Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

A trivial suggestion regarding to help message

From: Naitree Zhu <naitreey () gmail com>
Date: Sat, 25 Mar 2017 15:17:52 +0800
Hello everyone,

I think there is a slight ambiguity in ncat help message about subprocess
execution, specially,
the line about executing commands via `/bin/sh` in the output of ``nc
--help``::

  -c, --sh-exec <command>    Executes the given command via /bin/sh

might be changed slightly to be more precise::

  -c, --sh-exec <command>    Executes the given command via '/bin/sh -c'

The following is my thought on the change.

At first, I was thinking `<command>` should be the path to a shell script
file which needs
not have its executable bit set. But

  nc --sh-exec /tmp/test.sh -l localhost 9999

gives me

  sh: /tmp/test.sh: Permission denied

Then I dived into source of ncat, finding that at line 242 of file
`ncat/ncat_posix.c`,
the actual command executed is::

  execl("/bin/sh", "sh", "-c", cmdexec, (void *) NULL);

So actually `<command>` can be a string of any valid shell script input,
which provides
much more flexibility.


-- 
Naitree Zhu

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: