Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Jacek's status report - #11 of 16
From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Tue, 20 Aug 2013 01:03:24 +0200

Hi guys,


This is the report 11/16 for the Google Summer of Code project
“Bringing Lua to Ncat”.


This week I'm proud to say that I did some really awesome things! A
while after writing the last report, I started working with my idea on
how to implement socket abstractions in Ncat. After less than a day of
work, I got a working (but kludgy) proof of concept for non-UDP listen
mode that already supported script stacking. Rest of the week I spent
polishing the code and adding new features, which involved developing
a new model for the scripts.


Achievements:


* Came up with socket abstractions “proof of concept” that could
filter an input buffer with stacking support. For example, you could
run “appender.lua” twice and if you connected and wrote “something”,
the server log would read “Received: Received: something” to
demonstrate the filtering. During our meeting, David wrote a ROT13
script and it worked as well. At that point, all connections shared
their state.


* Ported the code to Windows. It was surprisingly easy, the only
non-POSIX I had to write involved detecting if the buffer of a
non-blocking socket is empty.


* Added the support for --*exec command-line switches working with the
new socket abstractions feature. Since I already wrapped around the
ncat_recv/fdinfo_send calls, that wasn't difficult either.


* Figured out a new, cleaner model for the socket abstractions,
similar to what David suggested during our last meeting. This actually
took, according to my log, 6.5 hours of my work. Frustrated by Lua's
behavior, I wrote a test-driven version of my new model's mockup and
looked for a debugger. I found Koneki [1], an amazing Eclipse plugin
for Lua that let me debug my script line-by-line, showing the mistake
I made. For a comparison of a script in the old and new model, take a
look at these two files:


https://svn.nmap.org/!svn/bc/31927/nmap-exp/d33tah/ncat-lua-callbacks/ncat/scripts/filters/appender.lua

https://svn.nmap.org/!svn/bc/31926/nmap-exp/d33tah/ncat-lua-callbacks/ncat/scripts/filters/appender.lua


* Made each connection have its own state, so when you ran a server
driven by my “numberer.lua” script and connected to it a few times,
each connection would have its own counter.


* Got rid of the last_fdn kludge and stored the file descriptor along
with some other connection's internal data in an opaque Lua data
structure called userdata. I made all connections visible in a global
variable all scripts could access, so this change also allowed me to
implement broadcasting, which led to my immodestly awesome chat.lua
demo.


Priorities:


I have to admit I hadn't done all the work David assigned to me for
this week. That's why, some of these tasks are what he asked me to do
on our last meeting - hopefully I'll manage to do some of them until
our meeting tomorrow:


* Test and fix the handling of Unicode overlong sequences in my
httpd.lua server, so it's ready to be merging.


* Look into how Nmap handles socket abstractions.


* Estimate how much time would a connect-mode implementation of socket
abstractions take.


* Perhaps start the connect-mode implementation? And/or play with UDP?


So, well, I'm back to coding! :)


[1] http://www.eclipse.org/koneki/ldt/ - definitely worth seeing!


Yours,

Jacek Wielemborek
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • Jacek's status report - #11 of 16 Jacek Wielemborek (Aug 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]