New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

portable ncat 6.47 or 6.49BETA4 doesn't work with --ssl switch #197

Closed
pkreuzt opened this Issue Aug 10, 2015 · 3 comments

Comments

Projects
None yet
3 participants
@pkreuzt

pkreuzt commented Aug 10, 2015

Statically built ncat fails to manage input from network when --ssl switch is active. For example:

C:\nmap-6.47\ncat\Release>ncat.exe 10.0.2.2 8888 --ssl -vvv -e cmd.exe
Ncat: Version 6.47 ( http://nmap.org/ncat )
NCAT DEBUG: Not doing certificate verification.
libnsock nsi_new2(): nsi_new (IOD #1)
libnsock nsock_connect_ssl(): SSL connection requested to 10.0.2.2:8888/tcp (IOD #1) EID 9
libnsock nsock_trace_handler_callback(): Callback: SSL-CONNECT SUCCESS for EID 9 [10.0.2.2:8888]
Ncat: SSL connection to 10.0.2.2:8888.
Ncat: SHA-1 fingerprint: DBF1 C72E C572 1B5E 6AA1 942C F3D9 FAA1 6710 752D
libnsock nsi_new2(): nsi_new (IOD #2)
NCAT DEBUG: Executing: cmd.exe
NCAT DEBUG: Creating named pipe ".\pipe\ncat-2340-0"
NCAT DEBUG: Register subprocess 00000168 at index 0.

----------------- other side sent command here -----------------

NCAT DEBUG: Unregister subprocess 00000168 from index 0.
NCAT DEBUG: Subprocess still running, terminating it.
NCAT DEBUG: Subprocess ended with exit code 0.

Command is not executed and connection is dropped aparently with no error message. When executing the same sequence without --ssl switch it works as expected.

@dmiller-nmap

This comment has been minimized.

Show comment
Hide comment
@Varunram

This comment has been minimized.

Show comment
Hide comment
@Varunram

Varunram Mar 20, 2017

Another report by Olivia Nelson:

Server

# ./ncat.linux -l -p 8888 --ssl -vv
Ncat: Version 7.40 ( https://nmap.org/ncat )
Ncat: Generating a temporary 1024-bit RSA key. Use --ssl-key and
--ssl-cert to use a permanent one.
Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
Ncat: Listening on :::8888
Ncat: Listening on 0.0.0.0:8888
Ncat: Connection from 172.16.177.30.
Ncat: Connection from 172.16.177.30:49180.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

x:\>dir
NCAT DEBUG: Closing connection.

Client

x:>ncat 172.16.177.200 8888 -e cmd --ssl -vv
Ncat: Version 7.40 ( https://nmap.org/ncat )
NCAT DEBUG: Using trusted CA certificates from x:\ca-bundle.crt.
NCAT DEBUG: Unable to load trusted CA certificates from x:\ca-bundle.cr
t: error:02001002:system library:fopen:No such file or directory
NCAT DEBUG: Not doing certificate verification.
libnsock nsock_iod_new2(): nsock_iod_new (IOD #1)
libnsock nsock_connect_ssl(): SSL connection requested to 172.16.177.200:8888/tc
p (IOD #1) EID 9
Ncat: Subject: CN=localhost
Ncat: Issuer: CN=localhost
Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
Ncat: Certificate verification failed (self signed certificate).
libnsock nsock_trace_handler_callback(): Callback: SSL-CONNECT SUCCESS for EID 9
 [172.16.177.200:8888]
Ncat: SSL connection to 172.16.177.200:8888.
Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
libnsock nsock_iod_new2(): nsock_iod_new (IOD #2)
NCAT DEBUG: Executing: cmd
NCAT DEBUG: Terminating subprocesses

Varunram commented Mar 20, 2017

Another report by Olivia Nelson:

Server

# ./ncat.linux -l -p 8888 --ssl -vv
Ncat: Version 7.40 ( https://nmap.org/ncat )
Ncat: Generating a temporary 1024-bit RSA key. Use --ssl-key and
--ssl-cert to use a permanent one.
Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
Ncat: Listening on :::8888
Ncat: Listening on 0.0.0.0:8888
Ncat: Connection from 172.16.177.30.
Ncat: Connection from 172.16.177.30:49180.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

x:\>dir
NCAT DEBUG: Closing connection.

Client

x:>ncat 172.16.177.200 8888 -e cmd --ssl -vv
Ncat: Version 7.40 ( https://nmap.org/ncat )
NCAT DEBUG: Using trusted CA certificates from x:\ca-bundle.crt.
NCAT DEBUG: Unable to load trusted CA certificates from x:\ca-bundle.cr
t: error:02001002:system library:fopen:No such file or directory
NCAT DEBUG: Not doing certificate verification.
libnsock nsock_iod_new2(): nsock_iod_new (IOD #1)
libnsock nsock_connect_ssl(): SSL connection requested to 172.16.177.200:8888/tc
p (IOD #1) EID 9
Ncat: Subject: CN=localhost
Ncat: Issuer: CN=localhost
Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
Ncat: Certificate verification failed (self signed certificate).
libnsock nsock_trace_handler_callback(): Callback: SSL-CONNECT SUCCESS for EID 9
 [172.16.177.200:8888]
Ncat: SSL connection to 172.16.177.200:8888.
Ncat: SHA-1 fingerprint: CC5E 8A28 A19F 9254 2BC5 869C DFDC 47C0 D566 4D87
libnsock nsock_iod_new2(): nsock_iod_new (IOD #2)
NCAT DEBUG: Executing: cmd
NCAT DEBUG: Terminating subprocesses
@pkreuzt

This comment has been minimized.

Show comment
Hide comment
@pkreuzt

pkreuzt Jun 17, 2017

Bug still present in ncat version 7.50. Patch from ac8b866 doesn't solve the problem.

pkreuzt commented Jun 17, 2017

Bug still present in ncat version 7.50. Patch from ac8b866 doesn't solve the problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment