Abhishek's Status Report - #17 of 17

[Abhishek Singh <abhishek.s14 () iiits in>]

Hello Devs,

Finally this three month long program is over. I gained many skills and
experiences as part of this program. Here is a small summary of the work
done by me in this summer.

~ Fixed some problems in scripts like lltd-discovery.nse, bitcoin.lua.
~ Worked on dns engine of Nmap and made some improvements like support for
TCP fallback and speeding up packet lookup by using data structure as map
this was listed in todo as well.
~ Added zero-byte option for Ncat and submitted a patch for switching the
address family if connection is refused.
~ Added support for decoys in IPv6.
~ Fixed timeout problem of http-slowloris which was causing script to run
for much longer than expected. http-slowloris is supposed to timeout after
30 minutes by default but it timed out very rarely.
~ Added script-timeout feature, this will help people in limiting run time
of a script.

So this were the features which got committed into main svn trunk. Here is
the list of features which need more improvement and hence they are lying
in the form of pull request right now. Some of them are -

~ #502 - This patch transfers script expression parser from NmapOps.cc to
nse_main.lua. Most of the script related stuff is being done in lua so it
was advised to do same for script expression as well.
~ #497 - Wrote dnssec-check-config.nse which shows few information
regarding server configured with DNSSEC.
~ #459 - This patch sets up default timelimit for http-form-fuzzer which is
30 minutes and could be changed by specifying "timeout" explicitly in
script's argument.
~ #421 - Makes use of discovered ciphers in ssl-enum-ciphers in other ssl
based scripts by putting it in host.registry.
~ #415 - This patch has introduced short syntax for script argument. This
is described properly here <https://github.com/nmap/nmap/issues/233>.
~ #411 - This patch shows partial result for all those host for which
timeout has occurred.
~ #359 - Fixed few problems in http-brute and also corrected the way
digest-auth was implemented in http.lua since it didn't use to work earlier.
~ #346 - This is a small fix for http-form-brute script which doesn't let
the script crash even if some kind of socket error comes in between.
~ #300 - This is a fix to #280 <https://github.com/nmap/nmap/issues/280> but
I think a lot more can be done on this basic feature.

I would love to complete all these PRs and see them in main branch and try
to be a permanent contributor. I would like to thank community for their
support and feedbacks. I would specially thank my mentor Daniel Miller who
was really helpful and supporting throughout these three months.

Cheers,
Abhi

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/