Nmap Development mailing list archives
Re: Ncat File Transfer Brokenness
From: David Fifield <david () bamsoftware com>
Date: Tue, 2 Mar 2010 12:27:46 -0700
On Tue, Mar 02, 2010 at 12:48:03AM -0700, David Fifield wrote:
On Sat, Feb 27, 2010 at 02:46:18PM -0800, David Millis wrote:The following terminated early leaving files varying between 8 ad 40k in size. ncat -vvvn -e "cmd /c \"type somefile.zip\"" --send-only 192.168.1.1 1234 UnixUtils' cat.exe was similarly affected. NCAT DEBUG: Executing: cmd /c "type ghost.exe" NCAT DEBUG: Creating named pipe "\\.\pipe\ncat-0" NCAT DEBUG: Register subprocess 00000728 at index 0. NCAT DEBUG: Subprocess ended with exit code 259. NCAT DEBUG: Unregister subprocess 00000728 from index 0. NCAT DEBUG: Terminating subprocesses NCAT DEBUG: max_index 1I started to check this out. What's happening is an error 10035, WSAEWOULDBLOCK. That's breaking the subprocess loop, which is why the exit code is 259, or STILL_ACTIVE, because the process hasn't really stopped. This same problem had been observed on Unix. Venkat Sanaka fixed it last year by making the socket blocking before execing the subprocess. The same code should work for Windows but apparently it isn't. http://seclists.org/nmap-dev/2009/q2/635
I figured out the problem. On Windows we're using the WSAEventSelect function, which, as I didn't know before, puts the socket into non-blocking mode. So even though we're making the socket blocking, WSAEventSelect is undoing it. I wasn't sure of the best way to fix it. I just made the socket blocking again before every socket send, and it works. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Ncat File Transfer Brokenness David Millis (Mar 01)
- Re: Ncat File Transfer Brokenness David Fifield (Mar 01)
- Re: Ncat File Transfer Brokenness David Fifield (Mar 02)
- Re: Ncat File Transfer Brokenness David Fifield (Mar 01)