Nmap Development mailing list archives
Re: NCat Proxy Support - Proxy-Authenticate
From: David Fifield <david () bamsoftware com>
Date: Thu, 13 Jan 2011 18:19:28 -0800
On Wed, Dec 29, 2010 at 09:14:57AM -0800, David Fifield wrote:
On Mon, Dec 06, 2010 at 12:08:40PM +0100, Florian Roth wrote:Great! I'll test it. --- 20min later --- It works. The only problem I noticed was the executing of a program after the connection has been established. What I did: === On the system inside the network =========================== D:\ncat-win32>ncat.exe -vvv -e cmd --proxy proxy.company.de:8080 --proxy-auth user:pass 87.106.48.12 443 Ncat: Version 5.36TEST2 ( http://nmap.org/ncat ) NCAT DEBUG: Proxy returned status code 407. NCAT DEBUG: Reconnection header: CONNECT 87.106.48.12:443 HTTP/1.0 Proxy-Authorization: Basic XxxxXXXxxxxXXXXXxxxX== NCAT DEBUG: Proxy returned status code 200. NSOCK (0.0000s) Read request from IOD #1 (peer unspecified) (timeout: -1ms) EID 10 NSOCK (0.0000s) Read request for 0 bytes from IOD #2 (peer unspecified) EID 18 NSOCK (36.3590s) Callback: READ SUCCESS for EID 10 [(null):65535] (4 bytes) dir NSOCK (36.3590s) Read request for 0 bytes from IOD #1 [(null):65535] EID 26 NSOCK (49.9370s) Callback: READ SUCCESS for EID 26 [(null):65535] (11 bytes) systeminfo NSOCK (49.9370s) Read request for 0 bytes from IOD #1 [(null):65535] EID 34 === On the external system ====================================== s15218815:~# ncat -v -l 443 Ncat: Version 5.35DC1 ( http://nmap.org/ncat ) Ncat: Listening on 0.0.0.0:443 Ncat: Connection from 186.23.100.10:39925. dir systeminfo ================================================================= The commands written on the external system appear in the terminal but the "cmd.exe" has not been executed by ncat before so they just interchange the characters. I first thought - well - perhaps this feature is not meant to be used on a client which connects over a proxy server. Without the proxy server between the systems this works like a charm. I thought that the CONNECT request has to be initialized by the internal system and therefore there cannot be a command transmitter outside that sends the commands inwards. Although the characters appear inside while writing on the outside system. Am I right, or is this a bug?You are correct, this is a bug. I added a test for it and made a TODO to fix it.
It's fixed in r21755. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: NCat Proxy Support - Proxy-Authenticate David Fifield (Jan 13)