Commit 6cdb9e98 authored by Sophie Brun's avatar Sophie Brun

Import new upstream release

parent 8c87533b
ncrack (0.5-0kali1) kali-dev; urgency=medium
* Import new upstream release
-- Sophie Brun <sophie@freexian.com> Mon, 18 Apr 2016 12:01:13 +0200
ncrack (0.4-alpha-1kali2) kali-dev; urgency=medium
* Drop build-dependency and dependency on python-support (obsolete package)
......
......@@ -3,7 +3,7 @@ Section: utils
Priority: extra
Maintainer: Devon Kearns <dookie@kali.org>
Build-Depends: debhelper (>= 9), autotools-dev, autoconf, flex, bison, libssl-dev, libpcap0.8-dev, libpcre3-dev, binutils-dev, python (>=2.3.5-7), python-all-dev, liblua5.1-dev
Standards-Version: 3.9.3
Standards-Version: 3.9.7
Homepage: http://nmap.org/ncrack/
Vcs-Git: git://git.kali.org/packages/ncrack.git
Vcs-Browser: http://git.kali.org/gitweb/?p=packages/ncrack.git;a=summary
......@@ -28,3 +28,6 @@ Description: High-speed network authentication cracking tool
for ease of use, runtime interaction similar to Nmap's and
many more. Protocols supported include RDP, SSH, http(s),
SMB, pop3(s), VNC, FTP, and telnet.
.
Be sure to read the Ncrack man page (https://nmap.org/ncrack/man.html)
to fully understand Ncrack usage.
......@@ -3,90 +3,122 @@ Upstream-Name: ncrack
Source: http://nmap.org/ncrack/
Files: *
Copyright: 1996-2011 Insecure.Com LLC
Copyright: 1996-2016 Insecure.Com LLC
License: Other
*********************IMPORTANT NMAP LICENSE TERMS************************
.
The Nmap Security Scanner is (C) 1996-2011 Insecure.Com LLC. Nmap is
also a registered trademark of Insecure.Com LLC. This program is free
software; you may redistribute and/or modify it under the terms of the
GNU General Public License as published by the Free Software
Foundation; Version 2 with the clarifications and exceptions described
below. This guarantees your right to use, modify, and redistribute
this software under certain conditions. If you wish to embed Nmap
technology into proprietary software, we sell alternative licenses
(contact sales@insecure.com). Dozens of software vendors already
license Nmap technology such as host discovery, port scanning, OS
detection, and version detection.
.
Note that the GPL places important restrictions on "derived works", yet
it does not provide a detailed definition of that term. To avoid
misunderstandings, we consider an application to constitute a
"derivative work" for the purpose of this license if it does any of the
following:
o Integrates source code from Nmap
o Reads or includes Nmap copyrighted data files, such as
nmap-os-db or nmap-service-probes.
o Executes Nmap and parses the results (as opposed to typical shell or
execution-menu apps, which simply display raw Nmap output and so are
not derivative works.)
o Integrates/includes/aggregates Nmap into a proprietary executable
installer, such as those produced by InstallShield.
o Links to a library or executes a program that does any of the above
.
The term "Nmap" should be taken to also include any portions or derived
works of Nmap. This list is not exclusive, but is meant to clarify our
interpretation of derived works with some common examples. Our
interpretation applies only to Nmap--we don't speak for other people's
GPL works.
.
If you have any questions about the GPL licensing restrictions on using
Nmap in non-GPL works, we would be happy to help. As mentioned above,
we also offer alternative license to integrate Nmap into proprietary
applications and appliances. These contracts have been sold to dozens
of software vendors, and generally include a perpetual license as well
as providing for priority support and updates as well as helping to
fund the continued development of Nmap technology. Please email
sales@insecure.com for further information.
.
As a special exception to the GPL terms, Insecure.Com LLC grants
permission to link the code of this program with any version of the
OpenSSL library which is distributed under a license identical to that
listed in the included docs/licenses/OpenSSL.txt file, and distribute
linked combinations including the two. You must obey the GNU GPL in all
respects for all of the code used other than OpenSSL. If you modify
this file, you may extend this exception to your version of the file,
but you are not obligated to do so.
.
If you received these files with a written license agreement or
contract stating terms other than the terms above, then that
alternative license agreement takes precedence over these comments.
.
Source is provided to this software because we believe users have a
***********************IMPORTANT NMAP LICENSE TERMS************************
.
The Nmap Security Scanner is (C) 1996-2016 Insecure.Com LLC. Nmap is
also a registered trademark of Insecure.Com LLC. This program is free
software; you may redistribute and/or modify it under the terms of the
GNU General Public License as published by the Free Software
Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE CLARIFICATIONS
AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your right to use,
modify, and redistribute this software under certain conditions. If
you wish to embed Nmap technology into proprietary software, we sell
alternative licenses (contact sales@nmap.com). Dozens of software
vendors already license Nmap technology such as host discovery, port
scanning, OS detection, version detection, and the Nmap Scripting
Engine.
.
Note that the GPL places important restrictions on "derivative works",
yet it does not provide a detailed definition of that term. To avoid
misunderstandings, we interpret that term as broadly as copyright law
allows. For example, we consider an application to constitute a
derivative work for the purpose of this license if it does any of the
following with any software or content covered by this license
("Covered Software"):
.
o Integrates source code from Covered Software.
.
o Reads or includes copyrighted data files, such as Nmap's nmap-os-db
or nmap-service-probes.
.
o Is designed specifically to execute Covered Software and parse the
results (as opposed to typical shell or execution-menu apps, which will
execute anything you tell them to).
.
o Includes Covered Software in a proprietary executable installer. The
installers produced by InstallShield are an example of this. Including
Nmap with other software in compressed or archival form does not
trigger this provision, provided appropriate open source decompression
or de-archiving software is widely available for no charge. For the
purposes of this license, an installer is considered to include Covered
Software even if it actually retrieves a copy of Covered Software from
another source during runtime (such as by downloading it from the
Internet).
.
o Links (statically or dynamically) to a library which does any of the
above.
.
o Executes a helper program, module, or script to do any of the above.
This list is not exclusive, but is meant to clarify our interpretation
of derived works with some common examples. Other people may interpret
the plain GPL differently, so we consider this a special exception to
the GPL that we apply to Covered Software. Works which meet any of
these conditions must conform to all of the terms of this license,
particularly including the GPL Section 3 requirements of providing
source code and allowing free redistribution of the work as a whole.
.
As another special exception to the GPL terms, Insecure.Com LLC grants
permission to link the code of this program with any version of the
OpenSSL library which is distributed under a license identical to that
listed in the included docs/licenses/OpenSSL.txt file, and distribute
linked combinations including the two.
.
Any redistribution of Covered Software, including any derived works,
must obey and carry forward all of the terms of this license, including
obeying all GPL rules and restrictions. For example, source code of
the whole work must be provided and free redistribution must be
allowed. All GPL references to "this License", are to be treated as
including the terms and conditions of this license text as well.
.
Because this license imposes special exceptions to the GPL, Covered
Work may not be combined (even as part of a larger work) with plain GPL
software. The terms, conditions, and exceptions of this license must
be included as well. This license is incompatible with some other open
source licenses as well. In some cases we can relicense portions of
Nmap or grant special permissions to use it in other open source
software. Please contact fyodor@nmap.org with any such requests.
Similarly, we don't incorporate incompatible open source software into
Covered Software without special permission from the copyright holders.
.
If you have any questions about the licensing restrictions on using
Nmap in other works, are happy to help. As mentioned above, we also
offer alternative license to integrate Nmap into proprietary
applications and appliances. These contracts have been sold to dozens
of software vendors, and generally include a perpetual license as well
as providing for priority support and updates. They also fund the
continued development of Nmap. Please email sales@nmap.com for further
information.
.
If you have received a written license agreement or contract for
Covered Software stating terms other than these, you may choose to use
and redistribute Covered Software under those terms instead of these.
.
Source is provided to this software because we believe users have a
right to know exactly what a program is going to do before they run it.
This also allows you to audit the software for security holes (none
have been found so far).
.
Source code also allows you to port Nmap to new platforms, fix bugs,
and add new features. You are highly encouraged to send your changes
to nmap-dev@insecure.org for possible incorporation into the main
distribution. By sending these changes to Fyodor or one of the
Insecure.Org development mailing lists, it is assumed that you are
offering the Nmap Project (Insecure.Com LLC) the unlimited,
non-exclusive right to reuse, modify, and relicense the code. Nmap
will always be available Open Source, but this is important because the
inability to relicense code has caused devastating problems for other
Free Software projects (such as KDE and NASM). We also occasionally
relicense the code to third parties as discussed above. If you wish to
specify special license conditions of your contributions, just say so
when you send them.
.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License v2.0 for more details at
http://www.gnu.org/licenses/gpl-2.0.html , or in the COPYING file
included with Nmap.
This also allows you to audit the software for security holes.
.
Source code also allows you to port Nmap to new platforms, fix bugs,
and add new features. You are highly encouraged to send your changes
to the dev@nmap.org mailing list for possible incorporation into the
main distribution. By sending these changes to Fyodor or one of the
Insecure.Org development mailing lists, or checking them into the Nmap
source code repository, it is understood (unless you specify otherwise)
that you are offering the Nmap Project (Insecure.Com LLC) the
unlimited, non-exclusive right to reuse, modify, and relicense the
code. Nmap will always be available Open Source, but this is important
because the inability to relicense code has caused devastating problems
for other Free Software projects (such as KDE and NASM). We also
occasionally relicense the code to third parties as discussed above.
If you wish to specify special license conditions of your
contributions, just say so when you send them.
.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Nmap
license file for more details (it's in a COPYING file included with
Nmap, and also available from https://svn.nmap.org/nmap/COPYING)
Files: debian/*
Copyright: 2013 Devon Kearns <dookie@kali.org>
......
Description: Fix spelling error
Author: Sophie Brun <sophie@freexian.com>
Last-Update: 2016-04-18
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/docs/ncrack.1
+++ b/docs/ncrack.1
@@ -114,7 +114,7 @@ SERVICE SPECIFICATION:
path <name>: used in modules like HTTP (\'=\' needs escaping if used)
TIMING AND PERFORMANCE:
Options which take <time> are in seconds, unless you append \'ms\'
- (miliseconds), \'m\' (minutes), or \'h\' (hours) to the value (e\&.g\&. 30m)\&.
+ (milliseconds), \'m\' (minutes), or \'h\' (hours) to the value (e\&.g\&. 30m)\&.
Service\-specific options:
cl (min connection limit): minimum number of concurrent parallel connections
CL (max connection limit): maximum number of concurrent parallel connections
@@ -233,7 +233,7 @@ rather than on the command line\&.
.SH "SERVICE SPECIFICATION"
.\" service specification
.PP
-No cracking session can be carried out without targetting a certain service to attack\&. Service specification is one of the most flexible subsystems of Ncrack and collaborates with target\-specification in a way that allows different option combinations to be applied\&. For Ncrack to start running, you will have to specify at least one target host and one associated service to attack\&. Ncrack provides ways to specify a service by its default port number, by its name (as extracted from the
+No cracking session can be carried out without targeting a certain service to attack\&. Service specification is one of the most flexible subsystems of Ncrack and collaborates with target\-specification in a way that allows different option combinations to be applied\&. For Ncrack to start running, you will have to specify at least one target host and one associated service to attack\&. Ncrack provides ways to specify a service by its default port number, by its name (as extracted from the
ncrack\-services
file) or both\&. Normally, you need to define both name and port number only in the special case where you know that a particular service is listening on a non\-default port\&.
.PP
@@ -313,7 +313,7 @@ option (see below for explanation)\&.
.SH "SERVICE OPTIONS"
.\" service options
.PP
-Apart from general service specification, Ncrack allows you to provide a multitude of options that apply to each or a subset of your targets\&. Options include timing and performance optimizations (which are thoroughly analyzed in a seperate section), SSL enabling/disabling and other module\-specific parameters like the relative URL path for the HTTP module\&. Options can be defined in a variety of ways which include: per\-host options, per\-module options and global options\&. Since a combination of these options may be used, there is a strict hierarchy of precedence which will be discussed later\&.
+Apart from general service specification, Ncrack allows you to provide a multitude of options that apply to each or a subset of your targets\&. Options include timing and performance optimizations (which are thoroughly analyzed in a separate section), SSL enabling/disabling and other module\-specific parameters like the relative URL path for the HTTP module\&. Options can be defined in a variety of ways which include: per\-host options, per\-module options and global options\&. Since a combination of these options may be used, there is a strict hierarchy of precedence which will be discussed later\&.
.PP
\fBPer\-host Options\fR
.PP
@@ -511,7 +511,7 @@ all do the same thing\&.
\fBConnection Limit\fR
.sp
-These options control the total number of connections that may be outstanding for any service at the same time\&. Normally, Ncrack tries to dynamically adjust the number of connections for each individual target by counting how many drops or connection failures happen\&. If a strange network condition occurs, that signifies that something may be going wrong, like the host dropping any new connection attempts, then Ncrack will immediately lower the total number of connections hitting the service\&. However, the caps number of the minimum or maximum connections that will take place can be overriden using these two options\&. By properly adjusting them, you can essentially optimize performance, if you can handle the tricky part of knowing or discovering your target\'s own limits\&. The convention here is that
+These options control the total number of connections that may be outstanding for any service at the same time\&. Normally, Ncrack tries to dynamically adjust the number of connections for each individual target by counting how many drops or connection failures happen\&. If a strange network condition occurs, that signifies that something may be going wrong, like the host dropping any new connection attempts, then Ncrack will immediately lower the total number of connections hitting the service\&. However, the caps number of the minimum or maximum connections that will take place can be overridden using these two options\&. By properly adjusting them, you can essentially optimize performance, if you can handle the tricky part of knowing or discovering your target\'s own limits\&. The convention here is that
\fBcl\fR
with lowercase letters is referring to the minimum connection limit, while
\fBCL \fR
@@ -954,7 +954,7 @@ The SMB module currently works over raw
\fBRDP Module \fR
.PP
.RS 4
-RDP (Remote Desktop Protocol) is a proprietary protocol developed by Microsoft for the purpose of providing remote terminal services by transfering graphics display information from the remote computer to the user and transporting input commands from the user to the remote computer\&. Fortunately, Microsoft recently decided to open the protocol\'s internal workings to the public and has provided official documentation, which can be found at
+RDP (Remote Desktop Protocol) is a proprietary protocol developed by Microsoft for the purpose of providing remote terminal services by transferring graphics display information from the remote computer to the user and transporting input commands from the user to the remote computer\&. Fortunately, Microsoft recently decided to open the protocol\'s internal workings to the public and has provided official documentation, which can be found at
\m[blue]\fB\%http://msdn.microsoft.com/en-us/library/cc240445%28v=PROT.10%29.aspx\fR\m[]
.sp
RDP is one of the most complex protocols, requiring the exchange of many packets, even for just the authentication phase\&. For this reason, cracking it takes a lot of time and this is probably the slowest module\&. The connection phase is briefly described at
--- a/docs/ncrack.usage.txt
+++ b/docs/ncrack.usage.txt
@@ -22,7 +22,7 @@ SERVICE SPECIFICATION:
path <name>: used in modules like HTTP ('=' needs escaping if used)
TIMING AND PERFORMANCE:
Options which take <time> are in seconds, unless you append 'ms'
- (miliseconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
+ (milliseconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
Service-specific options:
cl (min connection limit): minimum number of concurrent parallel connections
CL (max connection limit): maximum number of concurrent parallel connections
--- a/ncrack.cc
+++ b/ncrack.cc
@@ -244,7 +244,7 @@ print_usage(void)
"used)\n"
"TIMING AND PERFORMANCE:\n"
" Options which take <time> are in seconds, unless you append 'ms'\n"
- " (miliseconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m)."
+ " (milliseconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m)."
"\n"
" Service-specific options:\n"
" cl (min connection limit): minimum number of concurrent parallel "
fix-spelling-errors.patch
#!/usr/bin/make -f
# -*- makefile -*-
# Sample debian/rules that uses debhelper.
# This file was originally written by Joey Hess and Craig Small.
# As a special exception, when this file is copied by dh-make into a
# dh-make output file, you may use that output file without restriction.
# This special exception was added by Craig Small in version 0.37 of dh-make.
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
%:
dh $@ --with autotools-dev
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment