1 files changed, 150 insertions, 0 deletions
diff --git a/todo/shinnok.txt b/todo/shinnok.txt
new file mode 100644
index 0000000..b294e42
--- /dev/null
+++ b/todo/shinnok.txt
@@ -0,0 +1,150 @@
+In progress:
+============
+
+o We should offer partial results when a host
+  timeouts. I (Fyodor) have been against this in the past, but maybe
+  the value is sufficient to be worth the maintenance headaches.  Many
+  users have asked for this.  If we do implement this, we may want to
+  only print results for the COMPLETED phases (e.g. host discovery,
+  port scanning, version detection, traceroute, NSE, etc.)  Trying to
+  print partial results of a port scan or NSE or the like might be a
+  pain.  And if we print some results for a host which timeouts, we
+  should give a very clear warning that the results for that host are
+  incomplete. As an example, here is someone who hacked Nmap source
+  code to achieve this: http://seclists.org/pen-test/2010/Mar/108.
+  o Another benefit would be that it would allow us to clean
+    up/regularize the host output code. Right now there are I think
+    three places where a host's final output can be printed. If,
+    instead, that code just looked at what information was available and
+    printed that out only, we could potentially isolate it in just one
+    place.
+  o This also might let us provide a feature for skipping the rest of
+    an Nmap phase which is going too slowly (I think that has its own
+    Nmap TODO item).
+
+Hanging(waiting for further input, etc..):
+==========================================
+
+o Nmap *poor's man* test suite by expanding on what I already have in
+  /nmap-exp/shinnok/nmap-test-script.
+
+o NMAP reports different service results every so often with the same port.
+  http://seclists.org/nmap-dev/2011/q2/815
+
+o Review latest revision of Marek's ncat_proxy.patch - DONE
+  http://seclists.org/nmap-dev/2011/q2/573
+  o Commit approval pending
+
+Pending:
+========
+
+Pending (low priority):
+=======================
+
+o E-mail nmap-dev with GProfiles /ncrack
+  o Create new default username list:
+  http://seclists.org/nmap-dev/2010/q1/798
+  o Could be a SoC Ncrack task, though should prove useful for Nmap
+    too
+  o We probably want to support several lists.  Like an admin/default
+    list like "root", "admin", "administrator", "web", "user", "test",
+    and also a general list which we obtain from spidering from
+    emails, etc.
+
+Potential:
+==========
+
+COMPLETED:
+==========
+
+o Add a --append-output option to ncat. [DONE - r25737]
+
+o libpcre/pcre.h - is cleared upon make distclean thus leaving the SVN
+  working directory dirty
+  http://seclists.org/nmap-dev/2011/q2/708
+
+o De-duplicate code by unifying ncat_broker.c and ncat_listen.c code paths,
+  either as a single file in ncat_listen.c or merge duplicate code in
+  ncat_listen.c and keep only broker specific code in ncat_broker.c(it it's a
+  lot of code, otherwise ncat_listen.c would do just fine).
+
+o Nmap should defer address parsing in arguments until it has read
+  through all the args.  Otherwise you get an error if you use like -S
+  with an IPv6 address before you put -6 in the command line.  You
+  get a similar problem (on David's IPv6 branch) if you do "-A -6"
+  (but "-6 -A works properly).
+
+o Delve into Lua and NSE and try to write some scripts to get the hang
+  of it and gain a better understanding of the NSE engine in Nmap.
+  o Written two NSE scripts, http-reverse-ip and http-google-email that
+    can be found in /nmap-exp/shinnok/nse.
+
+o E-mail nmap-dev with QtCreator usage steps for Nmap
+
+--
+o Ncat hangs on ssl -> REFACTORING
+  some refactoring left to be done to reduce code duplication
+  http://seclists.org/nmap-dev/2011/q2/842
+  o Commit current switch/ifdef refactoring patch.
+  o Research code deduplication even further.
+
+o Ncat chat (at least in ssl mode) no longer gives the banner greeting
+  when I connect.  This worked in r23918, but not in r24185, which is
+  the one running on chat.nmap.org as of 6/20/11.  Verify by running
+  "ncat --ssl -v chat.nmap.org"
+
+o Pending uncompleted SSL handshakes when in --exec* listening mode make
+  Ncat consume 100% cpu(core/thread).
+  Possible solutions:
+    o Listen on the union of the two sets in ncat_listen.c composed of the
+      current set and a secondary one, ssl_pending which should include the
+      pending ssl hanshake sockets.
+    o Timeout ssl handshakes.
+    o Delay adding the exec output pipes to fselect/WaitForMultipleObjects 
+      until the ssl handshake has been completed.
+  http://seclists.org/nmap-dev/2011/q2/988
+---
+
+o Fix ncat.xml(the input for the man page) examples section. - David came up
+  with the final right fix on this one.
+
+o Ncat should close its socket and refuse further connections after the first
+  one, if invoked without --keep-open. That's what traditional netcat does
+  too. - DONE [r24197]
+  http://seclists.org/nmap-dev/2011/q2/944
+  o Add TEST in ncat-test.pl - DONE [r24373]
+
+o Closing Zenmap without stopping the scan first will leave nmap running in 
+  the process list on Windows. [r24308]
+  [Actually, Zenmap was unable to kill the nmap scan processes at all on 
+  Windows]
+
+o Zenmap should wait for the return exit code of the nmap scanning subprocess
+  upon killing it(canceled scan), otherwise the subprocesses will enter a 
+  defunct(zombie) state.[r24235]
+
+o Fix build_icmp_raw and build_igmp_raw filling the packet data payload
+  with zeroes instead of the supplied random data, when nmap is invoked
+  with --data-length.[r24127]
+
+o Investigate and document how easy it is to drop Ncat.exe by itself
+  on other systems and have it work. [r24242]
+  http://seclists.org/nmap-dev/2011/q2/1090
+
+  o We should also look into the dependencies of Nmap and Zenmap.  
+    It may be instructive to look at "Portable Firefox"
+    (http://portableapps.com/apps/internet/firefox_portable) which is
+    built using open source technology from portableapps.com, or look at
+    "The Network Toolkit" by Cace
+    (http://www.cacetech.com/products/network_toolkit.html).
+
+o --max-conns is broken in latest svn -> fixed in r24130, other two
+  bugs discovered:
+  o --max-conns 0 kills ncat with a glibc assertion error on calloc with
+  zero as nmemb(??) at:
+    init_fdlist(&broadcast_fdlist, o.conn_limit);
+  o When killing the first initiated connection on --max-conns > 1 Ncat:
+    Ncat: Program bug: fd (5) not on list. QUITTING.
+  [DONE]The previous two bugs were introduced in r24130, they are now fixed
+  in r24193.
+