Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Yang's Status Report - #17 of 17

From: 食肉大灰兔V5 <hsluoyz () gmail com>
Date: Mon, 24 Aug 2015 14:32:30 +0800
Hi list,

This is my second GSoC and it's a greater summer than 2013! I started
Npcap's development two years ago, studied WinPcap 4.1.3's code and got
one
of our goals in https://nmap.org/soc/#winpcap - porting WinPcap to NDIS
6
 finished, But this summer we got most of goals completed, beyond this,
the
long waited loopback support feature is also added, and Nmap has been
modified to use this loopback feature (see
http://seclists.org/nmap-dev/2015/q3/213). I view Npcap as a development
version of WinPcap but with more features and better performance. In
fact,
not only Nmap, but also Wireshark, NetScanTools, etc are very interested
in
Npcap and helped a lot for the testing work.

Npcap Accomplishments
 * Bug Fix: Fixed the bug that WSK code fails to init if it is run
 * without
Administrator right, the effect is Npcap loopback adapter can't be
opened.
https://github.com/nmap/npcap/commit/9f4f54864cbbec10dbf98b55ebf5c07e158c368e

 * Improvement: Npcap driver will return 65550 as "Maximum Packet Size"
instead of default 1514 for "Npcap Loopback Adapter", which refers to
Linux
implementation.
*https://github.com/nmap/npcap/commit/fbce4b15ac6448c80623a1d0eac219f15c81b061
<https://github.com/nmap/npcap/commit/fbce4b15ac6448c80623a1d0eac219f15c81b061>*

 * Improvement: Added "WinPcapCompatible" value in Npcap's registry key,
the assignment can be 1 or 0. this is used by Wireshark to detect
whether
Npcap is installed in "WinPcap API-compatible Mode".
https://github.com/nmap/npcap/commit/be6b1ef2010b127cf7256d9e248ad13569256484

 * New Feature: Added DLT_NULL option in Npcap installer, when Npcap is
installed with DLT_NULL option checked, the driver will capture and send
loopback packets using DLT_NULL protocol instead of Ethernet II.
*https://github.com/nmap/npcap/commit/7519b4d9ddfe74a0b3e3bb15d19483e1cfa45a47
<https://github.com/nmap/npcap/commit/7519b4d9ddfe74a0b3e3bb15d19483e1cfa45a47>*

 * Other trivial bug fix and improvements this week, can be seen here:
https://github.com/nmap/npcap/commits/master

Nmap for Npcap loopback feature Accomplishments
 * Improvement: Changed loopback interface's MTU to 65536 (refers to
Linux), and changed its MAC address to all zeros. "nmap --iflist"
command
won't show MAC address for loopback interface.
https://svn.nmap.org/nmap-exp/yang/nmap-npcap
Revision: 35156

 * Improvement: The loopback MTU (65536) will be set by Npcap, so no
 * need
to change it in user softwares like Nmap.
https://svn.nmap.org/nmap-exp/yang/nmap-npcap
Revision: 35172

Links
Npcap prebuilt installer: (latest version is 0.04-r6)
https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.04-r6.exe

Npcap source:
https://github.com/nmap/npcap

Nmap for Npcap loopback feature prebuilt binaries: (latest version is
r35172)
https://svn.nmap.org/nmap-exp/yang/nmap-npcap_compiled_binaries/r35172/

Nmap for Npcap loopback feature source:
https://svn.nmap.org/nmap-exp/yang/nmap-npcap/


Notice:
1) You need to try it under Win7 and later, and no need to change the
installation options, just click the "Next"s. Npcap installed in
"WinPcap
Compatible Mode" is exclusive with WinPcap, so you must uninstall
WinPcap
first (installer will prompt you this).
2) If you have installed WinPcap, better to reboot the PC after
uninstalling WinPcap and then install Npcap.


Priorities
 * Try to integrate the 802.1q VLAN feature that is provided by Nobori's
Win10Pcap.
 * Have a meeting with Fyodor.


Cheers,
Yang

--001a11c2613c28c5d2051e08c832
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div
style=3D"color:rgb(0,0,0);font-size:12.8000001907349p=
x">Hi list,</div><div
style=3D"color:rgb(0,0,0);font-size:12.8000001907349p=
x"><br></div><div
style=3D"color:rgb(0,0,0);font-size:12.8000001907349px">T=
his is my second GSoC and it&#39;s a greater summer than 2013! I started
Np=
cap&#39;s development two years ago, studied WinPcap 4.1.3&#39;s code
and g=
ot one of our goals in=C2=A0<a href=3D"https://nmap.org/soc/#winpcap";
style=
=3D"font-size:12.8000001907349px">https://nmap.org/soc/#winpcap</a>=C2=A0-=
=C2=A0<span style=3D"font-size:12.8000001907349px">porting WinPcap to
NDIS =
6</span><span
style=3D"font-size:12.8000001907349px">=C2=A0finished</span><=
span style=3D"font-size:12.8000001907349px">, But this summer we got
most o=
f goals completed, beyond this, the long waited loopback support feature
is=
 also added, and Nmap has been modified to use this loopback feature
(see=
=C2=A0</span><span style=3D"font-size:12.8000001907349px"><a
href=3D"http:/=
/seclists.org/nmap-dev/2015/q3/213">http://seclists.org/nmap-dev/2015/q3/21=
3</a>)</span><span style=3D"font-size:12.8000001907349px">. I view Npcap
as=
 a development version of WinPcap but with more features and better
perform=
ance. In fact, not only Nmap, but also Wireshark, NetScanTools, etc are
ver=
y interested in Npcap and helped a lot for the testing
work.</span></div><d=
iv style=3D""><br></div><div
style=3D"color:rgb(0,0,0);font-size:12.8000001=
907349px"><span style=3D"font-size:12.8000001907349px">Npcap
Accomplishment=
s</span></div><div
style=3D"color:rgb(0,0,0);font-size:12.8000001907349px">=
<span style=3D"font-size:12.8000001907349px">=C2=A0* Bug
Fix:</span><span s=
tyle=3D"font-size:12.8000001907349px">=C2=A0</span><span
style=3D"font-size=
:12.8000001907349px">Fixed the bug that WSK code fails to init if it is
run=
 without Admini</span><span
style=3D"font-size:12.8000001907349px">strator =
right, the effect is Npcap loopback adapter can&#39;t be
opened.</span></di=
v><div style=3D""><font color=3D"#000000"><span
style=3D"font-size:12.80000=
01907349px"><a
href=3D"https://github.com/nmap/npcap/commit/9f4f54864cbbec1=
0dbf98b55ebf5c07e158c368e">https://github.com/nmap/npcap/commit/9f4f54864cb=
bec10dbf98b55ebf5c07e158c368e</a></span></font><br></div><div
style=3D"colo=
r:rgb(0,0,0);font-size:12.8000001907349px"><font
color=3D"#000000"><br></fo=
nt></div><div
style=3D"color:rgb(0,0,0);font-size:12.8000001907349px"><font=
 color=3D"#000000">=C2=A0*=C2=A0</font><span
style=3D"font-size:12.80000019=
07349px">Improvement</span><font color=3D"#000000">:=C2=A0</font><span
styl=
e=3D"font-size:12.8000001907349px">Npcap driver will return 65550 as
&quot;=
Maximum Packet Size&quot; instead of de</span><span
style=3D"font-size:12.8=
000001907349px">fault 1514 for &quot;Npcap Loopback Adapter&quot;, which
re=
fers to Linux implementation.</span></div><div style=3D""><font><font
color=
=3D"#1155cc"><span style=3D"font-size:12.8000001907349px"><u><a
href=3D"htt=
ps://github.com/nmap/npcap/commit/fbce4b15ac6448c80623a1d0eac219f15c81b061"=

https://github.com/nmap/npcap/commit/fbce4b15ac6448c80623a1d0eac219f15c81b=

061</a></u></span></font><br></font></div><div
style=3D"color:rgb(0,0,0);fo=
nt-size:12.8000001907349px"><font
color=3D"#000000"><br></font></div><div s=
tyle=3D"color:rgb(0,0,0);font-size:12.8000001907349px"><font
color=3D"#0000=
00">=C2=A0* Improvement:=C2=A0</font><span
style=3D"font-size:12.8000001907=
349px">Added &quot;WinPcapCompatible&quot; value in Npcap&#39;s registry
ke=
y, the assignme</span><span style=3D"font-size:12.8000001907349px">nt
can b=
e 1 or 0. this is used by Wireshark to detect whether Npcap is installed
in=
 &quot;WinPcap API-compatible Mode&quot;.</span></div><span
style=3D"font-s=
ize:12.8000001907349px"><a
href=3D"https://github.com/nmap/npcap/commit/be6=
b1ef2010b127cf7256d9e248ad13569256484">https://github.com/nmap/npcap/commit=
/be6b1ef2010b127cf7256d9e248ad13569256484</a></span><br><div
style=3D"color=
:rgb(0,0,0);font-size:12.8000001907349px"><font
color=3D"#000000"><br></fon=
t></div><div
style=3D"color:rgb(0,0,0);font-size:12.8000001907349px"><font =
color=3D"#000000">=C2=A0* New Feature:=C2=A0</font><span
style=3D"font-size=
:12.8000001907349px">Added DLT_NULL option in Npcap installer, when
Npcap i=
s installed wit</span><span style=3D"font-size:12.8000001907349px">h
DLT_NU=
LL option checked, the driver will capture and send loopback packets
using =
DLT_NULL protocol instead of Ethernet II.</span></div><div
style=3D""><font=

<font color=3D"#1155cc"><span
style=3D"font-size:12.8000001907349px"><u><a=

 href=3D"https://github.com/nmap/npcap/commit/7519b4d9ddfe74a0b3e3bb15d1948=
3e1cfa45a47">https://github.com/nmap/npcap/commit/7519b4d9ddfe74a0b3e3bb15d=
19483e1cfa45a47</a></u></span></font><br></font></div><div
style=3D"color:r=
gb(0,0,0);font-size:12.8000001907349px"><br></div><div style=3D""><div
styl=
e=3D"color:rgb(0,0,0);font-size:12.8000001907349px">=C2=A0* Other
trivial b=
ug fix and improvements this week, can be seen here:</div><div
style=3D"col=
or:rgb(0,0,0);font-size:12.8000001907349px"><font
color=3D"#000000"><span s=
tyle=3D"font-size:12.8000001907349px"><a
href=3D"https://github.com/nmap/np=
cap/commits/master"
target=3D"_blank">https://github.com/nmap/npcap/commits=
/master</a></span></font></div><div
style=3D"color:rgb(0,0,0);font-size:12.=
8000001907349px"><font color=3D"#000000"><br></font></div><div
style=3D"col=
or:rgb(0,0,0);font-size:12.8000001907349px"><font color=3D"#000000">Nmap
fo=
r Npcap loopback feature Accomplishments</font></div><div
style=3D"color:rg=
b(0,0,0);font-size:12.8000001907349px">=C2=A0*=C2=A0<span
style=3D"font-siz=
e:12.8000001907349px">Improvement:=C2=A0</span><span
style=3D"font-size:12.=
8000001907349px">Changed loopback interface&#39;s MTU to 65536 (refers
to L=
inux), and changed its MAC address to all zeros. &quot;nmap
--iflist&quot; =
command won&#39;t show MAC address for loopback
interface.</span></div><div=
 style=3D""><div style=3D""><a
href=3D"https://svn.nmap.org/nmap-exp/yang/n=
map-npcap">https://svn.nmap.org/nmap-exp/yang/nmap-npcap</a><br></div><div
=
style=3D"">Revision: 35156</div><div style=3D""><br></div><div
style=3D""><=
font color=3D"#000000"><span
style=3D"font-size:12.8000001907349px">=C2=A0*=
 Improvement:=C2=A0The loopback MTU (65536) will be set by Npcap, so no
nee=
d to change it in user softwares like Nmap.</span></font></div><div
style=
=3D""><a
href=3D"https://svn.nmap.org/nmap-exp/yang/nmap-npcap";>https://svn=
.nmap.org/nmap-exp/yang/nmap-npcap</a><br></div><div
style=3D"">Revision: 3=
5172</div><div style=3D""><br></div></div></div><div
style=3D"color:rgb(0,0=
,0);font-size:12.8000001907349px">Links</div><div style=3D""><div
style=3D"=
color:rgb(0,0,0);font-size:12.8000001907349px"><div
style=3D"font-size:12.8=
000001907349px"><div style=3D"font-size:12.8000001907349px">Npcap
prebuilt =
installer: (latest version is 0.04-r6)</div><div
style=3D"font-size:12.8000=
001907349px"><a
href=3D"https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-=
nmap-0.04-r6.exe"
style=3D"font-size:12.8000001907349px">https://svn.nmap.o=
rg/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.04-r6.exe</a><br></div><div
style=
=3D"font-size:12.8000001907349px"><br></div><div
style=3D"font-size:12.8000=
001907349px">Npcap source:</div><div
style=3D"font-size:12.8000001907349px"=

<a href=3D"https://github.com/nmap/npcap";
target=3D"_blank">https://github=

.com/nmap/npcap</a></div></div></div><div style=3D""><font
color=3D"#000000=
"><br></font></div><div style=3D""><div
style=3D"color:rgb(0,0,0);font-size=
:12.8000001907349px"><div>Nmap for Npcap=C2=A0<span
style=3D"font-size:12.8=
000001907349px">loopback feature=C2=A0</span><span
style=3D"font-size:12.80=
00001907349px">prebuilt binaries: (latest version is
r35172)</span></div><d=
iv><a
href=3D"https://svn.nmap.org/nmap-exp/yang/nmap-npcap_compiled_binari=
es/r35172/">https://svn.nmap.org/nmap-exp/yang/nmap-npcap_compiled_binaries=
/r35172/</a><br></div><div><br></div><div>Nmap for Npcap=C2=A0<span
style=
=3D"font-size:12.8000001907349px">loopback feature=C2=A0</span><span
style=
=3D"font-size:12.8000001907349px">source:</span></div></div><div
style=3D"c=
olor:rgb(0,0,0);font-size:12.8000001907349px"><div><a
href=3D"https://svn.n=
map.org/nmap-exp/yang/nmap-npcap/"
target=3D"_blank">https://svn.nmap.org/n=
map-exp/yang/nmap-npcap/</a></div><div><br></div></div></div><div
style=3D"=
color:rgb(0,0,0);font-size:12.8000001907349px"><br></div><div
style=3D"colo=
r:rgb(0,0,0);font-size:12.8000001907349px">Notice:=C2=A0</div><div
style=3D=
"color:rgb(0,0,0);font-size:12.8000001907349px">1) You need to try it
under=
 Win7 and later, and no need to change the installation options, just
click=
 the &quot;Next&quot;s. Npcap installed in &quot;WinPcap Compatible
Mode&qu=
ot; is exclusive with WinPcap, so you must uninstall WinPcap first
(install=
er will prompt you this).</div><div
style=3D"color:rgb(0,0,0);font-size:12.=
8000001907349px">2) If you have installed WinPcap, better to=C2=A0<span
sty=
le=3D"font-size:12.8000001907349px">reboot the PC after uninstalling
WinPca=
p and then install Npcap.</span></div><div
style=3D"color:rgb(0,0,0);font-s=
ize:12.8000001907349px"><br></div><div
style=3D"color:rgb(0,0,0);font-size:=
12.8000001907349px"><br></div><div
style=3D"color:rgb(0,0,0);font-size:12.8=
000001907349px"><div
style=3D"font-size:12.8000001907349px">Priorities</div=

<div style=3D"font-size:12.8000001907349px"><div
style=3D"font-size:12.800=

0001907349px"><span
style=3D"font-size:12.8000001907349px">=C2=A0*</span><s=
pan style=3D"font-size:12.8000001907349px">=C2=A0Try to integrate the
802.1=
q VLAN feature that is provided by Nobori&#39;s
Win10Pcap.</span></div><div=
 style=3D"font-size:12.8000001907349px"><span
style=3D"font-size:12.8000001=
907349px">=C2=A0* Have a meeting with
Fyodor.</span></div></div></div><div =
style=3D"color:rgb(0,0,0);font-size:12.8000001907349px"><br></div><div
styl=
e=3D"color:rgb(0,0,0);font-size:12.8000001907349px"><br></div><div
style=3D=
"color:rgb(0,0,0);font-size:12.8000001907349px">Cheers,</div><div
style=3D"=
color:rgb(0,0,0);font-size:12.8000001907349px">Yang</div></div></div>

--001a11c2613c28c5d2051e08c832--

--===============0381087360512908490==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
--===============0381087360512908490==--
Previous By Date Next
Previous By Thread Next

Current thread: