Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Two Ncat use cases - for Users' Guide maybe?
From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Mon, 26 Aug 2013 19:25:57 +0200

2013/8/26 Jacek Wielemborek <wielemborekj1 () gmail com>:
Hi Fyodor,

Thanks for the reply! Comments inline.

2013/8/24 Fyodor <fyodor () nmap org>:
On Fri, Aug 16, 2013 at 1:40 PM, Jacek Wielemborek <wielemborekj1 () gmail com>

One might say I hadn't discovered America, but here they are:


It's actually netcat, but works for Ncat too. Credits go to batrick.

Hi Jacek.  Yeah, I think that could be valuable for the user's guide tricks
section.  But with Ncat you could probably make the line even simpler.

At first, I had no idea what you meant, but then I remembered that
--sh-exec functionality basically does the infinite loop and the
redirection for the user, so I ended up with something like this:

nc -lk 8080 --sh-exec "echo -e 'HTTP/1.1 200 OK\r\n'; cat index.html"

For Windows, this is way uglier:

ncat  -l --sh-exec "echo HTTP/1.1 200 OK& echo(&type index.html"

"echo (&" basically says "print a blank newline and proceed to the
next command". As I found while experimenting, adding spaces to the
command would make it not work. Tested under Cygwin.

Firefox would accept the reply without the HTTP header, but adding it
makes the file interpreted as HTML by default.

In addition, you'd probably also want to show how to do a more generic
web server using the new Lua scripting functionality.

The httpd.lua server needs David's final approval before it gets
merged into the trunk. I could write a bit about it anyway already.

2) ssh somehost -D 8080 & ncat --proxy localhost:8080 --proxy-type
socks4 remotehost

That's a good one too.

Think that would fit into the Users' Guide "tricks" section?

Yes!  And you're welcome to add either or both.

All right, I'll most likely find some time to do it today.

The Ncat guide could use
more documentation of the new Lua features too.

Damn, I'm sorry to admit that even though I promised to ask David
about it last time we met, I forgot to. Hopefully I'll remember to
mention it during out meeting tomorrow. It'd be good to know his
vision of the documentation too.

 I just realized that the
Ncat Guide source code is in the web tree, where relatively few people have
access to it.  So I've moved it to the main Nmap repo in
nmap/ncat/docs/ncatguide.xml so everyone can read it and all the committers
can make changes.

Nice, that could speed up things. It would be cool to have some way to
preview the changes to the file too, though. Anyway, thanks for making
that available.


Jacek Wielemborek

I just added the two tricks, see commits 32044-32046. If you find the
style not good enough or want me to revert it and start over in a
topic branch, let me know.

Jacek Wielemborek
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]