Generating vulnerability reports in NSE scripts
The Nmap Scripting Engine is perfect in order to detect vulnerabilities, and for this reason, there are already several exploitation scripts included with Nmap. Not too long ago, each developer used his own criteria of what output to include when reporting these vulnerabilities. To address this issue and unify the output format and the amount of information provided, a new NSE library was introduced.
This recipe will teach you how to generate vulnerability reports in your NSE scripts with the library vulns
.
How to do it...
The correct way to report vulnerabilities in NSE is through the library vulns
. Let's review the process of reporting a vulnerability:
- Load the library
vulns
in your script:
local vulns = require "vulns"
- Create a
vuln
object table. Pay special attention to thestate
field:
local vuln = { title = "<TITLE GOES HERE>", state = vulns.STATE.NOT_VULN, references = {"<URL1>", "URL2...