Nmap Development mailing list archives

Ncat Windows send-only file EOF problem

From: "Zwirko, Andy" <azwirko () sosacorp com>
Date: Mon, 1 Mar 2010 12:05:01 -0500

Good day - I'm having a similar problem to:

 

http://seclists.org/nmap-dev/2009/q3/605

 

There was no resolution last year, just a response it couldn't be
reproduced.  I seem to be able to reproduce a similar problem.

 

The issue I'm having is when running ncat 5.21 on Windows XP SP3 it does
not close the connection upon EOF when sending a file using the
--send-only option.   I've reproduced this on several Windows XP SP3
machines under cmd.exe, e.g. on the same machine and between 2 different
machines.

 

Here's ncat verbose output:

 

RECEIVER:

H:\>ncat -vvv -l > newfile
Ncat: Version 5.21 ( http://nmap.org/ncat )
Ncat: Listening on 0.0.0.0:31337
NCAT DEBUG: Initialized fdlist with 102 maxfds
NCAT DEBUG: Added fd 1936 to list, nfds 1, maxfd 1936
NCAT DEBUG: Added fd 0 to list, nfds 2, maxfd 1936
NCAT DEBUG: Initialized fdlist with 100 maxfds
NCAT DEBUG: selecting, fdmax 1936
NCAT DEBUG: select returned 1 fds ready
NCAT DEBUG: fd 1936 is ready
Ncat: Connection from 127.0.0.1.
NCAT DEBUG: Added fd 1900 to list, nfds 3, maxfd 1936
NCAT DEBUG: Added fd 1900 to list, nfds 1, maxfd 1900
NCAT DEBUG: selecting, fdmax 1936
NCAT DEBUG: select returned 1 fds ready
NCAT DEBUG: fd 1900 is ready
NCAT DEBUG: selecting, fdmax 1936
NCAT DEBUG: select returned 1 fds ready
NCAT DEBUG: fd 1900 is ready
NCAT DEBUG: selecting, fdmax 1936

 

SENDER

C:\Program Files\Nmap>ncat --send-only localhost -vvv <  ZENMAP_README
Ncat: Version 5.21 ( http://nmap.org/ncat )
NSOCK (0.2030s) TCP connection requested to 127.0.0.1:31337 (IOD #1) EID
8
NSOCK (0.2030s) Callback: CONNECT SUCCESS for EID 8 [127.0.0.1:31337]
Ncat: Connected to 127.0.0.1:31337.
NSOCK (0.2030s) Read request for 0 bytes from IOD #2 (peer unspecified)
EID 18
NSOCK (0.2180s) Callback READ SUCCESS for EID 18 (peer unspecified)
(2048 bytes)

NSOCK (0.2180s) Write request for 2048 bytes to IOD #1 EID 27
[127.0.0.1:31337]
NSOCK (0.2180s) Callback: WRITE SUCCESS for EID 27 [127.0.0.1:31337]
NSOCK (0.2180s) Read request for 0 bytes from IOD #2 (peer unspecified)
EID 34
NSOCK (0.2180s) Callback READ SUCCESS for EID 34 (peer unspecified) (212
bytes)
NSOCK (0.2180s) Write request for 212 bytes to IOD #1 EID 43
[127.0.0.1:31337]
NSOCK (0.2340s) Callback: WRITE SUCCESS for EID 43 [127.0.0.1:31337]
NSOCK (0.2340s) Read request for 0 bytes from IOD #2 (peer unspecified)
EID 50

 

I can Ctrl-C on the sender to end the connection and that closes the
receiver, but otherwise the two will just sit and hang there waiting.
It appears that the transfer is OK since the file sizes are identical.

 

SENDER dir

01/26/2010  09:11 PM             2,260 ZENMAP_README

 

RECEIVER dir

02/26/2010  12:37 PM             2,260 newfile

 

For some reason on the last "Read request for 0 bytes" on the sender,
the O/S never returns a Callback that there's no more data to send.

 

Thanks for your time.

 

andyz

 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Ncat Windows send-only file EOF problem Zwirko, Andy (Mar 01)
- Re: Ncat Windows send-only file EOF problem David Fifield (Mar 01)
- <Possible follow-ups>
- Ncat Windows send-only file EOF problem Zwirko, Andy (Mar 01)
- Ncat Windows send-only file EOF problem Andy Zwirko (Mar 01)