Andrew's Status Report - #15 of 17

[Andrew Jason Farabee <afarabee () uci edu>]

Hi everyone!

Accomplishments:
 * Did some restructuring of nsock/src/proxy_http.c.  It now uses
separate states for digest and basic authentication.
 * Outlined creating a shared library between nsock and ncat for the
http parsing and the hashing protocols (RFC 2617) necessary for proxy
(and general) http authentication (thanks to d33tah and Daniel
Miller).  This is after a lot of trial and error that included trying
to rewrite the parsing and hashing functions in nsock/src/proxy_http.c
and copying/modifying the relevant functions from ncat.
 * Tested http-vuln-cve2010-0738.nse and http-vmware-path-vuln.nse and
modified the NOT_VULN output for "Port 5 *-vuln NSE scripts to the
vulns library", github issue 147.
 * Met with my mentor (afk!)

Priorities:
 * Set up shared library of http parsing and authentication functions
for use in ncat and nsock.
 * Wrap up http proxy digest authentication, test, and document.
 * Recommit and clean up socks5 proxy support in nsock, add tests, and document.
 * I'd like to create a tree of dependencies for my branches.  For
example, nmap-nsock-socks5 will probably be able to be merged by
itself, but merging nmap-ncat-proxychains would be a regression if
nmap-nsock-socks5 and nmap-nsock-proxyauth were not also merged.

Thanks to all the nmap devs that I got to meet at defcon! I had a
really great time and I'm still a bit starstruck. Since I'm driving
home tomorrow night and traffic is unpredictable I'm sending this out
a bit early (for me at least).

Cheers!

Andrew
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/