Nmap Development mailing list archives
Ideas for Windows Ncat: non-blocking read from stdin
From: David Fifield <david () bamsoftware com>
Date: Sun, 1 Mar 2009 19:35:22 -0700
I saw this in the TODO and I want to share some ideas about it. o Ncat Windows issue where you make a connection and then take several seconds to type in a line to the server, Ncat wrongly times out when trying to write your line to the remote server. [David] I checked this out over the weekend. This is what I wrote to Fyodor:
I found the source of the problem. It is related to the fselect call. When reading from a TTY, fselect says that stdin is readable when a key is hit: if (stdtty) { if (_kbhit()) { FD_SET(STDIN_FILENO, &rset); fds_ready++; } } So Nsock a read on stdin, expecting it to return immediately. But the input is still being buffered by the console until you hit enter, turning the read into a blocking read. When you finish typing, the read finishes, and Ncat schedules a write. No time is supposed to have gone by during the read, so nsock_tod (time of day) is not updated, and the write timeout is set to two seconds after you *started* typing. If it takes you more than two seconds to type, the write is timed out as soon as it is created.
The difficulty is that select on Windows works with network sockets only, not normal file descriptors like standard input. Emulating a working select on Windows is nontrivial; Cygwin devotes 1,600 lines to it (http://cygwin.com/cvs.html, src/winsup/cygwin/select.cc). You can sort of hack around it by peeking into the console input buffer and looking for a carriage return, but that has a major problem: characters aren't echoed as you type. It seems you have to be actively reading from stdin for anything to show up on the screen. So this is my current idea: create a thread (with CreateThread) that does nothing but read stdin and write to an anonymous pipe (created with CreatePipe). Duplicate the pipe's handle in the main program so that when Ncat thinks it's reading from stdin, it's reading from the pipe. The thread takes care of line buffering and echoing, and ensures that the main process won't block when it reads from the pipe. I haven't tried it yet, so their could be a fatal flaw yet. I already considered using an AF_LOCAL socket but those aren't supported on Windows. CreateThread http://msdn.microsoft.com/en-us/library/ms682453.aspx Anonymous Pipe Operations http://msdn.microsoft.com/en-us/library/aa365141(VS.85).aspx David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ideas for Windows Ncat: non-blocking read from stdin David Fifield (Mar 01)
- Re: Ideas for Windows Ncat: non-blocking read from stdin David Fifield (Mar 02)
- Re: Ideas for Windows Ncat: non-blocking read from stdin David Fifield (Mar 04)