Re: Ncat with ssl using 100% cpu

[David Fifield <david () bamsoftware com>]

On Tue, May 19, 2009 at 04:30:32PM -0300, el draco wrote:
> Hi everyone, i was testing ncat a little bit and found that under
> certain conditions it uses all of my cpu.
>
> I'm using:
> Kubuntu 8.10
> Kernel 2.6.27-14-generic SMP
> openssl 0.9.8g-10
> libssl0.9.8
> libssl-dev 0.9.8g-10
> Nmap 4.85BETA9, svn rev. 13330
>
> Test case 1:
>
> a) ncat -l 8000 --ssl
> b) ncat localhost 8000 --ssl
>
> So far so good, and now we type anything on the CLIENT like 'test'
>
> Now ncat client is using 100% of cpu.
>
> Note that it is still working fine, and you have to type in the
> client-side and not in the server-side
>
> When using strace with the client it keeps printing this forever:
> select(4, [0 3], [3], [], NULL)         = 1 (out [3])
> select(4, [0 3], [3], [], NULL)         = 1 (out [3])
> select(4, [0 3], [3], [], NULL)         = 1 (out [3])
> select(4, [0 3], [3], [], NULL)         = 1 (out [3])
>
> On a side note, if you type on the server-side, everything works just fine.
>
>
> Test case 2:
> a) ncat -l 8000 --ssl --broker --chat
> b) ncat localhost 8000 --ssl
>
> Now we have two issues. The first is the same as test case 1, if you
> type anything on client-side, cpu reaches 100%
>
> The second one is that if you now type something on server-side, while
> your cpu is at 100%, .. client-side stop using 100% cpu!!
> You can repeat this from here again. Typing in the client sets cpu to
> 100%, typing in the server stop this.

Thanks. I can reproduce this. There used to be a similar problem for
non-SSL connections, but it was fixed in Ncat. From some investigation,
it appears that this problem is inside Nsock. Somehow select is always
returning true in some situations.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org