Nmap Development mailing list archives
Status Report #15 of 16
From: Dražen Popović <drazen.popovic () fer hr>
Date: Tue, 10 Aug 2010 15:05:19 +0200
Hi all. We're getting pretty close to the end of GSoC and it's time to wrap things up, as far as soc is concerned. My project has been pretty dynamic and now it doesn't look like anything I listed in my proposal, infact it has been more challenging and therefore more interesting and fun. So what's it all about...We're making an library to enable NSE to talk to MSRPC endpoints, which is a complex remote procedure call protocol implemented by Microsoft Windows (and some other OSs). This project consists of making an NDR library (presentation layer protocol) and utilizing a tool call PIDL to generate RPC clients based on their IDL definition. Furthermore this project should involve enhancing the MSRPC operations and redesigning the code to be more domain driven and therefore modular and more maintainable. The motivation for all this was pretty strong as other similar project want the same thing, Metasploit, Canvas, Impacket, Nessus, OpenVAS, SAMBA, Wireshark...There's lot of useful information that can be gathered from the MSRPC endpoints from the perspective of a pentester, also there are dozen of fun vulnerabilities that reside on msrpc. To conclude there is still work to be done, so... Accomplishments: * Utilized PIDL to generate most of the IDL types and for now it generates functions (some debugging needed). * Added new types to NDR library (unsigned/signed types) as strings (conformant, conformant_varying). * Used PIDL to generate part of DRAZEN_SVC service. Priorities: * Test the generated clients on real services (epmapper, srvsvc). * Port "msrpc.lua" to use pidl-generated stubs. * Merge "ndr.lua". Cheers, Dražen. -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Status Report #15 of 16 Dražen Popović (Aug 10)