Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Named pipe library

From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 11 Feb 2011 07:31:36 +0100

On Feb 11, 2011, at 07:07 , Chris Woodbury wrote:


In the process of adding named-pipe support to the SQL Server scripts,
I created an NSE library for named pipes[1]. The primary component is
a "named_pipe" class, which is modeled after a socket (i.e. connect(),
disconnect(), send(), receive() ), and it is essentially a wrapper
around calls to the SMB library, with some state and logic to make
things easier.


Nice! I think this will be a very useful addition to the SQL Server scripts.
I'll gladly test this code once it's supported by the scripts.
I noticed a description in the library that shouldn't be there, have a look at the other libraries on how this should 
be documented.


Its main features (aside from its existence) are some
pipe-specific error handling and automatic reassembly of multi-packet
messages. In the course of writing it, I added [2] a few bits of
functionality to smb.lua to support named pipes, including a bugfix
for the handling of the NT_STATUS_BUFFER_OVERFLOW, which, despite its
scary name, means that there's another packet coming to complete the
message. While I'm at it, I have another patch [3] for smb.lua, which
just adds a bit more detail to a few debug messages.

-chris

[1] namedpipes.lua - I'm not sure if this is better kept separate, or
merged into an existing library.


If it should be merged anywhere the SMB library probably makes most sense.


[2] smb_pipe_support.patch
[3] smb_debug.patch
<namedpipes.lua><smb_debug.patch><smb_pipe_support.patch>_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: