Exploring Nmap's scripting engine

Security Script

Article from ADMIN 06/2011
By
The Nmap security scanner comes with a built-in scripting engine. We'll take a look at Nmap scripting and how the scripts are organized.

The Network Mapper, or Nmap [1], is one of the most popular network scanners available. System administrators and security specialists use Nmap for network scanning, discovery, and inventories. Nmap is useful for these security tasks, but it is also quite useful for network troubleshooting, You can use Nmap to determine whether a service is running or to determine whether a service version has changed. Nmap is also very good at identifying application and operating system versions through fingerprinting of protocols and applications. Although Nmap comes with a graphical user interface, Zenmap, many administrators prefer to work from the command line. Nmap lends itself very well to scripting in a shell interpreter scripting language such as the Bourne again shell (Bash) or a text-processing language such as Perl, sed, or awk. However, Nmap also has a native scripting feature. The Nmap scripting engine (NSE) has several advantages over Bash or a text-processing language:

  • Phase awareness – Nmap organizes the scanning process into phases. NSE is aware of Nmap phases, which let the programmer avoid complex recursive or if-then algorithms to determine the state of the scan.
  • Common language for portability – A common language makes the script portable to Nmap systems on other platforms. (A Bash script, on the other hand, would work well in Linux but might not work on a Windows system.)
  • Community-based distribution – A common language allows for a common standard and a system for distributing scripts either within Nmap or separately.

Nmap's scripting language uses the Lua programming language. Lua is an interpreted language that is "powerful, fast, lightweight" [2]. It is probably most well known as the scripting language used by the popular game World of Warcraft (WoW)

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Lead Image © Raman Maisei, 123RF.com
    Develop your own scripts for Nmap
    Nmap does a great job with standard penetration testing tasks, but for specific security analyses, you will want to develop your own test scripts. The Nmap Scripting Engine makes this possible.
    more »
  • © ragsac, 123RF.com
    Give your servers the once over with Nmap
    If you've ever had to test the security of your servers, you've almost certainly come across the ever-flexible Nmap – used by sys admins to help protect their servers and diagnose problems.
    more »
  • Protect Your Servers with Nmap

    If you've ever had to test the security of your servers, you've almost certainly come across the ever-flexible Nmap (Network Mapper) – used by sys admins to help protect their servers and diagnose problems.

    more »
  • Nmap 6.0 Released
    more »
  • Understanding Autodiscovery

    A lack of information about your infrastructure can result in faulty system configuration and other difficulties. Automatic discovery of all hosts and services would seem to be the best solution – but can it also prove itself in practice?

    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=