Nmap Development mailing list archives
Re: Jacek's status report - #2 of 16
From: David Fifield <david () bamsoftware com>
Date: Mon, 17 Jun 2013 17:19:17 -0700
On Tue, Jun 18, 2013 at 12:25:53AM +0200, Jacek Wielemborek wrote:
2013/6/18 David Fifield <david () bamsoftware com>:On Mon, Jun 17, 2013 at 11:32:54PM +0200, Jacek Wielemborek wrote:* Develop a working telnet negotiation demo. I believe it will be an interesting challenge for the current --lua-exec implementation and I can't wait to start writing the Websocket script!There might be some confusion here, because Telnet negotiation is not something that makes sense for --lua-exec. The -t option just causes Ncat to do things to automatically ignore certain byte patterns that Telnet servers emit. Think of --lua-exec this way: You are stuck on Windows and you don't even have a way to write shell scripts. But Ncat's built-in Lua interpreter lets you still write interesting little --sh-exec replacements.Have you looked at my initial implementation? I estimated the proof of concept to take more or less three days, it was more like three hours. I like the explanation you just gave for embedding Lua - it really is a pain to code on the bare Windows and I do believe that Ncat-Lua could help me there.
I saw the implementation at https://svn.nmap.org/nmap-exp/d33tah/ncat-lua, and it's looking good. The reason I estimate two weeks is because of what Fred Brooks said: "A Systems Product is a truly useful object but costs at least 9 times as much as a Program." (http://javatroopers.com/Mythical_Man_Month.html#Chapter_1) There's still a lot to be done before this feature is complete. At least: * man page documenatation * Windows portability * new tests in ncat-test.pl * nmap-dev call for testing
And for the telnet negotiation, I understood your point (or at least I think I do) a while after I wrote that e-mail. I still think that coding it as a -- lua-exec makes a bit of sense though - as an interesting (at least for me) proof of concept. I already wrote a tiny bit of code, though I didn't commit it because it's still quite messy (OTOH, it features some stderr debugging facilities along with a built-in hexdump!).
Okay. Please feel free to push that code in a new branch (seriously, branches are cheap) or in a personal public repo. I still think there must be some misunderstanding because the Telnet negotiation isn't something you just connect and "do": it's something that happens in-band while Ncat is otherwise doing its thing with stdin and stdout and the socket.
This is the supported way: http://nmap.org/book/inst-windows.html#inst-win-source Hopefully there won't be too much work to be portable. liblua is already nicely portable, and the hard parts of fork and exec replacements on Windows have already been figured out.Sigh, MSVC. I wonder how much work would be needed for MinGW to support it as well.
The short answer: too much work for it to be a priority at this point. Please do not take time trying to make it work with MinGW; rather just use the supported method. MinGW compatibility with a documented build process is a nice goal, but it's not what I want you to be doing now. David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Jacek's status report - #2 of 16 Jacek Wielemborek (Jun 17)
- Re: Jacek's status report - #2 of 16 David Fifield (Jun 17)
- Re: Jacek's status report - #2 of 16 Jacek Wielemborek (Jun 17)
- Re: Jacek's status report - #2 of 16 David Fifield (Jun 17)
- Re: Jacek's status report - #2 of 16 Jacek Wielemborek (Jun 17)
- Re: Jacek's status report - #2 of 16 David Fifield (Jun 17)