Nmap Development mailing list archives
ncat - proxy behavior / dns lookup / bug?
From: Florian Roth <venom14 () gmail com>
Date: Thu, 14 Jun 2012 18:25:24 +0200
Hi all, Recently I carried out of an audit at a client's network in which I tried to connect trough the clients proxy server (HTTP, HTTPS) to another ncat instance running on a remote server. Workstations in the clients internal network cannot resolve host names located in the Internet. The internal DNS only resolves internal host names. I though - wow, cool, ok, it's safer that way. But than I noticed that ncat tries to resolve the DNS addresses given as parameters and fails. ncat --proxy proxy.company.net:8080 www.web.de 80 .. cannot resolve www.web.de ... Therefore I tried this ncat --nodns --proxy 10.1.1.250:8080 www.web.de 80 .. cannot resolve www.web.de ... I tried to connect to the IP but the proxy was configured to deny all requests made to IP addresses. My final impression is that this is a bug, because ncat should not try to resolve the host name to an IP address before sending the request to the proxy server. It should be the task of the proxy server to resolve the IP. What do you think? === NCAT request to the proxy server (already resolved) CONNECT 217.72.200.132:80 HTTP/1.0 === Browser request to the proxy CONNECT www.web.de:443 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0 Proxy-Connection: keep-alive Host: www.web.de -- Florian _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ncat - proxy behavior / dns lookup / bug? Florian Roth (Jun 14)
- Re: ncat - proxy behavior / dns lookup / bug? David Fifield (Jun 15)
- Re: ncat - proxy behavior / dns lookup / bug? Florian Roth (Jun 15)
- Re: ncat - proxy behavior / dns lookup / bug? David Fifield (Jun 15)