Re: Ncat proxy authentication

[Thomas Buchanan <tbuchanan () thecompassgrp net>]

David Fifield wrote:
> Hi,
>
> Ncat now works as an authenticated HTTP CONNECT proxy:
>
>         ncat -l --proxy-type http --proxy-auth user:pass
>
> Both the client and server only support the Basic authentication mode,
> which is vulnerable to password sniffing. Still, it keeps just anyone
> from connecting, and now with better HTTP handling in Ncat it will be
> easier to add better methods in the future.
>
> David Fifield

Hi David,

I've played around with this a little, and it seems to work as expected. 
 I've done some straight-forward SSL proxying through it, using Firefox 
as a client, as well as connection proxying using ncat as the client. 
However, it doesn't build on my Windows system.  First, I had to add 
base64.h and http.h to the Header files for ncat in the project solution 
file, as well as base64.c and http.c to the Source files.  But even 
after doing that, I still get the following build errors (with apologies 
for any line wrap):

>------ Build started: Project: ncat, Configuration: Release Win32 ------
1>Compiling...
1>http.c
1>.\http.c(52) : error C2440: '=' : cannot convert from 'void *' to 'char *'
1>        Conversion from 'void*' to pointer to non-'void' requires an 
explicit cast
1>.\http.c(245) : error C2440: '=' : cannot convert from 'void *' to 
'char *'
1>        Conversion from 'void*' to pointer to non-'void' requires an 
explicit cast
1>base64.c
1>.\base64.c(50) : error C3861: 'Malloc': identifier not found

Any ideas on these errors?

SVN checkout was revision 12920.  Build system is Windows XP SP2 with 
Visual C++ 2008 Express Edition.

Thanks,

Thomas

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org