Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: remove structopt in favour of clap #591

Merged
merged 3 commits into from
May 18, 2024
Merged

refactor: remove structopt in favour of clap #591

merged 3 commits into from
May 18, 2024

Conversation

PsypherPunk
Copy link
Collaborator

@PsypherPunk PsypherPunk commented May 15, 2024
edited

Prompted by the atty issue raised by Dependabot, move to clap as this doesn't have that dependency and, as per the structopt README, that crate is now in maintenance mode.

Note that they aren't exactly the same:

Previous:

rustscan 2.2.3
Fast Port Scanner built in Rust. WARNING Do not use this program against sensitive infrastructure since the specified
server may not be able to handle this many socket connections at once. - Discord  <http://discord.skerritt.blog> -
GitHub <https://github.com/RustScan/RustScan>

USAGE:
    rustscan [FLAGS] [OPTIONS] [-- <command>...]

FLAGS:
        --accessible    Accessible mode. Turns off features which negatively affect screen readers
    -g, --greppable     Greppable mode. Only output the ports. No Nmap. Useful for grep or outputting to a file
    -h, --help          Prints help information
    -n, --no-config     Whether to ignore the configuration file or not
        --top           Use the top 1000 ports
    -V, --version       Prints version information

OPTIONS:
    -a, --addresses <addresses>...            A comma-delimited list or newline-delimited file of separated CIDRs, IPs,
                                              or hosts to be scanned
    -b, --batch-size <batch-size>             The batch size for port scanning, it increases or slows the speed of
                                              scanning. Depends on the open file limit of your OS.  If you do 65535 it
                                              will do every port at the same time. Although, your OS may not support
                                              this [default: 4500]
    -c, --config-path <config-path>           Custom path to config file
    -e, --exclude-ports <exclude-ports>...    A list of comma separated ports to be excluded from scanning. Example:
                                              80,443,8080
    -p, --ports <ports>...                    A list of comma separated ports to be scanned. Example: 80,443,8080
    -r, --range <range>                       A range of ports with format start-end. Example: 1-1000
        --resolver <resolver>                 A comma-delimited list or file of DNS resolvers
        --scan-order <scan-order>             The order of scanning to be performed. The "serial" option will scan ports
                                              in ascending order while the "random" option will scan ports randomly
                                              [default: serial]  [possible values: Serial, Random]
        --scripts <scripts>                   Level of scripting required for the run [default: default]  [possible
                                              values: None, Default, Custom]
    -t, --timeout <timeout>                   The timeout in milliseconds before a port is assumed to be closed
                                              [default: 1500]
        --tries <tries>                       The number of tries before a port is assumed to be closed. If set to 0,
                                              rustscan will correct it to 1 [default: 1]
    -u, --ulimit <ulimit>                     Automatically ups the ULIMIT with the value you provided

ARGS:
    <command>...    The Script arguments to run. To use the argument -A, end RustScan's args with '-- -A'. Example:
                    'rustscan -t 1500 -a 127.0.0.1 -- -A -sC'. This command adds -Pn -vvv -p $PORTS automatically to
                    nmap. For things like --script '(safe and vuln)' enclose it in quotations marks \"'(safe and
                    vuln)'\"

New:

rustscan 2.2.3
Fast Port Scanner built in Rust. WARNING Do not use this program against sensitive infrastructure since the specified
server may not be able to handle this many socket connections at once. - Discord  <http://discord.skerritt.blog> -
GitHub <https://github.com/RustScan/RustScan>

Usage: rustscan [OPTIONS] [-- <COMMAND>...]

Arguments:
  [COMMAND]...  The Script arguments to run. To use the argument -A, end RustScan's args with '-- -A'. Example:
                'rustscan -t 1500 -a 127.0.0.1 -- -A -sC'. This command adds -Pn -vvv -p $PORTS automatically to nmap.
                For things like --script '(safe and vuln)' enclose it in quotations marks \"'(safe and vuln)'\"

Options:
  -a, --addresses <ADDRESSES>          A comma-delimited list or newline-delimited file of separated CIDRs, IPs, or
                                       hosts to be scanned
  -p, --ports <PORTS>                  A list of comma separated ports to be scanned. Example: 80,443,8080
  -r, --range <RANGE>                  A range of ports with format start-end. Example: 1-1000
  -n, --no-config                      Whether to ignore the configuration file or not
  -c, --config-path <CONFIG_PATH>      Custom path to config file
  -g, --greppable                      Greppable mode. Only output the ports. No Nmap. Useful for grep or outputting to
                                       a file
      --accessible                     Accessible mode. Turns off features which negatively affect screen readers
      --resolver <RESOLVER>            A comma-delimited list or file of DNS resolvers
  -b, --batch-size <BATCH_SIZE>        The batch size for port scanning, it increases or slows the speed of scanning.
                                       Depends on the open file limit of your OS.  If you do 65535 it will do every port
                                       at the same time. Although, your OS may not support this [default: 4500]
  -t, --timeout <TIMEOUT>              The timeout in milliseconds before a port is assumed to be closed [default: 1500]
      --tries <TRIES>                  The number of tries before a port is assumed to be closed. If set to 0, rustscan
                                       will correct it to 1 [default: 1]
  -u, --ulimit <ULIMIT>                Automatically ups the ULIMIT with the value you provided
      --scan-order <SCAN_ORDER>        The order of scanning to be performed. The "serial" option will scan ports in
                                       ascending order while the "random" option will scan ports randomly [default:
                                       serial] [possible values: serial, random]
      --scripts <SCRIPTS>              Level of scripting required for the run [default: default] [possible values:
                                       none, default, custom]
      --top                            Use the top 1000 ports
  -e, --exclude-ports <EXCLUDE_PORTS>  A list of comma separated ports to be excluded from scanning. Example:
                                       80,443,8080
  -h, --help                           Print help

The FLAGS/OPTIONS distinction has been completely dropped in clap (and isn't even configurable via the help_template functionality).

@PsypherPunk
refactor: remove structopt in favour of clap
49f0bc5 
as per
[`structopt` README](https://github.com/TeXitoi/structopt#maintenance),
it is now in maintenance mode.

migrating to `clap` v3 as per their
[migration docs.](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md#300---2021-12-31).
@PsypherPunk PsypherPunk changed the title refactor: remove structopt in favour of cla refactor: remove structopt in favour of clap May 15, 2024
@PsypherPunk
refactor: upgrade clap to v4
73a3049 
implement `clap` breaking changes as per docs.
@bee-san
Copy link
Member

bee-san commented May 15, 2024
edited

I would test this a lot, I think this is rather prone to breaking:

  [COMMAND]...  The Script arguments to run. To use the argument -A, end RustScan's args with '-- -A'. Example:
                'rustscan -t 1500 -a 127.0.0.1 -- -A -sC'. This command adds -Pn -vvv -p $PORTS automatically to nmap.
                For things like --script '(safe and vuln)' enclose it in quotations marks \"'(safe and vuln)'\"

Other than that, I am in support of this :)

I am planning on adding NSE support and removing nnmap entirely, although work is so chaotic I am not sure when 😅

@PsypherPunk
Copy link
Collaborator Author

PsypherPunk commented May 16, 2024
edited

@bee-san, I've added a few tests around the trailing nmap-command parsing…?

I've just covered a couple of basics, plus the ones used in the help text.

@PsypherPunk PsypherPunk marked this pull request as ready for review May 16, 2024 10:20
@bee-san
Copy link
Member

bee-san commented May 18, 2024

@bee-san, I've added a few tests around the trailing nmap-command parsing…?

I've just covered a couple of basics, plus the ones used in the help text.

Wow, thanks!

I might release this as a release candidate. Partly to see if our CI holds up, and partly because I know the Nmap bit breaks a lot 😅

@bee-san bee-san merged commit 8bfb643 into RustScan:master May 18, 2024
10 checks passed
@PsypherPunk PsypherPunk deleted the structopt-to-clap branch May 18, 2024 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bee-san bee-san bee-san approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@PsypherPunk @bee-san