Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: ncat usage
From: Dave Henderson <dhenderson () digital-pipe com>
Date: Thu, 10 May 2012 08:57:47 -0400

Good morning James, thanks for the continued help. So here's where we're at right now... I've modified the code so that ncat stays continually running (as well as using the -C parameter as indicated by one of the websites below). Could there be a problem with using 'head' in conjunction with ncat (or named pipes)? When I try to access the URI now, instead of the script running, the browser is prompting me to save the file. Thoughts?

Thanks,
Dave



mkfifo "$SI"
mkfifo "$SO"
ncat $sOPTS -Ck -l 127.0.0.1 $iPORT < "$SI" > "$SO" &

while (( 1 == 1 )); do
    trap exitGraceful SIGINT
    head -n 1 "$SO" | procRequest > "$SI"
    trap - SIGINT
done




On 05/09/2012 06:59 PM, James Rogers wrote:
Yes, each file you send has to have the content type and http header
along with the two newlines.

Unless configured to do multiple requests per connection, each
connection from a web browser will send the headers and the content
for just a single get request.

On Wed, May 9, 2012 at 3:58 PM, Dave Henderson
<dhenderson () digital-pipe com>  wrote:
No problem. :)  And I need to use multiple 'Content Type: ...' headers - one
for the script and one per file sent (along with the 'HTTP/1.1 200 OK' per
requested file)?

Thanks,
Dave



On 05/09/2012 02:50 PM, James Rogers wrote:
Yes, a content type should allow the browser to display the output.
Sorry I missed that.

On Wed, May 9, 2012 at 2:48 PM, Dave Henderson
<dhenderson () digital-pipe com>    wrote:
Thanks for the response James.  I did have that line, but with no
trailing
newlines.  Since I've added the newlines to the output, when I access the
URI, it's prompting me to save the file instead of executing it.  I
shouldn't need a "Content Type: ..." declaration as well before executing
the script right?  The executed script should provide that before sending
output IIRC.

Thanks,
Dave



On 05/09/2012 02:14 PM, James Rogers wrote:
The file you are trying to upload to the web browser, does it have the
http response as the first line followed by a couple of newlines?

A valid file to return would look like this:

HTTP/1.0 200 OK

<html>
   <body>
     <h1>Hello, world!</h1>
   </body>
</html>

Without the http response in the file the browser won't know what to do.

I got this example file from here:
http://nmap.org/ncat/guide/ncat-usage.html



On Wed, May 9, 2012 at 1:25 PM, Dave Henderson
<dhenderson () digital-pipe com>      wrote:
On 05/07/2012 04:10 PM, Dave Henderson wrote:
On 05/07/2012 03:57 PM, David Fifield wrote:
On Mon, May 07, 2012 at 03:34:06PM -0400, Dave Henderson wrote:
Good afternoon gang!  I'm working on a project that currently uses
Berkley's netcat (nc), however, during some research I stumbled on
ncat.  I can see that it's much more comprehensive so I'd like to
make the switch to using it instead, but I can't seem to get it
working right.  The project is basically a bash version of a web
server.  I'll post the working code below.  Any help would greatly
be appreciated!

Thanks,
Dave



while (( 1 == 1 )); do                # causes an infinite loop for
processing requests
     #nc -Cl $sOPTS "$iPORT"<        "$SI">        "$SO"
2>>/tmp/debug.txt&
  #
netcat-openbsd - DEBUGGING ERRORS/MESSAGES
     nc -Cl $sOPTS "$iPORT"<        "$SI">        "$SO"&
# netcat-openbsd
     #ncat $sOPTS -vvv -C -l 127.0.0.1 $iPORT<        "$SI">
  "$SO"&
# ncat

     trap exitGraceful SIGINT                                    #
traps ctrl-C to exit this script
     head -n 1 "$SO" | procRequest>        "$SI"
     trap - SIGINT
done
You will probably be happier with this (no while loop):

ncat -l -k $iPORT --sh-exec "cat \"$SI\""

Compare to some examples here:

http://nmap.org/ncat/guide/ncat-simple-services.html

David Fifield

Thanks for the reply David.  I've tried using your stated command in
place
of the 'while' loop, but I'm still getting the same result - no
content
in
browser.  Possibly a problem by not using the $SO named pipe?  I did
take a
look at the example page before I even contacted this mailing list,
but
I
didn't see anything on there that was helpful.  Any other thoughts?

Thanks,
Dave

bump for help

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault