Re: ncat reverse ssl does not work, "terminating subprocesses"

[Daniel Miller <bonsaiviking () gmail com>]

Olivia,

Thanks for reporting this. We have a similar bug in our tracker [1] that we
think may be related. We also recently put in a fix for a similar issue, so
I think this will be resolved in the next release. Until then, a few users
have reported a successful workaround by using the --sctp option on both
ends.

The underlying cause is a failure in Ncat's server mode to correctly handle
some return values of OpenSSL's SSL_read call, which are usually caused by
a renegotiation in the SSL/TLS layer. Because of the way SCTP works and its
differences with TCP, these return values do not occur when using the SCTP
transport.

If the --sctp workaround works for you, please let us know. Otherwise, I
hope you can make do until the next Ncat release, which shouldn't be too
far off.

Dan

On Mon, Mar 20, 2017 at 7:33 PM, Olivia Nelson <the.warl0ck.1989 () gmail com>
wrote:

> The client is a windows 7 machine, run cmd.exe and connect back to a
> ubuntu server
>
> When I execute a command, the connection interrupts immediately.
>
> Any ideas?
>
> ==== server ====
>
> # ./ncat.linux -l -p 8888 --ssl -vv
> Ncat: Version 7.40 ( https://nmap.org/ncat )
> Ncat: Generating a temporary 1024-bit RSA key. Use --ssl-key and
> --ssl-cert to use a permanent one.
> Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
> Ncat: Listening on :::8888
> Ncat: Listening on 0.0.0.0:8888
> Ncat: Connection from 172.16.177.30.
> Ncat: Connection from 172.16.177.30:49180.
> Microsoft Windows [Version 6.1.7601]
> Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
>
> x:\>dir
> NCAT DEBUG: Closing connection.
>
> ==== client ====
>
> x:>ncat 172.16.177.200 8888 -e cmd --ssl -vv
> Ncat: Version 7.40 ( https://nmap.org/ncat )
> NCAT DEBUG: Using trusted CA certificates from x:\ca-bundle.crt.
> NCAT DEBUG: Unable to load trusted CA certificates from x:\ca-bundle.cr
> t: error:02001002:system library:fopen:No such file or directory
> NCAT DEBUG: Not doing certificate verification.
> libnsock nsock_iod_new2(): nsock_iod_new (IOD #1)
> libnsock nsock_connect_ssl(): SSL connection requested to
> 172.16.177.200:8888/tc
> p (IOD #1) EID 9
> Ncat: Subject: CN=localhost
> Ncat: Issuer: CN=localhost
> Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
> Ncat: Certificate verification failed (self signed certificate).
> libnsock nsock_trace_handler_callback(): Callback: SSL-CONNECT SUCCESS
> for EID 9
>  [172.16.177.200:8888]
> Ncat: SSL connection to 172.16.177.200:8888.
> Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
> libnsock nsock_iod_new2(): nsock_iod_new (IOD #2)
> NCAT DEBUG: Executing: cmd
> NCAT DEBUG: Terminating subprocesses
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/