Nmap Development mailing list archives
Andrew's Status Report - #12 of 17
From: Andrew Jason Farabee <afarabee () uci edu>
Date: Mon, 20 Jul 2015 23:28:08 -0700
Accomplishments: * Made changes to ncat --proxy/--proxies variables so that both specification end up in o.proxy_chain_str. Clarified error handling and messages for --proxies, --proxy, and --proxy-type combinations and removed unused functions. Ran tests using ncat-test.pl and valgrind. * Improved handling of NOT_VULN cases in http-iis-webdav vuln after testing with against a copy of IIS on a windows xp sp1 virtual machine. Included comments for reproducing tests and uploaded test results (in comments below smtp-vuln-cve2010-4344.nse results) here: https://gist.github.com/andrewfarabee/dffc9e8c245d29271db4 * After running ncat-test.pl on my nsock-proxy based copy of ncat, I decided to attempt to implement proxy authentication in nsock to maintain functionality. I added parsing of usernames and passwords to store in proxychain nodes. I modified socks4/4a handle_state_initial functions to send usernames (socks4 does not support passwords) in requests if they are present. Most socks4 proxy servers will ignore supplied usernames if they are not necessary. Added an extra proxychain state to eventually support HTTP digest, PROXY_STATE_UNAUTHENTICATED. Began working on coding http basic proxy authentication after reading relevant sections of https://www.ietf.org/rfc/rfc2617.txt and http://www.ietf.org/rfc/rfc2068.txt Priorities: * Copy base64 support from ncat to nsock or find similar functionality either elsewhere in nmap or a library currently used in nsock. * Finish http basic proxy-authentication in nsock/src/proxy-http.c * Implement http digest proxy-authentication in nsock. * Implement SOCKS5 by address with authentication in nsock. * Translate --proxy-auth in ncat to a --proxies (nsock proxychain) specification format. * Test and document ncat using proxychains, SOCKS5, and proxy-authentication. * RFC on masking passwords used as command line arguments. * Start adding connect-by-name support to nsock. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Andrew's Status Report - #12 of 17 Andrew Jason Farabee (Jul 20)
- Re: Andrew's Status Report - #12 of 17 Jacek Wielemborek (Jul 21)