Nmap Development mailing list archives
Evangelos Deirmentzoglou - GSoC status report #5 of 17
From: Evangelos Deirme <edeirme () gmail com>
Date: Mon, 12 Jun 2017 23:28:12 +0400
Hey everyone, This is my report for the 5th week of GSoC 2017. ---Status Report #5 of 17--- 12 June 2017 Accomplishments: - Enriched the ssh-brute.nse script with the setReduce attribute of brute.lua. When an ERROR or EOF message is detected, ssh-brute will reduce the number of the used threads. Due to the fact that those errors currently occur only in the “connect” phase of the script, a small modification was made to brute.lua. The reason for those changes was that brute.lua will respect the “setReduce” option only if it is set from the “login” phase of the NSE script. The changes of brute.lua which may be subject to change can be found at the following link: https://github.com/edeirme/nmap/commit/e634a91d1608d2e7a0d1e61556cc99312aad0951 - My research on the EOF/ERROR messages is done. The EOF message is present in the receive_callback function located in the nse_nsock.cc file. The value EOF or ERROR can be found in the nse.status element of that function. This function is used as a callback of the nscok_read() function of the same file. Those messages are a result of TCP connection cut loose by the server when it feels stressed. In both cases, a TCP handshake is achieved and immediately closed (FYN ACK, ACK). Once the TCP connection is closed, nmap sends an SSH packet which as it is expected receives an RST packet. Both of those messages (EOF, ERROR), when received in the “connect” phase of the brute, can safely be ignored. Priorities: - Compile nmap with ssh-brute in Windows - Push changes to main branch Thanks, Evangelos Deirmentzoglou
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Evangelos Deirmentzoglou - GSoC status report #5 of 17 Evangelos Deirme (Jun 12)