Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Nmap GSoC 2012 Success Report

From: Fyodor <fyodor () nmap org>
Date: Fri, 19 Oct 2012 16:04:04 -0700
Hi Folks.  I'm pleased to report that we have successfully completed our 8th
Google Summer of Code!  Four of our five students passed.  They wrote a lot of
great code, and almost all of it has been integrated in either the big Nmap
6.00 release, the 6.01 followup, or the current SVN trunk.  I'd like to give a
big shout out to Peter, Aleks, Hani, and Sean for doing such a wonderful job!
Let's look at their accomplishments individually:

*Piotr Olma* focused on improving our web scanning support. He made numerous
 improvements and fixes to our web spidering and HTTP pipelining system, and
 he also wrote or co-authored 7 scripts, including an HTTP form fuzzer, a
 sitemap generator, and brute forcers for POP3, IRC SASL, and HTTP digest
 authentication.

*Aleksandar Nikolic* was our NSE vulnerability and exploitation specialist.
 He dramatically improved the brute force authentication testing and
 username/password libraries.  He also wrote 19 scripts, including:

 o dns-nsec3-enum uses a clever "NSEC3 walking" technique to enumerate DNSSEC
   records. http://nmap.org/nsedoc/scripts/dns-nsec3-enum.html

 o samba-vuln-cve-2012-1182, smb-vuln-ms10-054, and smb-vuln-ms10-061 detect
   serious vulnerabilities in the Windows and Samba SMB stacks.

 o pcanywhere-brute, ftp-brute, and metasploit-msgrpc-brute perform brute
   force password auditing against these three popular protocols.

*Hani Benhabiles* spent the summer improving Nmap's network discovery NSE
 scripts. He replaced our aging (yet very important) SunRPC enumeration system
 with a faster and easier to maintain NSE-based RPC grinder.  He also wrote an
 incredible 22 scripts, including:

 o broadcast-eigrp-discovery, broadcast-igmp-discovery,
   broadcast-pim-discovery, and lltd-discovery use these protocols in clever
   ways to enumerate available hosts.

 o http-waf-fingerprint tries to detect and fingerprint web application
   firewalls protecting a website, while firewall-bypass tries to trick the
   Netfilter firewall framework into allowing a connection by exploiting its
   ftp helper module.

 o sip-methods, sip-enum-users, and sip-call-spoof allow for discovery and
   manipulation of VoIP services.

Thanks to Peter, Aleks, Hani, and dozens of other contributors, Nmap now
contains more than 430 NSE scripts.  Further information on all of them is
available on our documentation portal: http://nmap.org/nsedoc/

While the NSE team was writing amazing scripts, *Sean Rivera* was leading the
"Great Bug Hunt", helping to fix up, clean, and improve numerous parts of
Nmap.  For example, he fixed a "spurious closed port" bug that has been
annoying us for a while and he added protocol-specific payloads for IPv6
hop-by-hop (0x00), routing (0x2b), fragment (0x2c), and destination (0x3c)
headers.  Sean fixed some Nping bugs as well.

In addition to my shout out to the students, I'd like to thank my fellow
mentors David Fifield, Henri Doreau, and Patrick Donnelly for supporting these
efforts and always being there to help!

Finally, I'd like to thank Google for making all of this possible!  They have
spent tens of millions of dollars sponsoring thousands of students to work on
hundreds of open source projects.  Nmap by itself has mentored 59 SoC students
in the last 8 years and some continue as top Nmap developers to this day.  If
you enjoy Zenmap, the Nmap Scripting Engine, Ncat, Nping, or Ndiff, you're
using features developed in a large part by previous Summer of Code students!

Cheers,
Fyodor

PS: For those who are interested, here are our previous success (pass)
    rates and wrap-up reports:

2012 (4/5 - 80%): [this report]
2011 (7/7 - 100%!): http://seclists.org/nmap-dev/2012/q1/542
2010 (8/8 - 100%!): http://seclists.org/nmap-dev/2011/q1/708
2009 (6/6 - 100%!): http://seclists.org/nmap-dev/2009/q4/148
2008 (6/7 - 86%): http://bit.ly/googleblognmap
2007 (5/6 - 83%): http://seclists.org/nmap-dev/2007/q4/24
2006 (8/10 - 80%): http://seclists.org/nmap-dev/2007/q1/235
2005 (7/10 - 70%): http://slashdot.org/comments.pl?sid=183143&cid=15133184

Overall 51 or our 59 students (86%) passed.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: