Nmap Development mailing list archives
Re: Ncat proposal: NCAT_TARGET environment variable
From: David Fifield <david () bamsoftware com>
Date: Sat, 10 Aug 2013 15:47:26 -0700
On Wed, Aug 07, 2013 at 08:36:06PM +0200, Jacek Wielemborek wrote:
While writing the ws.py demo for d33tah/ncat-env-ncatins branch, I noticed I could use an environment variable that instead of holding the IP address of the remote host would hold the hostname from the command line. That would allow scripts that communicate with HTTP to form a valid "Host: " header. What do you think about such an addition? Would anybody else find any use for it?
My initial reaction to this is to say "no," because what I think what you are trying to achieve can be better done through a different abstraction. I would rather see something like this: websocket_abstraction = { connect = function(sock, host, port, secure) sock:connect(host, port) ... sock:write("Host: " .. host .. "\r\n") end, write = function(...) ... end, ... } That is, a WebSocket (or other application layer) implementation should not try to "take over the world" of Ncat's execution. Rather, it should be a layer of Lua code called by existing Ncat C code. In particular, I think that WebSocket is badly suited for an exec-like implementation, and that it is a mistake to add features only to try to coax exec into supporting WebSocket. David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Ncat proposal: NCAT_TARGET environment variable Jacek Wielemborek (Aug 07)
- Re: Ncat proposal: NCAT_TARGET environment variable David Fifield (Aug 10)
- Re: Ncat proposal: NCAT_TARGET environment variable Jacek Wielemborek (Aug 12)
- Re: Ncat proposal: NCAT_TARGET environment variable David Fifield (Aug 10)