Re: Ncat: Update and Feature Request

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aaron Leininger wrote:
> > > *I wanted to try out the http proxy stuff but when I typed: man ncat, I got: No manual entry for ncat
> > > Yet ncat -h says to see the man page for more details. How do I access it? I checked google(search terms: ncat 
> > > manpage) and didn't see anything that looked like it. 
> > Did you run "make install" when you built Ncat?  That should install Ncat and
> > the man pages correctly, but right now I've only been focusing on making Ncat
> > function correctly and I'll worry about the install system when I merge it
> > with Nmap's.
> As a matter of fact, I did run make install. I ended up copying ncat.1 out of your docs/man/ folder to the same spot 
> as nmap's man page and it worked after that. 
> I ran man -w nmap to find the location. It came back /usr/local/man/man1/nmap.1 

Hmm... it installs fine for eldraco and me.  I'm really not sure what your
problem would be.

But for the most up-to-date information, the docbook ncat.xml in docs/man
contains the newest information (or should, I try to update it as I go).  So
until I can generate the man page from the XML, that's the best source for
now.  You can't install it and use it like a man page, but it's not horrible
to read as-is either.

> > > I'm not sure why it didn't work when I tried it on an external site such as google. 
> > Maybe you need authentication to connect outside?  You can use --proxy-auth
> > for this.  From the man page residing in docs/man/ncat.1, the syntax for proxy
> > auth is "<username>:<password>"
> We run our authenticated proxy off of port 3128..less restricted. port 8080 requires no auth but more 
> restricted...but I know google is not blocked; that's why I chose it as a test. 
> I ran the following command to test your proxy-auth syntax:
> $ncat --http-proxy myproxy:3128 --proxy-auth user:pass www.google.com 80
> result was: Segmentation Fault. 
> Did I do something wrong with the syntax? 

OK, I've been working on the HTTP proxy stuff.  --http-proxy and --proxy-auth
were both broken.

Your user:pass syntax should be good, it's just that Ncat was trying to copy
it without allocating any memory for it... I haven't tested the authentication
against an actual proxy, but I've run the Base64-encoded string generated for
the proxy request through a decoder and it came out right.

And the HTTP proxy stuff was broken because it was trying to "CONNECT" to the
proxy server through the target host rather than the other way around.

I've committed fixes for these, so if you can try it out and let me know how
it goes, that would be great.

Also, the port number defaults to 3128 for the HTTP proxy, so you don't need
to specify that.  However, the exception is that if you specify the proxy
server as an IPv6 address (rather than hostname), you must specify the port
number as well (due to the colons in the address and host:port separator).

> > > Am I missing a package? Can you see anything else I can correct to get ssl support working? Let me know if you need 
> > > the configure or make output in full, I can attach them. 
> > It looks like you're missing the package. On my Ubuntu box I have libssl-dev
> > installed; do you have it (or a *very* close relative) on your Debian box?
> Good catch. No I did not. I installed libssl-dev through apt-get and ran:
> $./configure
> $make
> $sudo make install
> No errors about SSL this time. I copied the new binary to /usr/bin and still no manpage...this is where I figured out 
> how to manually copy the man page, as I described above, so that '$man ncat' now works. 
>
> One more thing I will add is that ncat -h does not show the -ssl option though it is listed in the man page. 

Does the --ssl option work?  --ssl, --ssl-cert and --ssl-key should all be in
the -h output if they're compiled in.

Did you do a "make clean" before your make?  Maybe your Ncat binary was built
from the previous object files without OpenSSL support because they weren't
removed/written over.

> Thanks again for your work and hopefully some of this is helpful.
> -Aaron

You're very welcome.

Thank you for your help,
Kris Katterjohn


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSIeXh/9K37xXYl36AQIyHA/9H+g39wwfvB0e/nz8FzK8IE7C2X0WJAAF
gZ5E/nCT+h6qcUbLl6riyEdEx5rjZgPxl9I1uJUu4ciG2kn5Eteb65PM4W8jMEQP
Tfvhpapiw54Z0Z0+fVW2KPuHOyyX6eNT4vDFz4irn8/MQ1m8l8UtBEKfOfuu8bYK
IdRVJr0ycsHeH1A2aGZdCeer+m94lHszedOlzewZNvGSSRJ1cVwSVTy075vuUbQ1
4ASNeKWcnBzmvL65nqzmtEEkaLC2mAvi0uJWAMyANSVRxV3E+5WCjpHNK6aB/Ehz
P+Z7+nm87RtUll7y0PHSFu7lZtgJUrc0tq2MLYYwJRGJTYCTWpKCNy7HpuUMBJ5h
W+wK70+YEEDzuYVMBWQJzKmazD35HJRUEh9IfMtGOYkyBMIRQk49nSaZooypv8RG
LDypJZjyj+bOqePtaeqM36ZvyLDLsQSCXwlQp68f2hbgKcfprICBLyJPHsaCl2o9
cxkXy2FAMlZG04aqLQIZDIZKzXpyfUK1NseZsVlw9DMOiAmxUsnPQC4tlhRnsfOK
m/hUqVTN8DvxgO9dfXYnyHYSItB9mr2ROVAEeO7jTqI972KHcw1SLT8SQ/dxu5/B
l9No6QDYryXs9ylcO3EMSKgKnRjGzOFqn23Kp0uiEE4xCZZeF/Oni7oVOFC/2hGt
AsfdMJ2/uhk=
=ar6I
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org