Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Ncat] I'd like to contribute a feature

From: miniBill <cmt.minibill () gmail com>
Date: Thu, 2 Sep 2010 15:43:44 +0200
2010/7/29 David Fifield <david () bamsoftware com>:

Thanks for your interest! Please help us understand what you have in
mind by showing some example command lines and explaining how they will
work. A use case, a real-world problem that this will solve, is good
too.

You will want to refer to this documentation for getting the source
code.

http://nmap.org/book/install.html#inst-svn
http://nmap.org/book/inst-source.html

As for code organization, --sh-exec and --exec are handled in the files
ncat_posix.c and ncat_exec_win.c. Whatever changes you make should work
on both POSIX and Windows. With luck, you'll only have to use the netrun
and netexec function, which are already abstracted.

David Fifield



I've rapidly checked ncat_listen.c which is the file which, as far as
I could understand,
actually invokes the platform-specific calls. As it works now it
executes the command
every time someone connects. What I would like to do is to have one
single command
execution, which collects all the users' input, and whose output is
copied to every user.
As small as I can understand it, it won't be easy.

What I would like to achieve is this: use ncat + pipes + ssh to do
tunneling even if forbidden
by sshd config. This is to prove that forbidding tunnelling is useless.
Also, another idea is to use it to circumvent fascist firewalls.

Example:
A [the pc behind the fascist firewall]
F [the firewall]
H [my home pc, to which I have complete control]

A can only connect to the Internet through F, and only to ports 80 and 443.
If I setup a proxy on A [with ncat] that pipes output through --exec
ssh to H and then,
using another ncat on H, connects me to the internet this works.
But it has a problem: it will run ssh to H for every connection to the
proxy on A,
and sshd on H gets upset of this.
So my idea would be an option to run ssh only once, and pipe all the input and
output through it.

I could try to work with the code, but I'm quite a noob, and I don't
really have any idea
on how to actually implement it. Any help appreciated :)

Leonardo
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: