Jacek's status report - #6 of 16

[Jacek Wielemborek <wielemborekj1 () gmail com>]

Jacek's status report - #6 of 16

Hi guys,

This is the report 6/16 for the Google Summer of Code project
“Bringing Lua to Ncat”. That was a really exciting week - the new
--with command-line switch I worked on blew my mind and I'm really
proud to have implemented it.

Achievements:

* Devised a way for script stacking to work and wrote a prototype for
it. This involved some pencil-and-paper work to figure out how all the
stdins and ncatins should go together... I actually invented my own
system of graphing the data flow between subprocesses.

* Debugged the prototype, tried to refactor it for the first time and
dropped after debugging... then tried to refactor it again (and, for
the second time, spent two or three hours WTF'ing and reading the
strace logs).

* Wrote a unit testing program for the new --with feature. It started
out as a copy of test-ncatin.py and can now test with --with works
under TCP/UDP/SCTP with or without keep-open and/or SSL (with the
obvious exception of UDP in these cases); it can also create test-case
servers to let Ncat connect to them (without SSL mode support).

* Created ncat-lua-with branch for the feature and moved my prototype
there, bit by bit, refactoring the code as I went. During the
refactoring I stopped for a whole day trying to spot two bugs - that
was the moment my schemes got two-colored and also described
communication with child processes... Here's the final form of my
drawings for the curious ones: http://i.imgur.com/Jo9bROn.jpg

* Wrote a proposal on Ncat's new feature that would work great in pair
with the Ncat-Lua project - new environment variables. This would
leave a lot of room for even more creative uses of Ncat, giving way
more control over wrapped commands' input and output and - possibly -
providing them with some useful runtime information. For details, have
a look here: http://seclists.org/nmap-dev/2013/q3/50

* Did a bit of research on a problem my friend accidentally discovered
when I asked him to build Ncat from the current trunk on FreeBSD. The
problem was related to adding “-ldl” to LUA_LIBS, which is a part of C
standard library on that system. After some experimenting, I fixed it
in r31294 by a simple reversion of one commit. Also did some minor
changes to ncat-lua-script branch.

* Found some bugs in ncat-lua-with and ncat-lua-script branches and
fixed some - though, some are waiting for a piece of advice from
David. Also refactored my code a bit, making it feel less kludgy.

Priorities:

* There are currently three big features waiting to be polished,
ported to Windows and wrapped up. As I learned from the --lua-exec
experience, it will be a tremendous amount of work and I'd prefer to
start soon.

* Implement the environment variables from my proposal? Perhaps
further extend the capabilities of ncat-lua-with? It could, for
example, take some arguments, leading to syntax like “ncat --with
ws,hostname=echo.webserver.org 82.98.86.174 80” or even allow to stack
--with jobs with --sh-exec ones (though it might turn out to be *too*
crazy).

Can't wait to do more coding!

Yours,
Jacek Wielemborek
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/