Nmap Development mailing list archives
Jacek's status report - #2 of 16
From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Mon, 17 Jun 2013 23:32:54 +0200
Hi guys, Below is my report for the week 2/16 of „Bringing Lua to Ncat” GSoC project: Accomplishments: * Done a lot of experimenting with git-svn. It took me three or four days of pulling the whole SVN tree (due to some errors and mistakes – for example, my Debian box segfaulted while trying to pull the SVN repository– of course, while I was sleeping) with git-svn before I found out it's better to just clone my nmap-exp branch. * Talked with Patrick and bonsaiviking about my project – discussed, among other things, NSE compability and potential issues that might arise. The log is available here: http://seclists.org/nmap-dev/2013/q2/440 ; also asked David for the „Ncat magic” Patrick mentioned and got a bit of code from him. * Sparked up a discussion on dev () nmap org about my project. I really needed feedback and thanks to David I have a pretty good vision of how exactly I am (or actually was) going to start my coding. * Read whole Ncat's code and its user guide. I thought it'd give me the best overview of what Ncat can or can't do. It took me a few hours, but I'm pretty sure it'll pay off later on. I'll probably also look at Lua/NBase/NSock code as well since I'll need some work to do while taking the bus to my university (still got a bit of paperwork to do there). * Created a SecWiki page about Ncat-Lua. Gathered all the use cases from the mailing list there. That took me a while, because apparently I stumbled upon a bug in MediaWiki that held my registration. * Wrote an initial implementation of --lua-exec according to David's idea. Though I admit it's very little code, it actually took me about three hours of coding. As an example of problems I encountered, I had to figure out that luaopen_base() isn't enough to run my demo script that silently crashed because it lacked the IO library (I could probably use some better debugging facilities). Priorities: * Develop a working telnet negotiation demo. I believe it will be an interesting challenge for the current --lua-exec implementation and I can't wait to start writing the Websocket script! * Fix the bug that leaves the child processes of Lua in the background even after the client disconnects. During the testing it already ate up 100% of my CPU time a few times (which I noticed because my CPU temperature went up by 20 Celcius degrees). * Keep discussing Ncat-Lua design and features. The current idea is quite limiting (no way to share state between client connections, decide on whether to accept connections or not or make additional connections in the runtime) and it is yet to be decided whether it'll be better if I add new functions on top of the current code or create another prototype. * Write some tests perhaps? I have a few ideas for automated test scenarios that would demonstrate how the current implementation works (or doesn't). * Add Windows code? Although I definitely don't feel too happy about it, I'm also convinced it's necessary to port the Lua functionality sooner or later. My first attempts at cross-compiling Ncat with MinGW failed, will probably need to work with Henri in order to figure out how to build Nsock this way. Hopefully Wine will be enough to test the builds. ...Of course some of (or all) the priorities could change if a better design appeared. Feel free to comment them. Yours, Jacek Wielemborek _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Jacek's status report - #2 of 16 Jacek Wielemborek (Jun 17)
- Re: Jacek's status report - #2 of 16 David Fifield (Jun 17)
- Re: Jacek's status report - #2 of 16 Jacek Wielemborek (Jun 17)
- Re: Jacek's status report - #2 of 16 David Fifield (Jun 17)
- Re: Jacek's status report - #2 of 16 Jacek Wielemborek (Jun 17)
- Re: Jacek's status report - #2 of 16 David Fifield (Jun 17)