I was updating a nbe file parser I wrote in perl and noticed a few
plugins do not output the various fields in the 'normal' order. For
example, there are some plugins where the "Risk factor" is printed
before the "Solution" (nasl #10399), when in most other plugin output
the solution is printed before the risk factor. I can give specific
examples of other plugins that exhibit similar behavior, and can work
with Renaud/whoever to do that as a 'short term' fix
However, as a long term fix, I'd love to see a truly well formed way
of parsing all possible fields from a NBE file. It could be as simple
as extending the pipe | delimiter to the nasl output fields as well,
or something more complicated.
I realize that this might result in output lines with empty fields
that look like:
results|W.X.Y|W.X.Y.Z|rdp (3389/tcp)||||||||||
or something more verbose like
results|W.X.Y|W.X.Y.Z|rdp (3389/tcp)|Synopsis: |Description: |foo: |bar: |baz:
But I personally am very willing to eat a little extra disk space in
my report files as a tradeoff for having a strictly ordered, well
formed nasl output. While my parser can handle a few of the
inconsistent output formats, it won't be able to handle all of them
without getting ugly, and might not work properly if/when new nasls
are released.
I admit that i'm not the worlds best expert on parsing/regexps but I
do think I'm fairly good and I find parsing NBE cumbersome due to
these inconsistencies. Am I totally off base here?
Matt
_______________________________________________
Nessus-devel mailing list
Nessus-devel@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus-devel
plugins do not output the various fields in the 'normal' order. For
example, there are some plugins where the "Risk factor" is printed
before the "Solution" (nasl #10399), when in most other plugin output
the solution is printed before the risk factor. I can give specific
examples of other plugins that exhibit similar behavior, and can work
with Renaud/whoever to do that as a 'short term' fix
However, as a long term fix, I'd love to see a truly well formed way
of parsing all possible fields from a NBE file. It could be as simple
as extending the pipe | delimiter to the nasl output fields as well,
or something more complicated.
I realize that this might result in output lines with empty fields
that look like:
results|W.X.Y|W.X.Y.Z|rdp (3389/tcp)||||||||||
or something more verbose like
results|W.X.Y|W.X.Y.Z|rdp (3389/tcp)|Synopsis: |Description: |foo: |bar: |baz:
But I personally am very willing to eat a little extra disk space in
my report files as a tradeoff for having a strictly ordered, well
formed nasl output. While my parser can handle a few of the
inconsistent output formats, it won't be able to handle all of them
without getting ugly, and might not work properly if/when new nasls
are released.
I admit that i'm not the worlds best expert on parsing/regexps but I
do think I'm fairly good and I find parsing NBE cumbersome due to
these inconsistencies. Am I totally off base here?
Matt
_______________________________________________
Nessus-devel mailing list
Nessus-devel@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus-devel