Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [Ncat] Question: What DLLs are required to run ncat on Windows?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 19 May 2011 17:29:12 -0500

Thanks for the speedy reply. Your directory name indicates this was built
with MingW. Is the dependency tree the same for the Visual Studio build as
well? I would imagine it's very close, especially with regard to OpenSSL and
WinPCAP.

I suppose that means it's not possible to get it entirely self-contained,
then, since WinPCAP has to run as a service. I didn't know that was a
dependency, since building on Linux statically links to the included libpcap
by default (so it doesn't show up with ldd).

On Thu, May 19, 2011 at 5:10 PM, Gisle Vanem <gvanem () broadpark no> wrote:

"Daniel Miller" <bonsaiviking () gmail com> wrote:

 I know there may be better solutions for this (metasploit's msfpayload -E,
for instance), but maybe the answers can help improve Ncat. Scenario is
this: As a pentester, I can upload and execute arbitrary files. I want to
get an interactive shell, maybe create a relay to expand my attack to an
internal network. If I choose to upload Ncat, what DLLs will it require on
the target system? Especially, what is unlikely to be there already?


This is the dependency tree of ncat.exe (cygcheck is part of CygWin.
Similar
to the more known 'depends' program):

G:\MingW32\src\inet\nmap>cygcheck ./ncat.exe
G:\MingW32\src\inet\nmap\ncat.exe
 f:\windows\system32\LIBEAY32.dll
  f:\windows\system32\ADVAPI32.DLL
    f:\windows\system32\KERNEL32.dll
      f:\windows\system32\ntdll.dll
    f:\windows\system32\RPCRT4.dll
      f:\windows\system32\Secur32.dll
  f:\windows\system32\GDI32.dll
    f:\windows\system32\USER32.dll
  f:\windows\system32\msvcrt.dll
  f:\windows\system32\WS2_32.DLL
    f:\windows\system32\WS2HELP.dll
 f:\windows\system32\SSLEAY32.dll
 f:\windows\system32\wpcap.dll
  f:\windows\system32\packet.dll
    f:\windows\system32\VERSION.dll
    f:\windows\system32\NPPTools.dll
      f:\windows\system32\MFC42u.DLL
      f:\windows\system32\ole32.dll
      f:\windows\system32\OLEAUT32.dll
    f:\windows\system32\iphlpapi.dll

(mind the indenting). LIBEAY32.dll and SSLEAY32.dll are from OpenSSL.
wpcap.dll and packet.dll come from WinPcap. The rest of the DLLs should
be part of any standard Windows installation. I'm running Win-XP SP3.


 Is there a way to build it "statically linked" to avoid DLL issues?


Sure, but then you need to hack the makefiles yourself and replace the
needed import libs with the static counterparts.

Gisle V.

# rm -v /bin/laden /bin/laden: removed /bin/laden
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]