Nmap Development mailing list archives

Re: [PATCH] nselib rpc.lua

From: Djalal Harouni <tixxdz () gmail com>
Date: Tue, 6 Apr 2010 00:52:48 +0100

attached are two files: rpc.lua.diff and rpc.lua.new (new lib)

new rpc.lua (code cleaned):
- Comm Class/object will store/handle all rpc program infos and low
  level network operations.
- Comm object is passed to NFS, Mount, Portmap functions as a parameter
  (they don't need to have a local copy).
- added some debug output, nfs and mount versions mismatch check.
- added NFS and Mount stat codes support with msg descriptions, perhaps
  useful in the futur: nfs vulnerabilitu check (check nfs code, check
  permissions issues, ressource limits ... etc)!!, i don't know if there
  is a tool that let as check the common POSIX ACLs issues over NFS
  (NFSv4 is a good condidate) or mount options: filesystems with block
  special devices enabled ... etc, perhaps patrik's nfs-acls.nse script
  is a good start.

notes:
- new protocols who may use the rpc.lua, must be added to the RPC_version table.
- all the nse scripts wich uses the rpc.Helper class functions, must use
  this code to handle errors:
  ---
  return stdnse.format_output(false, data)
  ---
  so we need probably simple patches for nfs-* and rpcinfo scripts.

todo:
- separate code: NFS code in nfs.lua ... etc, all these libraries will
  require("rpc") to handle rpc communications, Portmap class and RpcInfo
  functions must stay in rpc.lua
- complete the NFS procedures.
- add others filetypes support.
- add NFSv4 support.
- add more rpc stuff: error code, authentification ... etc
- ...

NB: patrik has already implemented this sutff, this is simply a
re-design.
thx patrik.

feedbacks ?


On 2010-04-02 20:03:40 +0200, Patrik Karlsson wrote:

I've commited this as r17146. I ended up patching only the ReadDir function as the StatFs function is only available 
for version less than 3 where the file handle length is fixed at 32 octets.
Thanks for the bug report Djalal!

//Patrik

On 2 apr 2010, at 17.49, Djalal Harouni wrote:

BTW patrik if you can commit these changes (nfsv3 fhandles correction) it will
be cool so i can work on a clean svn copy.

On 2010-04-02 16:41:47 +0100, Djalal Harouni wrote:

On 2010-04-02 17:32:08 +0200, Patrik Karlsson wrote:

Hi Djalal,

On 2 apr 2010, at 17.23, Djalal Harouni wrote:

On 2010-04-02 17:10:00 +0200, Patrik Karlsson wrote:

I'm having some trouble applying this patch against the rpc.lua in svn.
A portion of the patch gets rejected and my diff/patch skills are limited.

Can anyone share some diff/patch magic or can you send me a patch against svn Djalal?

hi patrick i just send you the patch nfsv3_rpc.lua.diff against r17144
and it's attached to, for the second patch i will probably add some more
error handling and reporting as suggested by david:
http://seclists.org/nmap-dev/2010/q1/922

thx


This patch looks very small compared to the first you sent me which contained both the NFS3 file handle fixes, 
comm class re-design and improved error handling.
I had a quick look at the comm re-design in the previous patch you sent, and it looked quite good. Will it be 
part of the second patch you mentioned?

yes, i must rewrite the error handling code.

Oh, and the self.version > 2 patch is incorrect as NFSv3 does not have the STATFS procedure, the procedure 17 has 
been replaced with READDIRPLUS in v3.

ah sorry.

-- 
Djalal
http://dzcore.wordpress.com
<nfsv3_rpc.lua.diff>_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



//Patrik

--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77


-- 
Djalal
http://dzcore.wordpress.com


-- 
Djalal
http://dzcore.wordpress.com
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77


-- 
Djalal
http://dzcore.wordpress.com

Attachment: rpc.lua.diff
Description:

Attachment: rpc.lua.new
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: [PATCH] nselib rpc.lua Patrik Karlsson (Apr 01)
- <Possible follow-ups>
- Re: [PATCH] nselib rpc.lua Patrik Karlsson (Apr 02)
  - Re: [PATCH] nselib rpc.lua Djalal Harouni (Apr 02)
    - Re: [PATCH] nselib rpc.lua Patrik Karlsson (Apr 02)
    - Re: [PATCH] nselib rpc.lua Djalal Harouni (Apr 02)
    - Re: [PATCH] nselib rpc.lua Djalal Harouni (Apr 02)
    - Re: [PATCH] nselib rpc.lua Patrik Karlsson (Apr 02)
    - Re: [PATCH] nselib rpc.lua Djalal Harouni (Apr 05)
    - Re: [PATCH] nselib rpc.lua Patrik Karlsson (Apr 08)
    - Re: [NSE] rpc library Djalal Harouni (Apr 10)
    - Re: [NSE] rpc library Djalal Harouni (Apr 11)
    - Re: [NSE] rpc library David Fifield (Apr 15)
    - Re: [NSE] rpc library Djalal Harouni (Apr 16)
    - Re: [NSE] rpc library Djalal Harouni (Apr 17)
    - Re: [NSE] rpc library Patrik Karlsson (Apr 18)
    - Re: [NSE] rpc library Djalal Harouni (Apr 18)
    - Re: [NSE] rpc library David Fifield (Apr 21)
    - Re: [NSE] rpc library; trusted inputs? David Fifield (Apr 21)

(Thread continues...)