and so on. 'pages', finally, is treated as an array and the value
-- given is added to the end.
function registry_add_array(subkeys, value, allow_duplicates)
local registry = nmap.registry
local i = 1
-- Unless the user wants duplicates, make sure there aren't any
if(allow_duplicates ~= true) then
if(registry_exists(subkeys, nil, value)) then
return
end
end
while(subkeys[i]) do
if(not(registry[subkeys[i]])) then
registry[subkeys[i]] = {}
end
registry = registry[subkeys[i]]
i = i + 1
end
-- Make sure the value isn't already in the table
for _, v in pairs(registry) do
if(v == value) then
return
end
end
insert(registry, value)
end
---Similar to registry_add_array
, except instead of adding a value to the
-- end of an array, it adds a key:value pair to the table.
function registry_add_table(subkeys, key, value, allow_duplicates)
local registry = nmap.registry
local i = 1
-- Unless the user wants duplicates, make sure there aren't any
if(allow_duplicates ~= true) then
if(registry_exists(subkeys, key, value)) then
return
end
end
while(subkeys[i]) do
if(not(registry[subkeys[i]])) then
registry[subkeys[i]] = {}
end
registry = registry[subkeys[i]]
i = i + 1
end
registry[key] = value
end
--- This function allows you to create worker threads that may perform
-- network tasks in parallel with your script thread.
--
-- Any network task (e.g. socket:connect(...)
) will cause the
-- running thread to yield to NSE. This allows network tasks to appear to be
-- blocking while being able to run multiple network tasks at once.
-- While this is useful for running multiple separate scripts, it is
-- unfortunately difficult for a script itself to perform network tasks in
-- parallel. In order to allow scripts to also have network tasks running in
-- parallel, we provide this function, stdnse.new_thread
, to
-- create a new thread that can perform its own network related tasks
-- in parallel with the script.
--
-- The script launches the worker thread by calling the new_thread
-- function with the parameters:
-- * The main Lua function for the script to execute, similar to the script action function.
-- * The variable number of arguments to be passed to the worker's main function.
--
-- The stdnse.new_thread
function will return two results:
-- * The worker thread's base (main) coroutine (useful for tracking status).
-- * A status query function (described below).
--
-- The status query function shall return two values:
-- * The result of coroutine.status using the worker thread base coroutine.
-- * The error object thrown that ended the worker thread or nil
if no error was thrown. This is typically a string, like most Lua errors.
--
-- Note that NSE discards all return values of the worker's main function. You
-- must use function parameters, upvalues or environments to communicate
-- results.
--
-- You should use the condition variable (nmap.condvar
)
-- and mutex (nmap.mutex
) facilities to coordinate with your
-- worker threads. Keep in mind that Nmap is single threaded so there are
-- no (memory) issues in synchronization to worry about; however, there
-- is resource contention. Your resources are usually network
-- bandwidth, network sockets, etc. Condition variables are also useful if the
-- work for any single thread is dynamic. For example, a web server spider
-- script with a pool of workers will initially have a single root html
-- document. Following the retrieval of the root document, the set of
-- resources to be retrieved (the worker's work) will become very large
-- (an html document adds many new hyperlinks (resources) to fetch).
--@name new_thread
--@class function
--@param main The main function of the worker thread.
--@param ... The arguments passed to the main worker thread.
--@return co The base coroutine of the worker thread.
--@return info A query function used to obtain status information of the worker.
--@usage
--local requests = {"/", "/index.html", --[[ long list of objects ]]}
--
--function thread_main (host, port, responses, ...)
-- local condvar = nmap.condvar(responses);
-- local what = {n = select("#", ...), ...};
-- local allReqs = nil;
-- for i = 1, what.n do
-- allReqs = http.pGet(host, port, what[i], nil, nil, allReqs);
-- end
-- local p = assert(http.pipeline(host, port, allReqs));
-- for i, response in ipairs(p) do responses[#responses+1] = response end
-- condvar "signal";
--end
--
--function many_requests (host, port)
-- local threads = {};
-- local responses = {};
-- local condvar = nmap.condvar(responses);
-- local i = 1;
-- repeat
-- local j = math.min(i+10, #requests);
-- local co = stdnse.new_thread(thread_main, host, port, responses,
-- table.unpack(requests, i, j));
-- threads[co] = true;
-- i = j+1;
-- until i > #requests;
-- repeat
-- condvar "wait";
-- for thread in pairs(threads) do
-- if coroutine.status(thread) == "dead" then threads[thread] = nil end
-- end
-- until next(threads) == nil;
-- return responses;
--end
do end -- no function here, see nse_main.lua
--- Returns the base coroutine of the running script.
--
-- A script may be resuming multiple coroutines to facilitate its own
-- collaborative multithreading design. Because there is a "root" or "base"
-- coroutine that lets us determine whether the script is still active
-- (that is, the script did not end, possibly due to an error), we provide
-- this stdnse.base
function that will retrieve the base
-- coroutine of the script. This base coroutine is the coroutine that runs
-- the action function.
--
-- The base coroutine is useful for many reasons but here are some common
-- uses:
-- * We want to attribute the ownership of an object (perhaps a network socket) to a script.
-- * We want to identify if the script is still alive.
--@name base
--@class function
--@return coroutine Returns the base coroutine of the running script.
do end -- no function here, see nse_main.lua
--- The Lua Require Function with errors silenced.
--
-- See the Lua manual for description of the require function. This modified
-- version allows the script to quietly fail at loading if a required
-- library does not exist.
--
--@name silent_require
--@class function
--@usage stdnse.silent_require "openssl"
do end -- no function here, see nse_main.lua
---Checks if the port is in the port range
-- For example, calling:
-- in_port_range({number=31337,protocol="udp"},"T:15,50-75,U:31334-31339")
-- would result in a true value
--@param port a port structure containing keys port number(number) and protocol(string)
--@param port_range a port range string in Nmap standard format (ex. "T:80,1-30,U:31337,21-25")
--@returns boolean indicating whether the port is in the port range
function in_port_range(port,port_range)
assert(port and type(port.number)=="number" and type(port.protocol)=="string" and
(port.protocol=="udp" or port.protocol=="tcp"),"Port structure missing or invalid: port={ number=, protocol= }")
assert((type(port_range)=="string" or type(port_range)=="number") and port_range~="","Incorrect port range specification.")
-- Proto - true for TCP, false for UDP
local proto
if(port.protocol=="tcp") then proto = true else proto = false end
--TCP flag for iteration - true for TCP, false for UDP, if not specified we presume TCP
local tcp_flag = true
-- in case the port_range is a single number
if type(port_range)=="number" then
if proto and port_range==port.number then return true
else return false
end
end
--clean the string a bit
port_range=port_range:gsub("%s+","")
-- single_pr - single port range
for i, single_pr in ipairs(strsplit(",",port_range)) do
if single_pr:match("T:") then
tcp_flag = true
single_pr = single_pr:gsub("T:","")
else
if single_pr:match("U:") then
tcp_flag = false
single_pr = single_pr:gsub("U:","")
end
end
-- compare ports only when the port's protocol is the same as
-- the current single port range
if tcp_flag == proto then
local pone = single_pr:match("^(%d+)$")
if pone then
pone = tonumber(pone)
assert(pone>-1 and pone<65536, "Port range number out of range (0-65535).")
if pone == port.number then
return true
end
else
local pstart, pend = single_pr:match("^(%d+)%-(%d+)$")
pstart, pend = tonumber(pstart), tonumber(pend)
assert(pstart,"Incorrect port range specification.")
assert(pstart<=pend,"Incorrect port range specification, the starting port should have a smaller value than the ending port.")
assert(pstart>-1 and pstart<65536 and pend>-1 and pend<65536, "Port range number out of range (0-65535).")
if port.number >=pstart and port.number <= pend then
return true
end
end
end
end
-- if no match is found then the port doesn't belong to the port_range
return false
end
--- Module function that mimics some behavior of Lua 5.1 module function.
--
-- This convenience function returns a module environment to set the _ENV
-- upvalue. The _NAME, _PACKAGE, and _M fields are set as in the Lua 5.1
-- version of this function. Each option function (e.g. stdnse.seeall)
-- passed is run with the new environment, in order.
--
-- @see stdnse.seeall
-- @see strict
-- @usage
-- _ENV = stdnse.module(name, stdnse.seeall, require "strict");
-- @param name The module name.
-- @param ... Option functions which modify the environment of the module.
function module (name, ...)
local env = {};
env._NAME = name;
env._PACKAGE = name:match("(.+)%.[^.]+$");
env._M = env;
local mods = pack(...);
for i = 1, mods.n do
mods[i](env);
end
return env;
end
--- Change environment to load global variables.
--
-- Option function for use with stdnse.module. It is the same
-- as package.seeall from Lua 5.1.
--
-- @see stdnse.module
-- @usage
-- _ENV = stdnse.module(name, stdnse.seeall);
-- @param env Environment to change.
function seeall (env)
local m = getmetatable(env) or {};
m.__index = _G;
setmetatable(env, m);
end
--- Return a table that keeps elements in order of insertion.
--
-- The pairs function, called on a table returned by this function, will yield
-- elements in the order they were inserted. This function is meant to be used
-- to construct output tables returned by scripts.
--
-- Reinserting a key that is already in the table does not change its position
-- in the order. However, removing a key by assigning to nil
and
-- then doing another assignment will move the key to the end of the order.
--
-- @return An ordered table.
function output_table ()
local t = {}
local order = {}
local function iterator ()
for i, key in ipairs(order) do
coroutine.yield(key, t[key])
end
end
local mt = {
__newindex = function (_, k, v)
if t[k] == nil and v ~= nil then
-- New key?
table.insert(order, k)
elseif v == nil then
-- Deleting an existing key?
for i, key in ipairs(order) do
if key == k then
table.remove(order, i)
break
end
end
end
rawset(t, k, v)
end,
__index = function (_, k)
return t[k]
end,
__pairs = function (_)
return coroutine.wrap(iterator)
end,
__call = function (_) -- hack to mean "not_empty?"
return not not next(order)
end,
__len = function (_)
return #order
end
}
return setmetatable({}, mt)
end
--- A pretty printer for Lua objects.
--
-- Takes an object (usually a table) and prints it using the
-- printer function. The printer function takes a sole string
-- argument and will be called repeatedly.
--
-- @param obj The object to pretty print.
-- @param printer The printer function.
function pretty_printer (obj, printer)
if printer == nil then printer = print end
local function aux (obj, spacing)
local t = type(obj)
if t == "table" then
printer "{\n"
for k, v in pairs(obj) do
local spacing = spacing.."\t"
printer(spacing)
printer "["
aux(k, spacing)
printer "] = "
aux(v, spacing)
printer ",\n"
end
printer(spacing.."}")
elseif t == "string" then
printer(format("%q", obj))
else
printer(tostring(obj))
end
end
return aux(obj, "")
end
-- This pattern must match the percent sign '%' since it is used in
-- escaping.
local FILESYSTEM_UNSAFE = "[^a-zA-Z0-9._-]"
---
-- Escape a string to remove bytes and strings that may have meaning to
-- a filesystem, such as slashes. All bytes are escaped, except for:
-- * alphabetic a
-z
and A
-Z
, digits 0-9, .
_
-
-- In addition, the strings "."
and ".."
have
-- their characters escaped.
--
-- Bytes are escaped by a percent sign followed by the two-digit
-- hexadecimal representation of the byte value.
-- * filename_escape("filename.ext") --> "filename.ext"
-- * filename_escape("input/output") --> "input%2foutput"
-- * filename_escape(".") --> "%2e"
-- * filename_escape("..") --> "%2e%2e"
-- This escaping is somewhat like that of JavaScript
-- encodeURIComponent
, except that fewer bytes are
-- whitelisted, and it works on bytes, not Unicode characters or UTF-16
-- code points.
function filename_escape(s)
if s == "." then
return "%2e"
elseif s == ".." then
return "%2e%2e"
else
return (string.gsub(s, FILESYSTEM_UNSAFE, function (c)
return string.format("%%%02x", string.byte(c))
end))
end
end
return _ENV;