incapaz de iniciar um shell de ligação com ssl no ncat

1

Ncat: versão 7.10

eu tentei isso com outra versão também sem sorte.

este é o cmd que eu dei para iniciar o ouvinte. Se eu não iniciar o shell de ligação, então este ouvinte funciona sem problemas e se eu não usar o problema de ligação ssl, o shell funciona quando usado em conjunto.

ncat -vvvvvlknp 9999 -e cmd.exe --ssl

aqui está o stacktrace inteiro para o ouvinte

Ncat: Version 7.10 ( https://nmap.org/ncat )
Ncat: Generating a temporary 1024-bit RSA key. Use --ssl-key and --ssl-cert to use a permanent one.
Ncat: SHA-1 fingerprint: F939 1FB9 B513 9F69 5528 52BC 84C6 C1D9 7361 0562
NCAT DEBUG: Initialized fdlist with 63 maxfds
Ncat: Listening on :::9999
NCAT DEBUG: Added fd 508 to list, nfds 1, maxfd 508
Ncat: Listening on 0.0.0.0:9999
NCAT DEBUG: Added fd 512 to list, nfds 2, maxfd 512
NCAT DEBUG: Added fd 0 to list, nfds 3, maxfd 512
NCAT DEBUG: Initialized fdlist with 60 maxfds
NCAT DEBUG: selecting, fdmax 512
NCAT DEBUG: select returned 1 fds ready
NCAT DEBUG: fd 512 is ready
Ncat: Connection from 127.0.0.1.
Ncat: Connection from 127.0.0.1:1916.
NCAT DEBUG: Added fd 516 to list, nfds 4, maxfd 516
NCAT DEBUG: selecting, fdmax 516
NCAT DEBUG: select returned 2 fds ready
NCAT DEBUG: fd 516 is ready
NCAT DEBUG: selecting, fdmax 516
NCAT DEBUG: select returned 1 fds ready
NCAT DEBUG: fd 516 is ready
NCAT DEBUG: Executing: cmd.exe
NCAT DEBUG: Creating named pipe "\.\pipe\ncat-444-0"
NCAT DEBUG: Register subprocess 000000BC at index 0.
NCAT DEBUG: selecting, fdmax 516
NCAT DEBUG: Unregister subprocess 000000BC from index 0.
NCAT DEBUG: Subprocess still running, terminating it.
NCAT DEBUG: Subprocess ended with exit code 0.
NCAT DEBUG: Terminating subprocesses
NCAT DEBUG: max_index 1
NCAT DEBUG: Terminating subprocesses
NCAT DEBUG: max_index 1

conectando-se ao ouvinte. Estou usando um endereço de loopback porque esse é o mesmo sistema. este comando está funcionando se eu desabilitar o --ssl,

Estou usando o endereço de loopback aqui, mas o resultado é o mesmo, mesmo se eu usar várias máquinas virtuais.

ncat 127.0.0.1 9999 -vvvv --ssl

aqui está o stacktrace inteiro para conexão de saída.

Ncat: Version 7.10 ( https://nmap.org/ncat )
libnsock nsock_set_loglevel(): Set log level to DEBUG
NCAT DEBUG: Using trusted CA certificates from C:\Program Files (x86)\Nmap\ca-bundle.crt.
NCAT DEBUG: Not doing certificate verification.
libnsock nsock_iod_new2(): nsock_iod_new (IOD #1)
libnsock event_new(): event_new (IOD #1) (EID #9)
libnsock nsock_connect_ssl(): SSL connection requested to 127.0.0.1:9999/tcp (IOD #1) EID 9
libnsock nsock_pool_add_event(): NSE #9: Adding event (timeout in 10000ms)
libnsock nsock_loop(): nsock_loop() started (no timeout). 1 events pending
Ncat: Subject: CN=localhost
Ncat: Issuer: CN=localhost
Ncat: SHA-1 fingerprint: F939 1FB9 B513 9F69 5528 52BC 84C6 C1D9 7361 0562
Ncat: Certificate verification failed (self signed certificate).
libnsock nsock_trace_handler_callback(): Callback: SSL-CONNECT SUCCESS for EID 9 [127.0.0.1:9999]
Ncat: SSL connection to 127.0.0.1:9999.
Ncat: SHA-1 fingerprint: F939 1FB9 B513 9F69 5528 52BC 84C6 C1D9 7361 0562
libnsock nsock_iod_new2(): nsock_iod_new (IOD #2)
libnsock event_new(): event_new (IOD #1) (EID #18)
libnsock nsock_read(): Read request from IOD #1 [127.0.0.1:9999] (timeout: -1ms) EID 18
libnsock nsock_pool_add_event(): NSE #18: Adding event (timeout in 584645012ms)
libnsock event_new(): event_new (IOD #2) (EID #26)
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 26
libnsock nsock_pool_add_event(): NSE #26: Adding event (timeout in 584645012ms)
libnsock event_delete(): event_delete (IOD #1) (EID #9)
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 18 [127.0.0.1:9999] (114 bytes)

se conecta ao ouvinte aqui inicia o shell de ligação.

Microsoft Windows [Version 10.0.16299.371](c) 2017 Microsoft Corporation. All rights reserved.
C:\Users\wetg>


libnsock event_new(): event_new (IOD #1) (EID #34)
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #1 [127.0.0.1:9999] EID 34
libnsock nsock_pool_add_event(): NSE #34: Adding event (timeout in 584645012ms)
libnsock event_delete(): event_delete (IOD #1) (EID #18)

libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 26 [peer unspecified] (1 bytes): .
libnsock event_new(): event_new (IOD #1) (EID #43)
libnsock nsock_write(): Write request for 1 bytes to IOD #1 EID 43 [127.0.0.1:9999]
libnsock nsock_pool_add_event(): NSE #43: Adding event (timeout in 584640354ms)
libnsock event_delete(): event_delete (IOD #2) (EID #26)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 43 [127.0.0.1:9999]
libnsock event_new(): event_new (IOD #2) (EID #50)
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 50
libnsock nsock_pool_add_event(): NSE #50: Adding event (timeout in 584640354ms)
libnsock event_delete(): event_delete (IOD #1) (EID #43)
libnsock nsock_trace_handler_callback(): Callback: READ EOF for EID 34 [127.0.0.1:9999]
close: Result too large

Aqui fecha a conexão automaticamente porque "o resultado é grande".

    
por vaibhavcool20 19.04.2018 / 14:29

0 respostas