Nmap Development mailing list archives
[PATCH] "ncat -l --send-only" not sending only
From: Kris Katterjohn <katterjohn () gmail com>
Date: Sat, 27 Jun 2009 20:08:37 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey everyone, I found (what I consider to be) an oddity in server-mode --send-only in Ncat. I was messing with TCP RX/TX queues on my Linux box earlier, for no real reason other than just to play around. At one point I wanted to 1) have a server accept connections but not read any data, 2) have a client send a lot of data to that server, and 3) view netstat output to see the amount of data in the server's RX queue and in the client's TX queue. Looks like #1 and #2 are areas for Ncat to shine! I figured that -l --send-only will make the server do pretty much nothing but accept connections, since I won't be sending anything from it. So: term1$ ncat -l --send-only 31337 term2$ cat abigmanual.pdf | ncat --send-only localhost 31337 term3$ netstat -an | grep :31337 Hmm.. not quite what I wanted: Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:33327 127.0.0.1:31337 TIME_WAIT Well, I know that netcat6[1] has a --send-only option, because I renamed the old Ncat --sendonly to it last year for a bit of conformity (and I liked it better). So I decided to fire up a couple of nc6s and see what it happens: term1$ nc6 -l --send-only -p 31337 term2$ cat abigmanual.pdf | nc6 --send-only localhost 31337 term3$ netstat -an | grep :31337 Just what I was looking for: Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 136896 127.0.0.1:42833 127.0.0.1:31337 ESTABLISHED tcp 76096 0 127.0.0.1:31337 127.0.0.1:42833 ESTABLISHED So what's the deal with Ncat? Using -l and --send-only obviously doesn't just send only. The man page only says that Ncat "will ignore anything received" when using this option, but you can take that to mean different things. It turns out that Ncat will actually read in the data, it just won't write it to stdout or log it. That makes Ncat's option a bit of a misnomer since it does everything it normally would, except pass the data to the user--which is very different from sending only. I created one patch to simply make Ncat behave like Netcat6 (which I think it should do). But I figured having a choice in the matter is a lot better (since I seem to often have opinions on how things should behave which are different than that of many list members), which lead me to my current patch (attached) against the dev branch. With this patch, --send-only's behavior does not change; however, you can now use the new --send-only=force to make it actually only send (or more specifically, not receive). Thoughts? Objections? Thanks, Kris Katterjohn [1] http://www.deepspace6.net/projects/netcat6.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJKRsKUAAoJEEQxgFs5kUfuPW4P/ikE+bCdEa8L0/yei0bbZCag 35kC1j4oTsOAwscl+oh5moJWvhw9+Q3zo7o+QilmiE/v80pjp6YYYqBLNm2OHQy2 yITm1uD7NTsER4J8QXgbF31/FvKeW/Odg2od69C6RBAxCrA8ibWFzl7OsXfc0f7X xF24XXD0N3ZDwqmxxJxhK1aTMszJUu/s+01s9fdGyvHHTB0h5MmUR1OBF+1ysi39 b0AOY3HOrTM6sTmFec7eSfIJjXvlTUyi7kbbqtlx3GveCaWvTeTzu3JWKsMZryo2 PHaF2w7XWjJTJJ+7Lm2e0g156kWeJ/LtWQc3aTHDhI7n03l8wUgjfwRp0ixVUoL2 F1Zdhm70s6GiOzPzrBRJKNeVHW3dSTJYOwPEEvW+6S/nPiWEW0UFLyyGu22G7ctp lBOrOBssGqNTMIo7/VggAUO2/YVbR62AiAr00ZhZcbhTL2+mrs7r+y5nILgpk7Ha QP+KmjLzUbJFLuYE8YYLbXU23TZTAUF+8ib8EEN3f6lVOd4xAugHcP0Hkr5emNGm Yc27k2jMElxsDZFelgiMetUqaC6dmhI3ef8UTblozEsfqTha+n+gipXtd1UFlPra r+KQD3I8GrYFIG+agf4jWVXyfnipVpXHZCZ3W2lZpBm0LDT/7wfEkqjWn7J5HTvN oJZ88lxJMzgs/oLcjZ66 =3uwB -----END PGP SIGNATURE-----
Index: ncat_core.h =================================================================== --- ncat_core.h (revision 13939) +++ ncat_core.h (working copy) @@ -111,6 +111,7 @@ int listen; int keepopen; int sendonly; + int forcesendonly; int recvonly; int telnet; int udp; Index: ncat_listen.c =================================================================== --- ncat_listen.c (revision 13939) +++ ncat_listen.c (working copy) @@ -208,10 +208,12 @@ goto quit; } } else { - /* Read from a client and write to stdout. */ - if (read_socket(i) <= 0) { - if (!o.keepopen) - goto quit; + if (!o.forcesendonly) { + /* Read from a client and write to stdout. */ + if (read_socket(i) <= 0) { + if (!o.keepopen) + goto quit; + } } } Index: ncat_main.c =================================================================== --- ncat_main.c (revision 13939) +++ ncat_main.c (working copy) @@ -248,7 +248,7 @@ {"recv-only", no_argument, &o.recvonly, 1}, {"source-port", required_argument, NULL, 'p'}, {"source", required_argument, NULL, 's'}, - {"send-only", no_argument, &o.sendonly, 1}, + {"send-only", optional_argument, NULL, 0}, {"broker", no_argument, &o.broker, 1}, {"chat", no_argument, NULL, 0}, {"talk", no_argument, NULL, 0}, @@ -386,6 +386,12 @@ print_banner(stdout); exit(EXIT_SUCCESS); } + else if (strcmp(long_options[option_index].name, "send-only") == 0) + { + o.sendonly = 1; + if (optarg && strcmp(optarg, "force") == 0) + o.forcesendonly = 1; + } else if (strcmp(long_options[option_index].name, "proxy") == 0) { if (proxyaddr) @@ -484,7 +490,7 @@ " -u, --udp Use UDP instead of default TCP\n" " -v, --verbose Set verbosity level (can be used up to 3 times)\n" " -w, --wait <time> Connect timeout\n" -" --send-only Only send data, ignoring received; quit on EOF\n" +" --send-only[=force] Only send data, ignoring received; quit on EOF\n" " --recv-only Only receive data, never send anything\n" " --allow Allow specific hosts to connect to Ncat\n" " --allowfile A file of hosts allowed to connect to Ncat\n" Index: ncat_core.c =================================================================== --- ncat_core.c (revision 13939) +++ ncat_core.c (working copy) @@ -128,6 +128,7 @@ o.listen = 0; o.keepopen = 0; o.sendonly = 0; + o.forcesendonly = 0; o.recvonly = 0; o.telnet = 0; o.udp = 0;
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] "ncat -l --send-only" not sending only Kris Katterjohn (Jun 27)
- Re: [PATCH] "ncat -l --send-only" not sending only David Fifield (Jun 30)
- Re: [PATCH] "ncat -l --send-only" not sending only Kris Katterjohn (Jun 30)
- Re: [PATCH] "ncat -l --send-only" not sending only David Fifield (Jun 30)