Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sergey. [Status Report 02/17]

From: Henri Doreau <henri.doreau () gmail com>
Date: Wed, 11 May 2016 14:28:20 +0200
2016-05-10 21:35 GMT+02:00 Sergey Khegay <g.sergeykhegay () gmail com>:

[Report 02/17]
Hello Nmap Community,

Accomplishments:
- Read and (hopefully) understood how Lua C API works.
  Studied related code in the NSE implementation.
- Conducted minor performance testing and enhanced the testing script.
- Came up with two probable approaches of how to change the brute.lua for
the
  best. From my correspondence with Fotis:
  > I did learn more about internals of the brute library. So far I have two
ideas
  > in my mind. As I said before, right now two restrictions are:
  > - there is no any kind of feedback for RST messages, protocol specific
messages
  > - the number of threads running is always constant, 10. Can be altered
by the
  >  script argument, but any way constant during the runtime.
  >
  > So my ideas:
  > - Transform brute so that it worked internally like Ncrack.
  >  For this approach I think I will have to implement Lua binding to
  >  Nsock. For example for nsock_write, nsock_read methods.
  >
  >  The bad thing about this approach is that I will have to rewrite all
  >  *-brute scripts.
  >
  > - Use error codes as mediators. The script will send specific error
messages to the
  >  library upon which the latter will make controlling decisions
(increase/decrease
  >  the number of threads running, delays, etc.)

Goals:
o: This time conduct comprehensive performance testing.
o: Code the implementation of the second idea (error codes) at least for
ftp-brute
   and see how it goes.
o: Submit further reports on time, since now the official schedule is set
up.

Best regards,
Sergey.


Hello Sergey,

I have a few questions about your project; although I understand that
you're still in the early phase.

- Can you clarify what you mean by: "transform brute so that it works
internally like Ncrack"? What do you want to change and why? (I am not
familiar at all with ncrack's internals)
- What kind of bindings over nsock IO methods are needed that differ
from the existing ones?

Regards

-- 
Henri
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: