Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Named pipe library
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 11 Feb 2011 07:31:36 +0100


On Feb 11, 2011, at 07:07 , Chris Woodbury wrote:

In the process of adding named-pipe support to the SQL Server scripts,
I created an NSE library for named pipes[1]. The primary component is
a "named_pipe" class, which is modeled after a socket (i.e. connect(),
disconnect(), send(), receive() ), and it is essentially a wrapper
around calls to the SMB library, with some state and logic to make
things easier.

Nice! I think this will be a very useful addition to the SQL Server scripts.
I'll gladly test this code once it's supported by the scripts.
I noticed a description in the library that shouldn't be there, have a look at the other libraries on how this should 
be documented.

Its main features (aside from its existence) are some
pipe-specific error handling and automatic reassembly of multi-packet
messages. In the course of writing it, I added [2] a few bits of
functionality to smb.lua to support named pipes, including a bugfix
for the handling of the NT_STATUS_BUFFER_OVERFLOW, which, despite its
scary name, means that there's another packet coming to complete the
message. While I'm at it, I have another patch [3] for smb.lua, which
just adds a bit more detail to a few debug messages.

-chris

[1] namedpipes.lua - I'm not sure if this is better kept separate, or
merged into an existing library.

If it should be merged anywhere the SMB library probably makes most sense.

[2] smb_pipe_support.patch
[3] smb_debug.patch
<namedpipes.lua><smb_debug.patch><smb_pipe_support.patch>_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]