Re: Ncat: Update and Feature Request

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aaron Leininger wrote:
> > OK, I've been working on the HTTP proxy stuff.  --http-proxy and --proxy-auth
> > were both broken.
> >
> > Your user:pass syntax should be good, it's just that Ncat was trying to copy
> > it without allocating any memory for it... I haven't tested the authentication
> > against an actual proxy, but I've run the Base64-encoded string generated for
> > the proxy request through a decoder and it came out right.
> >
> > And the HTTP proxy stuff was broken because it was trying to "CONNECT" to the
> > proxy server through the target host rather than the other way around.
> >
> > I've committed fixes for these, so if you can try it out and let me know how
> > it goes, that would be great.
>
> I went to your sourceforge link and I didn't see any newer version than I had before(0.10.rc3)
> I have debian on my box so I used apt-get to install svn. I tried: $svn checkout svn://svn.insecure.org/ncat and got: 
> connection refused. How do I check out the code? I'm kinda new to using svn. 

Sorry, the SF.net link was just to provide a place to get other information,
not to provide the new stuff.

The command for checking out the newest code:

$ svn co --username guest --password "" svn://svn.insecure.org/ncat

Maybe there's a firewall in place blocking SVN (port 3690) with RSTs or some such?

> > > One more thing I will add is that ncat -h does not show the -ssl option though it is listed in the man page. 
> > Does the --ssl option work?  --ssl, --ssl-cert and --ssl-key should all be in
> > the -h output if they're compiled in.
> >
> > Did you do a "make clean" before your make?  Maybe your Ncat binary was built
> > from the previous object files without OpenSSL support because they weren't
> > removed/written over.
>
> I had not done a make clean. I reran(on version 0.10.rc3):
> $./configure
> $make clean
> $make
> $make install
> I ran 'ncat -h' from the source directory to make sure I had the right binary. Still no listing of the -ssl commands
> I then tested: './ncat --ssl mysslhost 10000' (port 10000 is running ssl enabled html)
> It successfully connected to the ssl port on mysslhost and reported back the correct html code.
> I ran './ncat mysslhost 10000' just to be sure and got back nothing so it seems that the --ssl worked properly yet it 
> doesn't display with -h. 

Again, the 0.10.rc3 from SF.net does not contain the new stuff, but rather
Chris' stuff from January 2006.

Sorry again for the confusion.

> Thanks,
> Aaron

Thanks,
Kris Katterjohn


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSIjs4v9K37xXYl36AQKm9RAAvBHpiSJFmaD4KA+Eek5EbMr5KYzUuJF+
67MauA+pBL6stj+eJred+AgXfuu5qhEuJ7zbeCJ2wQgBR9OMlPgvFsYAu9cyF3/y
zV/exvUAKBxQD8mjkkJlrFqRSYvt9LpNleX7V9ytlFGYF7XkAc6K3I/TMZASgayH
vGzCkGu9noNhajVSf+b/Wfbiv7bot0TJD2C5+MosO6SBXi9QCE9TGuaKldCAiWP3
378Ec22pPtjLkXk++50E/L/mbygVxNYB/in0evYDfuzPmpdn0wPHvQUaNxlDKpm4
dSwIIo2CS0lzR7E+pb6E6QvGj2RxaenV1fcmVdNwyksWhJMTbrX7wekQ5WJJg57K
2jClSEd5fxDh0kwo2ua/hKaMuT0yLTqvTv77eSvbVhctPI8AS26jYDI3V3Go+etK
KrocDcyfLt2MqtPmLEjpLVlEiTt2tI0LPXEazyPwpXTqIaRJk7rx8xrhOMH1ekvi
+G3wOYozBJDd0K5nZJpxgKU0s37MQfheQpECUuofgqLjjOYk8vtYRxiHhmw+qCyV
YoGn67NCNTSKdAwqnSiPA75XfPHFRamTCNAVpTNA+44Fou5VvoYWzVVYdWkCAGXs
XaoCBD/MCt63FDvGbPXvvUPg+UtExulUQscGme2xuEhMisrEWzanPOHu66rVcvQV
2gpEQ4OPBec=
=KD32
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org