Re: Ncat: Update and Feature Request

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aaron Leininger wrote:
>  > So, while keeping in mind wanting to have an easy-to-maintain and non-bloated
> > Ncat, what other features would you like to see?  Do you see any improvements
> > that could/should be made on existing features?
>
> Here's my initial feedback and reactions..
> First off: I'm running on Debian 4.0 on i686 architecture...
>
>
> ./configure gave a warning about not finding ssl.h. I ran make and it compiled fine w/o ssl support. 

Did you run configure with --without-openssl ?  I've been having issues
building Ncat like this, but it's because of some error I'm getting out of my
standard headers rather than any obvious connection to OpenSSL, but this could
just be my system.

> * I had to manually copy the file to /usr/bin. 

I have not worried about the install system for Ncat yet as it will be shipped
along with Nmap.  However see below for more comments on this.

> * running ncat w/o any arguments reports that I need a host to connect to and it quits. I'd recommend adding 
> something like:
> run: ncat -h for usage

Good idea.

> *I wanted to try out the http proxy stuff but when I typed: man ncat, I got: No manual entry for ncat
> Yet ncat -h says to see the man page for more details. How do I access it? I checked google(search terms: ncat 
> manpage) and didn't see anything that looked like it. 

Did you run "make install" when you built Ncat?  That should install Ncat and
the man pages correctly, but right now I've only been focusing on making Ncat
function correctly and I'll worry about the install system when I merge it
with Nmap's.

> *I looked at the -h output and tried to guess the correct syntax for the http-proxy stuff. (name of proxy changed to 
> protect the innocent ;-p)
> I ran: ncat -v --proxy myproxy:8080 www.google.com 80 
> I figured that would attempt a connection to www.google.com on port 80 and let me pull down a get request using 
> myproxy port 8080 but I got:
> Ncat: Unable to connect to remote host: Connection refused.
> That is the same output I get if I do not specify a proxy. I sit behind one where I am testing so I can't get to 
> external websites w/o it. 
>
> Next I ran the same commands on an internal web-server. Below are the results:
> ncat myserver 80 
>   GET / HTTP/1.0
> <returned correct html content>
>
> ncat --http-proxy myproxy:8080 myserver 80
> I got the same output as w/o the proxy but I did not have to issue the GET command myself. It seemed to issue it 
> automatically and returned me the output as if I had issued the GET command from above. 
>
> I'm not sure why it didn't work when I tried it on an external site such as google. 

Maybe you need authentication to connect outside?  You can use --proxy-auth
for this.  From the man page residing in docs/man/ncat.1, the syntax for proxy
auth is "<username>:<password>"

Or maybe the proxy support is broken somehow?  I'll be looking into the
proxies shortly.

> I hope some of this is useful to you. 

It is, thank you.

> * Next, I went and found that nmap 4.68 ships w/ ssl.h so I told the ./configure to use nmap's include folder for 
> that file. ncat configured successfully but then would not make. Below is the end of the make output:
> ...
> /usr/bin/ld: cannot find -lssl
> collect2: ld returned 1 exit status
> make: *** [ncat] Error 1

Are you referring to mswin32/OpenSSL ?  That contains OpenSSL headers and
libraries for Windows only, not for any other OS.

> Am I missing a package? Can you see anything else I can correct to get ssl support working? Let me know if you need 
> the configure or make output in full, I can attach them. 

It looks like you're missing the package. On my Ubuntu box I have libssl-dev
installed; do you have it (or a *very* close relative) on your Debian box?

> Anyway, I hope some of this proves useful. Thanks for all your work! 
> Aaron

Thanks a lot,
Kris Katterjohn


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSIVDgP9K37xXYl36AQJbNhAAiQ/NyH8SUaMPfw2nZ9zzETrsxFi6KqdQ
jszuo+ydJYlbVB/5xrZbvrO/KicG+XGu1/inT0LSj0rDvU/XnOVYm2JJ94gO+HPF
f1+8Z82mNlO9bPXi0A9UYV4LX005/O6ofENJ0nX1k1nNC9meKqXEPTQ07i1Z69qc
jxmlNFt3FsAqhNEIEXwgLSOqGTfcarF3x/0/RlW0+oEygLoQSchUurdOntECBjTR
cOox+hvmuro7eey0ykDg66A26aW6TaKNy+L1cHiQ3OKLZocvS17NeAd0NpC6If4b
0wAT4qScQlz+ObRX6ynMOZr3IliiNpy2cfwxDgtgTH1MX0guTrkSTKVcdD4Ad1lL
XXNRuvxuMeqsBKjzeaDqUVnb6lzoKRVAn0bXKgcyc3bBVHKIASFSlnLJqDUtuJ/i
g7BoA1tj1s35cD6mDmOFoPkcTkqQB3nYbU+eam5xBf0QBa2Bh60+gXIlJaEVciNx
0ACDWvcpn3oG+niMcAgaZrNCUEZMu1Cl6eWhvYeR8AmDNJqbBHNfhS4E6p8Z152r
Ql4fT6Kq5ZLnECA8vHKEmp3sdWl2guRfH7TAq/FfeX2tXiMbH8Q04F5TSrH0MD2C
NtTk8wfvtUc1O9dBtduW6juZTxeahtWlBkfQf23pfZaZgltVP+ZRt3v8j2jngUid
6/UG3h4gZ6I=
=sVxW
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org