Nmap Development mailing list archives
Re: Sergey. [Status Report 02/17]
From: Henri Doreau <henri.doreau () gmail com>
Date: Wed, 11 May 2016 14:28:20 +0200
2016-05-10 21:35 GMT+02:00 Sergey Khegay <g.sergeykhegay () gmail com>:
[Report 02/17] Hello Nmap Community, Accomplishments: - Read and (hopefully) understood how Lua C API works. Studied related code in the NSE implementation. - Conducted minor performance testing and enhanced the testing script. - Came up with two probable approaches of how to change the brute.lua for the best. From my correspondence with Fotis: > I did learn more about internals of the brute library. So far I have two ideas > in my mind. As I said before, right now two restrictions are: > - there is no any kind of feedback for RST messages, protocol specific messages > - the number of threads running is always constant, 10. Can be altered by the > script argument, but any way constant during the runtime. > > So my ideas: > - Transform brute so that it worked internally like Ncrack. > For this approach I think I will have to implement Lua binding to > Nsock. For example for nsock_write, nsock_read methods. > > The bad thing about this approach is that I will have to rewrite all > *-brute scripts. > > - Use error codes as mediators. The script will send specific error messages to the > library upon which the latter will make controlling decisions (increase/decrease > the number of threads running, delays, etc.) Goals: o: This time conduct comprehensive performance testing. o: Code the implementation of the second idea (error codes) at least for ftp-brute and see how it goes. o: Submit further reports on time, since now the official schedule is set up. Best regards, Sergey.
Hello Sergey, I have a few questions about your project; although I understand that you're still in the early phase. - Can you clarify what you mean by: "transform brute so that it works internally like Ncrack"? What do you want to change and why? (I am not familiar at all with ncrack's internals) - What kind of bindings over nsock IO methods are needed that differ from the existing ones? Regards -- Henri _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Sergey. [Status Report 02/17] Sergey Khegay (May 10)
- Re: Sergey. [Status Report 02/17] Henri Doreau (May 11)
- Message not available
- Fwd: Sergey. [Status Report 02/17] Sergey Khegay (May 12)
- Message not available
- Re: Sergey. [Status Report 02/17] Henri Doreau (May 11)