Nmap Development mailing list archives

Re: ncat udp

From: Marius Sturm <marius.sturm () web de>
Date: Thu, 26 Mar 2009 11:54:57 +0100

Hello David,
thanks for your comments. I followed your suggestions and the patch
looks much cleaner now.
Only two points, should the ncat client be terminated after receiving a
datagram like in tcp mode?
And, should --send-only/--recv-only effect the --exec option?

Best regards,

Marius

David Fifield schrieb:

On Wed, Mar 25, 2009 at 02:49:17PM +0100, Marius Sturm wrote:

I could't find a good reason, why ncat must run in a while loop when
using udp protocol. I would expect, that it behaves almost the same as
in tcp mode. Attached is a patch to go into this direction. Any comments
are welcome!


Thank you for your patch. It is indeed a goal that --exec in UDP mode
should work mostly like it does in TCP mode. The patch has a few
problems but I think with some work we can make it do what we want.

netrun has to return immediately after starting the child process. You
can't call waitpid on it because Ncat won't accept any new connections
until the child process finishes (which may be never). For example, if
you run

ncat -l --exec "/bin/cat"
ncat localhost
ncat localhost

both clients must be able to connect at the same time and see their
messages echoed.

Where you have moved the call to netrun, the first packet received is
discarded. If I run

ncat -l --udp --exec "/bin/cat"
ncat --udp localhost

and type "a\nb\nc\n", all I get back is "b\nc\n".

Can you try making the following changes? Call netrun instead of netexec
in ncat_listen_udp, as you are doing. netrun should not need any changes;
I don't want it to have special behavior for SOCK_DGRAM sockets. Put the
do_listen and connect logic in its own outer loop. The idea is that we
should create a new socket for each connection and pass it to netrun.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

diff -urNb nmap/ncat/ncat_listen.c nmap-udp/ncat/ncat_listen.c
--- nmap/ncat/ncat_listen.c     2009-03-25 14:23:09.000000000 +0100
+++ nmap-udp/ncat/ncat_listen.c 2009-03-26 10:43:30.000000000 +0100
@@ -307,6 +307,12 @@
     zmem(&remotess, sizeof(remotess));
     remotess.ss_family = o.af;
 
+#ifndef WIN32
+    /* Reap on SIGCHLD */
+    Signal(SIGCHLD, sig_chld);
+#endif
+
+    while (1) {
     /* create the UDP listen socket */
     sockfd = do_listen(SOCK_DGRAM);
 
@@ -342,8 +348,10 @@
     zmem(buf, sizeof(buf));
 
     /* are we executing a command? then do it */
-    if (o.cmdexec)
-        netexec(sockfd, o.cmdexec);
+      if (o.cmdexec) {
+          netrun(sockfd, o.cmdexec);
+          continue;
+      }
 
     FD_SET(sockfd, &master);
     FD_SET(STDIN_FILENO, &master);
@@ -377,6 +385,7 @@
         
         zmem(buf, sizeof(buf));
     }
+    }
 
     return 0;
 }


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

ncat udp Marius Sturm (Mar 25)
- Re: ncat udp David Fifield (Mar 25)
- <Possible follow-ups>
- Re: ncat udp Marius Sturm (Mar 26)
  - Re: ncat udp David Fifield (Mar 26)
    - Re: ncat udp Marius Sturm (Mar 27)
    - Re: ncat udp David Fifield (Mar 27)
    - Re: ncat udp David Fifield (Mar 27)