Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Ncat portable for Windows (static edition)
From: Shinnok <admin () shinnok com>
Date: Sun, 19 Jun 2011 21:20:42 +0300

Freakin' e-mail client! Sorry for no linewrap at 80, now nobody is going to read my e-mail..

On 6/19/2011 9:06 PM, Shinnok wrote:
Hi nmap-dev,

I managed to build a portable version of Ncat, by creating a full static build, that requires no additional libraries to run but the executable itself(ssl included).

The preview build is based on the following revision:
Ncat revision: r24131
Ncat version: Ncat: Version 5.52.IPv6.Beta2 ( http://nmap.org/ncat )

http://trunk.shinnok.com/ncat.exe - 1,631 KB

And since the bald static build of Ncat is rather large(pentesters are angry), I uploaded an Upx'ed version too, which is considerably smaller(pentesters are happy now):
http://trunk.shinnok.com/ncat_upx.exe - 540 KB

And because you shouldn't trust random Windows binaries just because I say so
here are virus total links for both executables( :-) ):
http://goo.gl/1AsCy
http://goo.gl/zY3ip

The binaries have been tested on the following version of MS Windows:
* Window 7 Professional x86
* Window 7 Professional SP1 x64
* Windows Server 2008 R2 Enterprise
* Windows XP Professional SP2
* Windows XP Professional SP3

Attached to this e-mail you can find the full step by step instructions on how to build this static version of Ncat portable.

Fyodor, David, should I add this how to file the nmap svn? If so mswin32/ or ncat/ ? It already resides in my nmap-exp directory along with a patch that does all that's in the how-to, except the ssl build.

Additional context for the Ncat portable issue: http://seclists.org/nmap-dev/2011/q2/638

----------------------------------
WinPcap rant:

As you will probably notice from the build how to, I removed WinPcap dependency and linking, since I don't really see why Ncat would need to link against it. I don't think Nmap does any raw socket stuff like ip headers editing or packet packet capture(?). Even if it did, WinPcap would have ruined this fun for good, since you can't really link statically against it(at least the free version), because WinPcap currently is formed of these three components:

* wpcap.dll - the WinPcap api library(the interface to client code)
* npf.sys - a kernel driver that does the packet interception ; multiple versions for each architecture and kernel release * packet.dll - the interface to npf.sys, only used by wpcap.dll ; multiple versions for each architecture

This kind of structure(especially because of the kernel driver), makes bundling WinPcap to a binary by linker means impossible. The only way to create a portable version of Ncat if we were to need WinPcap, is to create a bundled executable either in the form of a self extracting archive or something more exotic like portable apps provides(http://portableapps.com/development), which does kind of the same thing afaik.

Have fun,
Shinnok

--
http://shinnok.com

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]