Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncat: Listen Plus Exec Equals Keep-Open

From: David Fifield <david () bamsoftware com>
Date: Thu, 25 Feb 2010 11:50:06 -0700
On Wed, Feb 24, 2010 at 09:31:24PM -0800, David Millis wrote:

On Windows XP, I'm getting ncat 5.21 behavior that suggests combining listen with exec implies keep-open.

: ncat -l -p 1234 -e "cmd /c echo hi"
: ncat 127.0.0.1 1234
- hi
- client exits, server doesn't
: ncat 127.0.0.1 1234
- hi
- client exits, server doesn't

The vulnwatch netcat 1.11 Windows port of Hobbit's code did kill its server when the child exited.

I glanced at the source and didn't see an intensional "keepopen = 1" outside of arg handling, so I assume this is a 
bug.

Maybe somewhere in "ncat_exec_win.c"?


This is by design. I happens on Unix and Windows. --exec takes a
different code path that doesn't even know about --keep-open. In --exec
mode, Ncat works more like inetd, starting an independent server process
for each connection.

If you really want this behavior, you can change the call to netrun into
a call to netexec. Do you have a reason to prefer the one-connection
mode?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: