Nmap Development mailing list archives

Re: GSOC 2012

From: David Fifield <david () bamsoftware com>
Date: Tue, 20 Mar 2012 18:53:51 -0700

On Wed, Mar 21, 2012 at 12:14:15AM +0530, SAI LAKSHMI Bhavana wrote:

Hello All,

I am a opensource enthusiast.
I have been studying and following Nmap from several months on IRC
Channels and mailing lists .
I want to contribute to Nmap.

I have good C and C++ skills and comfortable with Lua programming.I
have good knowledge of IP and IPv6 protocols.

I am presently working on the functionality  to scan through proxies.I
am trying to implement it with sending connect requests to the proxy.

I have a good idea about Scripting engine.
I am very much interested to develop new features , test and develop
scripts for IPv6 applications .

Hello Bhavana. Scanning through proxies would be an awesome summer
project. We really should have the design criteria for it better
outlined, but here are some thoughts on the subject.

It should support using a chain of proxies of different types. For
example I am picturing a command line something like this:
nmap -sT <target> --proxy socks4a://localhost:9100/ --proxy http://proxy2:8080/ --proxy socks5://proxy3:3128/
Maybe the URL syntax is enough to encode all the information we need
about a proxy, maybe not. But anyway, designing in this way will, I
think, lead to a better design than assuming only one proxy. (Designing
for only one proxy may lead to quick hacks that are hard to maintain and
extend.)

It would be nice if name resolution can happen through a proxy. But I
think this will require easy-but-nontrivial changes to Nmap core code.
So I would be fine with an initial implementation that still uses the
system resolver.

I'm thinking that it may be easier to first implement and test proxy
support in Nsock, not the port scanner. Nsock is the event-driven socket
library that is used for various purposes, including version detection
and NSE. It ought to be possible to set a proxy chain on an Nsock pool
or IOD and then, for example, nsock_connect_tcp would use it. There
should probably be another layer of abstraction added so that
applications that want to interact with the network directly can do so,
without any proxies in the way. (The proxy code will itself probably use
this lower abstraction layer.)

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

GSoC 2012 Zisis Sialveras (Feb 09)
- Re: GSoC 2012 David Fifield (Mar 17)
- <Possible follow-ups>
- GSOC 2012 SAI LAKSHMI Bhavana (Mar 20)
  - Re: GSOC 2012 David Fifield (Mar 20)
    - Re: GSOC 2012 SAI LAKSHMI Bhavana (Mar 22)
    - Re: GSOC 2012 David Fifield (Mar 22)
    - Re: GSOC 2012 SAI LAKSHMI Bhavana (Mar 29)
    - Re: GSOC 2012 David Fifield (Mar 29)