author | Stefan Teleman <stefan.teleman@oracle.com> |
Fri, 23 Aug 2013 11:53:57 -0700 | |
branch | s11-update |
changeset 2742 | fbb36943b6b5 |
permissions | -rw-r--r-- |
2742
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
1 |
# http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=14;bug=719289 |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
2 |
# Index: scripts/http-domino-enum-passwords.nse |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
3 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
4 |
--- nmap-6.25/scripts/http-domino-enum-passwords.nse (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
5 |
+++ nmap-6.25/scripts/http-domino-enum-passwords.nse (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
6 |
@@ -315,9 +315,10 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
7 |
http_response = http.get( vhost or host, port, u_details.idfile, { auth = { username = user, password = pass }, no_cache = true }) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
8 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
9 |
if ( http_response.status == 200 ) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
10 |
- local status, err = saveIDFile( ("%s/%s.id"):format(download_path, u_details.fullname), http_response.body ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
11 |
+ local filename = download_path .. "/" .. stdnse.filename_escape(u_details.fullname .. ".id") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
12 |
+ local status, err = saveIDFile( filename, http_response.body ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
13 |
if ( status ) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
14 |
- table.insert( id_files, ("%s ID File has been downloaded (%s/%s.id)"):format(u_details.fullname, download_path, u_details.fullname) ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
15 |
+ table.insert( id_files, ("%s ID File has been downloaded (%s)"):format(u_details.fullname, filename) ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
16 |
else |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
17 |
table.insert( id_files, ("%s ID File was not saved (error: %s)"):format(u_details.fullname, err ) ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
18 |
end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
19 |
# Index: scripts/stuxnet-detect.nse |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
20 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
21 |
--- nmap-6.25/scripts/stuxnet-detect.nse (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
22 |
+++ nmap-6.25/scripts/stuxnet-detect.nse (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
23 |
@@ -81,7 +81,7 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
24 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
25 |
fmt = save:gsub("%%h", host.ip) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
26 |
fmt = fmt:gsub("%%v", version) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
27 |
- file = io.open(fmt, "w") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
28 |
+ file = io.open(stdnse.filename_escape(fmt), "w") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
29 |
if file then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
30 |
stdnse.print_debug(1, "Wrote %d bytes to file %s.", #result.arguments, fmt) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
31 |
file:write(result.arguments) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
32 |
# Index: scripts/http-config-backup.nse |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
33 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
34 |
--- nmap-6.25/scripts/http-config-backup.nse (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
35 |
+++ nmap-6.25/scripts/http-config-backup.nse (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
36 |
@@ -209,7 +209,7 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
37 |
if (response.status == 200) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
38 |
-- check it if is valid before inserting |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
39 |
if cfg.check(response.body) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
40 |
- local filename = ((host.targetname or host.ip) .. url_path):gsub("/", "-"); |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
41 |
+ local filename = stdnse.escape_filename((host.targetname or host.ip) .. url_path) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
42 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
43 |
-- save the content |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
44 |
if save then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
45 |
# Index: scripts/hostmap-bfk.nse |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
46 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
47 |
--- nmap-6.25/scripts/hostmap-bfk.nse (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
48 |
+++ nmap-6.25/scripts/hostmap-bfk.nse (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
49 |
@@ -68,7 +68,7 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
50 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
51 |
local HOSTMAP_SERVER = "www.bfk.de" |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
52 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
53 |
-local filename_escape, write_file |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
54 |
+local write_file |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
55 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
56 |
hostrule = function(host) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
57 |
return not ipOps.isPrivate(host.ip) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
58 |
@@ -106,7 +106,7 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
59 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
60 |
local filename_prefix = stdnse.get_script_args("hostmap-bfk.prefix") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
61 |
if filename_prefix then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
62 |
- local filename = filename_prefix .. filename_escape(host.targetname or host.ip) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
63 |
+ local filename = filename_prefix .. stdnse.filename_escape(host.targetname or host.ip) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
64 |
local status, err = write_file(filename, hostnames_str .. "\n") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
65 |
if status then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
66 |
output_tab.filename = filename |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
67 |
@@ -118,13 +118,6 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
68 |
return output_tab |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
69 |
end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
70 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
71 |
--- Escape some potentially unsafe characters in a string meant to be a filename. |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
72 |
-function filename_escape(s) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
73 |
- return string.gsub(s, "[\0/=]", function(c) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
74 |
- return string.format("=%02X", string.byte(c)) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
75 |
- end) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
76 |
-end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
77 |
- |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
78 |
function write_file(filename, contents) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
79 |
local f, err = io.open(filename, "w") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
80 |
if not f then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
81 |
# Index: scripts/domino-enum-users.nse |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
82 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
83 |
--- nmap-6.25/scripts/domino-enum-users.nse (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
84 |
+++ nmap-6.25/scripts/domino-enum-users.nse (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
85 |
@@ -103,7 +103,7 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
86 |
helper:disconnect() |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
87 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
88 |
if ( status and data and path ) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
89 |
- local filename = ("%s/%s.id"):format(path, username ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
90 |
+ local filename = path .. "/" .. stdnse.filename_escape(u_details.fullname .. ".id") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
91 |
local status, err = saveIDFile( filename, data ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
92 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
93 |
if ( status ) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
94 |
# Index: scripts/ms-sql-dump-hashes.nse |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
95 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
96 |
--- nmap-6.25/scripts/ms-sql-dump-hashes.nse (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
97 |
+++ nmap-6.25/scripts/ms-sql-dump-hashes.nse (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
98 |
@@ -119,7 +119,7 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
99 |
local filename |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
100 |
if ( dir ) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
101 |
local instance = instance:GetName():match("%\\+(.+)$") or instance:GetName() |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
102 |
- filename = ("%s/%s_%s_ms-sql_hashes.txt"):format(dir, host.ip, instance) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
103 |
+ filename = dir .. "/" .. stdnse.filename_escape(("%s_%s_ms-sql_hashes.txt"):format(host.ip, instance)) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
104 |
saveToFile(filename, instanceOutput[1]) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
105 |
end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
106 |
end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
107 |
# Index: scripts/snmp-ios-config.nse |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
108 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
109 |
--- nmap-6.25/scripts/snmp-ios-config.nse (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
110 |
+++ nmap-6.25/scripts/snmp-ios-config.nse (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
111 |
@@ -184,7 +184,7 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
112 |
result = ( infile and infile:getContent() ) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
113 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
114 |
if ( tftproot ) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
115 |
- local fname = tftproot .. host.ip .. "-config" |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
116 |
+ local fname = tftproot .. stdnse.filename_escape(host.ip .. "-config") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
117 |
local file, err = io.open(fname, "w") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
118 |
if ( file ) then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
119 |
file:write(result) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
120 |
# Index: nselib/stdnse.lua |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
121 |
# =================================================================== |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
122 |
--- nmap-6.25/nselib/stdnse.lua (revision 31575) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
123 |
+++ nmap-6.25/nselib/stdnse.lua (revision 31576) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
124 |
@@ -1195,4 +1195,36 @@ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
125 |
return aux(obj, "") |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
126 |
end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
127 |
|
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
128 |
+-- This pattern must match the percent sign '%' since it is used in |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
129 |
+-- escaping. |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
130 |
+local FILESYSTEM_UNSAFE = "[^a-zA-Z0-9._-]" |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
131 |
+--- |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
132 |
+-- Escape a string to remove bytes and strings that may have meaning to |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
133 |
+-- a filesystem, such as slashes. All bytes are escaped, except for: |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
134 |
+-- * alphabetic <code>a</code>-<code>z</code> and <code>A</code>-<code>Z</code>, digits 0-9, <code>.</code> <code>_</code> <code>-</code> |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
135 |
+-- In addition, the strings <code>"."</code> and <code>".."</code> have |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
136 |
+-- their characters escaped. |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
137 |
+-- |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
138 |
+-- Bytes are escaped by a percent sign followed by the two-digit |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
139 |
+-- hexadecimal representation of the byte value. |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
140 |
+-- * <code>filename_escape("filename.ext") --> "filename.ext"</code> |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
141 |
+-- * <code>filename_escape("input/output") --> "input%2foutput"</code> |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
142 |
+-- * <code>filename_escape(".") --> "%2e"</code> |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
143 |
+-- * <code>filename_escape("..") --> "%2e%2e"</code> |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
144 |
+-- This escaping is somewhat like that of JavaScript |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
145 |
+-- <code>encodeURIComponent</code>, except that fewer bytes are |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
146 |
+-- whitelisted, and it works on bytes, not Unicode characters or UTF-16 |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
147 |
+-- code points. |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
148 |
+function filename_escape(s) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
149 |
+ if s == "." then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
150 |
+ return "%2e" |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
151 |
+ elseif s == ".." then |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
152 |
+ return "%2e%2e" |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
153 |
+ else |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
154 |
+ return (string.gsub(s, FILESYSTEM_UNSAFE, function (c) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
155 |
+ return string.format("%%%02x", string.byte(c)) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
156 |
+ end)) |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
157 |
+ end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
158 |
+end |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
159 |
+ |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
160 |
return _ENV; |
fbb36943b6b5
17328869 problem in UTILITY/NMAP
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
161 |