Nmap Development mailing list archives

Re: GSOC 2012

From: David Fifield <david () bamsoftware com>
Date: Thu, 29 Mar 2012 09:59:13 -0700

On Thu, Mar 29, 2012 at 05:17:03PM +0530, SAI LAKSHMI Bhavana wrote:

Hello Sir,

Thank you very much for your valuable suggestions.

I am thinking of having a design like this

nmap -sT <target> --proxy socks4a://proxy1:9100/ --proxy
http://proxy2:8080/ --proxy socks5://proxy3:3128/

Make a nsockpool with several events such as
1)a connect event which is used to connect to proxy1.
2)a write event which sends the CONNECT request          "connect
http://proxy2:8080 HTTP/1.0"     through handle_write_result;
3)a read event to verify the success(from iobuf) of the request.
the steps 2 ,3 will be repeated until a Connect request is sent to the
<target> and verified.


You are getting the right idea. Let me ask you some questions to help
clarify your thinking. Suppose you have some pseudocode like this:
        struct proxy proxy1 = { PROXY_SOCKS4A, "proxy1", 9100 };
        struct proxy proxy2 = { PROXY_HTTP, "proxy2", 8080 };
        struct proxy proxy3 = { PROXY_SOCKS5, "proxy3", 3128 };
        nsock_add_proxy(nsp, &proxy1);
        nsock_add_proxy(nsp, &proxy2);
        nsock_add_proxy(nsp, &proxy3);
        nsock_connect_tcp(nsp, handle_connect, "target", 80);
You need to think about it in terms of events and callbacks. So for
example, I think that the final function call above will call
nsock_connect_tcp_primitive(nsp, handle_socks4a_proxy_connect, "proxy1", 9100).
The handle_socks4a_proxy_connect callback function will send the SOCKS
proxy request for proxy2:8080, and register its own callback to read the
response. The read callback will then (assuming the proxy request
succeeds) send the next HTTP request, and so on.

What new event types do you think will be necessary (if any)? What
internal callback functions do you think will be necessary? It may help
to walk through the example I gave you, knowing that you have to make it
work as several function calls that you don't control directly, not just
a simple blocking while loop.

How will you remember your position in the proxy list between function
calls? I suspect we will need to add a new member to nsock_iod. Is there
any other new state you think will be needed?

(P.S. Your step (2) above should send a SOCKS request to proxy1, not an
HTTP request.)

the request to be sent for a particular proxy HTTP or SOCKS can be
known from two methods that can  be included  namely
req_http_proxy(url), req_socks_proxy(url)


I don't understand what these functions do. What do they return, a
string containing the request text? In what other functions will these
functions be called?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

GSoC 2012 Zisis Sialveras (Feb 09)
- Re: GSoC 2012 David Fifield (Mar 17)
- <Possible follow-ups>
- GSOC 2012 SAI LAKSHMI Bhavana (Mar 20)
  - Re: GSOC 2012 David Fifield (Mar 20)
    - Re: GSOC 2012 SAI LAKSHMI Bhavana (Mar 22)
    - Re: GSOC 2012 David Fifield (Mar 22)
    - Re: GSOC 2012 SAI LAKSHMI Bhavana (Mar 29)
    - Re: GSOC 2012 David Fifield (Mar 29)