Nmap Development mailing list archives
Re: [ncrack] bug in cmdline parsing + patch
From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Mon, 10 Aug 2009 19:19:54 +0300
Vlatko Kosturjak wrote:
Hello and greetings from Croatia! In short, ncrack doesn't recognize full paths for user/password lists. This works: ncrack -U user.txt -P pass.txt ssh://127.0.0.1 This doesn't work (and gives ugly/nonunderstandable error message): ncrack -U /tmp/user.txt -P /tmp/pass.txt ssh://127.0.0.1 Failed to open input file for reading! QUITTING! In attachment you can find small patch to fix this issue (against latest SVN version on /nmap-exp/ithilgore/ncrack). Kost
Hello Vlatko and thanks for the bug report!
Feedback is always greatly appreciated.
However, the problem was a bit more complex:
Ncrack would try to fetch the default files regardless of whether the -U or -P
options would be specified. You could see that this is the case if you passed a
the debug flag -d where you can see which file is fetched each time.
I have made some changes and you can now try and download the latest svn
version with the fixes. Also it is better to try installing Ncrack, since
behaviour slightly changes as far as files being fetched are concerned. Just type:
# make install
after compilation finishes
The patch needed was this:
Modified: nmap-exp/ithilgore/ncrack/ncrack.cc
==============================================================================
--- nmap-exp/ithilgore/ncrack/ncrack.cc (original)
+++ nmap-exp/ithilgore/ncrack/ncrack.cc Mon Aug 10 09:05:36 2009
@@ -159,10 +159,10 @@
static void lookup_init(const char *const filename);
static int file_readable(const char *pathname);
static int ncrack_fetchfile(char *filename_returned, int bufferlen,
- const char *file);
+ const char *file, int useroption = 0);
static char *grab_next_host_spec(FILE *inputfd, int argc, char **argv);
static void startTimeOutClocks(ServiceGroup *SG);
-void sigdie(int signo);
+static void sigdie(int signo);
static void
@@ -333,9 +333,13 @@
return status;
}
-
+/*
+ * useroption should be 1 if either -U or -P has been specified.
+ * by default it is 0
+ */
int
-ncrack_fetchfile(char *filename_returned, int bufferlen, const char *file) {
+ncrack_fetchfile(char *filename_returned, int bufferlen, const char *file,
+ int useroption) {
char *dirptr;
int res;
int foundsomething = 0;
@@ -343,6 +347,15 @@
static int warningcount = 0;
char dot_buffer[512];
+ /* -U or -P has been specified */
+ if (useroption) {
+ res = Snprintf(filename_returned, bufferlen, "%s", file);
+ if (res > 0 && res < bufferlen) {
+ foundsomething = file_readable(filename_returned);
+ }
+ }
+
+
/* First, check the map of requested data file names. If there's an entry for
file, use it and return.
Otherwise, we try [--datadir]/file, then $NCRACKDIR/file
@@ -355,7 +368,7 @@
--datadir -> $NCRACKDIR -> nmap.exe directory -> NCRACKDATADIR -> .
*/
- if (o.datadir) {
+ if (o.datadir && !foundsomething) {
res = Snprintf(filename_returned, bufferlen, "%s/%s", o.datadir, file);
if (res > 0 && res < bufferlen) {
foundsomething = file_readable(filename_returned);
@@ -452,7 +465,7 @@
}
if (!foundsomething) {
- filename_returned[0] = '\0';
+ Snprintf(filename_returned, bufferlen, "%s", file);
}
if (foundsomething && o.debugging > 1)
@@ -463,7 +476,7 @@
}
-void
+static void
sigdie(int signo) {
int abt = 0;
@@ -801,12 +814,12 @@
break;
case 'U':
ncrack_fetchfile(username_file, sizeof(username_file),
- optarg);
+ optarg, 1);
load_login_file(username_file, USER);
break;
case 'P':
ncrack_fetchfile(password_file, sizeof(password_file),
- optarg);
+ optarg, 1);
load_login_file(password_file, PASS);
break;
case 'm':
Regards,
ithilgore
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Current thread:
- [ncrack] bug in cmdline parsing + patch Vlatko Kosturjak (Aug 10)
- Re: [ncrack] bug in cmdline parsing + patch ithilgore (Aug 10)