Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ncat: Update and Feature Request

From: eldraco <eldraco () gmail com>
Date: Sun, 27 Jul 2008 16:50:54 -0300
i would want connection brokering to continually listen for connections, even 
if the last user left. What if after executing commands in a pen test I 
decide to use ncat brokering feature and I suddendly left the connection? 
Meybe I can be an option.

I always want this to be a feature of ncat: While in connection brokering, 
suponse we are talking and I want to show you how to access some database in 
the server ncat is running, or how to use some commands. I would love to do 
something like this:

<user4> hi
<user5> hi, how are you?
<user4> fine. See this files, exec: ls -al /root
<user4 exec> -r--r--r--  1 root  root    11 jul 27 14:51 test1
<user4 exec> -r--r--r--  1 root  root    11 jul 27 14:51 test2
<user4 exec> -r--r--r--  1 root  root    11 jul 27 14:51 test3
<user5> nice

what do you think? Some sort of poor-man chat and shell

cheers

eldraco

El Sunday 27 July 2008 05:54:35 Dirk Loss escribió:

Kris Katterjohn wrote:

Ncat already continually listens for connections, even when some (or
all) of them end.


That's exactly what I wanted, thank you. I really don't know why I
haven't noticed that this feature already exists.


Connection brokering is an exception because it exits when all of the
connections are over, but I rather like this.  Does anybody think
that the brokering should continually listen even when all clients
disconnect?


I do not have any strong opionion about this. Maybe this could be useful
for setting up a connection broker that keeps running all of the time
and waits for new (pairs of) clients. And it would be more consistent
with the normal (non-brokering) behavior.


As for the other part of this suggestion, I'm having a problem seeing
where an infinite reconnect feature would be handy.  What do you have
in mind for this?


To be honest I just copied the text from the sbd man page and didn't
really think about the client reconnection feature. But I guess it could
be used e.g. in pentests to install a reverse shell that is
automatically re-opened by the remote client if the connection gets lost
somehow.

Regards
Dirk


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org




-- 
Ing. Sebastián García
http://minsky.surfnet.nl:11371/pks/lookup?op=get&search=0x3E42ED27F864EDE6

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: