Home page logo

nmap-dev logo Nmap Development mailing list archives

Ncat and windows line endings
From: jah <jah () zadkiel plus com>
Date: Thu, 07 May 2009 22:48:46 +0100


I saw a tweet yesterday where the tweeter was having a problem
shovelling a linux shell to windows which prompted me to try it out.
I ran:
ncat -l --sh-exec /bin/bash
on a linux host and then on a windows host:
ncat linux_host 31337
and then
nmap some_host
and the response I got from nmap running on the linux host was "Invalid
character (13) in host specification..."

I'd modified the Nmap code to produce the 13 (0x0D) in the error
message.  Turns out that Ncat from a windows shell (also a cygwin shell
which piggybacks the windows shell) sends \r\n as its line endings and
the \r is appended to the command at the other end.  This prevents any
command I've tried from working.  Conversely, a mingw shell sends \n as
its line endings and this issue doesn't arise.

I felt sure that something like this has been raised before, but haven't
found anything pertinent.  Is this a known issue and, more to the point,
can we afford to modify ncat to do something about it given that \r\n
might have been sent as part of a HTTP GET, for example?



Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]