mailing list archives
Nmap GSoC 2012 Success Report
From: Fyodor <fyodor () nmap org>
Date: Fri, 19 Oct 2012 16:04:04 -0700
Hi Folks. I'm pleased to report that we have successfully completed our 8th
Google Summer of Code! Four of our five students passed. They wrote a lot of
great code, and almost all of it has been integrated in either the big Nmap
6.00 release, the 6.01 followup, or the current SVN trunk. I'd like to give a
big shout out to Peter, Aleks, Hani, and Sean for doing such a wonderful job!
Let's look at their accomplishments individually:
*Piotr Olma* focused on improving our web scanning support. He made numerous
improvements and fixes to our web spidering and HTTP pipelining system, and
he also wrote or co-authored 7 scripts, including an HTTP form fuzzer, a
sitemap generator, and brute forcers for POP3, IRC SASL, and HTTP digest
*Aleksandar Nikolic* was our NSE vulnerability and exploitation specialist.
He dramatically improved the brute force authentication testing and
username/password libraries. He also wrote 19 scripts, including:
o dns-nsec3-enum uses a clever "NSEC3 walking" technique to enumerate DNSSEC
o samba-vuln-cve-2012-1182, smb-vuln-ms10-054, and smb-vuln-ms10-061 detect
serious vulnerabilities in the Windows and Samba SMB stacks.
o pcanywhere-brute, ftp-brute, and metasploit-msgrpc-brute perform brute
force password auditing against these three popular protocols.
*Hani Benhabiles* spent the summer improving Nmap's network discovery NSE
scripts. He replaced our aging (yet very important) SunRPC enumeration system
with a faster and easier to maintain NSE-based RPC grinder. He also wrote an
incredible 22 scripts, including:
o broadcast-eigrp-discovery, broadcast-igmp-discovery,
broadcast-pim-discovery, and lltd-discovery use these protocols in clever
ways to enumerate available hosts.
o http-waf-fingerprint tries to detect and fingerprint web application
firewalls protecting a website, while firewall-bypass tries to trick the
Netfilter firewall framework into allowing a connection by exploiting its
ftp helper module.
o sip-methods, sip-enum-users, and sip-call-spoof allow for discovery and
manipulation of VoIP services.
Thanks to Peter, Aleks, Hani, and dozens of other contributors, Nmap now
contains more than 430 NSE scripts. Further information on all of them is
available on our documentation portal: http://nmap.org/nsedoc/
While the NSE team was writing amazing scripts, *Sean Rivera* was leading the
"Great Bug Hunt", helping to fix up, clean, and improve numerous parts of
Nmap. For example, he fixed a "spurious closed port" bug that has been
annoying us for a while and he added protocol-specific payloads for IPv6
hop-by-hop (0x00), routing (0x2b), fragment (0x2c), and destination (0x3c)
headers. Sean fixed some Nping bugs as well.
In addition to my shout out to the students, I'd like to thank my fellow
mentors David Fifield, Henri Doreau, and Patrick Donnelly for supporting these
efforts and always being there to help!
Finally, I'd like to thank Google for making all of this possible! They have
spent tens of millions of dollars sponsoring thousands of students to work on
hundreds of open source projects. Nmap by itself has mentored 59 SoC students
in the last 8 years and some continue as top Nmap developers to this day. If
you enjoy Zenmap, the Nmap Scripting Engine, Ncat, Nping, or Ndiff, you're
using features developed in a large part by previous Summer of Code students!
PS: For those who are interested, here are our previous success (pass)
rates and wrap-up reports:
2012 (4/5 - 80%): [this report]
2011 (7/7 - 100%!): http://seclists.org/nmap-dev/2012/q1/542
2010 (8/8 - 100%!): http://seclists.org/nmap-dev/2011/q1/708
2009 (6/6 - 100%!): http://seclists.org/nmap-dev/2009/q4/148
2008 (6/7 - 86%): http://bit.ly/googleblognmap
2007 (5/6 - 83%): http://seclists.org/nmap-dev/2007/q4/24
2006 (8/10 - 80%): http://seclists.org/nmap-dev/2007/q1/235
2005 (7/10 - 70%): http://slashdot.org/comments.pl?sid=183143&cid=15133184
Overall 51 or our 59 students (86%) passed.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- Nmap GSoC 2012 Success Report Fyodor (Oct 19)