Re: ncat: Listen Plus Exec Equals Keep-Open

[David Fifield <david () bamsoftware com>]

On Fri, Feb 26, 2010 at 09:20:53AM -0800, David Millis wrote:
> > Do you have a reason to prefer the one-connection mode?
> Message passing between local and remote scripts.
>
>  - One box triggers another box to start a script and both run in parallel.
>  - Some lines later, remote sets up a one-time listen to pipe into a process.
>  - Local sets up a one-time connect from a process of its own.
>
> Currently the listener hangs, since it won't die until killed.
> The connector has --send-only, so that script can continue.
>
> Technically, the remote side could "start /b ncat ..." to fork it off,
> wait for a sign it got the message, then taskkill ncat... but that's
> messy, fragile, and brings in cmd's retarded nested quote handling.

Okay, I can see your point. Changing the behavior is easy technically:
just change netrun to netexec in ncat_listen.c. It's would break
backwards compatibility with option syntax, though.

We had a similar situation with normal listen mode. The -k option was
added fairly recently. Before that, the default was to keep listening
always.

http://seclists.org/nmap-dev/2009/q2/620

Does anyone have thoughts on making a one-connection mode the default
for --exec, and using -k --exec for the current inetd-like behavior?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/