PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-06 06:29:03 +00:00
Code Issues Projects Releases Wiki Activity

Changes made during Ncat chat w/David

Browse Source
This commit is contained in:
fyodor
2009-03-09 22:12:06 +00:00
parent 590fababf8
commit 44c596d4a2
1 changed files with 66 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
docs/TODO
View File

@@ -1,42 +1,31 @@
MTODO $Id: TODO 11866 2009-01-24 23:10:05Z fyodor $ -*-text-*-
o NSE memory issues (and gh_list assert failure) [David]
o See this thread: http://seclists.org/nmap-dev/2009/q1/0532.html
o Ncat Windows issue where you make a connection and then take several
seconds to type in a line to the server, Ncat wrongly times out when
trying to write your line to the remote server. [David]
o Ncat write timeout problems cause client to quit due to write
timeout sometimes. [David]
Examples:
o yes | ncat localhost
o when we paste a few lines into the terminal window in an Ncat chat
o [Ncat] --talk should probably be changed (in the code and
documentation) to --chat, as Ncat chat has a
much nicer ring to it, IMHO. --talk should remain as an alias to
--chat, but we don't need to document it. [David]
o [Ncat] --chat should probably only allow reasonable chars, to avoid
cntrl-chars, etc.. We could also consider a way for people to choose
usernames. We should probably make --ssl work. If nothing else, it
might be useful if you want to reduce the number of people
connecting with telnet, etc. rather than ncat.
cntrl-chars, etc.
o Ncat --chat should probably announce to everyone (including the new
person) when someone connects. This tells the new person their
username, and lets everyone else know about the new connection. [David]
o [Ncat] Wouldn't it be nice if we could support --exec (and maybe
some sort of partial-emulated --sh-exec) on Windows? [David]
o [Ncat] As SSL server it should not crash when someone connects in
w/o SSL and does ^C. When David tried it during our chat, the ncat
servr "ncat --broker --ssl-key test-key.pem --ssl-cert test-cert.pem
--ssl --chat -l" crashed with: SSL_accept():
error:00000000:lib(0):func(0):reason(0). Also, when a Windows SSL
clients joined and then left, the server died with "Broken pipe
o [Ncat] Defensive coding review of Ncat --chat (talk)
o [Ncat] Wouldn't it be nice if we could support --exec (and maybe
some sort of partial-emulated --sh-exec) on Windows? [David]
o [Ncat] When acting as an HTTP proxy, we should support GET mode as
well as CONNECT so that it works as a non-SSL proxy in browsers such
as firefox.
o NSE memory issues (and gh_list assert failure) [David]
o See this thread: http://seclists.org/nmap-dev/2009/q1/0532.html
o Prepare for Summer of Code
o Brainstorm for ideas
o Create new ideas page
@@ -48,6 +37,9 @@ o Prepare for Summer of Code
o Ncat SSL issues. See http://seclists.org/nmap-dev/2009/q1/0319.html
o [Ncat] We should consider a way for people to choose
usernames in --chat.
o Figure out and document (in at least the Ncat user's guide) the best way to use Ncat for chaining
through proxies. One option is this sort of thing:
ncat -l localhost 1234 --sh-exec "ncat --proxy A.A.A.A B.B.B.B"
@@ -61,25 +53,23 @@ o [Ncat] Why does Ncat require enclosure in a while loop to answer
Diagnostic Services" section of the Ncat user's guide.
o Note: http://seclists.org/nmap-dev/2009/q1/0133.html
o Ncat user guide "Emulating Diagnostic Services" page has a very long
UDP chargen server line which causes wrapping problems in web browsers
(e.g. it widens the page substantially). It should probably be
split into multiple lines. [David]
o Ncat user guide proxying section says "The only exception is when
listing a proxy host by IPv6 address; then the port is required."
Why would we require a port number for IPv6 rather than just use the
same defaults as we do for IPv4?
o Nmap should treat ports named "unknown" in nmap-services the same
way (from a naming perspective) as it treats ports which are not
listed at all. See http://seclists.org/nmap-dev/2009/q1/0589.html.
o Consider converting this file to emacs org-mode
(http://orgmode.org/) format. [Fyodor]
o That format is still plain text and can be read/edited by vi
users, etc.
o [Ncat] Maybe we should create an SSL cert with no passphrase during
Ncat compilation or install process so that if someone specifies
Ncat -l and --ssl with no --ssl-cert and --ssl-key, we already have
one for them, and it is a slightly better one (since the private key
isn't known) than if we distributed a key. Obviously it is still
subject to MITM attacks since there is no domain validation going
on. But people who need that will have to buy a key from a
certificate authority in any case. We could create the key by using
the "openssl" command line tool as shown in
http://nmap.org/ncat/guide/ncat-advanced.html#ncat-ssl, or maybe
better to have a way for ncat to do it using openssl calls.
o Determine what we should do about the IE.DLI OS detection test
o All of the 1656 results for this test in nmap-os-db are DLI=S.
o Is the test not working right (producing the proper results
@@ -144,6 +134,8 @@ o Look into whether we should loosen/change the global congestion
o [nsock] Fix Makefile to handle dependencies correctly (if that turns
out to be the problem). See
http://seclists.org/nmap-dev/2009/q1/0629.html.
o Or it may be related to SVN timestampling. See
http://seclists.org/nmap-dev/2009/q1/0632.html.
o We should document an official way to compile/test refguide.xml so
people can more easily test their changes to it. This will probably
@@ -582,6 +574,42 @@ o random tip database
DONE:
o Nmap should treat ports named "unknown" in nmap-services the same
way (from a naming perspective) as it treats ports which are not
listed at all. See http://seclists.org/nmap-dev/2009/q1/0589.html.
o Ncat user guide "Emulating Diagnostic Services" page has a very long
UDP chargen server line which causes wrapping problems in web browsers
(e.g. it widens the page substantially). It should probably be
split into multiple lines. [David]
o Ncat user guide proxying section says "The only exception is when
listing a proxy host by IPv6 address; then the port is required."
Why would we require a port number for IPv6 rather than just use the
same defaults as we do for IPv4?
[David explained that this is because to do otherwise would be
ambiguous because IPv6 uses : for separaters, so we wouldn't know
how to handle things like FF::10:80]
o [Ncat] Perhaps we should make --ssl work in --chat. If nothing
else, it might be useful if you want to reduce the number of people
connecting with telnet, etc. rather than ncat.
o [Ncat] --talk should probably be changed (in the code and
documentation) to --chat, as Ncat chat has a
much nicer ring to it, IMHO. --talk should remain as an alias to
--chat, but we don't need to document it. [David]
o Ncat Windows issue where you make a connection and then take several
seconds to type in a line to the server, Ncat wrongly times out when
trying to write your line to the remote server. [David]
o Ncat write timeout problems cause client to quit due to write
timeout sometimes. [David]
Examples:
o yes | ncat localhost
o when we paste a few lines into the terminal window in an Ncat chat
o Defensive coding review of ncat_proxy.* [David]
o Process the latest version detection submissions. We now have more