Nmap Development mailing list archives

Re: [PATCH] "ncat -l --send-only" not sending only

From: Kris Katterjohn <katterjohn () gmail com>
Date: Tue, 30 Jun 2009 17:27:52 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Fifield wrote:

On Sat, Jun 27, 2009 at 08:08:37PM -0500, Kris Katterjohn wrote:

I created one patch to simply make Ncat behave like Netcat6 (which I think it
should do).  But I figured having a choice in the matter is a lot better
(since I seem to often have opinions on how things should behave which are
different than that of many list members), which lead me to my current patch
(attached) against the dev branch.  With this patch, --send-only's behavior
does not change; however, you can now use the new --send-only=force to make it
actually only send (or more specifically, not receive).


I think that --send-only should work like the proposed
--send-only=force. It should do what its name suggests, and doing it
that way will probably simplify some code.


Great!

The only thing is that I'm pretty sure connect and broker modes work the
same way. Can you make another patch that makes --send-only work like
Netcat6, with changes for connect and broker modes too?


Connect-mode already wouldn't read from the socket if --send-only was used,
but broker indeed had the same problem (I had just forgotten about it before).

I've attached a patch to have --send-only cause Ncat to not read from the
socket at all in plain listen and broker modes.

If you're curious, I put the checks for o.sendonly outside of the read_socket
and read_and_broadcast functions because 1) there's only one invocation of
them each so there isn't duplicated stuff and 2) while these read* functions
do more than just read (e.g. broadcasts, etc), it just felt sorta awkward
putting the checks inside.  It's not a big deal to do it either way though.

I should be able to commit this soon if there aren't any issues with it.

David Fifield


Thanks,
Kris Katterjohn


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJKSpFoAAoJEEQxgFs5kUful+wQAJkKaIWiiRsMORwvPue67ynV
0J5Y8VLyj1DU2PZXbaHdbbt6IwOisHhihW3POl1FQz2TryPz/jTi1L4oLfqLV+uN
B1QYhApy4wNDP0sVydFWHozWXek1u+O9O4WY1D/rZhfK9qiiSMjBrqT+X/MV+FfC
Z5Tdgl6ymVFjYk4McvCl2aZTNS4cE999QAeKuBoOzjjU/O0V72AIwZXZ+Fa3xQTU
TxQ6LIRVYycZJMuPHT8EYDhXuyeVCdPy+KgcYuqh9JPa+CXnSECG+mVvZpcGscuv
//osLL6gvkSfhWjzdsMGlgYhT0TDUEgEQTBtjRXU4WUyPjqk7o2PEXBWdP7KtD5+
IW04SpjYtleNidrci6JZKbcC8Lyox878ifs18EYd/tCtF8Bh11Dfyih8J3gof03i
IEEuKOmqZQgyHIEUAThdzj6DarKmI6V9pU+gAJoTewmRH5hT/CnuZLgTm5cI4qRy
N08Z9K+vONmI6iOo+XGpl0U07nnOqu7kxgOSGexPjguGY3STBVfHJX2g9dLl8dZB
4NoSk4fo4jsykVdjIBpAN+eXijII4c3QXLmgyKzs22Xh08TPQ5j/ysy2D/N8w7EC
WcdkiUBbh82BfLPSnpTCjvcK1VbfjmiyGZ8uTbqWPngg8PGoBHWrTvC8ryL1gmWw
1ShqSRnFh9SINiMMAoZc
=LLQ9
-----END PGP SIGNATURE-----

Index: ncat_listen.c
===================================================================
--- ncat_listen.c       (revision 13984)
+++ ncat_listen.c       (working copy)
@@ -207,7 +207,7 @@
                     if (o.sendonly)
                         goto quit;
                 }
-            } else {
+            } else if (!o.sendonly) {
                 /* Read from a client and write to stdout. */
                 if (read_socket(i) <= 0) {
                     if (!o.keepopen)
@@ -397,13 +397,11 @@
     if(o.linedelay)
         ncat_delay_timer(o.linedelay);
 
-    if (!o.sendonly) {
-        if (o.telnet)
-            dotelnet(recv_fd, (unsigned char *) buf, nbytes);
+    if (o.telnet)
+        dotelnet(recv_fd, (unsigned char *) buf, nbytes);
 
-        Write(STDOUT_FILENO, buf, nbytes);
-        ncat_log_recv(buf, nbytes);
-    }
+    Write(STDOUT_FILENO, buf, nbytes);
+    ncat_log_recv(buf, nbytes);
 
 #ifdef HAVE_OPENSSL
     /* SSL can buffer our input, so doing another select()
Index: ncat_broker.c
===================================================================
--- ncat_broker.c       (revision 13984)
+++ ncat_broker.c       (working copy)
@@ -192,7 +192,7 @@
             if (i == listen_socket) {
                 /* we have a new connection request */
                 handle_connection();
-            } else {
+            } else if (i == STDIN_FILENO || !o.sendonly) {
                 /* Handle incoming client data and distribute it. */
                 read_and_broadcast(i);
             }
@@ -355,11 +355,6 @@
 
             return;
         }
-
-        /* If we received from something other than stdin, and --send-only was
-           given, do no further processing. */
-        if (o.sendonly)
-            return;
     }
 
     if (o.debug > 1)


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[PATCH] "ncat -l --send-only" not sending only Kris Katterjohn (Jun 27)
- Re: [PATCH] "ncat -l --send-only" not sending only David Fifield (Jun 30)
  - Re: [PATCH] "ncat -l --send-only" not sending only Kris Katterjohn (Jun 30)