Ncat: Update and Feature Request

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey everyone,

I've taken over Ncat for this latter half of the summer.  Ncat is a new and
improved Netcat which will start off life being shipped along with Nmap, but
may be packaged separately in the future.

All the changes below are based off of Chris Gibson's great original Ncat work
from GSoC 2005 and thereafter.  His Ncat site is here[1], but the current
location in SVN is here[2].

I've attached the output of 'ncat -h' so you can see all of the current
options available.

Mixter has done the following:

* Committed Ncat in our SVN from original SF.net CVS
* Build improvements (don't require automake, add -lpcap, etc)
* Fixed SSL (--ssl) and IPv6 (-6) connect problems
* Worked on VC++2008 port
* Implemented -n/--no-dns
* Some cleaning up

I have done the following so far:

* Implemented IPv6 listening (-6 -l)
* Implemented SSL listening (--ssl -l)
* Redesigned -l to behave like OpenBSD netcat rather than traditional netcat
or previous Ncat.  Now instead of specifying the port number with -l and the
source address with -s, you just specify them like you do the host/port to
connect to.  Specifying the local address is still optional
* Added -g/-G for IPv4 loose source routing (based on Nsock changes)
* Made -s actually work for binding to a local address when doing a connect
(based on Nsock changes)
* Added -p for specifying the local port to bind to (based on Nsock changes)
* Added -w for specifying a connect timeout, while keeping -t for "idle
timeout".  This differs from traditional netcat, but I like the distinction
* Added IPv6 support to --broker
* Added host access control to UDP listener and --broker
* Options taking a time argument now allow time specifications like Nmap does
(e.g. append "s" for seconds).
* Completed VC++2008 port
* Added -c, which is like -e but executes via /bin/sh
* Created preliminary ncat.xml docbook man page from original ncat.1
* Lots of cleaning up and other minor improvements

As you can see, we already have many features other Netcats are lacking!

Unlike Nmap changes, which usually has discussions or a patch, this is the
first time these changes are being mentioned here on nmap-dev.  So for a full
list of changes, and more information on some of the bigger ones, you can
check out the SVN logs.  I try to make good explanations in my commit logs,
but sometimes I can't help being lazy :)

There exist options for connecting through SOCKS4 and HTTP proxies, though I
haven't been able to test these yet.  Mixter tested the SOCKS proxy and
confirmed it's working.  There is also an option for creating and listening as
a SOCKS4 server, but comments in the code say it's broken.

For my SSL listening changes, I've added the options --ssl-cert and --ssl-key
for specifying the certificate and private key to use.  These are certainly
subject to change with any ideas on improvements.

So, while keeping in mind wanting to have an easy-to-maintain and non-bloated
Ncat, what other features would you like to see?  Do you see any improvements
that could/should be made on existing features?

Thanks!,
Kris Katterjohn

[1] http://nmap-ncat.sourceforge.net/
[2] svn://svn.insecure.org/ncat


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSITkn/9K37xXYl36AQKsdg/+M6y/W7/DicGwEP0NS5JZLCGnXI64okRm
YHeFD7MwzokQDoWk1vsSWW27KCwyqPgNEfFXj1LfAYreLG1FZQLE7DlNkQcOJIqL
t0ZbFsntZCx+dr5fvmmOONvZAL258WCk7BURdl9iDPj5pGrfF3UbDTiRpWk+iQu2
OOO98pzt3J4AR1CMs105Q6TUUVcRhKYZocZeuprlHcslsmazRZ4AdmiOMT8CauRY
XxwoXbl4xT7iBZabPBGV/QCt+93lByvbzXGYzVV9f2ovSFvmhQuYAmyaWer2Eyp1
1/InKCpuVyKX/eISYDyMeWpn7zQHsW1zYQR4yEeuZR/gToc0Cyy4O78Hhrsztcdp
186NdUOhfYGQMjtKT9SjRBhI9B1Ia0s0bV/qUo6TMCv+hXqiahZBQvHVf7aAzNiN
Dzi8/egfd5aVExm4/z9r2T2+oBsdZGEQROC2LKCqvNnUCq2WTPM5i0g4bYEgWHYI
DjPH8FacKMw0PPy8rZHIMyf3L3d2UIV0lJp2aV9as7Wb2I7Daqn6yGQVVCdvOn3R
tx5r4QIIvvh3s8K8xivp7r++lWD1E//0VoCtwLBLa9XLnNLwvHMpYIJ16FhxKW4/
RrAaOe/Srpl2U9I/pal2v24oa3k4LSXCIMivViD9Hq4jzSD5WMZ1GVTV6A1gxacU
kVoSq7Jk0ac=
=nD/9
-----END PGP SIGNATURE-----

Ncat V0.2 Usage: ncat [options] [hostname] [port]

Options taking a time assume milliseconds, unless you append an 's'
(seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30s)
  -4                         Use IPv4 only
  -6                         Use IPv6 only
  -c, --sh-exec <command>    Executes specified command via /bin/sh
  -e, --exec <command>       Executes specified command
  -g hop1[,hop2,...]         Loose source routing hop points (8 max)
  -G n                       Loose source routing hop pointer (4, 8, 12, ...)
  -m, --max-conns n          Maximum n simultaneous connections
  -h, --help                 Display this help screen
  -d, --delay <time>         Wait between read/writes
  -o, --output               Dump a session as ASCII to a file
  -x, --hex-dump             Dump a session as hex to a file
  -t, --idle-timeout <time>  Idle read/write timeout
  -p, --source-port port     Specify source port to use (doesn't affect -l)
  -s, --source addr          Specify source address to use (doesn't affect -l)
  -l, --listen               Bind and listen for incoming connections
  -n, --nodns                Do not resolve hostnames via DNS
  -u, --udp                  Use UDP instead of default TCP
  -v, --verbose              Set verbosity level (can be used up to 3 times)
  -w, --wait <time>          Connect timeout
      --sendonly             Only send data, ignoring received
      --recvonly             Only receive data, never send anything
      --socks4-server        Create a SOCKS4 server on --listen port
      --socks4-proxy         Proxy through a SOCKS4 server
      --http-proxy           HTTP/1.1 CONNECT method proxying
      --proxy-auth           Authenticate with an HTTP proxy server
      --disable-eof-Exit     Turn off 'Exit on EOF'
      --allow                Allow specific hosts to connect to Ncat
      --allowfile            A file of hosts allowed to connect to Ncat
      --deny                 Hosts to be denied from connecting to Ncat
      --denyfile             A file of hosts denied from connecting to Ncat
      --broker               Enable Ncat's Connection Brokering mode
      --talk                 Used with --broker to chat with other connected users
      --ssl                  Connect or listen with SSL
      --ssl-cert             Specify SSL certificate file (PEM) for listening
      --ssl-key              Specify SSL private key (PEM) for listening
      --version              Display Ncat's version information and exit

See the ncat(1) manpage for full options, descriptions and usage examples


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org