Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Fwd: Sergey. [Status Report 02/17]

From: Sergey Khegay <g.sergeykhegay () gmail com>
Date: Thu, 12 May 2016 11:37:41 -0400
Hello Henri,

Absolutely! Thank you for asking.

- Can you clarify what you mean by: "transform brute so that it works

internally like Ncrack"?



Please allow me to answer on this part with an excerpt from my discussion
with Fotis.

...
Let me summarize here a bit to check if I understand everything correctly.

- The main logic of the Ncrack is implemented in ncrack.cc. That is
adaptivity
  to network conditions by tracking RSTs, timeouts, protocol specifics.
Things
  that give Ncrack advantage over similar tools.

- For every service there is a corresponding module (http, rdp, ssh, etc.).

- Ncrack's Core Engine (CE) is a layer between a module and the Nsock
library.

- For every module the communication with the Nsock library is happening
through
  the core engine.

  To clarify: whenever a module needs to read/write from/to a socket it
calls
  a corresponding Nsock's method, BUT instead of handling the result
(successful,
  failed, timeouted) of the operation itself it delegates this work to the
Core
  Engine (CE). This, in turn, allows the CE track the the information about
the
  connection state and pass the data back to the module. Upon collected
  information CE may decide to increase/decrease rate of attempts, delay
time
  between attempts, number of connections.

  This part (especially the chart in your slides about Ncrack) looks very
  similar to TCP congestion control mechanism (Rhino, I guess).
 ...

What do you want to change and why? (I am not

familiar at all with ncrack's internals)



The reason is because I like Nsock's idea, which is event-driven approach.

What kind of bindings over nsock IO methods are needed that differ

from the existing ones?



So as described above Ncrack modules, say ftp, use Nsock's functions, like
nsock_write, as a callback Core Engine's nsock_write_handler(.) is passed.

I would like to have the same functionality in Lua bindings, because for now
we have functions like l_send (nse_nsock.cc), which uses internal, hidden
from the user callback function.

Recently Fotis sent me a email, saying that probably event driven approach
would not benefit much to NSE. So I will focus on the second idea, with the
error
messages.

Best regards,
Sergey.

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: