Penetration Testing mailing list archives
RE: Netcat VS 'real' clients
From: Irene Abezgauz <irene.abezgauz () gmail com>
Date: Wed, 24 Aug 2005 22:53:45 +0200
Ishay, With netcat and textbased protocols - it is just a question of whether you know the protocol and able to craft valid requests. The service receiving your requests (e.g. the web server, or the smtp server) does not know what kind of a client you are when you send the request, and actually - it doesn't really care either. The meaning of a protocol is that is has a specific ruleset, and format for communication it can receive and handle. As long as your request matches that format - the service receiving your requests won't mind whether it's netcat, telnet, a "real" client, or anything else. Irene --------------- Irene Abezgauz Application Security Consultant Hacktics Ltd. Mobile: +972-54-6545405 Web: www.hacktics.com -----Original Message----- From: Ishay [mailto:ishaybs () gmail com] Sent: Wednesday, August 24, 2005 2:11 PM To: pen-test () securityfocus com Subject: Netcat VS 'real' clients I wonder if using netcat is simulating the Http,Imap,Pop3,Ftp,SMTP as the real clients does? For e.g. pentest for pop3 with netcat VS outlook. -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.15/80 - Release Date: 8/23/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.15/80 - Release Date: 8/23/2005
Current thread:
- Netcat VS 'real' clients Ishay (Aug 24)
- Re: Netcat VS 'real' clients Jayson Anderson (Aug 24)
- RE: Netcat VS 'real' clients Irene Abezgauz (Aug 24)
- Re: Netcat VS 'real' clients Patrick van Zweden (Aug 24)
- Re: Netcat VS 'real' clients Michael Boman (Aug 24)