diff --git a/CHANGELOG b/CHANGELOG index 256424e3c..cf5d7f320 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,19 @@ # Nmap Changelog ($Id$) +o Improved the NmapFE port to GTK2 so it better-conforms to the new + API and you don't get as many annoying messages in your terminal + window. Thanks to Priit Laes (amd(a)store20.com) for writing these + excellent patches. + +o Made some changes to allow source port zero scans (-g0). Nmap used + to refused to do this, but now it just gives a warning that it may not + work on all systems. It seems to work fine on my Linux box. Thanks + to Bill Dale (bill_dale(a)bellsouth.net) for suggesting this feature. + +o Fixed Nmap so it doesn't crash when you ask it to resume a previous + scan, but pass in a bogus file rather than actual Nmap output. Thanks + to Piotr Sobolewski (piotr_sobolewski(a)o2.pl) for the fix. + 3.95 o Fixed a crash in IPID Idle scan. Thanks to Ron diff --git a/Makefile.in b/Makefile.in index 2f485f7f2..d10afda71 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,4 +1,4 @@ -export NMAP_VERSION = 3.94ALPHA3 +export NMAP_VERSION = 3.95 NMAP_NAME= Nmap NMAP_URL= http://www.insecure.org/nmap/ NMAP_PLATFORM=@host@ diff --git a/docs/nmap.1 b/docs/nmap.1 index adf86f4ad..faadda057 100644 --- a/docs/nmap.1 +++ b/docs/nmap.1 @@ -2,7 +2,7 @@ .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" Instead of manually editing it, you probably should edit the DocBook XML .\" source for it and then use the DocBook XSL Stylesheets to regenerate it. -.TH "NMAP" "1" "12/06/2005" "" "Nmap Reference Guide" +.TH "NMAP" "1" "12/11/2005" "" "Nmap Reference Guide" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) @@ -1285,7 +1285,7 @@ Hundreds of people have made valuable contributions to Nmap over the years. Thes file which is distributed with Nmap and also available from \fI\%http://www.insecure.org/nmap/nmap_changelog.html\fR. .SH "LEGAL NOTICES" -.SS "Copyright and Licensing" +.SS "Nmap Copyright and Licensing" .PP The Nmap Security Scanner is (C) 1996\-2005 Insecure.Com LLC. Nmap is also a registered trademark of Insecure.Com LLC. This program is free software; you may redistribute and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; Version 2. This guarantees your right to use, modify, and redistribute this software under certain conditions. If you wish to embed Nmap technology into proprietary software, we may be willing to sell alternative licenses (contact ). Many security scanner vendors already license Nmap technology such as host discovery, port scanning, OS detection, and service/version detection. @@ -1332,6 +1332,10 @@ for further information. As a special exception to the GPL terms, Insecure.Com LLC grants permission to link the code of this program with any version of the OpenSSL library which is distributed under a license identical to that listed in the included Copying.OpenSSL file, and distribute linked combinations including the two. You must obey the GNU GPL in all respects for all of the code used other than OpenSSL. If you modify this file, you may extend this exception to your version of the file, but you are not obligated to do so. .PP If you received these files with a written license agreement or contract stating terms other than the terms above, then that alternative license agreement takes precedence over these comments. +.SS "Creative Commons license for this Nmap guide" +.PP +This Nmap Reference Guide is (C) 2005 Insecure.Com LLC. It is hereby placed under version 2.5 of the +[8]\&\fICreative Commons Attribution License\fR. This allows you redistribute and modify the work as you desire, as long as you credit the original source. Alternatively, you may choose to treat this document as falling under the same license as Nmap itself (discussed previously). .SS "Source code availability and community contributions" .PP Source is provided to this software because we believe users have a right to know exactly what a program is going to do before they run it. This also allows you to audit the software for security holes (none have been found so far). @@ -1355,15 +1359,15 @@ Nmap should never be installed with special privileges (e.g. suid root) for secu .SS "Third\-Party Software" .PP This product includes software developed by the -[8]\&\fIApache Software Foundation\fR. A modified version of the -[9]\&\fILibpcap portable packet capture library\fR +[9]\&\fIApache Software Foundation\fR. A modified version of the +[10]\&\fILibpcap portable packet capture library\fR is distributed along with nmap. The Windows version of Nmap utilized the libpcap\-derived -[10]\&\fIWinPcap library\fR +[11]\&\fIWinPcap library\fR instead. Regular expression support is provided by the -[11]\&\fIPCRE library\fR, which is open source software, written by Philip Hazel. Certain raw networking functions use the -[12]\&\fILibdnet\fR +[12]\&\fIPCRE library\fR, which is open source software, written by Philip Hazel. Certain raw networking functions use the +[13]\&\fILibdnet\fR networking library, which was written by Dug Song. A modified version is distributed with Nmap. Nmap can optionally link with the -[13]\&\fIOpenSSL cryptography toolkit\fR +[14]\&\fIOpenSSL cryptography toolkit\fR for SSL version detection support. All of the third\-party software described in this paragraph is freely redistributable under BSD\-style software licenses. .SS "US Export Control Classification" .PP @@ -1392,20 +1396,23 @@ US Export Control: Insecure.Com LLC believes that Nmap falls under US ECCN (expo 7.\ Nmap::Parser \%http://www.nmapparser.com .TP 4 - 8.\ Apache Software Foundation + 8.\ Creative Commons Attribution License +\%http://creativecommons.org/licenses/by/2.5/ +.TP 4 + 9.\ Apache Software Foundation \%http://www.apache.org .TP 4 - 9.\ Libpcap portable packet capture library +10.\ Libpcap portable packet capture library \%http://www.tcpdump.org .TP 4 -10.\ WinPcap library +11.\ WinPcap library \%http://www.winpcap.org .TP 4 -11.\ PCRE library +12.\ PCRE library \%http://www.pcre.org .TP 4 -12.\ Libdnet +13.\ Libdnet \%http://libdnet.sourceforge.net .TP 4 -13.\ OpenSSL cryptography toolkit +14.\ OpenSSL cryptography toolkit \%http://www.openssl.org diff --git a/docs/nmap.usage.txt b/docs/nmap.usage.txt index acada8c2e..915622cf3 100644 --- a/docs/nmap.usage.txt +++ b/docs/nmap.usage.txt @@ -1,4 +1,4 @@ -Nmap 3.94ALPHA3 ( http://www.insecure.org/nmap/ ) +Nmap 3.95 ( http://www.insecure.org/nmap/ ) Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. diff --git a/nmap-service-probes b/nmap-service-probes index ba6b4456e..211f88547 100644 --- a/nmap-service-probes +++ b/nmap-service-probes @@ -91,7 +91,7 @@ match complex-link m|^\x06\x07\xd0\0\x01\0\0\0\x01\0\x02\x07\xd0\0\x01\0\0\x01\x # CompTek AquaGateKeeper (Telephony package) http://aqua.comptek.ru match H.323/Q.931 m|^\x03\0\0.*@| p/CompTek AquaGateKeeper/ # Cisco router running IOS 12.1.5-12.2.13a -match H.323/Q.931 m|^\xff\xfb\x01\xff\xfb\x03\xff\xfd\x18\xff\xfd\x1f$| p/Cisco router/ d/router/ o/IOS/ +match telnet m|^\xff\xfb\x01\xff\xfb\x03\xff\xfd\x18\xff\xfd\x1f$| p/Cisco router/ d/router/ o/IOS/ match cvspserver m|^no repository configured in /| p/CVS pserver/ i/broken/ match cvspserver m|^/usr/sbin/cvs-pserver: line \d+: .*cvs: No such file or directory\n| p/CVS pserver/ i/broken/ @@ -275,8 +275,8 @@ match ftp m|^220---------- Welcome to Pure-FTPd \[privsep\] \[TLS\] ----------\r match ftp m|^220---------- .* Pure-FTPd ----------\r\n220-| p/Pure-FTPd/ match ftp m|^220-.*214 Pure-FTPd - http://pureftpd\.org/\r\n|s p/Pure-FTPd/ -match ftp m/^220 ready, dude \(vsFTPd (\d[0-9.]+): beat me, break me\)\r\n/ p/vsFTPd/ v/$1/ o/Unix/ -match ftp m/^220 \(vsFTPd ([-.\w]+)\)\r\n$/ p/vsFTPd/ v/$1/ o/Unix/ +match ftp m/^220 ready, dude \(vsFTPd (\d[0-9.]+): beat me, break me\)\r\n/ p/vsftpd/ v/$1/ o/Unix/ +match ftp m/^220 \(vsFTPd ([-.\w]+)\)\r\n$/ p/vsftpd/ v/$1/ o/Unix/ match ftp m/^220 TYPSoft FTP Server (\d\S+) ready\.\.\.\r\n/ p/TYPSoft ftpd/ v/$1/ o/Windows/ match ftp m/^220-MegaBit Gear (\S+).*FTP server ready/ p/MegaBit Gear ftpd/ v/$1/ match ftp m/^220.*WS_FTP Server (\d\S+)/ p/WS FTPd/ v/$1/ o/Windows/ @@ -1835,8 +1835,8 @@ match ftp m|^220 FTP server ready\.\r\n530 access denied\.\r\n| p/Intel NetportE match ftp m|^220 FTP server ready\.\r\n501 Command not supported\.\r\n$| p/D-Link Printer Server ftpd/ d/print server/ match ftp m|^220 ([-.\w]+) FTP server ready\.\r\n530 Please login with USER and PASS\.\r\n530 Please login with USER and PASS\.\r\n$| p/Solaris ftpd/ h/$1/ o/Solaris/ # vsftpd (Very Secure FTP Daemon) 1.0.0 on linux with custom ftpd_banner -# We'll have to see if this match is unique enough -match ftp m|^220 .*\r\n530 Please login with USER and PASS\.\r\n530 Please login with USER and PASS\.\r\n|s p/vsFTPd/ i/customized banner/ +# We'll have to see if this match is unique enough ... no, it is not enough +match ftp m|^220 .*\r\n530 Please login with USER and PASS\.\r\n530 Please login with USER and PASS\.\r\n|s p/vsftpd or WU-FTPD/ match ftp m|^220 ([-.\w]+) FTP Server ready \.\.\.\r\n530 \r : User not logged in\. Please login with USER and PASS first\.\r\n530 \r : User not logged in\. Please login with USER and PASS first\.\r\n$| p/Bulletproof ftp server/ o/Windows/ h/$1/ # BulletProof FTP 2.21 on Windows 2000 Server match ftp m|^220 ftp\r\n$| p/Bulletproof ftp server/ o/Windows/ diff --git a/nmap-services b/nmap-services index bc1ef8c6f..f40e12f15 100644 --- a/nmap-services +++ b/nmap-services @@ -105,10 +105,10 @@ tacacs-ds 65/tcp # TACACS-Database Service tacacs-ds 65/udp # TACACS-Database Service sql*net 66/tcp # Oracle SQL*NET sql*net 66/udp # Oracle SQL*NET -dhcpserver 67/tcp # DHCP/Bootstrap Protocol Server -dhcpserver 67/udp # DHCP/Bootstrap Protocol Server -dhcpclient 68/tcp # DHCP/Bootstrap Protocol Client -dhcpclient 68/udp # DHCP/Bootstrap Protocol Client +dhcps 67/tcp # DHCP/Bootstrap Protocol Server +dhcps 67/udp # DHCP/Bootstrap Protocol Server +dhcpc 68/tcp # DHCP/Bootstrap Protocol Client +dhcpc 68/udp # DHCP/Bootstrap Protocol Client tftp 69/tcp # Trivial File Transfer tftp 69/udp # Trivial File Transfer gopher 70/tcp # @@ -1155,6 +1155,7 @@ iad2 1031/udp # BBN IAD iad3 1032/tcp # BBN IAD iad3 1032/udp # BBN IAD netinfo 1033/tcp # Netinfo is apparently on many OS X boxes. +activesync-notify 1034/udp # Windows Mobile device ActiveSync Notifications netsaint 1040/tcp # Netsaint status daemon boinc-client 1043/tcp # BOINC Client Control boinc-client 1043/udp # BOINC Client Control @@ -1835,6 +1836,7 @@ www-dev 2784/tcp # world wide web - development www-dev 2784/udp # world wide web - development corbaloc 2809/tcp # Corba extensisportfolio 2903/tcp # Portfolio Server by Extensis Product Group +wap-push 2948/udp # Windows Mobile devices often have this symantec-av 2967/udp # Symantec AntiVirus (rtvscan.exe) iss-realsec 2998/tcp # ISS RealSecure IDS Remote Console Admin port ppp 3000/tcp # User-level ppp daemon, or chili!soft asp @@ -2101,6 +2103,8 @@ cucme-1 7648/udp # cucme live video/audio server cucme-2 7649/udp # cucme live video/audio server cucme-3 7650/udp # cucme live video/audio server cucme-4 7651/udp # cucme live video/audio server +nsrexecd 7937/tcp # Legato NetWorker +lgtomapper 7938/tcp # Legato portmapper http-alt 8000/tcp # A common alternative http port ajp12 8007/tcp # Apache JServ Protocol 1.x ajp13 8009/tcp # Apache JServ Protocol 1.3 diff --git a/nmap.cc b/nmap.cc index e17e9a8e0..450cf1b6e 100644 --- a/nmap.cc +++ b/nmap.cc @@ -565,7 +565,7 @@ int nmap_main(int argc, char *argv[]) { case 'g': o.magic_port = atoi(optarg); o.magic_port_set = 1; - if (!o.magic_port) fatal("-g needs nonzero argument"); + if (o.magic_port == 0) error("WARNING: a source port of zero may not work on all systems."); break; case 'h': printusage(argv[0], 0); break; case '?': printusage(argv[0], -1); break; @@ -1322,8 +1322,9 @@ int gather_logfile_resumption_state(char *fname, int *myargc, char ***myargv) { filestr[filelen - 1] = '\0'; /* First goal is to find the nmap args */ - p = strstr(filestr, " as: "); - p += 5; + if ((p = strstr(filestr, " as: "))) + p += 5; + else fatal("Unable to parse supposed log file %s. Are you sure this is an Nmap output file?", fname); while(*p && !isspace((int) *p)) p++; if (!*p) fatal("Unable to parse supposed log file %s. Sorry", fname); diff --git a/nmap_winconfig.h b/nmap_winconfig.h index 57d47f193..370dede4a 100644 --- a/nmap_winconfig.h +++ b/nmap_winconfig.h @@ -104,7 +104,7 @@ #ifndef NMAP_WINCONFIG_H #define NMAP_WINCONFIG_H -#define NMAP_VERSION "3.94ALPHA3" +#define NMAP_VERSION "3.95" #define NMAP_NAME "Nmap" #define NMAP_URL "http://www.insecure.org/nmap" #define NMAP_PLATFORM "i686-pc-windows-windows" diff --git a/nmapfe/nmapfe.c b/nmapfe/nmapfe.c index e38907c03..00ff40e8e 100644 --- a/nmapfe/nmapfe.c +++ b/nmapfe/nmapfe.c @@ -132,26 +132,60 @@ /* Keep this global */ struct NmapFEoptions opt; +void openLog(char *); +static void LogOpen_callback (void); +static void LogSave_callback (void); +static void LogAppend_callback (void); +static void Help_callback (void); +static void Version_callback (void); +static void About_callback (void); +static void Quit_callback (void); +static void Colourize_callback (GtkAction *action, GtkRadioAction *current); -static GtkItemFactoryEntry mainMenuEntries[] = { - { "/_File", NULL, NULL, FILE_MENU, "" }, - { "/File/Open Log", NULL, mainMenu_fcb, FILEOPEN_MENU, NULL }, - { "/File/Save Log", NULL, mainMenu_fcb, FILESAVE_MENU, NULL }, - { "/File/-", NULL, NULL, SEP_MENU, "" }, - { "/File/Quit", NULL, mainMenu_fcb, FILEQUIT_MENU, NULL }, - { "/_View", NULL, NULL, VIEW_MENU, "" }, - { "/View/Black&White", NULL, mainMenu_fcb, VIEWMONO_MENU, "" }, - { "/View/Coloured", NULL, mainMenu_fcb, VIEWCOLOR_MENU, "/View/Black&White" }, - { "/View/-", NULL, NULL, SEP_MENU, "" }, - { "/View/Append Log", NULL, mainMenu_fcb, VIEWAPPEND_MENU, "" }, - { "/_Help", NULL, NULL, HELP_MENU, "" }, - { "/Help/Help", NULL, mainMenu_fcb, HELPHELP_MENU, NULL }, - { "/Help/Nmap Version", NULL, mainMenu_fcb, HELPVERSION_MENU, NULL }, - { "/Help/-", NULL, NULL, SEP_MENU, "" }, - { "/Help/About ...", NULL, mainMenu_fcb, HELPABOUT_MENU, NULL }, - { NULL, NULL, NULL, NO_MENU, NULL } +GtkWidget *main_win; + +static GtkActionEntry menu_entries[] = { + { "FileMenu", NULL, "_File" }, /* File menu */ + { "LogOpen", NULL, "_Open Log", NULL, "Open log file", LogOpen_callback }, + { "LogSave", NULL, "_Save Log", NULL, "Save log file", LogSave_callback }, + { "Quit", NULL, "_Quit", NULL, "Quit the program", Quit_callback }, + { "ViewMenu", NULL, "_View" }, /* View menu */ + { "HelpMenu", NULL, "_Help" }, /* Help menu */ + { "Help", NULL, "_Help", NULL, NULL, Help_callback }, + { "Version", NULL, "_Nmap version", NULL, NULL, Version_callback }, + { "About", NULL, "_About NMapFE...", NULL, NULL, About_callback } +}; +static GtkToggleActionEntry menu_entries_toggle[] = { + { "LogAppend", NULL, "Append log", NULL, NULL, LogAppend_callback } +}; +static GtkRadioActionEntry menu_entries_radio[] = { + { "View_RGB", NULL, "Coloured", NULL, NULL, 1}, + { "View_BW", NULL, "Black & White", NULL, NULL, 2} }; +static const char *menu_description = + "" + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + " " + ""; static GtkItemFactoryEntry userScanEntries[] = { { "/Connect Scan", NULL, scanType_changed_fcb, CONNECT_SCAN, NULL }, @@ -228,7 +262,116 @@ static GtkItemFactoryEntry outputFormatEntries[] = { { NULL, NULL, NULL, NO_OUTPUT, NULL } }; +static void +LogOpen_callback (void) { + static char filename[FILENAME_MAX+1] = ""; + gtk_widget_show(create_fileSelection("Open Log", filename, openLog, NULL)); +} +static void +LogSave_callback (void) { + static char filename[FILENAME_MAX+1] = ""; + gtk_widget_show(create_fileSelection("Save Log", filename, openLog, NULL)); +} +static void +Quit_callback (void) { + stop_scan(); + gtk_main_quit(); +} +static void +Colourize_callback (GtkAction *action, GtkRadioAction *current) { + opt.viewValue = gtk_radio_action_get_current_value(current); +} +static void +LogAppend_callback (void) { + opt.appendLog = !opt.appendLog; +} +static void +Version_callback (void) { + execute("nmap -V"); +} +static void +Help_callback (void) { + gtk_widget_show(create_helpDialog()); +} +static void +About_callback (void) { +#if GTK_CHECK_VERSION(2,6,0) + static const gchar *authors[] = + { + "Nmap is written by Fyodor ", + "with the help of many-many others." + "\n", + "NmapFE originally written by Zach Smith ", + "GUI rework by:", + " Peter Marschall ", + "Ported to GTK2 by:", + " Mike Basinger ", + " Meethune Bhowmick ", + NULL + }; + gtk_show_about_dialog ( GTK_WINDOW(main_win), + "authors", authors, + "comments", "Frontend for Nmap security scanner", + "name", "Nmap & NmapFE", + "version", VERSION, + "website", "http://www.insecure.org/nmap", + NULL); +#else + GtkWidget *aboutDialog; + GtkWidget *vbox; + GtkWidget *notebook; + GtkWidget *text; + GtkWidget *label; + aboutDialog = gtk_dialog_new_with_buttons("About NmapFE & Nmap", + NULL, + GTK_DIALOG_MODAL, + GTK_STOCK_OK, + GTK_RESPONSE_NONE, + NULL); + + g_signal_connect_swapped (aboutDialog, + "response", + G_CALLBACK (gtk_widget_destroy), + aboutDialog); + + gtk_widget_set_usize(aboutDialog, 200, 200); + gtk_window_position(GTK_WINDOW(aboutDialog), GTK_WIN_POS_CENTER); + + vbox = GTK_DIALOG(aboutDialog)->vbox; + + notebook = gtk_notebook_new(); + gtk_box_pack_start(GTK_BOX(vbox), notebook, TRUE, TRUE, 0); + + label = gtk_label_new("NmapFE"); + text = gtk_label_new("Author: Zach Smith\n" + "EMail: key@aye.net\n" + "http://a.linuxbox.com\n" + "Written in: C/GTK\n" + "\n" + "GUI rewritten by:\n" + "Author: Peter Marschall\n" + "EMail: peter@adpm.de"); + + gtk_widget_show(label); + gtk_widget_show(text); + gtk_notebook_append_page(GTK_NOTEBOOK(notebook), text, label); + + label = gtk_label_new("Nmap"); + text = gtk_label_new("Author: Fyodor\n" + "EMail: fyodor@insecure.org\n" + "http://www.insecure.org/nmap\n" + "Written in: C++"); + + gtk_widget_show(label); + gtk_widget_show(text); + gtk_notebook_append_page(GTK_NOTEBOOK(notebook), text, label); + + gtk_widget_show_all(aboutDialog); + +#endif + +} /* Returns a menubar widget made from the above menu */ static GtkWidget *new_factory_menu(GtkWidget *window, GtkType menuType, @@ -265,7 +408,6 @@ GtkItemFactoryEntry *end = entries; GtkWidget* create_main_win() { - GtkWidget *main_win; GtkWidget *main_vbox; GtkWidget *menubar; GtkWidget *hbox; @@ -279,6 +421,12 @@ GtkWidget *frame; GtkWidget *table; GtkAdjustment *adjust; + GtkAccelGroup *accel_group; + GtkActionGroup *action_group; + GtkUIManager *ui_manager; + + GError *error; + /* initialize our options */ opt.viewValue = 1; opt.appendLog = FALSE; @@ -305,7 +453,7 @@ GtkAdjustment *adjust; gtk_window_set_title(GTK_WINDOW(main_win), "Nmap Front End v" VERSION); gtk_window_position (GTK_WINDOW (main_win), GTK_WIN_POS_CENTER); gtk_signal_connect (GTK_OBJECT (main_win), "delete_event", - GTK_SIGNAL_FUNC(exitNmapFE_cb), NULL); + GTK_SIGNAL_FUNC(Quit_callback), NULL); /* vertical box for menu bar, input, output and status fields */ @@ -313,17 +461,34 @@ GtkAdjustment *adjust; gtk_container_add (GTK_CONTAINER (main_win), main_vbox); gtk_widget_show (main_vbox); + action_group = gtk_action_group_new ("MenuActions"); + gtk_action_group_add_actions (action_group, menu_entries, + G_N_ELEMENTS (menu_entries), main_win); + gtk_action_group_add_radio_actions (action_group, menu_entries_radio, + G_N_ELEMENTS (menu_entries_radio), 0, + G_CALLBACK(Colourize_callback), main_win); + + gtk_action_group_add_toggle_actions (action_group, menu_entries_toggle, + G_N_ELEMENTS (menu_entries_toggle), main_win); + + ui_manager = gtk_ui_manager_new (); + gtk_ui_manager_insert_action_group (ui_manager, action_group, 0); + + error = NULL; + if (!gtk_ui_manager_add_ui_from_string (ui_manager, menu_description, -1, &error)) { + g_message ("building menus failed: %s", error->message); + g_error_free (error); + exit (EXIT_FAILURE); + } /* main menu */ - menubar = new_factory_menu(main_win, GTK_TYPE_MENU_BAR, "", - mainMenuEntries, NULL); - gtk_box_pack_start (GTK_BOX (main_vbox), menubar, FALSE, TRUE, 0); - if (opt.uid == 0) { - GtkWidget *w = gtk_item_factory_get_widget_by_action(gtk_item_factory_from_widget(menubar), - VIEWCOLOR_MENU); - gtk_check_menu_item_set_active(GTK_CHECK_MENU_ITEM(w), TRUE); - } + menubar = gtk_ui_manager_get_widget (ui_manager, "/MainMenu"); + gtk_box_pack_start (GTK_BOX (main_vbox), menubar, + FALSE, TRUE, 0); gtk_widget_show (menubar); + /* Install the accelerator table in the main window */ + accel_group = gtk_ui_manager_get_accel_group (ui_manager); + gtk_window_add_accel_group (GTK_WINDOW (main_win), accel_group); /* upper hbox for horizontal alignment */ hbox = gtk_hbox_new(FALSE, 5); @@ -350,7 +515,7 @@ GtkAdjustment *adjust; button = gtk_button_new_with_label("Exit"); /*gtk_object_set(GTK_OBJECT(button), "width", 48, NULL);*/ gtk_signal_connect(GTK_OBJECT(button), "clicked", - GTK_SIGNAL_FUNC(exitNmapFE_cb), NULL); + GTK_SIGNAL_FUNC(Quit_callback), NULL); gtk_box_pack_end(GTK_BOX(hbox), button, FALSE, FALSE, 0); gtk_widget_show(button); @@ -398,6 +563,7 @@ GtkAdjustment *adjust; gtk_table_attach_defaults(GTK_TABLE(table), opt.scanType, 0, 4, 0, 1); gtk_widget_show(opt.scanType); + opt.scanRelayLabel = gtk_label_new("Relay Host:"); gtk_label_set_justify(GTK_LABEL(opt.scanRelayLabel), GTK_JUSTIFY_LEFT); if ((opt.scanValue != BOUNCE_SCAN) && (opt.scanValue != IDLE_SCAN)) @@ -1196,66 +1362,6 @@ GtkAdjustment *adjust; return main_win; } - -GtkWidget* create_aboutDialog() -{ -GtkWidget *aboutDialog; -GtkWidget *vbox; -GtkWidget *notebook; -GtkWidget *text; -GtkWidget *label; - - aboutDialog = gtk_dialog_new_with_buttons("About NmapFE & Nmap", - NULL, - GTK_DIALOG_MODAL, - GTK_STOCK_OK, - GTK_RESPONSE_NONE, - NULL); - - - g_signal_connect_swapped (aboutDialog, - "response", - G_CALLBACK (gtk_widget_destroy), - aboutDialog); - - gtk_widget_set_usize(aboutDialog, 200, 200); - gtk_window_position(GTK_WINDOW(aboutDialog), GTK_WIN_POS_CENTER); - - vbox = GTK_DIALOG(aboutDialog)->vbox; - - notebook = gtk_notebook_new(); - gtk_box_pack_start(GTK_BOX(vbox), notebook, TRUE, TRUE, 0); - - label = gtk_label_new("NmapFE"); - text = gtk_label_new("Author: Zach Smith\n" - "EMail: key@aye.net\n" - "http://a.linuxbox.com\n" - "Written in: C/GTK\n" - "\n" - "GUI rewritten by:\n" - "Author: Peter Marschall\n" - "EMail: peter@adpm.de"); - - gtk_widget_show(label); - gtk_widget_show(text); - gtk_notebook_append_page(GTK_NOTEBOOK(notebook), text, label); - - label = gtk_label_new("Nmap"); - text = gtk_label_new("Author: Fyodor\n" - "EMail: fyodor@insecure.org\n" - "http://www.insecure.org/nmap\n" - "Written in: C++"); - - gtk_widget_show(label); - gtk_widget_show(text); - gtk_notebook_append_page(GTK_NOTEBOOK(notebook), text, label); - - gtk_widget_show(notebook); - - return(aboutDialog); -} - - GtkWidget* create_fileSelection(const char *title, char *filename, void (*action)(), GtkEntry *entry) { GtkWidget *selector = gtk_file_selection_new((title) ? title : "Select File"); diff --git a/nmapfe/nmapfe_sig.c b/nmapfe/nmapfe_sig.c index d6456b813..f6c711e2d 100644 --- a/nmapfe/nmapfe_sig.c +++ b/nmapfe/nmapfe_sig.c @@ -199,15 +199,6 @@ GtkWidget *main_win; return 0; } - -void exitNmapFE_cb(GtkButton *button, void *ignored) -{ - /* First we want to kill the Nmap process that is running */ - stop_scan(); - gtk_main_quit(); -} - - void scanButton_toggled_cb(GtkButton *button, void *ignored) { if(GTK_TOGGLE_BUTTON(button)->active) { @@ -720,46 +711,6 @@ const char *name = gtk_entry_get_text(GTK_ENTRY(text)); gtk_widget_show(create_fileSelection("Select File", filename, NULL, GTK_ENTRY(text))); } - -void mainMenu_fcb(int *variable, guint action, GtkWidget *w) -{ -static char filename[FILENAME_MAX+1] = ""; - - switch (action) { - case FILEOPEN_MENU: - gtk_widget_show(create_fileSelection("Open Log", filename, openLog, NULL)); - break; - case FILESAVE_MENU: - gtk_widget_show(create_fileSelection("Save Log", filename, saveLog, NULL)); - break; - case FILEQUIT_MENU: - stop_scan(); - gtk_main_quit(); - break; - case VIEWMONO_MENU: - opt.viewValue = 0; - break; - case VIEWCOLOR_MENU: - opt.viewValue = 1; - break; - case VIEWAPPEND_MENU: - opt.appendLog = (GTK_CHECK_MENU_ITEM(w)->active) ? TRUE : FALSE; - break; - case HELPHELP_MENU: - gtk_widget_show(create_helpDialog()); - break; - case HELPVERSION_MENU: - execute("nmap -V"); - break; - case HELPABOUT_MENU: - gtk_widget_show(create_aboutDialog()); - break; - default: - break; - } -} - - void scanType_changed_fcb(int *variable, guint action, GtkWidget *w) { if ((variable != NULL) && (w != NULL)) { @@ -1294,7 +1245,7 @@ void on_verb_activate(GtkMenuItem *menuitem, gpointer user_data) into an argv[] style char **, which it sets the argv parameter to. The function returns the number of items filled up in the array (argc), or -1 in the case of an error. This function allocates - memmory for argv and thus it must be freed -- use argv_parse_free() + memory for argv and thus it must be freed -- use argv_parse_free() for that. If arg_parse returns <1, then argv does not need to be freed. The returned arrays are always terminated with a NULL pointer */ int arg_parse(const char *command, char ***argv) diff --git a/osscan.cc b/osscan.cc index 9050741e2..08d4984dd 100644 --- a/osscan.cc +++ b/osscan.cc @@ -118,6 +118,116 @@ extern NmapOps o; +/* Note that a sport of 0 really will (try to) use zero as the source + port rather than choosing a random one */ +struct udpprobeinfo *send_closedudp_probe(int sd, struct eth_nfo *eth, + const struct in_addr *victim, + u16 sport, u16 dport) { + +static struct udpprobeinfo upi; +static int myttl = 0; +static u8 patternbyte = 0; +static u16 id = 0; +u8 packet[328]; /* 20 IP hdr + 8 UDP hdr + 300 data */ +struct ip *ip = (struct ip *) packet; +udphdr_bsd *udp = (udphdr_bsd *) (packet + sizeof(struct ip)); +struct in_addr *source; +int datalen = 300; +unsigned char *data = packet + 28; +unsigned short realcheck; /* the REAL checksum */ +int res; +int decoy; +struct pseudo_udp_hdr { + struct in_addr source; + struct in_addr dest; + u8 zero; + u8 proto; + u16 length; +} *pseudo = (struct pseudo_udp_hdr *) ((char *)udp - 12) ; + +if (!patternbyte) patternbyte = (get_random_uint() % 60) + 65; +memset(data, patternbyte, datalen); + +while(!id) id = get_random_uint(); + +/* check that required fields are there and not too silly */ +if ( !victim || !dport || (!eth && sd < 0)) { + fprintf(stderr, "send_closedudp_probe: One or more of your parameters suck!\n"); + return NULL; +} + +if (!myttl) myttl = (time(NULL) % 14) + 51; + +for(decoy=0; decoy < o.numdecoys; decoy++) { + source = &o.decoys[decoy]; + + memset((char *) packet, 0, sizeof(struct ip) + sizeof(udphdr_bsd)); + + udp->uh_sport = htons(sport); + udp->uh_dport = htons(dport); + udp->uh_ulen = htons(8 + datalen); + + /* Now the pseudo header for checksuming */ + pseudo->source.s_addr = source->s_addr; + pseudo->dest.s_addr = victim->s_addr; + pseudo->proto = IPPROTO_UDP; + pseudo->length = htons(sizeof(udphdr_bsd) + datalen); + + /* OK, now we should be able to compute a valid checksum */ + realcheck = in_cksum((unsigned short *)pseudo, 20 /* pseudo + UDP headers */ + + datalen); +#if STUPID_SOLARIS_CHECKSUM_BUG + udp->uh_sum = sizeof(udphdr_bsd) + datalen; +#else + udp->uh_sum = realcheck; +#endif + + /* Goodbye, pseudo header! */ + memset(pseudo, 0, sizeof(*pseudo)); + + /* Now for the ip header */ + ip->ip_v = 4; + ip->ip_hl = 5; + ip->ip_len = htons(sizeof(struct ip) + sizeof(udphdr_bsd) + datalen); + ip->ip_id = id; + ip->ip_ttl = myttl; + ip->ip_p = IPPROTO_UDP; + ip->ip_src.s_addr = source->s_addr; + ip->ip_dst.s_addr= victim->s_addr; + + upi.ipck = in_cksum((unsigned short *)ip, sizeof(struct ip)); +#if HAVE_IP_IP_SUM + ip->ip_sum = upi.ipck; +#endif + + /* OK, now if this is the real she-bang (ie not a decoy) then + we stick all the inph0 in our upi */ + if (decoy == o.decoyturn) { + upi.iptl = 28 + datalen; + upi.ipid = id; + upi.sport = sport; + upi.dport = dport; + upi.udpck = realcheck; + upi.udplen = 8 + datalen; + upi.patternbyte = patternbyte; + upi.target.s_addr = ip->ip_dst.s_addr; + } + if (TCPIP_DEBUGGING > 1) { + log_write(LOG_STDOUT, "Raw UDP packet creation completed! Here it is:\n"); + readudppacket(packet,1); + } + + if ((res = send_ip_packet(sd, eth, packet, ntohs(ip->ip_len))) == -1) + { + perror("send_ip_packet in send_closedupd_probe"); + return NULL; + } +} + +return &upi; +} + + FingerPrint *get_fingerprint(Target *target, struct seq_info *si) { FingerPrint *FP = NULL, *FPtmp = NULL; FingerPrint *FPtests[9]; @@ -1706,114 +1816,6 @@ return AVs; } -struct udpprobeinfo *send_closedudp_probe(int sd, struct eth_nfo *eth, - const struct in_addr *victim, - u16 sport, u16 dport) { - -static struct udpprobeinfo upi; -static int myttl = 0; -static u8 patternbyte = 0; -static u16 id = 0; -u8 packet[328]; /* 20 IP hdr + 8 UDP hdr + 300 data */ -struct ip *ip = (struct ip *) packet; -udphdr_bsd *udp = (udphdr_bsd *) (packet + sizeof(struct ip)); -struct in_addr *source; -int datalen = 300; -unsigned char *data = packet + 28; -unsigned short realcheck; /* the REAL checksum */ -int res; -int decoy; -struct pseudo_udp_hdr { - struct in_addr source; - struct in_addr dest; - u8 zero; - u8 proto; - u16 length; -} *pseudo = (struct pseudo_udp_hdr *) ((char *)udp - 12) ; - -if (!patternbyte) patternbyte = (get_random_uint() % 60) + 65; -memset(data, patternbyte, datalen); - -while(!id) id = get_random_uint(); - -/* check that required fields are there and not too silly */ -if ( !victim || !sport || !dport || (!eth && sd < 0)) { - fprintf(stderr, "send_closedudp_probe: One or more of your parameters suck!\n"); - return NULL; -} - -if (!myttl) myttl = (time(NULL) % 14) + 51; - -for(decoy=0; decoy < o.numdecoys; decoy++) { - source = &o.decoys[decoy]; - - memset((char *) packet, 0, sizeof(struct ip) + sizeof(udphdr_bsd)); - - udp->uh_sport = htons(sport); - udp->uh_dport = htons(dport); - udp->uh_ulen = htons(8 + datalen); - - /* Now the pseudo header for checksuming */ - pseudo->source.s_addr = source->s_addr; - pseudo->dest.s_addr = victim->s_addr; - pseudo->proto = IPPROTO_UDP; - pseudo->length = htons(sizeof(udphdr_bsd) + datalen); - - /* OK, now we should be able to compute a valid checksum */ - realcheck = in_cksum((unsigned short *)pseudo, 20 /* pseudo + UDP headers */ + - datalen); -#if STUPID_SOLARIS_CHECKSUM_BUG - udp->uh_sum = sizeof(udphdr_bsd) + datalen; -#else - udp->uh_sum = realcheck; -#endif - - /* Goodbye, pseudo header! */ - memset(pseudo, 0, sizeof(*pseudo)); - - /* Now for the ip header */ - ip->ip_v = 4; - ip->ip_hl = 5; - ip->ip_len = htons(sizeof(struct ip) + sizeof(udphdr_bsd) + datalen); - ip->ip_id = id; - ip->ip_ttl = myttl; - ip->ip_p = IPPROTO_UDP; - ip->ip_src.s_addr = source->s_addr; - ip->ip_dst.s_addr= victim->s_addr; - - upi.ipck = in_cksum((unsigned short *)ip, sizeof(struct ip)); -#if HAVE_IP_IP_SUM - ip->ip_sum = upi.ipck; -#endif - - /* OK, now if this is the real she-bang (ie not a decoy) then - we stick all the inph0 in our upi */ - if (decoy == o.decoyturn) { - upi.iptl = 28 + datalen; - upi.ipid = id; - upi.sport = sport; - upi.dport = dport; - upi.udpck = realcheck; - upi.udplen = 8 + datalen; - upi.patternbyte = patternbyte; - upi.target.s_addr = ip->ip_dst.s_addr; - } - if (TCPIP_DEBUGGING > 1) { - log_write(LOG_STDOUT, "Raw UDP packet creation completed! Here it is:\n"); - readudppacket(packet,1); - } - - if ((res = send_ip_packet(sd, eth, packet, ntohs(ip->ip_len))) == -1) - { - perror("send_ip_packet in send_closedupd_probe"); - return NULL; - } -} - -return &upi; - -} - struct AVal *fingerprint_portunreach(struct ip *ip, struct udpprobeinfo *upi) { struct icmp *icmp; struct ip *ip2; diff --git a/osscan.h b/osscan.h index a2173dbbd..573e03e20 100644 --- a/osscan.h +++ b/osscan.h @@ -123,9 +123,6 @@ int os_scan(Target *target); FingerPrint *get_fingerprint(Target *target, struct seq_info *si); struct AVal *fingerprint_iptcppacket(struct ip *ip, int mss, unsigned int syn); struct AVal *fingerprint_portunreach(struct ip *ip, struct udpprobeinfo *upi); -struct udpprobeinfo *send_closedudp_probe(int sd, struct eth_nfo *eth, - const struct in_addr *victim, - u16 sport, u16 dport); unsigned int get_gcd_n_ulong(int numvalues, unsigned int *values); unsigned int euclid_gcd(unsigned int a, unsigned int b); char *fp2ascii(FingerPrint *FP); diff --git a/scripts/Makefile b/scripts/Makefile index 817a2b122..0494feaf6 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -215,6 +215,6 @@ distro: rpmbuild -ta --define "static 1" /usr/tmp/nmap-$(NMAP_VERSION).tgz cp -f $(RPMTDIR)/RPMS/x86_64/nmap-$(NMAP_VERSION)-1.x86_64.rpm /usr/tmp # cp -f $(RPMTDIR)/RPMS/i386/nmap-$(NMAP_VERSION)-1.i386.rpm /usr/tmp - cp -f $(RPMTDIR)/RPMS/i386/nmap-frontend-$(NMAP_VERSION)-1.x86_64.rpm /usr/tmp + cp -f $(RPMTDIR)/RPMS/x86_64/nmap-frontend-$(NMAP_VERSION)-1.x86_64.rpm /usr/tmp cp -f $(RPMTDIR)/SRPMS/nmap-$(NMAP_VERSION)-1.src.rpm /usr/tmp rm -rf /usr/tmp/nmap-$(NMAP_VERSION)