Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Status Report #12 of 17

From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Tue, 14 Jul 2009 06:32:26 +0300
Status Report #12 of 17

14 July, 2009


This week was almost entirely dedicated to debugging the opensshlib and great
progress was made, bringing the ssh module to a working state and entering the
final testing phase.


Accomplishments

* Extended debugging of opensshlib:
  - caught numerous bugs that were caused by the fact that there were still             
  static/global variables throughout OpenSSH code.
  - removed a bug caused by accidental cleanup of 1 particular compatibility
    check
* Solved buffering issues by implementing an 'ssh_loop_read' function that
  gracefully handles cases like when 2 different SSH messages are inside 1 TCP
  packet (something which happens almost everytime with many servers at one
  particular phase (Server New Keys message))
* Finalized opensshlib API by using the 'ncrack_ssh_state' generic struct that
  is passed along all internal handlers.
* Examined numerous different versions of SSH implementation thanks to the ssh
  dumps I got (25 unique versions from Brandon Enright and 1 from Luis - thanks
  guys)
* Cleaned-up a lot of unneeded parts of opensshlib.
* Merged opensshlib-testing branches into main trunk.
* Wrote a mail about some new challenges that came up upon testing SSH. They
  mainly pertain to the fact that SSH doesn't let you change a username during a
  connection and thus a special kind of user/pass iteration is needed. More
  details here: http://seclists.org/nmap-dev/2009/q3/0119.html
* Updated my site and moved my former wiki to a special section here:
  http://sock-raw.org/nmap-ncrack.html
* Ported Ncrack to MacOS X.
* Discussed with Fyodor about the new http module.
* Completed GSoC midterm-evaluation.


Priorities

* Test the ssh module on Windows.
* Solve the user/pass iteration SSH challenge.
* Write documentation on the opensshlib.
* Write mini-howto for ssh-module testing as requested by David.
* Start implementing http module OR/AND continue with dynamic engine.

-- ithilgore

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: