Nmap Development mailing list archives
Nmap DNS leak and proxychains redesign?
From: Jacek Wielemborek <d33tah () gmail com>
Date: Sat, 04 Jul 2015 10:43:12 +0200
W dniu 04.07.2015 o 04:29, Daniel Miller pisze:> Jasey,
Jasey Nsock supports HTTP proxies, so this should work for you. Currently, all of our proxy options require local name resolution, so they suffer from the classic "DNS leak" problem. This is something that we are aware of and working to address, but it requires more of an architectural redesign of the proxy chain mechanism, so it will take longer to accomplish. Dan
This made me wonder where the DNS leaks actually are and how difficult it would be to fix them. Here are my thoughts: 1. nmap_dns.cc - already uses Nsock routines for UDP. My idea is that perhaps proxy support could be integrated here for SOCKS5 only with code similar to one from nsock_connect_internal. This seems rather easy, am I missing something? 2. Hostname resolution in NSE connect() scripts. Since those can be arbitrary strings, the point above doesn't handle that. 3. Establishing connections to proxies defined by hostname in --proxy. I guess there are other spots, can you think of any? Is there any previous discussion of this topic in nmap-dev archives? BTW, is there any specific reason why nmap_dns.cc doesn't seem to handle DNS resolution over TCP as well? Perhaps such a resolver could work with proxies out of the box, at least for bullet #1. Cheers, d33tah
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap DNS leak and proxychains redesign? Jacek Wielemborek (Jul 04)
- Re: Nmap DNS leak and proxychains redesign? Daniel Miller (Jul 04)
- Re: Nmap DNS leak and proxychains redesign? David Fifield (Jul 04)
- Re: Nmap DNS leak and proxychains redesign? Daniel Miller (Jul 04)