New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds -z option for Ncat #444
Conversation
@@ -723,6 +728,24 @@ int main(int argc, char *argv[]) | |||
} | |||
} | |||
|
|||
if (o.zerobyte) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bonsaiviking Any better way to blacklist most of the incompatible options ?
This is well on its way. A few points of feedback:
|
@@ -307,7 +307,7 @@ int main(int argc, char *argv[]) | |||
{"nsock-engine", required_argument, NULL, 0}, | |||
{"test", no_argument, NULL, 0}, | |||
{"ssl", no_argument, &o.ssl, 1}, | |||
{"zero", no_argument, NULL, 'z'}, | |||
{"z", no_argument, NULL, 'z'}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To add a short argument, you don't need to add to the long_options
array, just make sure it's included in the string argument to getopt_long
(which it is below).
@bonsaiviking Thanks for review, I have pushed correction for this. I am little doubtful over the implementation of UDP scan, here are few reasons why -
I also think that This is the LINK to capture performed for Netcat. First five frames correspond to command |
@@ -1259,6 +1279,11 @@ static void write_socket_handler(nsock_pool nsp, nsock_event evt, void *data) | |||
ncat_assert(status == NSE_STATUS_SUCCESS); | |||
} | |||
|
|||
if (o.zerobyte){ | |||
ncat_assert(o.proto == IPPROTO_UDP); | |||
nsock_read(nsp, cs.sock_nsi, read_socket_handler, 1000 * 2, NULL); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've kept 2s as time limit here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We shouldn't hard-code this. We should be able to use either o.conntimeout
or o.idletimeout
instead. I lean towards conntimeout because we're waiting for a "connection" instead of a "read," though with UDP they're essentially the same thing.
} while ($pid > 0 && $pid != $c_pid); | ||
$pid == $c_pid or die; | ||
$code = $? >> 8; | ||
$code == 2 or die "Exit code was $code, not 2"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is exit code 2 for this? ncat/util.c
has this comment for the die
and bye
functions:
/* Exit status 2 indicates a program error other than a network error. */
So I think we should try to have the exit code be 1 in this case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am trying but have not been able to catch the reason for getting the error code as 2. Strangely, it prints error code as 1 when tried manually like ./ncat -zv localhost 5000
then echo $?
do { | ||
$pid = waitpid($c_pid, 0); | ||
} while ($pid > 0 && $pid != $c_pid); | ||
$pid == $c_pid or "$pid != $c_pid"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing die
on this line.
Looks great! @tremblerz commit this as soon as you fix the missing |
No description provided.