Nmap Development mailing list archives
Ncat: Update and Feature Request
From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 21 Jul 2008 14:33:54 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey everyone, I've taken over Ncat for this latter half of the summer. Ncat is a new and improved Netcat which will start off life being shipped along with Nmap, but may be packaged separately in the future. All the changes below are based off of Chris Gibson's great original Ncat work from GSoC 2005 and thereafter. His Ncat site is here[1], but the current location in SVN is here[2]. I've attached the output of 'ncat -h' so you can see all of the current options available. Mixter has done the following: * Committed Ncat in our SVN from original SF.net CVS * Build improvements (don't require automake, add -lpcap, etc) * Fixed SSL (--ssl) and IPv6 (-6) connect problems * Worked on VC++2008 port * Implemented -n/--no-dns * Some cleaning up I have done the following so far: * Implemented IPv6 listening (-6 -l) * Implemented SSL listening (--ssl -l) * Redesigned -l to behave like OpenBSD netcat rather than traditional netcat or previous Ncat. Now instead of specifying the port number with -l and the source address with -s, you just specify them like you do the host/port to connect to. Specifying the local address is still optional * Added -g/-G for IPv4 loose source routing (based on Nsock changes) * Made -s actually work for binding to a local address when doing a connect (based on Nsock changes) * Added -p for specifying the local port to bind to (based on Nsock changes) * Added -w for specifying a connect timeout, while keeping -t for "idle timeout". This differs from traditional netcat, but I like the distinction * Added IPv6 support to --broker * Added host access control to UDP listener and --broker * Options taking a time argument now allow time specifications like Nmap does (e.g. append "s" for seconds). * Completed VC++2008 port * Added -c, which is like -e but executes via /bin/sh * Created preliminary ncat.xml docbook man page from original ncat.1 * Lots of cleaning up and other minor improvements As you can see, we already have many features other Netcats are lacking! Unlike Nmap changes, which usually has discussions or a patch, this is the first time these changes are being mentioned here on nmap-dev. So for a full list of changes, and more information on some of the bigger ones, you can check out the SVN logs. I try to make good explanations in my commit logs, but sometimes I can't help being lazy :) There exist options for connecting through SOCKS4 and HTTP proxies, though I haven't been able to test these yet. Mixter tested the SOCKS proxy and confirmed it's working. There is also an option for creating and listening as a SOCKS4 server, but comments in the code say it's broken. For my SSL listening changes, I've added the options --ssl-cert and --ssl-key for specifying the certificate and private key to use. These are certainly subject to change with any ideas on improvements. So, while keeping in mind wanting to have an easy-to-maintain and non-bloated Ncat, what other features would you like to see? Do you see any improvements that could/should be made on existing features? Thanks!, Kris Katterjohn [1] http://nmap-ncat.sourceforge.net/ [2] svn://svn.insecure.org/ncat -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSITkn/9K37xXYl36AQKsdg/+M6y/W7/DicGwEP0NS5JZLCGnXI64okRm YHeFD7MwzokQDoWk1vsSWW27KCwyqPgNEfFXj1LfAYreLG1FZQLE7DlNkQcOJIqL t0ZbFsntZCx+dr5fvmmOONvZAL258WCk7BURdl9iDPj5pGrfF3UbDTiRpWk+iQu2 OOO98pzt3J4AR1CMs105Q6TUUVcRhKYZocZeuprlHcslsmazRZ4AdmiOMT8CauRY XxwoXbl4xT7iBZabPBGV/QCt+93lByvbzXGYzVV9f2ovSFvmhQuYAmyaWer2Eyp1 1/InKCpuVyKX/eISYDyMeWpn7zQHsW1zYQR4yEeuZR/gToc0Cyy4O78Hhrsztcdp 186NdUOhfYGQMjtKT9SjRBhI9B1Ia0s0bV/qUo6TMCv+hXqiahZBQvHVf7aAzNiN Dzi8/egfd5aVExm4/z9r2T2+oBsdZGEQROC2LKCqvNnUCq2WTPM5i0g4bYEgWHYI DjPH8FacKMw0PPy8rZHIMyf3L3d2UIV0lJp2aV9as7Wb2I7Daqn6yGQVVCdvOn3R tx5r4QIIvvh3s8K8xivp7r++lWD1E//0VoCtwLBLa9XLnNLwvHMpYIJ16FhxKW4/ RrAaOe/Srpl2U9I/pal2v24oa3k4LSXCIMivViD9Hq4jzSD5WMZ1GVTV6A1gxacU kVoSq7Jk0ac= =nD/9 -----END PGP SIGNATURE-----
Ncat V0.2 Usage: ncat [options] [hostname] [port] Options taking a time assume milliseconds, unless you append an 's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30s) -4 Use IPv4 only -6 Use IPv6 only -c, --sh-exec <command> Executes specified command via /bin/sh -e, --exec <command> Executes specified command -g hop1[,hop2,...] Loose source routing hop points (8 max) -G n Loose source routing hop pointer (4, 8, 12, ...) -m, --max-conns n Maximum n simultaneous connections -h, --help Display this help screen -d, --delay <time> Wait between read/writes -o, --output Dump a session as ASCII to a file -x, --hex-dump Dump a session as hex to a file -t, --idle-timeout <time> Idle read/write timeout -p, --source-port port Specify source port to use (doesn't affect -l) -s, --source addr Specify source address to use (doesn't affect -l) -l, --listen Bind and listen for incoming connections -n, --nodns Do not resolve hostnames via DNS -u, --udp Use UDP instead of default TCP -v, --verbose Set verbosity level (can be used up to 3 times) -w, --wait <time> Connect timeout --sendonly Only send data, ignoring received --recvonly Only receive data, never send anything --socks4-server Create a SOCKS4 server on --listen port --socks4-proxy Proxy through a SOCKS4 server --http-proxy HTTP/1.1 CONNECT method proxying --proxy-auth Authenticate with an HTTP proxy server --disable-eof-Exit Turn off 'Exit on EOF' --allow Allow specific hosts to connect to Ncat --allowfile A file of hosts allowed to connect to Ncat --deny Hosts to be denied from connecting to Ncat --denyfile A file of hosts denied from connecting to Ncat --broker Enable Ncat's Connection Brokering mode --talk Used with --broker to chat with other connected users --ssl Connect or listen with SSL --ssl-cert Specify SSL certificate file (PEM) for listening --ssl-key Specify SSL private key (PEM) for listening --version Display Ncat's version information and exit See the ncat(1) manpage for full options, descriptions and usage examples
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ncat: Update and Feature Request Kris Katterjohn (Jul 21)
- RE: Ncat: Update and Feature Request Aaron Leininger (Jul 21)
- Re: Ncat: Update and Feature Request Kris Katterjohn (Jul 21)
- RE: Ncat: Update and Feature Request Aaron Leininger (Jul 22)
- Re: Ncat: Update and Feature Request Kris Katterjohn (Jul 23)
- RE: Ncat: Update and Feature Request Aaron Leininger (Jul 24)
- Re: Ncat: Update and Feature Request Kris Katterjohn (Jul 24)
- RE: Ncat: Update and Feature Request Aaron Leininger (Jul 25)
- RE: Ncat: Update and Feature Request Aaron Leininger (Jul 29)
- Re: Ncat: Update and Feature Request eldraco (Jul 29)
- RE: Ncat: Update and Feature Request Aaron Leininger (Jul 29)
- Re: Ncat: Update and Feature Request Kris Katterjohn (Jul 21)
- RE: Ncat: Update and Feature Request Aaron Leininger (Jul 21)