Ncat: Past, Present and Future

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey everyone,

Although it hasn't been talked about on the list for a while, Ncat is still
improving and evolving.  I've attached a copy of the more-noteworthy changes
made so far, since trying to copy them all in here would not have been pretty.
 And keep in mind that these are just the changes which have ChangeLog
entries: to see a full list of the changes made (and there are a lot!) you
need to look at the SVN log.

I was at Fyodor's DEFCON presentation where he mentioned Ncat, and the
audience seemed pretty excited about it.  One of the people who came up to me
after the Q&A suggested the functionality of the -C/--crlf option that is now
available.  It was all quite cool :)

So now that Nmap 4.75 is out and about, it's time to begin considering merging
Ncat in for distribution (but see below on some current problems).  This will
be through an svn:external like Zenmap, so it will be checked out
automatically with /nmap , and Ncat will then be packaged along with Nmap in
the Windows installer, OS X installer (thanks to David), RPM and source
tarball.  I've already created a branch for working on the integration
process, and it seems that all is well in the build/install systems (if you
happen upon this branch, keep in mind that the /ncat in there is *not*
up-to-date as it's not an external, but rather an older copy).

Ncat still has its share of problems, however.  It is not fully functional on
Windows yet (due to many issues..), and an EOF from stdin in client-mode is
not handled correctly because I don't currently see a way to handle it through
Nsock at the moment.  An efficiency problem was also posted before which I
haven't deeply looked into yet.

So if you can check-out[1] Ncat[2] again, test it out and let me know how it
goes, that would be awesome.

And if you have any comments on the integration of Ncat into the Nmap
distribution, feel free to mention them.

Thanks,
Kris Katterjohn

[1] http://nmap.org/book/install.html#inst-svn
[2] svn://svn.insecure.org/ncat


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSMWX7v9K37xXYl36AQIOdBAAk931JwMkiKMoVd+bYcBwGF9yK/KHHWnQ
034ceR0kJ2Xm3+sc2GiRDftr3JAMS6iSQCHtMXoC8lHGzvpxdEGHo48Fr8N+ljic
CSEaycSzb5zehiE/MWi5pPb+617XlSS/sdMMz5Z1dYzYqVzBuhViWZCrRQXNcJXY
FfTa2kNW01UFPG6QVuC2wptvN40hdselF5nyd0QxIv147pti6b4ysqKHhEOnF+p5
oCimxRcNzO5IpZwJMM8+hu5vzhCdT6Pci7Tvtr21lAPR4kexhM7b3+1+AuRBFK+v
wZ0smucJQR8xoaI/YAGHbE1SD6i5K6N0afNeSYLXECFEn7BWwlYno3EftjQKHHxu
Z0xoIzyxVkeApgiY54ZflJBsQ+mL2RbFBBNvyzVbho5hKCrt/i8oIoGmj0XPEBXB
m3o5Y9xhDH25aIX38VFA3Iqmq99OPfvH/0Y6R3PH0CEQL1/sbOxwh/Td9Kxnvhdy
0B4WE5BZTeVC4vyEcaFwj/cSBbJ/02f9eRHk3kYDKu5yj0uoWt8CgtkO+nLkk29W
H40fDtvcEQwYoZVo0XfPRX3esH0zCoxdWdae0GTGhA4kr84sOuV2EXJCBQ5nukLM
SRvN7x5VapLhmqUG2jodok5xzv4JotKDVZzf487aBVaPtnRAS3GBAnxEzzRzeaG+
RWBs4MtiYjQ=
=jcjh
-----END PGP SIGNATURE-----

o Began porting to Windows on Visual C++ Express 2008.  Compilation succeeds,
  but obstacles like the lack of a fork() call and not being able to select()
  on non-sockets haven't yet fully been overcome. [Kris Katterjohn, Mixter]

o Added IPv6 listen support (including --broker).  Host access control is not
  yet supported. [Kris]

o Added SSL listen support (including --broker) [Kris]

o Fixed SSL and IPv6 connect issues [Mixter]

o Added IPv4 host access control to UDP listener and --broker [Kris]

o Changed -l to behave like OpenBSD Netcat.  Instead of -l specifying the
  local port number and -s specifying the local address to listen on, -l
  is a non-option flag and you specify the local address/port like you do
  a host to connect to in client-mode. [Kris]

o Client-mode Ncat now exits upon receipt of EOF from the network side [Kris]

o Client-mode Ncat now reads from the network (still via the Nsock library)
  in a byte-based manner rather than line-based.  While being an improvement
  in its own right, this is especially helpful for the new Telnet negotiation
  option. [Kris]

o Increased the default network data buffer sizes (reading and writing) from
  a measly 256 bytes to a more respectable 8K for TCP and 128K for UDP.  UDP's
  is this large because a read returns an entire datagram, or discards what's
  left if there is no room. [Kris]

o Added --http-server, which creates a simple forking HTTP proxy server on
  the listening port (only supports CONNECT). [Kris]

o Redesigned --socks4-proxy to take the proxy server as the argument and take
  the ultimate target host like usual rather than the previously unintuitive
  specification.  This option also now takes the username from --proxy-auth
  rather than the previous user@host:port syntax. [Kris]

o Redesigned --http-proxy to take the proxy server as the argument just like
  the new --socks4-proxy behavior.  Also, the HTTP CONNECT request now uses
  CRLF for the line-endings instead of just LF. [Kris]

o Removed --socks4-server as it was broken, obviously didn't have any support
  for SOCKS5, and we now have --http-server for a similar purpose. [Kris]

o Fixed --proxy-auth which always caused a segmentation fault [Kris]

o Moved -t (--idle-timeout) to -i [Kris]

o Added -t/--telnet to handle DO/DONT WILL/WONT Telnet negotiations [Kris]

o Added -C/--crlf to try to use CRLF for line-endings.  This comes in handy
  when talking to some stringent servers directly from a terminal in one of
  the many common plain-text protocols which specify CRLF as the required EOL
  sequence. [Kris]

o Added -w/--wait for specifying a connect timeout [Kris]

o Added -g and -G for IPv4 loose source routing [Kris]

o Added -p to specify a local port to bind to in client-mode [Kris]

o Added -n/--nodns to not resolve any hostnames [Mixter]

o Added -c/--sh-exec, which is like -e but executes via /bin/sh [Kris]

o Made -s actually work in client-mode [Kris]

o Changed --recvonly and --sendonly to --recv-only and --send-only [Kris]

o Options taking a time (-d, -i, -w) are now more flexible: you can append
  an "s" for seconds, "m" for minutes or "h" for hours (e.g. 30s) [Kris]

o Fixed a bug which could cause Nsock tracing (use of -v one or more times)
  to print very inaccurate times [Kris]

o Removed unused XOR code [Kris]

o Added file dependency checking to the Makefile.  So now, for instance, if
  a header file is modified, running make again will recompile all of the
  files which depend on it. [Kris]

o Improved the build system by removing the automake requirement ([Mixter])
  and removing unused portions of configure.ac and Makefile.in ([Kris]).
  Other various build/configure improvements were made as well.

o Lots of documentation rewrites/updates, including separating the man page
  into sections such as "Proxy Options", "Client-Mode Options", etc. [Kris]

o Lots of code cleaning up [Kris]


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org