NSE: add script for discovering OSPF neighbors #743

wants to merge 14 commits into


None yet
2 participants

emyl commented Mar 11, 2017


I'd like to contribute to the project by sharing a script for discovering OSPF neighbors.

To make the script work, I've made several additions to the ospf library, and also a small addition to ipOps. I've also considered to partially rewrite the ospf library using Lua native functions instead bin/bit, but I stopped because (maybe due to my poor Lua skills) I didn't found a convenient way to handle hex strings.

Comments are welcome! Thanks!

Ok, I've got the conflicts resolved, but I have one issue and question: All of our scripts should behave in a reasonable fashion if OpenSSL is not compiled in, so instead of local openssl = require "openssl", ospf.lua should have local have_ssl, openssl = pcall(require, "openssl") and then protect calls to openssl.md5 with a check for have_ssl. This is easy, and I've done it. The question is, how should the script handle auth type 2 packets then?

One option would be to check for OpenSSL in the script in the same way, and fail gracefully if md5_key is set. Another would be to fall back to some other auth type and just try making things work. @emyl What do you think we should do in this case?

emyl commented Mar 13, 2017

@dmiller-nmap thanks for pointing this out, I've updated the script: it now fails gracefully just in case.

nmap-bot closed this in 84a824c Mar 14, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment