Nmap Development mailing list archives
Re: bittorent-discovery update
From: Antonio de Curtis <decuant () gmail com>
Date: Sat, 6 Feb 2016 15:15:55 +0100
Hello, I would like to amend my previous release of bittorent.lua and update the github with this new release. But I'm no more able to create a pull request for this file... I closed the previous pull request. During these days I have found that the shipped (main branch) release of this file contains a number of errors, and I tried to fix these all, but I know little of the protocol and lua syntax and the github... + .torrent file has to be read binary otherwise it will load partially and the <parse_buffer> function will fail. it may be that the previous release was ok on Linux, but it's not the case on Windows (0x0a 0x0d) + function [bdec_string] had to be rewritten for accuracy handling binary data and for speed. + function [calc_info_hash] was poorly correct, now it is. in my tests 2 out of 1000 files fail and both were created by TorrentAid 1.0.0.0 + functions to query HTTP and UDP now are working as expected and there is better error handling. + function [load_trackers] is now correct and purges itselfs of duplicates + function [calc_torrent_size] is now correct + 2 counters for statistics <num_seeders> and <num_leeches> + 1 table of blacklisted trackers + function [load_blacklist] to load a blacklist table (just the address list in a file...) + function [assoc_blist] to associate a pre-loaded blacklist (Read Once Use Many) + function [trackers_peers] will not interrogate a blacklisted tracker + I have found an issue when correcting the HTTP protocol because file size value may not fit in 4 bytes and the function [nselib.tohex] uses the [string.format] which is not capable of handling -1 correctly. File size is thus casted to 0xefffffff. trackers do respond correctly when I use this casted size. + I have found on the internet a very powerful function to help myself debugging using the log and not a debugger, it's called [hex_dump], this is in the source file. + I learnt to control logging and I made use of the <nmap.verbosity>. - I use a nse script of mine to recurse a directory and test every .torrent file, but my code changes shall not break the current [bittorrent-discovery.nse] script. - I have done no testing on DHT because my script will not launch the discovery. I hope to have made clear the reasons for a such high number of code modifications. I will attach my own nse script just for you to have all the material I used. Kind regards Antonio de Curtis 2016-01-29 15:36 GMT+01:00 Antonio de Curtis <decuant () gmail com>:
Hello, I've attached to this email a newly reviewed version of the bittorent.lua file. There's a problem with the existing code (in SVN) that a binary file (the .torrent) is read as text, so a portion of it is not loaded and consequent hash key calculation proves wrong. On some .torrent files of mine the hash key is still wrong. I have left the keys (and optional title) in comments, so if anybody wants to double check why the code is failing just download the .torrent from the internet with the hash key I left. I'm not expert enough on controlling verbosity in my code. I put -v1 on the command line and still nselib.verbosity() gives me 3. Thanks for any reply -- *Antonio de Curtis*
-- *Antonio de Curtis*
Attachment:
bittorrent.lua
Description:
Attachment:
bittorrent-report.nse
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- bittorent-discovery update Antonio de Curtis (Jan 29)
- Re: bittorent-discovery update Antonio de Curtis (Feb 06)