Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Status Report #15 of 16

From: Dražen Popović <drazen.popovic () fer hr>
Date: Tue, 10 Aug 2010 15:05:19 +0200
Hi all.
We're getting pretty close to the end of GSoC and it's time to wrap
things up, as far as soc is concerned. My project has been pretty
dynamic and now it doesn't look like anything I listed in my proposal,
infact it has been more challenging and therefore more interesting and
fun. So what's it all about...We're making an library to enable NSE to
talk to MSRPC endpoints, which is a complex remote procedure call
protocol implemented by Microsoft Windows (and some other OSs). This
project consists of making an NDR library (presentation layer protocol)
and utilizing a tool call PIDL to generate RPC clients based on their
IDL definition. Furthermore this project should involve enhancing the
MSRPC operations and redesigning the code to be more domain driven and
therefore modular and more maintainable. The motivation for all this was
pretty strong as other similar project want the same thing, Metasploit,
Canvas, Impacket, Nessus, OpenVAS, SAMBA, Wireshark...There's lot of
useful information that can be gathered from the MSRPC endpoints from
the perspective of a pentester, also there are dozen of fun
vulnerabilities that reside on msrpc.

To conclude there is still work to be done, so...

Accomplishments:
      * Utilized PIDL to generate most of the IDL types and for now it
        generates functions (some debugging needed).
      * Added new types to NDR library (unsigned/signed types) as
        strings (conformant, conformant_varying).
      * Used PIDL to generate part of DRAZEN_SVC service.
Priorities:
      * Test the generated clients on real services (epmapper, srvsvc).
      * Port "msrpc.lua" to use pidl-generated stubs.
      * Merge "ndr.lua".

Cheers,
Dražen.


-- 
Laboratory for Systems and Signals
Department of Electronic Systems and Information Processing
Faculty of Electrical Engineering and Computing
University of Zagreb
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: