Nmap Development mailing list archives
Call for testing: "ncatins" Ncat feature
From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Wed, 7 Aug 2013 18:19:20 +0200
Hi, I'm happy to announce that the new feature I was working on, codenamed "ncatins", is ready for (hopefully final) testing. In this e-mail I'll explain what it actually is and how does it work and then give some pointers on how to try it out. First of all, a bit of a background. I'm the developer behind Ncat's --lua-exec feature, recently released in Nmap 6.40 package. Although the --lua-exec scripts can do really powerful things (in lua-exec-examples I'm working on a small HTTP server as a nice demonstration), it has its shortcomings. One of them is that it is currently impossible to write any filter scripts that would, for example, implement Websocket protocol. The reason for this is that although you can read and write to the socket (and even output messages using standard error stream), there's no way to read Ncat's standard input. That's when ncatins come in. The idea behind them is to allow the user (or rather - the program ran using --exec, --sh-exec or --lua-exec) to open Ncat's standard input/output and read/write to it as you would to any other file. In order to do that, Ncat exports a new pair of environment variables - depending on the system, you'd get NCAT_INPUT_FD and NCAT_OUTPUT_FD on Linux, or NCAT_INPUT_PIPE and NCAT_OUTPUT_PIPE on Windows. On Linux, the values of the variables point to numbers of file descriptors ready for opening in order to read/write to Ncat's standard streams - just call fdopen() and you're set. On Windows, due to its limitations, there's a bit more dancing involved - you need to connect to the named pipe, with the filename from the environment variable. For Lua, I made it much simpler to access ncatin/ncatout (as I call Ncat's stdin/stdout equivalents) - they are already opened and ready for reading/writing, waiting for you in the "io" module. This works the same way on both Windows and POSIX systems. To try the feature out, pull the code from d33tah/ncat-env-ncatins branch and build it. On Unix systems, here are the commands you need to run: svn co https://svn.nmap.org/nmap-exp/d33tah/ncat-env-ncatins cd ncat-lua ./configure make Now, you can cd into the ncat directory and run the "hello-ncatout.lua" script to see if the code works: cd ncat ./ncat --listen --lua-exec scripts/hello-ncatout.lua # And, in another terminal... ./ncat localhost # (now type in some text in the first terminal and hit return) This works in connect mode too, of course. Since there's no io.select() (yet), the first filter demo, demonstrating Websocket, is written in Python. It's currently very hacky (not exactly RFC compliant) and does not work on Windows (and has echo.websocket.org hardcoded), though on Unix systems you can for example call the following command and type some stuff to see it repeated by echo.websocket.org: ./ncat --sh-exec "python scripts/ws.py" echo.websocket.org 80 As for the documentation, in r31690 I updated ncat.xml to include some data about the usage of new feature. It's likely I'll add more demo scripts - the ws.py is basically a ported ws.lua from ncat-lua-with branch and I will consider porting base64, rot13, telnet and IRC demos too. Have a look at scripts/hello-ncatout.lua code, too. I'd be really grateful for testing this feature and feedback on whether it works. Comments on the interface itself are welcome too. So, does it work for you? What do you think about it? Yours, Jacek Wielemborek _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Call for testing: "ncatins" Ncat feature Jacek Wielemborek (Aug 07)
- Re: Call for testing: "ncatins" Ncat feature David Fifield (Aug 15)