Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Sergey. [Status report 17/17]

From: Sergey Khegay <g.sergeykhegay () gmail com>
Date: Tue, 23 Aug 2016 05:02:23 -0400
[Report 17/17]
Hello Nmap,

Side note:
  I noticed that the latest updates to the Nmap's Github repository often
  contain some minor errors. As for now, the latest version I pulled out
  (commit e5a495c1a0b308836a5c1eb14126da704ee9f9c8) does not compile.

  engine_kqueue.c:164:42: error: too few arguments to function call,
expected 5, have 4
    kqueue_iod_modify(nsp, iod, ev, EV_NONE);
    ~~~~~~~~~~~~~~~~~                      ^
  engine_kqueue.c:83:1: note: 'kqueue_iod_modify' declared here
  static int kqueue_iod_modify(struct npool *nsp, struct niod *iod, struct
nevent *nse, int ev_set, int ev_clr);
  ^
  engine_kqueue.c:178:58: error: too few arguments to function call,
expected 5, have 4
      kqueue_iod_modify(nsp, iod, EV_NONE, EV_READ|EV_WRITE);
      ~~~~~~~~~~~~~~~~~                                    ^
  engine_kqueue.c:83:1: note: 'kqueue_iod_modify' declared here
  static int kqueue_iod_modify(struct npool *nsp, struct niod *iod, struct
nevent *nse, int ev_set, int ev_clr);
  ^
  2 errors generated.

  The Windows version, interestingly, compiles but segfaults on a regular
scan.
  I could not catch where exactly it happens with the VS2013 debugger.

  Whilst the problem with Windows might be very platform and environment
  depended on, the compilation problem on Linux could be easily tested and
fixed
  before the commit.

  I regularly update my dev branches with the Nmap's main branch to avoid
merge
  problems in the future. So it is a bit of inconvenience when such bugs
arise.

  Definitely, this kind of problems will arise in the future, but I think
it is
  for the best if we try to reduce the number of such cases to the minimum.
  This will allow all contributors to develop and add new awesome features
  easier and sooner. =)



Accomplishments:
- Created PR for merging brute.lua changes

- Ported, edited, and tested more Devin's scripts that work with libssh2
library.
  ssh-auth-methods.nse
  ssh-brute.nse
  ssh-publickey-acceptance.nse
  ssh-run.nse

- Submitted final evaluation for GSoC 2016


This is the final report.
Here is an excerpt from my final evaluation for GSoC 2016:


"""
I would like to thank my mentor, Fotis Chantzis, community, and all the
developers who provided helpful feedback and suggestions, Patrick Donnelly,
Daniel Miller, and, my fellow GSoC participant, Vincent Dumont.

During the summer I worked on two major tasks: improving brute.lua and
adding
support for libssh2.

Neither of changes is merged yet. But both projects are finished and are
awaiting for pending review. Current statuses are:

o. gsoc-brute - improving brute.lua changes.
  https://github.com/sergeykhegay/nmap/tree/gsoc-brute

  A pull request was sent, which can be reviewed here:
  https://github.com/nmap/nmap/pull/518

  All commits are available here:

https://github.com/sergeykhegay/nmap/commits/gsoc-brute?author=sergeykhegay

  A performance report is available here (was shared with Nmap Dev before):

https://drive.google.com/file/d/0Bw4slNtwpBy9TEZVNVBlSUVlZG8/view?usp=sharing

  Changes (against latest merged commit from nmap/master):

https://github.com/nmap/nmap/compare/nmap:ed59a3d3700851ac2ae32c502c7058905cebfba6...sergeykhegay:gsoc-brute

o. gsoc-ssh - integration of libssh2.
  https://github.com/sergeykhegay/nmap/tree/gsoc-ssh

  I will send a pull request as soon as I have a chance to test it on
Windows.
  It seems that for the moment nmap/master branch has a bug and segfaults
even
  during a simple scan (as of 08.19.16). I will wait until this is fixed.
You
  still can pull the project and use it on Linux.

  Overall, I would say that the current implementation works pretty stably
as
  on Linux as on Windows.

  It is worth to mention that there are couple scripts that were also added
  (all of them are Devin Bjelland's work. Devin contibuted to this project
  before me):
  ssh-auth-methods.nse
  ssh-brute.nse
  ssh-publickey-acceptance.nse
  ssh-run.nse

  and a library utility:
  nselib/libssh2-utility.lua.

  Commits are available here:
  https://github.com/sergeykhegay/nmap/commits/gsoc-ssh?author=sergeykhegay

  Changes (against latest merged commit from nmap/master):

https://github.com/nmap/nmap/compare/nmap:ed59a3d3700851ac2ae32c502c7058905cebfba6...sergeykhegay:gsoc-ssh

Minor projects:
o. gsoc-lpeg - updating LPeg from v0.12 to v1.0.
  https://github.com/sergeykhegay/nmap/tree/gsoc-lpeg

  This project was stalled because of a presumable bug in LPeg v1.0. I found
  a grammar and a pattern for which nmap crashes with a stack overflow. All
  this was reported to Patrick Donnelly for further investigation. I plan to
  resume on this project as soon as I finish with gsoc-brute and gsoc-ssh
  (when they are merged).

  PR and discussion are here:
  https://github.com/nmap/nmap/pull/478

  Commits are here:
  https://github.com/sergeykhegay/nmap/commits/gsoc-lpeg?author=sergeykhegay


o. issue-216 - I made a PR before the start of GSoC but committed some
changes
   during the program.
  https://github.com/sergeykhegay/nmap/tree/issue-216

  PR "Add --defeat-icmp-ratelimit option for UDP scanning" is here:
  https://github.com/nmap/nmap/pull/353

  Commits are here:
  https://github.com/sergeykhegay/nmap/commits/issue-216?author=sergeykhegay


As for my plans, I will hang around with Nmap a bit longer, at least until
all
my changes are merged. I hope I will be able to contribute more (I have seen
interesting issues in the bug tracker).
"""

Goals:
o: Finish the brute.lua and libssh2 merge

Best regards,
Sergey.

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: