Nmap Development mailing list archives
Re: POC Payloader dat
From: David Fifield <david () bamsoftware com>
Date: Tue, 12 Jan 2010 10:43:29 -0700
On Tue, Jan 12, 2010 at 09:15:38AM -0500, Jay Fink wrote:
Just a quick update, the way I am working on this is to write the function(s) separately and just call them - once I *think* it is in a decent state I'll plug it in (probably inside the payload.cc file itself). That said I have managed to get as far as getting on complete string back from the file parser so far although admittedly I've only worked on it about 2 or 3 solid hours or so over the last 2 weeks, the prototype accepts the payload key word and returns the payload: $ ./payload dns \x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00 Note this is one contiguous string, webmail chops it: $ ./payload nbstat \x80\xF0\x00\x10\x00\x01\x00\x00\x00\x00\x00\x00\x20CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x00\x00\x21\x00\x01 $ ./payload amanda Amanda 2.6 REQ HANDLE 000-00000000 SEQ 0\nSERVICE noop\n It also handles inline comments gracefully. What I have left is: - the key matching uses strstr, it shouldn't do that for obvious reasons :) needs changed - assigning dports - assigning sports - making sure memory is dealt with gracefully/correctly
Looks great! I'm eager to see the finished product. Remember that we'll be looking up payloads not by name, but by protocol/port, so see if you can make your test program work like this: $ ./payload 53 udp \x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00 You're right, payload.cc is where all the parsing, etc. code should be eventually plugged in. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: POC Payloader dat Jay Fink (Jan 12)
- Re: POC Payloader dat David Fifield (Jan 12)
- Re: POC Payloader dat Jay Fink (Jan 12)
- Re: POC Payloader dat David Fifield (Jan 12)
- Re: POC Payloader dat Jay Fink (Jan 13)
- Re: POC Payloader dat David Fifield (Jan 13)
- Re: POC Payloader dat Jay Fink (Jan 15)
- Re: POC Payloader dat Jay Fink (Jan 12)
- Re: POC Payloader dat David Fifield (Jan 12)