Nmap Development mailing list archives
Fwd: Sergey. [Status Report 02/17]
From: Sergey Khegay <g.sergeykhegay () gmail com>
Date: Thu, 12 May 2016 11:37:41 -0400
Hello Henri, Absolutely! Thank you for asking. - Can you clarify what you mean by: "transform brute so that it works
internally like Ncrack"?
Please allow me to answer on this part with an excerpt from my discussion with Fotis. ... Let me summarize here a bit to check if I understand everything correctly. - The main logic of the Ncrack is implemented in ncrack.cc. That is adaptivity to network conditions by tracking RSTs, timeouts, protocol specifics. Things that give Ncrack advantage over similar tools. - For every service there is a corresponding module (http, rdp, ssh, etc.). - Ncrack's Core Engine (CE) is a layer between a module and the Nsock library. - For every module the communication with the Nsock library is happening through the core engine. To clarify: whenever a module needs to read/write from/to a socket it calls a corresponding Nsock's method, BUT instead of handling the result (successful, failed, timeouted) of the operation itself it delegates this work to the Core Engine (CE). This, in turn, allows the CE track the the information about the connection state and pass the data back to the module. Upon collected information CE may decide to increase/decrease rate of attempts, delay time between attempts, number of connections. This part (especially the chart in your slides about Ncrack) looks very similar to TCP congestion control mechanism (Rhino, I guess). ... What do you want to change and why? (I am not
familiar at all with ncrack's internals)
The reason is because I like Nsock's idea, which is event-driven approach. What kind of bindings over nsock IO methods are needed that differ
from the existing ones?
So as described above Ncrack modules, say ftp, use Nsock's functions, like nsock_write, as a callback Core Engine's nsock_write_handler(.) is passed. I would like to have the same functionality in Lua bindings, because for now we have functions like l_send (nse_nsock.cc), which uses internal, hidden from the user callback function. Recently Fotis sent me a email, saying that probably event driven approach would not benefit much to NSE. So I will focus on the second idea, with the error messages. Best regards, Sergey.
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Sergey. [Status Report 02/17] Sergey Khegay (May 10)
- Re: Sergey. [Status Report 02/17] Henri Doreau (May 11)
- Message not available
- Fwd: Sergey. [Status Report 02/17] Sergey Khegay (May 12)
- Message not available
- Re: Sergey. [Status Report 02/17] Henri Doreau (May 11)