Nmap Development mailing list archives
Re: --exec and --sh-exec now supported in Windows Ncat
From: jah <jah () zadkiel plus com>
Date: Fri, 13 Mar 2009 05:10:27 +0000
On 13/03/2009 00:44, David Fifield wrote:
Thanks for giving it a try. Here I think the output is correct, though it looks peculiar. The READ SUCCESS refers to everything up to "...\Desktop>" with no following newline. Right after the successful read another read request is scheduled, so it unfortunately ends up on the same line. The excessive verbosity is a separate issue that Fyodor has already mentioned.
Yeah, thought so.
It would be good to have a few Windows examples for the Ncat guide, to make it less Unix-centric. How many of the simple diagnostic services from http://nmap.org/ncat/guide/ncat-simple-services.html can you emulate?
discard: For tcp, exactly the same as the guide says except redirection is to "nul" ncat -l 9 --recv-only > nul I haven't tried udp (see daytime where I did try) I haven't come-up with anything for echo and nothing I've tried seems to work. Anyone? daytime: ncat -l 13 --send-only --exec "cmd.exe /C echo %date%,%time%" nmap -sT -p13 127.0.0.1 --script daytime Interesting ports on localhost (127.0.0.1): PORT STATE SERVICE 13/tcp open daytime |_ daytime: 13/03/2009, 4:36:10.35 for udp, I thought, something like this: FOR /L %G IN (1,0,1) DO ncat -l 13 --udp --send-only --exec "cmd.exe /C echo %date%,%time%" which does an infinite loop and although a udp connection get's the date string in response it gets an ICMP port unreach right after it and if I run daytime.nse with an -sU scan, the script only sees a port unreach because the next loop is too slow to get there first. I can give the daytime script a really big payload "dummydummydummydummydummy..." and that slows things down enough to get a response: PORT STATE SERVICE 13/udp open unknown |_ daytime: 13/03/2009, 4:41:27.76 That's as far as I've got and that's quite enough of the windows commandline for one day. The windows commandline is exactly the reason I have cygwin installed! I'll have another go tomorrow. jah _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- --exec and --sh-exec now supported in Windows Ncat David Fifield (Mar 12)
- Re: --exec and --sh-exec now supported in Windows Ncat jah (Mar 12)
- Re: --exec and --sh-exec now supported in Windows Ncat David Fifield (Mar 12)
- Re: --exec and --sh-exec now supported in Windows Ncat jah (Mar 12)
- Re: --exec and --sh-exec now supported in Windows Ncat David Fifield (Mar 12)
- Re: --exec and --sh-exec now supported in Windows Ncat jah (Mar 12)