Nmap Development mailing list archives

Re: Nmap proxy auth support, masking --proxies auth command-line data?

From: Jacek Wielemborek <d33tah () gmail com>
Date: Sun, 19 Jul 2015 15:19:32 +0200

W dniu 19.07.2015 o 14:54, Andrew Jason Farabee pisze:

Okay, I think I understand how I would implement masking from within
ncat, I'll have to look into how large of a footprint the patch would
have to have in order to mask the username and password in nmap or if
the memory passed nsock_proxychain_new() from nmap is already a direct
reference to argv.


Don't jump straight to coding though - it might just not make sense. I'd
wait for somebody else to comment on this first.

I really like your idea btw, my first ideas for
this were way too complicated (I remembered a program I used that had
the user encrypt their password with a different program before using
the ciphertext in the command line).


That adds very little extra security - if I can log in as you, I can
just read the command line and decrypt the password. The only time it
can theoretically help is when the command is not running, provided that
the arguments are not stored in ~/.bash_history. STDIN could also be
used, but I'm not sure it makes sense...

I do have a secwiki account already, do you recommend documenting this
there for now?  I started posting tests for other patches on my gist
for now.  Sorry I haven't really documented things yet, I was trying
to get as much working as possible today.  I'm currently working on
http proxy authentication, so hopefully once that is done I can re-run
ncat-test.pl and check those tests that were failing.


For now you can just write a TODO list of what has to be documented.

As for your questions, right now it does not attempt anonymous
authentication first, do you think there would be benefit to attempt
to connect without authentication first? I should look into the ncat
trunk authentication methods to see what the existing behavior is
(it's probably best for now if I try to change as little as possible).
I've been testing it with wireshark, valgrind, and gdb for now and
everything looks good so far.

Thanks for the feedback!

Andrew


Good idea, better than I had. See how Ncat handles things and consider
replicating it.

Cheers,
d33tah

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Nmap proxy auth support, masking --proxies auth command-line data? Jacek Wielemborek (Jul 19)
- Re: Nmap proxy auth support, masking --proxies auth command-line data? Andrew Jason Farabee (Jul 19)
  - Re: Nmap proxy auth support, masking --proxies auth command-line data? Jacek Wielemborek (Jul 19)
    - Re: Nmap proxy auth support, masking --proxies auth command-line data? Daniel Miller (Jul 19)