Penetration Testing mailing list archives
Re: Netcat VS 'real' clients
From: Jayson Anderson <sonick () sonick com>
Date: Wed, 24 Aug 2005 11:02:01 -0700
Barring any protocol optioning anomoles, idiosyncracies vs. standards-implementation or application-specific fixed-length padding etc. or any other kind of identifiable application-specific trait, then the answer is yes: netcat can perform the same operation provided you supply the correct I/O iterations on your side of the socket. The other big giveaway when humans become involved is timing. if /var/log/maillog has 2 seconds elapsed for userbob to pop his mailbox, followed by a 13 second elapsed time while you fiddle trying to cut/paste or type straight in the protocol mechanics, then that is visible :) much smaller nuances can be had I'm sure for each application, so the ultimate answer is "mostly yes, but it ultimately depends on the level of scrutiny on the server side." Jayson On Wed, 2005-08-24 at 15:11 +0300, Ishay wrote:
I wonder if using netcat is simulating the Http,Imap,Pop3,Ftp,SMTP as the real clients does? For e.g. pentest for pop3 with netcat VS outlook.
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Netcat VS 'real' clients Ishay (Aug 24)
- Re: Netcat VS 'real' clients Jayson Anderson (Aug 24)
- RE: Netcat VS 'real' clients Irene Abezgauz (Aug 24)
- Re: Netcat VS 'real' clients Patrick van Zweden (Aug 24)
- Re: Netcat VS 'real' clients Michael Boman (Aug 24)