PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

const all the things!

Browse Source
This commit is contained in:
dmiller
2021-04-23 20:37:41 +00:00
parent 1717b4a9a9
commit 1fd272f8dd
19 changed files with 215 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Target.cc
View File

@@ -373,7 +373,7 @@ const char *Target::NameIP() const {
/* Returns the next hop for sending packets to this host. Returns true if
next_hop was filled in. It might be false, for example, if
next_hop has never been set */
bool Target::nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len) {
bool Target::nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len) const {
if (nexthopsocklen <= 0)
return false;
assert(nexthopsocklen <= sizeof(*next_hop));
@@ -402,7 +402,7 @@ bool Target::directlyConnected() const {
/* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted
to sockaddr_storage */
void Target::setNextHop(struct sockaddr_storage *next_hop, size_t next_hop_len) {
void Target::setNextHop(const struct sockaddr_storage *next_hop, size_t next_hop_len) {
assert(next_hop_len > 0 && next_hop_len <= sizeof(nexthopsock));
memcpy(&nexthopsock, next_hop, next_hop_len);
nexthopsocklen = next_hop_len;
@@ -414,7 +414,7 @@ void Target::setMTU(int devmtu) {
}
/* Get MTU (to correspond with devname) */
int Target::MTU(void) {
int Target::MTU(void) const {
return mtu;
}
@@ -443,7 +443,7 @@ void Target::stopTimeOutClock(const struct timeval *now) {
running, counts elapsed time for that. Pass NULL if you don't have the
current time handy. You might as well also pass NULL if the
clock is not running, as the func won't need the time. */
bool Target::timedOut(const struct timeval *now) {
bool Target::timedOut(const struct timeval *now) const {
unsigned long used = htn.msecs_used;
struct timeval tv;
@@ -502,7 +502,7 @@ const u8 *Target::NextHopMACAddress() const {
return (NextHopMACaddress_set)? NextHopMACaddress : NULL;
}
int Target::osscanPerformed(void) {
int Target::osscanPerformed(void) const {
return osscan_flag;
}

20
Target.h
View File

@@ -108,7 +108,7 @@ struct TracerouteHop {
int ttl;
float rtt; /* In milliseconds. */
int display_name(char *buf, size_t len) {
int display_name(char *buf, size_t len) const {
if (name.empty())
return Snprintf(buf, len, "%s", inet_ntop_ez(&addr, sizeof(addr)));
else
@@ -192,21 +192,21 @@ class Target {
/* If the host is NOT directly connected, you can set the next hop
value here. It is OK to pass in a sockaddr_in or sockaddr_in6
casted to sockaddr_storage*/
void setNextHop(struct sockaddr_storage *next_hop, size_t next_hop_len);
void setNextHop(const struct sockaddr_storage *next_hop, size_t next_hop_len);
/* Returns the next hop for sending packets to this host. Returns true if
next_hop was filled in. It might be false, for example, if
next_hop has never been set */
bool nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len);
bool nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len) const;
void setMTU(int devmtu);
int MTU(void);
int MTU(void) const;
/* Sets the interface type to one of:
devt_ethernet, devt_loopback, devt_p2p, devt_other
*/
void setIfType(devtype iftype) { interface_type = iftype; }
/* Returns -1 if it has not yet been set with setIfType() */
devtype ifType() { return interface_type; }
devtype ifType() const { return interface_type; }
/* Starts the timeout clock for the host running (e.g. you are
beginning a scan). If you do not have the current time handy,
you can pass in NULL. When done, call stopTimeOutClock (it will
@@ -215,15 +215,15 @@ class Target {
/* The complement to startTimeOutClock. */
void stopTimeOutClock(const struct timeval *now);
/* Is the timeout clock currently running? */
bool timeOutClockRunning() { return htn.toclock_running; }
bool timeOutClockRunning() const { return htn.toclock_running; }
/* Returns whether the host is timedout. If the timeoutclock is
running, counts elapsed time for that. Pass NULL if you don't have the
current time handy. You might as well also pass NULL if the
clock is not running, as the func won't need the time. */
bool timedOut(const struct timeval *now);
bool timedOut(const struct timeval *now) const;
/* Return time_t for the start and end time of this host */
time_t StartTime() { return htn.host_start; }
time_t EndTime() { return htn.host_end; }
time_t StartTime() const { return htn.host_start; }
time_t EndTime() const { return htn.host_end; }
/* Takes a 6-byte MAC address */
int setMACAddress(const u8 *addy);
@@ -243,7 +243,7 @@ class Target {
const char *deviceName() const;
const char *deviceFullName() const;
int osscanPerformed(void);
int osscanPerformed(void) const;
void osscanSetFlag(int flag);
struct seq_info seq;

2
nmap_dns.h
View File

@@ -234,7 +234,7 @@ public:
void addFlags(FLAGS fl){ flags |= fl; }
void removeFlags(FLAGS fl){ flags &= ~fl; }
void resetFlags() { flags = 0; }
size_t writeToBuffer(u8 *buf, size_t maxlen);
//size_t writeToBuffer(u8 *buf, size_t maxlen);
size_t parseFromBuffer(const u8 *buf, size_t maxlen);
u16 id;

6
osscan.cc
View File

@@ -772,9 +772,9 @@ const char *mergeFPs(FingerPrint *FPs[], int numFPs, bool isGoodFP,
}
}
const char *fp2ascii(FingerPrint *FP) {
const char *fp2ascii(const FingerPrint *FP) {
static char str[2048];
std::vector<FingerTest>::iterator iter;
std::vector<FingerTest>::const_iterator iter;
char *p = str;
if (!FP)
@@ -868,7 +868,7 @@ static void parse_cpeline(FingerPrint *FP, char *thisline, int lineno) {
which some partial fingerpritns are OK. */
/* This function is not currently used by Nmap, but it is present here because
it is used by fingerprint utilities that link with Nmap object files. */
FingerPrint *parse_single_fingerprint(char *fprint_orig) {
FingerPrint *parse_single_fingerprint(const char *fprint_orig) {
int lineno = 0;
char *p, *q;
char *thisline, *nextline;

4
osscan.h
View File

@@ -149,14 +149,14 @@ struct FingerPrintDB {
/********************** PROTOTYPES ***********************************/
const char *fp2ascii(FingerPrint *FP);
const char *fp2ascii(const FingerPrint *FP);
/* Parses a single fingerprint from the memory region given. If a
non-null fingerprint is returned, the user is in charge of freeing it
when done. This function does not require the fingerprint to be 100%
complete since it is used by scripts such as scripts/fingerwatch for
which some partial fingerpritns are OK. */
FingerPrint *parse_single_fingerprint(char *fprint_orig);
FingerPrint *parse_single_fingerprint(const char *fprint_orig);
/* These functions take a file/db name and open+parse it, returning an
(allocated) FingerPrintDB containing the results. They exit with

83
osscan2.cc
View File

@@ -276,7 +276,7 @@ int identify_sequence(int numSamples, u32 *ipid_diffs, int islocalhost) {
/* Calculate the distances between the ipids and write them
into the ipid_diffs array. If the sequence class can be determined
immediately, return it; otherwise return -1 */
int get_diffs(u32 *ipid_diffs, int numSamples, u32 *ipids, int islocalhost) {
int get_diffs(u32 *ipid_diffs, int numSamples, const u32 *ipids, int islocalhost) {
int i;
bool allipideqz = true;
@@ -304,7 +304,7 @@ int get_diffs(u32 *ipid_diffs, int numSamples, u32 *ipids, int islocalhost) {
}
/* Indentify the ipid sequence for 32-bit IPID values (IPv6) */
int get_ipid_sequence_32(int numSamples, u32 *ipids, int islocalhost) {
int get_ipid_sequence_32(int numSamples, const u32 *ipids, int islocalhost) {
int ipid_seq = IPID_SEQ_UNKNOWN;
u32 ipid_diffs[32];
assert(numSamples < (int) (sizeof(ipid_diffs) / 2));
@@ -318,7 +318,7 @@ int get_ipid_sequence_32(int numSamples, u32 *ipids, int islocalhost) {
}
/* Indentify the ipid sequence for 16-bit IPID values (IPv4) */
int get_ipid_sequence_16(int numSamples, u32 *ipids, int islocalhost) {
int get_ipid_sequence_16(int numSamples, const u32 *ipids, int islocalhost) {
int i;
int ipid_seq = IPID_SEQ_UNKNOWN;
u32 ipid_diffs[32];
@@ -890,9 +890,9 @@ static void findBestFPs(OsScanInfo *OSI) {
static void printFP(OsScanInfo *OSI) {
std::list<HostOsScanInfo *>::iterator hostI;
HostOsScanInfo *hsi = NULL;
FingerPrintResultsIPv4 *FPR;
std::list<HostOsScanInfo *>::const_iterator hostI;
const HostOsScanInfo *hsi = NULL;
const FingerPrintResultsIPv4 *FPR;
for (hostI = OSI->incompleteHosts.begin(); hostI != OSI->incompleteHosts.end(); hostI++) {
hsi = *hostI;
@@ -959,7 +959,7 @@ OFProbe::OFProbe() {
}
const char *OFProbe::typestr() {
const char *OFProbe::typestr() const {
switch (type) {
case OFP_UNSET:
return "OFP_UNSET";
@@ -1258,7 +1258,7 @@ void HostOsScanStats::moveProbeToUnSendList(std::list<OFProbe *>::iterator probe
/* Compute the ratio of amount of time taken between sending 1st TSEQ
probe and 1st ICMP probe compared to the amount of time it should
have taken. Ratios far from 1 can cause bogus results */
double HostOsScanStats::timingRatio() {
double HostOsScanStats::timingRatio() const {
if (openTCPPort < 0)
return 0;
int msec_ideal = OS_SEQ_PROBE_DELAY * (NUM_SEQ_SAMPLES - 1);
@@ -1278,10 +1278,10 @@ double HostOsScanStats::timingRatio() {
/* If there are pending probe timeouts, fills in when with the time of
* the earliest one and returns true. Otherwise returns false and
* puts now in when. */
bool HostOsScan::nextTimeout(HostOsScanStats *hss, struct timeval *when) {
bool HostOsScan::nextTimeout(HostOsScanStats *hss, struct timeval *when) const {
assert(hss);
struct timeval probe_to, earliest_to;
std::list<OFProbe *>::iterator probeI;
std::list<OFProbe *>::const_iterator probeI;
bool firstgood = true;
assert(when);
@@ -1301,7 +1301,7 @@ bool HostOsScan::nextTimeout(HostOsScanStats *hss, struct timeval *when) {
}
void HostOsScan::adjust_times(HostOsScanStats *hss, OFProbe *probe, struct timeval *rcvdtime) {
void HostOsScan::adjust_times(HostOsScanStats *hss, const OFProbe *probe, const struct timeval *rcvdtime) {
assert(hss);
assert(probe);
@@ -1531,9 +1531,9 @@ void HostOsScan::updateActiveTUIProbes(HostOsScanStats *hss) {
/* Check whether the host is sendok. If not, fill _when_ with the time
* when it will be sendOK and return false; else, fill it with now and
* return true. */
bool HostOsScan::hostSendOK(HostOsScanStats *hss, struct timeval *when) {
bool HostOsScan::hostSendOK(HostOsScanStats *hss, struct timeval *when) const {
assert(hss);
std::list<OFProbe *>::iterator probeI;
std::list<OFProbe *>::const_iterator probeI;
int packTime;
struct timeval probe_to, earliest_to, sendTime;
long tdiff;
@@ -1600,9 +1600,9 @@ bool HostOsScan::hostSendOK(HostOsScanStats *hss, struct timeval *when) {
/* Check whether it is OK to send the next seq probe to the host. If
* not, fill param "when" with the time when it will be sendOK and return
* false; else, fill it with now and return true. */
bool HostOsScan::hostSeqSendOK(HostOsScanStats *hss, struct timeval *when) {
bool HostOsScan::hostSeqSendOK(HostOsScanStats *hss, struct timeval *when) const {
assert(hss);
std::list<OFProbe *>::iterator probeI;
std::list<OFProbe *>::const_iterator probeI;
int packTime = 0, maxWait = 0;
struct timeval probe_to, earliest_to, sendTime;
long tdiff;
@@ -1667,7 +1667,7 @@ bool HostOsScan::hostSeqSendOK(HostOsScanStats *hss, struct timeval *when) {
}
unsigned long HostOsScan::timeProbeTimeout(HostOsScanStats *hss) {
unsigned long HostOsScan::timeProbeTimeout(HostOsScanStats *hss) const {
assert(hss);
if (hss->target->to.srtt > 0) {
/* We have at least one timing value to use. Good enough, I suppose */
@@ -1886,10 +1886,10 @@ void HostOsScan::sendTUdpProbe(HostOsScanStats *hss, int probeNo) {
}
bool HostOsScan::processResp(HostOsScanStats *hss, struct ip *ip, unsigned int len, struct timeval *rcvdtime) {
struct ip *ip2;
struct tcp_hdr *tcp;
struct icmp *icmp;
bool HostOsScan::processResp(HostOsScanStats *hss, const struct ip *ip, unsigned int len, struct timeval *rcvdtime) {
const struct ip *ip2;
const struct tcp_hdr *tcp;
const struct icmp *icmp;
int testno;
bool isPktUseful = false;
std::list<OFProbe *>::iterator probeI;
@@ -2258,7 +2258,7 @@ ScanStats::ScanStats() {
/* Returns true if the os scan system says that sending is OK.*/
bool ScanStats::sendOK() {
bool ScanStats::sendOK() const {
if (num_probes_sent - num_probes_sent_at_last_wait >= 50)
return false;
@@ -2648,10 +2648,10 @@ void HostOsScan::makeTWinFP(HostOsScanStats *hss) {
}
bool HostOsScan::processTSeqResp(HostOsScanStats *hss, struct ip *ip, int replyNo) {
bool HostOsScan::processTSeqResp(HostOsScanStats *hss, const struct ip *ip, int replyNo) {
assert(replyNo >= 0 && replyNo < NUM_SEQ_SAMPLES);
struct tcp_hdr *tcp;
const struct tcp_hdr *tcp;
int seq_response_num; /* response # for sequencing */
u32 timestamp = 0; /* TCP timestamp we receive back */
@@ -2715,7 +2715,7 @@ bool HostOsScan::processTSeqResp(HostOsScanStats *hss, struct ip *ip, int replyN
}
bool HostOsScan::processTOpsResp(HostOsScanStats *hss, struct tcp_hdr *tcp, int replyNo) {
bool HostOsScan::processTOpsResp(HostOsScanStats *hss, const struct tcp_hdr *tcp, int replyNo) {
assert(replyNo >= 0 && replyNo < 6);
char ops_buf[256];
bool opsParseResult;
@@ -2760,7 +2760,7 @@ bool HostOsScan::processTOpsResp(HostOsScanStats *hss, struct tcp_hdr *tcp, int
}
bool HostOsScan::processTWinResp(HostOsScanStats *hss, struct tcp_hdr *tcp, int replyNo) {
bool HostOsScan::processTWinResp(HostOsScanStats *hss, const struct tcp_hdr *tcp, int replyNo) {
assert(replyNo >= 0 && replyNo < 6);
if (hss->FP_TWin || hss->TWin_AVs[replyNo])
@@ -2795,14 +2795,14 @@ bool HostOsScan::processTWinResp(HostOsScanStats *hss, struct tcp_hdr *tcp, int
}
bool HostOsScan::processTEcnResp(HostOsScanStats *hss, struct ip *ip) {
bool HostOsScan::processTEcnResp(HostOsScanStats *hss, const struct ip *ip) {
std::vector<struct AVal> AVs;
struct AVal AV;
char ops_buf[256];
char quirks_buf[10];
char *p;
int numtests = 7;
struct tcp_hdr *tcp = ((struct tcp_hdr *) (((char *) ip) + 4 * ip->ip_hl));
const struct tcp_hdr *tcp = ((struct tcp_hdr *) (((char *) ip) + 4 * ip->ip_hl));
bool opsParseResult;
if (hss->FP_TEcn)
@@ -2886,13 +2886,13 @@ bool HostOsScan::processTEcnResp(HostOsScanStats *hss, struct ip *ip) {
}
bool HostOsScan::processT1_7Resp(HostOsScanStats *hss, struct ip *ip, int replyNo) {
bool HostOsScan::processT1_7Resp(HostOsScanStats *hss, const struct ip *ip, int replyNo) {
std::vector<struct AVal> AVs;
struct AVal AV;
assert(replyNo >= 0 && replyNo < 7);
int numtests;
struct tcp_hdr *tcp = ((struct tcp_hdr *) (((char *) ip) + 4 * ip->ip_hl));
const struct tcp_hdr *tcp = ((struct tcp_hdr *) (((char *) ip) + 4 * ip->ip_hl));
int i;
bool opsParseResult;
@@ -3054,20 +3054,20 @@ bool HostOsScan::processT1_7Resp(HostOsScanStats *hss, struct ip *ip, int replyN
}
bool HostOsScan::processTUdpResp(HostOsScanStats *hss, struct ip *ip) {
bool HostOsScan::processTUdpResp(HostOsScanStats *hss, const struct ip *ip) {
std::vector<struct AVal> AVs;
struct AVal AV;
assert(hss);
assert(ip);
struct icmp *icmp;
struct ip *ip2;
const struct icmp *icmp;
const struct ip *ip2;
int numtests;
unsigned short checksum;
unsigned short *checksumptr;
struct udp_hdr *udp;
unsigned char *datastart, *dataend;
const struct udp_hdr *udp;
const unsigned char *datastart, *dataend;
#if !defined(SOLARIS) && !defined(SUNOS) && !defined(IRIX) && !defined(HPUX)
numtests = 10;
@@ -3210,14 +3210,14 @@ bool HostOsScan::processTUdpResp(HostOsScanStats *hss, struct ip *ip) {
}
bool HostOsScan::processTIcmpResp(HostOsScanStats *hss, struct ip *ip, int replyNo) {
bool HostOsScan::processTIcmpResp(HostOsScanStats *hss, const struct ip *ip, int replyNo) {
assert(replyNo == 0 || replyNo == 1);
std::vector<struct AVal> AVs;
struct AVal AV;
int numtests = 4;
struct ip *ip1, *ip2;
struct icmp *icmp1, *icmp2;
const struct ip *ip1, *ip2;
const struct icmp *icmp1, *icmp2;
unsigned short value1, value2;
if (hss->FP_TIcmp)
@@ -3312,8 +3312,9 @@ bool HostOsScan::processTIcmpResp(HostOsScanStats *hss, struct ip *ip, int reply
}
bool HostOsScan::get_tcpopt_string(struct tcp_hdr *tcp, int mss, char *result, int maxlen) {
char *p, *q;
bool HostOsScan::get_tcpopt_string(const struct tcp_hdr *tcp, int mss, char *result, int maxlen) const {
char *p;
const char *q;
u16 tmpshort;
u32 tmpword;
int length;
@@ -3493,9 +3494,9 @@ OsScanInfo::~OsScanInfo()
/* Find a HostScanStats by IP its address in the incomplete list. Returns NULL if
none are found. */
HostOsScanInfo *OsScanInfo::findIncompleteHost(struct sockaddr_storage *ss) {
HostOsScanInfo *OsScanInfo::findIncompleteHost(const struct sockaddr_storage *ss) {
std::list<HostOsScanInfo *>::iterator hostI;
struct sockaddr_in *sin = (struct sockaddr_in *) ss;
const struct sockaddr_in *sin = (struct sockaddr_in *) ss;
if (sin->sin_family != AF_INET)
fatal("%s passed a non IPv4 address", __func__);

52
osscan2.h
View File

@@ -181,9 +181,9 @@ void os_scan2(std::vector<Target *> &Targets);
int get_initial_ttl_guess(u8 ttl);
int identify_sequence(int numSamples, u32 *ipid_diffs, int islocalhost, int allipideqz);
int get_diffs(u32 *ipid_diffs, int numSamples, u32 *ipids, int islocalhost);
int get_ipid_sequence_16(int numSamples, u32 *ipids, int islocalhost);
int get_ipid_sequence_32(int numSamples, u32 *ipids, int islocalhost);
int get_diffs(u32 *ipid_diffs, int numSamples, const u32 *ipids, int islocalhost);
int get_ipid_sequence_16(int numSamples, const u32 *ipids, int islocalhost);
int get_ipid_sequence_32(int numSamples, const u32 *ipids, int islocalhost);
const char *ipidclass2ascii(int seqclass);
const char *tsseqclass2ascii(int seqclass);
@@ -210,7 +210,7 @@ class OFProbe {
OFProbe();
/* The literal string for the current probe type. */
const char *typestr();
const char *typestr() const;
/* Type of the probe: for what os fingerprinting test? */
OFProbeType type;
@@ -249,9 +249,9 @@ class HostOsScanStats {
std::list<OFProbe *>::iterator getActiveProbe(OFProbeType type, int subid);
void moveProbeToActiveList(std::list<OFProbe *>::iterator probeI);
void moveProbeToUnSendList(std::list<OFProbe *>::iterator probeI);
unsigned int numProbesToSend() {return probesToSend.size();}
unsigned int numProbesActive() {return probesActive.size();}
FingerPrint *getFP() {return FP;}
unsigned int numProbesToSend() const {return probesToSend.size();}
unsigned int numProbesActive() const {return probesActive.size();}
FingerPrint *getFP() const {return FP;}
Target *target; /* the Target */
struct seq_info si;
@@ -275,8 +275,7 @@ class HostOsScanStats {
* and the last one. Zero is
* returned if we didn't send the tseq probes because there was no
* open tcp port */
double timingRatio();
double cc_scale();
double timingRatio() const;
private:
/* Ports of the targets used in os fingerprinting. */
@@ -340,8 +339,7 @@ class ScanStats {
public:
ScanStats();
bool sendOK(); /* Returns true if the system says that sending is OK. */
double cc_scale();
bool sendOK() const; /* Returns true if the system says that sending is OK. */
struct ultra_timing_vals timing;
struct timeout_info to; /* rtt/timeout info */
@@ -375,7 +373,7 @@ class HostOsScan {
void sendNextProbe(HostOsScanStats *hss);
/* Process one response. If the response is useful, return true. */
bool processResp(HostOsScanStats *hss, struct ip *ip, unsigned int len, struct timeval *rcvdtime);
bool processResp(HostOsScanStats *hss, const struct ip *ip, unsigned int len, struct timeval *rcvdtime);
/* Make up the fingerprint. */
void makeFP(HostOsScanStats *hss);
@@ -383,27 +381,27 @@ class HostOsScan {
/* Check whether the host is sendok. If not, fill _when_ with the
* time when it will be sendOK and return false; else, fill it with
* now and return true. */
bool hostSendOK(HostOsScanStats *hss, struct timeval *when);
bool hostSendOK(HostOsScanStats *hss, struct timeval *when) const;
/* Check whether it is ok to send the next seq probe to the host. If
* not, fill _when_ with the time when it will be sendOK and return
* false; else, fill it with now and return true. */
bool hostSeqSendOK(HostOsScanStats *hss, struct timeval *when);
bool hostSeqSendOK(HostOsScanStats *hss, struct timeval *when) const;
/* How long I am currently willing to wait for a probe response
* before considering it timed out. Uses the host values from
* target if they are available, otherwise from gstats. Results
* returned in MICROseconds. */
unsigned long timeProbeTimeout(HostOsScanStats *hss);
unsigned long timeProbeTimeout(HostOsScanStats *hss) const;
/* If there are pending probe timeouts, fills in when with the time
* of the earliest one and returns true. Otherwise returns false
* and puts now in when. */
bool nextTimeout(HostOsScanStats *hss, struct timeval *when);
bool nextTimeout(HostOsScanStats *hss, struct timeval *when) const;
/* Adjust various timing variables based on pcket receipt. */
void adjust_times(HostOsScanStats *hss, OFProbe *probe, struct timeval *rcvdtime);
void adjust_times(HostOsScanStats *hss, const OFProbe *probe, const struct timeval *rcvdtime);
private:
/* Probe send functions. */
@@ -414,13 +412,13 @@ private:
void sendTUdpProbe(HostOsScanStats *hss, int probeNo);
void sendTIcmpProbe(HostOsScanStats *hss, int probeNo);
/* Response process functions. */
bool processTSeqResp(HostOsScanStats *hss, struct ip *ip, int replyNo);
bool processTOpsResp(HostOsScanStats *hss, struct tcp_hdr *tcp, int replyNo);
bool processTWinResp(HostOsScanStats *hss, struct tcp_hdr *tcp, int replyNo);
bool processTEcnResp(HostOsScanStats *hss, struct ip *ip);
bool processT1_7Resp(HostOsScanStats *hss, struct ip *ip, int replyNo);
bool processTUdpResp(HostOsScanStats *hss, struct ip *ip);
bool processTIcmpResp(HostOsScanStats *hss, struct ip *ip, int replyNo);
bool processTSeqResp(HostOsScanStats *hss, const struct ip *ip, int replyNo);
bool processTOpsResp(HostOsScanStats *hss, const struct tcp_hdr *tcp, int replyNo);
bool processTWinResp(HostOsScanStats *hss, const struct tcp_hdr *tcp, int replyNo);
bool processTEcnResp(HostOsScanStats *hss, const struct ip *ip);
bool processT1_7Resp(HostOsScanStats *hss, const struct ip *ip, int replyNo);
bool processTUdpResp(HostOsScanStats *hss, const struct ip *ip);
bool processTIcmpResp(HostOsScanStats *hss, const struct ip *ip, int replyNo);
/* Generic sending functions used by the above probe functions. */
int send_tcp_probe(HostOsScanStats *hss,
@@ -439,7 +437,7 @@ private:
void makeTOpsFP(HostOsScanStats *hss);
void makeTWinFP(HostOsScanStats *hss);
bool get_tcpopt_string(struct tcp_hdr *tcp, int mss, char *result, int maxlen);
bool get_tcpopt_string(const struct tcp_hdr *tcp, int mss, char *result, int maxlen) const;
int rawsd; /* Raw socket descriptor */
eth_t *ethsd; /* Ethernet handle */
@@ -472,8 +470,8 @@ class OsScanInfo {
* then add to it again, or you may mess up nextI (I'm not sure) */
std::list<HostOsScanInfo *> incompleteHosts;
unsigned int numIncompleteHosts() {return incompleteHosts.size();}
HostOsScanInfo *findIncompleteHost(struct sockaddr_storage *ss);
unsigned int numIncompleteHosts() const {return incompleteHosts.size();}
HostOsScanInfo *findIncompleteHost(const struct sockaddr_storage *ss);
/* A circular buffer of the incompleteHosts. nextIncompleteHost() gives
the next one. The first time it is called, it will give the

14
payload.cc
View File

@@ -242,7 +242,7 @@ static int load_payloads_from_file(FILE *fp) {
std::map<struct proto_dport, std::vector<struct payload> >::iterator portPayloadIterator;
std::vector<struct payload> portPayloadVector;
std::vector<struct payload>::iterator portPayloadVectorIterator;
struct proto_dport key(IPPROTO_UDP, ports[p]);
const struct proto_dport key(IPPROTO_UDP, ports[p]);
struct payload portPayload;
bool duplicate = false;
@@ -314,15 +314,15 @@ int init_payloads(void) {
length is returned through the length pointer. */
const char *udp_port2payload(u16 dport, size_t *length, u8 tryno) {
static const char *payload_null = "";
std::map<struct proto_dport, std::vector<struct payload> >::iterator portPayloadIterator;
std::vector<struct payload>::iterator portPayloadVectorIterator;
proto_dport key(IPPROTO_UDP, dport);
std::map<struct proto_dport, std::vector<struct payload> >::const_iterator portPayloadIterator;
std::vector<struct payload>::const_iterator portPayloadVectorIterator;
const proto_dport key(IPPROTO_UDP, dport);
int portPayloadVectorSize;
portPayloadIterator = portPayloads.find(key);
if (portPayloadIterator != portPayloads.end()) {
std::vector<struct payload>& portPayloadVector = portPayloads.find(key)->second;
const std::vector<struct payload>& portPayloadVector = portPayloads.find(key)->second;
portPayloadVectorSize = portPayloadVector.size();
tryno %= portPayloadVectorSize;
@@ -364,8 +364,8 @@ const char *get_udp_payload(u16 dport, size_t *length, u8 tryno) {
}
size_t udp_payload_count(u16 dport) {
std::map<struct proto_dport, std::vector<struct payload> >::iterator portPayloadIterator;
proto_dport key(IPPROTO_UDP, dport);
std::map<struct proto_dport, std::vector<struct payload> >::const_iterator portPayloadIterator;
const proto_dport key(IPPROTO_UDP, dport);
size_t portPayloadVectorSize = 0;
portPayloadIterator = portPayloads.find(key);

18
portreasons.cc
View File

@@ -157,7 +157,7 @@ reason_map_type reason_map;
/* Function to Translate ICMP codes and types to *
* Reason Codes */
static reason_codes icmpv4_to_reason(int icmp_type, int icmp_code) {
static const reason_codes icmpv4_to_reason(int icmp_type, int icmp_code) {
switch(icmp_type){
@@ -200,7 +200,7 @@ static reason_codes icmpv4_to_reason(int icmp_type, int icmp_code) {
return ER_UNKNOWN;
};
static reason_codes icmpv6_to_reason(int icmp_type, int icmp_code) {
static const reason_codes icmpv6_to_reason(int icmp_type, int icmp_code) {
switch(icmp_type){
@@ -235,7 +235,7 @@ static reason_codes icmpv6_to_reason(int icmp_type, int icmp_code) {
return ER_UNKNOWN;
};
reason_codes icmp_to_reason(u8 proto, int icmp_type, int icmp_code) {
const reason_codes icmp_to_reason(u8 proto, int icmp_type, int icmp_code) {
if (proto == IPPROTO_ICMP)
return icmpv4_to_reason(icmp_type, icmp_code);
else if (proto == IPPROTO_ICMPV6)
@@ -388,12 +388,12 @@ state_reason_summary_t *get_state_reason_summary(PortList *Ports, int state) {
* string representation. If 'number' is equal to 1 then the
* singular is used, otherwise the plural */
const char *reason_str(reason_t reason_code, unsigned int number) {
std::map<reason_codes,reason_string>::iterator itr = reason_map.find((reason_codes)reason_code);
reason_string temp = (*itr).second;
std::map<reason_codes,reason_string>::const_iterator itr = reason_map.find((reason_codes)reason_code);
const reason_string *temp = &itr->second;
if (number == SINGULAR){
return temp.singular;
return temp->singular;
}
return temp.plural;
return temp->plural;
}
void state_reason_init(state_reason_t *reason) {
@@ -404,7 +404,7 @@ void state_reason_init(state_reason_t *reason) {
/* converts target into reason message for ping scans. Uses a static
* buffer so new values overwrite old values */
char *target_reason_str(Target *t) {
const char *target_reason_str(Target *t) {
static char reason[128];
memset(reason,'\0', 128);
Snprintf(reason, 128, "received %s", reason_str(t->reason.reason_id, SINGULAR));
@@ -414,7 +414,7 @@ char *target_reason_str(Target *t) {
/* Build an output string based on reason and source ip address.
* uses a static return value so previous values will be over
* written by subsequent calls */
char *port_reason_str(state_reason_t r) {
const char *port_reason_str(state_reason_t r) {
static char reason[128];
memset(reason,'\0', 128);
if (r.ip_addr.sockaddr.sa_family == AF_UNSPEC) {

10
portreasons.h
View File

@@ -137,8 +137,8 @@ private:
std::map<reason_codes,reason_string > reason_map;
public:
reason_map_type();
std::map<reason_codes,reason_string>::iterator find(const reason_codes& x){
std::map<reason_codes,reason_string>::iterator itr = reason_map.find(x);
std::map<reason_codes,reason_string>::const_iterator find(const reason_codes& x) const {
std::map<reason_codes,reason_string>::const_iterator itr = reason_map.find(x);
if(itr == reason_map.end())
return reason_map.find(ER_UNKNOWN);
return itr;
@@ -146,7 +146,7 @@ public:
};
/* Function to translate ICMP code and typ to reason code */
reason_codes icmp_to_reason(u8 proto, int icmp_type, int icmp_code);
const reason_codes icmp_to_reason(u8 proto, int icmp_type, int icmp_code);
/* Passed to reason_str to determine if string should be in
* plural of singular form */
@@ -168,8 +168,8 @@ void state_reason_summary_dinit(state_reason_summary_t *r);
/* Build an output string based on reason and source ip address.
* Uses static return value so previous values will be over
* written by subsequent calls */
char *port_reason_str(state_reason_t r);
char *target_reason_str(Target *t);
const char *port_reason_str(state_reason_t r);
const char *target_reason_str(Target *t);
#endif

62
scan_engine.cc
View File

@@ -109,7 +109,7 @@ int HssPredicate::operator() (const HostScanStats *lhs, const HostScanStats *rhs
}
struct sockaddr_storage *HssPredicate::ss = NULL;
void UltraScanInfo::log_overall_rates(int logt) {
void UltraScanInfo::log_overall_rates(int logt) const {
log_write(logt, "Overall sending rates: %.2f packets / s", send_rate_meter.getOverallPacketRate(&now));
if (send_rate_meter.getNumBytes() > 0)
log_write(logt, ", %.2f bytes / s", send_rate_meter.getOverallByteRate(&now));
@@ -320,7 +320,7 @@ void GroupScanStats::probeSent(unsigned int nbytes) {
}
/* Returns true if the GLOBAL system says that sending is OK.*/
bool GroupScanStats::sendOK(struct timeval *when) {
bool GroupScanStats::sendOK(struct timeval *when) const {
int recentsends;
/* In case it's not okay to send, arbitrarily say to check back in one
@@ -503,7 +503,7 @@ void HostScanStats::probeSent(unsigned int nbytes) {
considering it timed out. Uses the host values from target if they
are available, otherwise from gstats. Results returned in
MICROseconds. */
unsigned long HostScanStats::probeTimeout() {
unsigned long HostScanStats::probeTimeout() const {
if (target->to.srtt > 0) {
/* We have at least one timing value to use. Good enough, I suppose */
return target->to.timeout;
@@ -521,7 +521,7 @@ unsigned long HostScanStats::probeTimeout() {
really late. But after probeExpireTime(), I don't waste time
keeping them around. Give in MICROseconds. The expiry time can
depend on the type of probe. Pass NULL to get the default time. */
unsigned long HostScanStats::probeExpireTime(const UltraProbe *probe) {
unsigned long HostScanStats::probeExpireTime(const UltraProbe *probe) const {
if (probe == NULL || probe->type == UltraProbe::UP_CONNECT)
/* timedout probes close socket -- late resp. impossible */
return probeTimeout();
@@ -535,9 +535,9 @@ unsigned long HostScanStats::probeExpireTime(const UltraProbe *probe) {
will be OK assuming no pending probes are resolved by responses
(call it again if they do). when will become now if it returns
true. */
bool HostScanStats::sendOK(struct timeval *when) {
bool HostScanStats::sendOK(struct timeval *when) const {
struct ultra_timing_vals tmng;
std::list<UltraProbe *>::iterator probeI;
std::list<UltraProbe *>::const_iterator probeI;
struct timeval probe_to, earliest_to, sendTime;
long tdiff;
@@ -629,9 +629,9 @@ bool HostScanStats::sendOK(struct timeval *when) {
/* If there are pending probe timeouts, fills in when with the time of
the earliest one and returns true. Otherwise returns false and
puts now in when. */
bool HostScanStats::nextTimeout(struct timeval *when) {
bool HostScanStats::nextTimeout(struct timeval *when) const {
struct timeval probe_to, earliest_to;
std::list<UltraProbe *>::iterator probeI;
std::list<UltraProbe *>::const_iterator probeI;
bool firstgood = true;
assert(when);
@@ -663,8 +663,8 @@ bool HostScanStats::nextTimeout(struct timeval *when) {
appropriate. If mayincrease is non-NULL, it is set to whether
the allowedTryno may increase again. If it is false, any probes
which have reached the given limit may be dealt with. */
unsigned int HostScanStats::allowedTryno(bool *capped, bool *mayincrease) {
std::list<UltraProbe *>::iterator probeI;
unsigned int HostScanStats::allowedTryno(bool *capped, bool *mayincrease) const {
std::list<UltraProbe *>::const_iterator probeI;
UltraProbe *probe = NULL;
bool allfinished = true;
bool tryno_mayincrease = true;
@@ -739,7 +739,7 @@ UltraScanInfo::~UltraScanInfo() {
/* Returns true if this scan is a "raw" scan. A raw scan is ont that requires a
raw socket or ethernet handle to send, or a pcap sniffer to receive.
Basically, any scan type except pure TCP connect scans are raw. */
bool UltraScanInfo::isRawScan() {
bool UltraScanInfo::isRawScan() const {
return scantype != CONNECT_SCAN
&& (tcp_scan || udp_scan || sctp_scan || prot_scan || ping_scan_arp || ping_scan_nd
|| (ping_scan && (ptech.rawicmpscan || ptech.rawtcpscan || ptech.rawudpscan
@@ -766,15 +766,15 @@ HostScanStats *UltraScanInfo::nextIncompleteHost() {
/* Return a number between 0.0 and 1.0 inclusive indicating how much of the scan
is done. */
double UltraScanInfo::getCompletionFraction() {
std::multiset<HostScanStats *, HssPredicate>::iterator hostI;
double UltraScanInfo::getCompletionFraction() const {
std::multiset<HostScanStats *, HssPredicate>::const_iterator hostI;
double total;
/* Add 1 for each completed host. */
total = gstats->numtargets - numIncompleteHosts();
/* Get the completion fraction for each incomplete host. */
for (hostI = incompleteHosts.begin(); hostI != incompleteHosts.end(); hostI++) {
HostScanStats *host = *hostI;
const HostScanStats *host = *hostI;
int maxtries = host->allowedTryno(NULL, NULL) + 1;
double thishostpercdone;
@@ -834,7 +834,7 @@ static void set_default_port_state(std::vector<Target *> &targets, stype scantyp
/* Order of initializations in this function CAN BE IMPORTANT, so be careful
mucking with it. */
void UltraScanInfo::Init(std::vector<Target *> &Targets, struct scan_lists *pts, stype scantp) {
void UltraScanInfo::Init(std::vector<Target *> &Targets, const struct scan_lists *pts, stype scantp) {
unsigned int targetno = 0;
HostScanStats *hss;
int num_timedout = 0;
@@ -974,7 +974,7 @@ void UltraScanInfo::Init(std::vector<Target *> &Targets, struct scan_lists *pts,
/* Return the total number of probes that may be sent to each host. This never
changes after initialization. */
unsigned int UltraScanInfo::numProbesPerHost() {
unsigned int UltraScanInfo::numProbesPerHost() const {
unsigned int numprobes = 0;
if (tcp_scan) {
@@ -1025,10 +1025,10 @@ unsigned int UltraScanInfo::numProbesPerHost() {
can be sent, assuming no probe responses are received (call it
again if they are). when will be now, if the function returns
true */
bool UltraScanInfo::sendOK(struct timeval *when) {
bool UltraScanInfo::sendOK(struct timeval *when) const {
struct timeval lowhtime = {0};
struct timeval tmptv;
std::multiset<HostScanStats *, HssPredicate>::iterator host;
std::multiset<HostScanStats *, HssPredicate>::const_iterator host;
bool ggood = false;
bool thisHostGood = false;
bool foundgood = false;
@@ -1085,8 +1085,8 @@ bool UltraScanInfo::sendOK(struct timeval *when) {
/* Find a HostScanStats by its IP address in the incomplete and completed lists.
Returns NULL if none are found. */
HostScanStats *UltraScanInfo::findHost(struct sockaddr_storage *ss) {
std::multiset<HostScanStats *, HssPredicate>::iterator hss;
HostScanStats *UltraScanInfo::findHost(struct sockaddr_storage *ss) const {
std::multiset<HostScanStats *, HssPredicate>::const_iterator hss;
HssPredicate::ss = ss;
HostScanStats *fakeHss = NULL;
@@ -1111,8 +1111,8 @@ HostScanStats *UltraScanInfo::findHost(struct sockaddr_storage *ss) {
/* Check if incompleteHosts list contains less than n elements. This function
is here to replace numIncompleteHosts() < n, which would have to walk
through the entire list. */
bool UltraScanInfo::numIncompleteHostsLessThan(unsigned int n) {
std::multiset<HostScanStats *, HssPredicate>::iterator hostI;
bool UltraScanInfo::numIncompleteHostsLessThan(unsigned int n) const {
std::multiset<HostScanStats *, HssPredicate>::const_iterator hostI;
unsigned int count;
count = 0;
@@ -1195,7 +1195,7 @@ int UltraScanInfo::removeCompletedHosts() {
num_outstanding_probes == 1 ? "probe" : "probes");
if (o.debugging > 3) {
char tmpbuf[64];
std::list<UltraProbe *>::iterator iter;
std::list<UltraProbe *>::const_iterator iter;
for (iter = hss->probes_outstanding.begin(); iter != hss->probes_outstanding.end(); iter++)
log_write(LOG_PLAIN, "* %s\n", probespec2ascii((probespec *) (*iter)->pspec(), tmpbuf, sizeof(tmpbuf)));
}
@@ -1236,7 +1236,7 @@ int UltraScanInfo::removeCompletedHosts() {
number of hosts scanned in parallel, though rarely to significant
levels. */
int determineScanGroupSize(int hosts_scanned_so_far,
struct scan_lists *ports) {
const struct scan_lists *ports) {
int groupsize = 16;
if (o.UDPScan())
@@ -1471,7 +1471,7 @@ static int get_next_target_probe(UltraScanInfo *USI, HostScanStats *hss,
}
/* Returns whether there are ports remaining to probe */
bool HostScanStats::freshPortsLeft() {
bool HostScanStats::freshPortsLeft() const {
if (USI->tcp_scan) {
return (next_portidx < USI->ports->tcp_count);
} else if (USI->udp_scan) {
@@ -1512,7 +1512,7 @@ bool HostScanStats::freshPortsLeft() {
}
/* Returns the number of ports remaining to probe */
int HostScanStats::numFreshPortsLeft() {
int HostScanStats::numFreshPortsLeft() const {
if (USI->tcp_scan) {
if (next_portidx >= USI->ports->tcp_count)
return 0;
@@ -1712,7 +1712,7 @@ void HostScanStats::markProbeTimedout(std::list<UltraProbe *>::iterator probeI)
}
}
bool HostScanStats::completed() {
bool HostScanStats::completed() const {
/* If there are probes active or awaiting retransmission, we are not done. */
if (num_probes_active != 0 || num_probes_waiting_retransmit != 0
|| !probe_bench.empty() || !retry_stack.empty()) {
@@ -1735,7 +1735,7 @@ bool HostScanStats::completed() {
have been received for this host, may look at others in the group.
For CHANGING this host's timing, use the timing memberval
instead. */
void HostScanStats::getTiming(struct ultra_timing_vals *tmng) {
void HostScanStats::getTiming(struct ultra_timing_vals *tmng) const {
assert(tmng);
/* Use the per-host value if a pingport has been found or very few probes
@@ -2497,8 +2497,8 @@ static void doAnyOutstandingRetransmits(UltraScanInfo *USI) {
/* Print occasional remaining time estimates, as well as
debugging information */
static void printAnyStats(UltraScanInfo *USI) {
std::multiset<HostScanStats *, HssPredicate>::iterator hostI;
HostScanStats *hss;
std::multiset<HostScanStats *, HssPredicate>::const_iterator hostI;
const HostScanStats *hss;
struct ultra_timing_vals hosttm;
/* Print debugging states for each host being scanned */
@@ -2706,7 +2706,7 @@ static void processData(UltraScanInfo *USI) {
changed timing information will be stored in it when the function returns. It
exists so timing can be shared across invocations of this function. If to is
NULL (its default value), a default timeout_info will be used. */
void ultra_scan(std::vector<Target *> &Targets, struct scan_lists *ports,
void ultra_scan(std::vector<Target *> &Targets, const struct scan_lists *ports,
stype scantype, struct timeout_info *to) {
o.current_scantype = scantype;

62
scan_engine.h
View File

@@ -81,7 +81,7 @@
class Target;
/* 3rd generation Nmap scanning function. Handles most Nmap port scan types */
void ultra_scan(std::vector<Target *> &Targets, struct scan_lists *ports,
void ultra_scan(std::vector<Target *> &Targets, const struct scan_lists *ports,
stype scantype, struct timeout_info *to = NULL);
/* Determines an ideal number of hosts to be scanned (port scan, os
@@ -93,7 +93,7 @@ void ultra_scan(std::vector<Target *> &Targets, struct scan_lists *ports,
number of hosts scanned in parallel, though rarely to significant
levels. */
int determineScanGroupSize(int hosts_scanned_so_far,
struct scan_lists *ports);
const struct scan_lists *ports);
class UltraScanInfo;
@@ -152,13 +152,13 @@ public:
internal IPProbe. The relevant probespec is necessary for setIP
because pspec.type is ambiguous with just the ippacket (e.g. a
tcp packet could be PS_PROTO or PS_TCP). */
void setIP(u8 *ippacket, u32 iplen, const probespec *pspec);
void setIP(const u8 *ippacket, u32 iplen, const probespec *pspec);
/* Sets this UltraProbe as type UP_CONNECT, preparing to connect to given
port number*/
void setConnect(u16 portno);
/* Pass an arp packet, including ethernet header. Must be 42bytes */
void setARP(u8 *arppkt, u32 arplen);
void setND(u8 *ndpkt, u32 ndlen);
void setARP(const u8 *arppkt, u32 arplen);
void setND(const u8 *ndpkt, u32 ndlen);
// The 4 accessors below all return in HOST BYTE ORDER
// source port used if TCP, UDP or SCTP
u16 sport() const;
@@ -174,7 +174,7 @@ public:
u8 protocol() const {
return mypspec.proto;
}
ConnectProbe *CP() {
ConnectProbe *CP() const {
return probes.CP; // if type == UP_CONNECT
}
// Arpprobe removed because not used.
@@ -205,7 +205,7 @@ public:
struct timeval sent;
/* Time the previous probe was sent, if this is a retransmit (tryno > 0) */
struct timeval prevSent;
bool isPing() {
bool isPing() const {
return pingseq > 0;
}
@@ -253,7 +253,7 @@ public:
~GroupScanStats();
void probeSent(unsigned int nbytes);
/* Returns true if the GLOBAL system says that sending is OK. */
bool sendOK(struct timeval *when);
bool sendOK(struct timeval *when) const;
/* Total # of probes outstanding (active) for all Hosts */
int num_probes_active;
UltraScanInfo *USI; /* The USI which contains this GSS. Use for at least
@@ -318,8 +318,8 @@ public:
Target *target; /* A copy of the Target that these stats refer to. */
HostScanStats(Target *t, UltraScanInfo *UltraSI);
~HostScanStats();
bool freshPortsLeft(); /* Returns true if there are ports remaining to probe */
int numFreshPortsLeft(); /* Returns the number of ports remaining to probe */
bool freshPortsLeft() const; /* Returns true if there are ports remaining to probe */
int numFreshPortsLeft() const; /* Returns the number of ports remaining to probe */
int next_portidx; /* Index of the next port to probe in the relevant
ports array in USI.ports */
bool sent_arp; /* Has an ARP probe been sent for the target yet? */
@@ -357,25 +357,25 @@ public:
before considering it timed out. Uses the host values from
target if they are available, otherwise from gstats. Results
returned in MICROseconds. */
unsigned long probeTimeout();
unsigned long probeTimeout() const;
/* How long I'll wait until completely giving up on a probe.
Timedout probes are often marked as such (and sometimes
considered a drop), but kept in the list juts in case they come
really late. But after probeExpireTime(), I don't waste time
keeping them around. Give in MICROseconds */
unsigned long probeExpireTime(const UltraProbe *probe);
unsigned long probeExpireTime(const UltraProbe *probe) const;
/* Returns OK if sending a new probe to this host is OK (to avoid
flooding). If when is non-NULL, fills it with the time that sending
will be OK assuming no pending probes are resolved by responses
(call it again if they do). when will become now if it returns
true. */
bool sendOK(struct timeval *when);
bool sendOK(struct timeval *when) const;
/* If there are pending probe timeouts, fills in when with the time of
the earliest one and returns true. Otherwise returns false and
puts now in when. */
bool nextTimeout(struct timeval *when);
bool nextTimeout(struct timeval *when) const;
UltraScanInfo *USI; /* The USI which contains this HSS */
/* Removes a probe from probes_outstanding, adjusts HSS and USS
@@ -407,7 +407,7 @@ public:
necessary. Note that probes on probe_bench are not included
in this value. */
unsigned int num_probes_waiting_retransmit;
unsigned int num_probes_outstanding() {
unsigned int num_probes_outstanding() const {
return probes_outstanding.size();
}
@@ -438,7 +438,7 @@ public:
/* Move all members of bench to retry_stack for probe retransmission */
void retransmitBench();
bool completed(); /* Whether or not the scan of this Target has completed */
bool completed() const; /* Whether or not the scan of this Target has completed */
struct timeval completiontime; /* When this Target completed */
/* This function provides the proper cwnd and ssthresh to use. It
@@ -446,7 +446,7 @@ public:
responses have been received for this host, may look at others in
the group. For CHANGING this host's timing, use the timing
memberval instead. */
void getTiming(struct ultra_timing_vals *tmng);
void getTiming(struct ultra_timing_vals *tmng) const;
struct ultra_timing_vals timing;
/* The most recently received probe response time -- initialized to scan start time. */
struct timeval lastrcvd;
@@ -466,7 +466,7 @@ public:
appropriate. If mayincrease is non-NULL, it is set to whether
the allowedTryno may increase again. If it is false, any probes
which have reached the given limit may be dealt with. */
unsigned int allowedTryno(bool *capped, bool *mayincrease);
unsigned int allowedTryno(bool *capped, bool *mayincrease) const;
/* Provides the next ping sequence number. This starts at one, goes
@@ -520,21 +520,21 @@ public:
class UltraScanInfo {
public:
UltraScanInfo();
UltraScanInfo(std::vector<Target *> &Targets, struct scan_lists *pts, stype scantype) {
UltraScanInfo(std::vector<Target *> &Targets, const struct scan_lists *pts, stype scantype) {
Init(Targets, pts, scantype);
}
~UltraScanInfo();
/* Must call Init if you create object with default constructor */
void Init(std::vector<Target *> &Targets, struct scan_lists *pts, stype scantp);
void Init(std::vector<Target *> &Targets, const struct scan_lists *pts, stype scantp);
unsigned int numProbesPerHost();
unsigned int numProbesPerHost() const;
/* Consults with the group stats, and the hstats for every
incomplete hosts to determine whether any probes may be sent.
Returns true if they can be sent immediately. If when is non-NULL,
it is filled with the next possible time that probes can be sent
(which will be now, if the function returns true */
bool sendOK(struct timeval *tv);
bool sendOK(struct timeval *tv) const;
stype scantype;
bool tcp_scan; /* scantype is a type of TCP scan */
bool udp_scan;
@@ -558,7 +558,7 @@ public:
rawprotoscan: 1;
} ptech;
bool isRawScan();
bool isRawScan() const;
struct timeval now; /* Updated after potentially meaningful delays. This can
be used to save a call to gettimeofday() */
@@ -575,25 +575,25 @@ public:
int removeCompletedHosts();
/* Find a HostScanStats by its IP address in the incomplete and completed
lists. Returns NULL if none are found. */
HostScanStats *findHost(struct sockaddr_storage *ss);
HostScanStats *findHost(struct sockaddr_storage *ss) const;
double getCompletionFraction();
double getCompletionFraction() const;
unsigned int numIncompleteHosts() {
unsigned int numIncompleteHosts() const {
return incompleteHosts.size();
}
/* Call this instead of checking for numIncompleteHosts() == 0 because it
avoids a potential traversal of the list to find the size. */
bool incompleteHostsEmpty() {
bool incompleteHostsEmpty() const {
return incompleteHosts.empty();
}
bool numIncompleteHostsLessThan(unsigned int n);
bool numIncompleteHostsLessThan(unsigned int n) const;
unsigned int numInitialHosts() {
unsigned int numInitialHosts() const {
return numInitialTargets;
}
void log_overall_rates(int logt);
void log_overall_rates(int logt) const;
void log_current_rates(int logt, bool update = true);
/* Any function which messes with (removes elements from)
@@ -610,7 +610,7 @@ public:
ScanProgressMeter *SPM;
PacketRateMeter send_rate_meter;
struct scan_lists *ports;
const struct scan_lists *ports;
int rawsd; /* raw socket descriptor */
pcap_t *pd;
eth_t *ethsd;

26
scan_engine_raw.cc
View File

@@ -111,13 +111,13 @@ u16 UltraProbe::dport() const {
/* Pass an arp packet, including ethernet header. Must be 42bytes */
void UltraProbe::setARP(u8 *arppkt, u32 arplen) {
void UltraProbe::setARP(const u8 *arppkt, u32 arplen) {
type = UP_ARP;
mypspec.type = PS_ARP;
return;
}
void UltraProbe::setND(u8 *ndpkt, u32 ndlen) {
void UltraProbe::setND(const u8 *ndpkt, u32 ndlen) {
type = UP_ND;
mypspec.type = PS_ND;
return;
@@ -127,12 +127,12 @@ void UltraProbe::setND(u8 *ndpkt, u32 ndlen) {
internal IPProbe. The relevant probespec is necessary for setIP
because pspec.type is ambiguous with just the ippacket (e.g. a
tcp packet could be PS_PROTO or PS_TCP). */
void UltraProbe::setIP(u8 *ippacket, u32 len, const probespec *pspec) {
struct ip *ip = (struct ip *) ippacket;
struct tcp_hdr *tcp = NULL;
struct udp_hdr *udp = NULL;
struct sctp_hdr *sctp = NULL;
struct ppkt *icmp = NULL;
void UltraProbe::setIP(const u8 *ippacket, u32 len, const probespec *pspec) {
const struct ip *ip = (const struct ip *) ippacket;
const struct tcp_hdr *tcp = NULL;
const struct udp_hdr *udp = NULL;
const struct sctp_hdr *sctp = NULL;
const struct ppkt *icmp = NULL;
const void *data;
u8 hdr;
@@ -144,7 +144,7 @@ void UltraProbe::setIP(u8 *ippacket, u32 len, const probespec *pspec) {
probes.IP.ipid = ntohs(ip->ip_id);
hdr = ip->ip_p;
} else if (ip->ip_v == 6) {
const struct ip6_hdr *ip6 = (struct ip6_hdr *) ippacket;
const struct ip6_hdr *ip6 = (const struct ip6_hdr *) ippacket;
data = ipv6_get_data_any(ip6, &len, &hdr);
assert(data != NULL);
assert(len == (u32) ntohs(ip6->ip6_plen));
@@ -156,21 +156,21 @@ void UltraProbe::setIP(u8 *ippacket, u32 len, const probespec *pspec) {
if (hdr == IPPROTO_TCP) {
assert(len >= sizeof(struct tcp_hdr));
tcp = (struct tcp_hdr *) data;
tcp = (const struct tcp_hdr *) data;
probes.IP.pd.tcp.sport = ntohs(tcp->th_sport);
probes.IP.pd.tcp.seq = ntohl(tcp->th_seq);
} else if (hdr == IPPROTO_UDP) {
assert(len >= sizeof(struct udp_hdr));
udp = (struct udp_hdr *) data;
udp = (const struct udp_hdr *) data;
probes.IP.pd.udp.sport = ntohs(udp->uh_sport);
} else if (hdr == IPPROTO_SCTP) {
assert(len >= sizeof(struct sctp_hdr));
sctp = (struct sctp_hdr *) data;
sctp = (const struct sctp_hdr *) data;
probes.IP.pd.sctp.sport = ntohs(sctp->sh_sport);
probes.IP.pd.sctp.vtag = ntohl(sctp->sh_vtag);
} else if ((ip->ip_v == 4 && hdr == IPPROTO_ICMP) || (ip->ip_v == 6 && hdr == IPPROTO_ICMPV6)) {
assert(len >= sizeof(struct ppkt));
icmp = (struct ppkt *) data;
icmp = (const struct ppkt *) data;
probes.IP.pd.icmp.ident = ntohs(icmp->id);
}

20
service_scan.cc
View File

@@ -939,7 +939,7 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
char *devicetype, int devicetypelen,
char *cpe_a, int cpe_alen,
char *cpe_h, int cpe_hlen,
char *cpe_o, int cpe_olen) {
char *cpe_o, int cpe_olen) const {
int rc;
assert(productlen >= 0 && versionlen >= 0 && infolen >= 0 &&
@@ -1222,8 +1222,8 @@ void ServiceProbe::setProbablePorts(enum service_tunnel_type tunnel,
/* Returns true if the passed in port is on the list of probable
ports for this probe and tunnel type. Use a tunnel of
SERVICE_TUNNEL_SSL or SERVICE_TUNNEL_NONE as appropriate */
bool ServiceProbe::portIsProbable(enum service_tunnel_type tunnel, u16 portno) {
std::vector<u16> *portv;
bool ServiceProbe::portIsProbable(enum service_tunnel_type tunnel, u16 portno) const {
const std::vector<u16> *portv;
portv = (tunnel == SERVICE_TUNNEL_SSL)? &probablesslports : &probableports;
@@ -1234,8 +1234,8 @@ bool ServiceProbe::portIsProbable(enum service_tunnel_type tunnel, u16 portno) {
// Returns true if the passed in service name is among those that can
// be detected by the matches in this probe;
bool ServiceProbe::serviceIsPossible(const char *sname) {
std::vector<const char *>::iterator vi;
bool ServiceProbe::serviceIsPossible(const char *sname) const {
std::vector<const char *>::const_iterator vi;
for(vi = detectedServices.begin(); vi != detectedServices.end(); vi++) {
if (strcmp(*vi, sname) == 0)
@@ -1279,7 +1279,7 @@ void ServiceProbe::addMatch(const char *match, int lineno) {
/* Parses the given nmap-service-probes file into the AP class Must
NOT be made static because I have external maintenance tools
(servicematch) which use this */
void parse_nmap_service_probe_file(AllProbes *AP, char *filename) {
void parse_nmap_service_probe_file(AllProbes *AP, const char *filename) {
ServiceProbe *newProbe = NULL;
char line[2048];
int lineno = 0;
@@ -1468,8 +1468,8 @@ AllProbes::~AllProbes() {
// given name and protocol. If no match is found for the requested
// protocol it will try to find matches on any protocol.
// It can return the NULL probe.
ServiceProbe *AllProbes::getProbeByName(const char *name, int proto) {
std::vector<ServiceProbe *>::iterator vi;
ServiceProbe *AllProbes::getProbeByName(const char *name, int proto) const {
std::vector<ServiceProbe *>::const_iterator vi;
if (proto == IPPROTO_TCP && nullProbe && strcmp(nullProbe->getName(), name) == 0)
return nullProbe;
@@ -1498,7 +1498,7 @@ ServiceProbe *AllProbes::getProbeByName(const char *name, int proto) {
// Note that although getpts() can set protocols (for protocol
// scanning), this is ignored here because you can't version
// scan protocols.
int AllProbes::isExcluded(unsigned short port, int proto) {
int AllProbes::isExcluded(unsigned short port, int proto) const {
unsigned short *p=NULL;
int count=-1,i;
@@ -2182,7 +2182,7 @@ static void considerPrintingStats(nsock_pool nsp, ServiceGroup *SG) {
/* Check if target is done (no more probes remaining for it in service group),
and responds appropriately if so */
static void handleHostIfDone(ServiceGroup *SG, Target *target) {
std::list<ServiceNFO *>::iterator svcI;
std::list<ServiceNFO *>::const_iterator svcI;
bool found = false;
for(svcI = SG->services_in_progress.begin();

27
service_scan.h
View File

@@ -151,10 +151,10 @@ class ServiceProbeMatch {
// execution. If no version matched, that field will be NULL.
const struct MatchDetails *testMatch(const u8 *buf, int buflen);
// Returns the service name this matches
const char *getName() { return servicename; }
const char *getName() const { return servicename; }
// The Line number where this match string was defined. Returns
// -1 if unknown.
int getLineNo() { return deflineno; }
int getLineNo() const { return deflineno; }
private:
int deflineno; // The line number where this match is defined.
bool isInitialized; // Has InitMatch yet been called?
@@ -196,7 +196,7 @@ class ServiceProbeMatch {
char *devicetype, int devicetypelen,
char *cpe_a, int cpe_alen,
char *cpe_h, int cpe_hlen,
char *cpe_o, int cpe_olen);
char *cpe_o, int cpe_olen) const;
};
@@ -204,13 +204,10 @@ class ServiceProbe {
public:
ServiceProbe();
~ServiceProbe();
const char *getName() { return probename; }
const char *getName() const { return probename; }
// Returns true if this is the "null" probe, meaning it sends no probe and
// only listens for a banner. Only TCP services have this.
bool isNullProbe() { return (probestringlen == 0); }
bool isProbablePort(u16 portno); // Returns true if the portnumber given was listed
// as a port that is commonly identified by this
// probe (e.g. an SMTP probe would commonly identify port 25)
bool isNullProbe() const { return (probestringlen == 0); }
// Amount of time to wait after a connection succeeds (or packet sent) for a responses.
int totalwaitms;
// If the connection succeeds but closes before this time, it's tcpwrapped.
@@ -226,11 +223,11 @@ class ServiceProbe {
// obtains the probe string (in raw binary form) and the length. The string will be
// NUL-terminated, but there may be other \0 in the string, so the termination is only
// done for ease of printing ASCII probes in debugging cases.
const u8 *getProbeString(int *stringlen) { *stringlen = probestringlen; return probestring; }
const u8 *getProbeString(int *stringlen) const { *stringlen = probestringlen; return probestring; }
void setProbeString(const u8 *ps, int stringlen);
/* Protocols are IPPROTO_TCP and IPPROTO_UDP */
u8 getProbeProtocol() {
u8 getProbeProtocol() const {
assert(probeprotocol == IPPROTO_TCP || probeprotocol == IPPROTO_UDP);
return probeprotocol;
}
@@ -250,10 +247,10 @@ class ServiceProbe {
/* Returns true if the passed in port is on the list of probable
ports for this probe and tunnel type. Use a tunnel of
SERVICE_TUNNEL_SSL or SERVICE_TUNNEL_NONE as appropriate */
bool portIsProbable(enum service_tunnel_type tunnel, u16 portno);
bool portIsProbable(enum service_tunnel_type tunnel, u16 portno) const;
// Returns true if the passed in service name is among those that can
// be detected by the matches in this probe;
bool serviceIsPossible(const char *sname);
bool serviceIsPossible(const char *sname) const;
// Takes a string following a Rarity directive in the probes file.
// The string should contain a single integer between 1 and 9. The
@@ -308,7 +305,7 @@ public:
// given name and protocol. If no match is found for the requested
// protocol it will try to find matches on any protocol.
// It can return the NULL probe.
ServiceProbe *getProbeByName(const char *name, int proto);
ServiceProbe *getProbeByName(const char *name, int proto) const;
std::vector<ServiceProbe *> probes; // All the probes except nullProbe
ServiceProbe *nullProbe; // No probe text - just waiting for banner
@@ -321,7 +318,7 @@ public:
// fallbackStrs.
void compileFallbacks();
int isExcluded(unsigned short port, int proto);
int isExcluded(unsigned short port, int proto) const;
bool excluded_seen;
struct scan_lists excludedports;
@@ -337,7 +334,7 @@ protected:
/* Parses the given nmap-service-probes file into the AP class Must
NOT be made static because I have external maintenance tools
(servicematch) which use this */
void parse_nmap_service_probe_file(AllProbes *AP, char *filename);
void parse_nmap_service_probe_file(AllProbes *AP, const char *filename);
/* Execute a service fingerprinting scan against all open ports of the
Targets specified. */

10
targets.cc
View File

@@ -191,12 +191,12 @@ int load_exclude_string(struct addrset *excludelist, const char *s) {
/* A debug routine to dump some information to stdout. Invoked if debugging is
set to 4 or higher. */
int dumpExclude(struct addrset *exclude_group) {
int dumpExclude(const struct addrset *exclude_group) {
addrset_print(stdout, exclude_group);
return 1;
}
static void massping(Target *hostbatch[], int num_hosts, struct scan_lists *ports) {
static void massping(Target *hostbatch[], int num_hosts, const struct scan_lists *ports) {
static struct timeout_info group_to = { 0, 0, 0 };
static char prev_device_name[16] = "";
const char *device_name;
@@ -424,7 +424,7 @@ bail:
}
static Target *next_target(HostGroupState *hs, struct addrset *exclude_group,
struct scan_lists *ports, int pingtype) {
const struct scan_lists *ports, int pingtype) {
struct sockaddr_storage ss;
size_t sslen;
Target *t;
@@ -481,7 +481,7 @@ tryagain:
}
static void refresh_hostbatch(HostGroupState *hs, struct addrset *exclude_group,
struct scan_lists *ports, int pingtype) {
const struct scan_lists *ports, int pingtype) {
int i;
bool arpping_done = false;
struct timeval now;
@@ -575,7 +575,7 @@ static void refresh_hostbatch(HostGroupState *hs, struct addrset *exclude_group,
}
Target *nexthost(HostGroupState *hs, struct addrset *exclude_group,
struct scan_lists *ports, int pingtype) {
const struct scan_lists *ports, int pingtype) {
if (hs->next_batch_no >= hs->current_batch_sz)
refresh_hostbatch(hs, exclude_group, ports, pingtype);
if (hs->next_batch_no >= hs->current_batch_sz)

4
targets.h
View File

@@ -107,11 +107,11 @@ public:
/* ports is used to pass information about what ports to use for host discovery */
Target *nexthost(HostGroupState *hs, struct addrset *exclude_group,
struct scan_lists *ports, int pingtype);
const struct scan_lists *ports, int pingtype);
int load_exclude_file(struct addrset *exclude_group, FILE *fp);
int load_exclude_string(struct addrset *exclude_group, const char *s);
/* a debugging routine to dump an exclude list to stdout. */
int dumpExclude(struct addrset *exclude_group);
int dumpExclude(const struct addrset *exclude_group);
/* Returns the last host obtained by nexthost. It will be given again the next
time you call nexthost(). */
void returnhost(HostGroupState *hs);

2
tcpip.cc
View File

@@ -1787,7 +1787,7 @@ int recvtime(int sd, char *buf, int len, int seconds, int *timedout) {
parameters (if non-null) are filled with 0. Remember that the
correct way to check for errors is to look at the return value
since a zero ts or echots could possibly be valid. */
int gettcpopt_ts(struct tcp_hdr *tcp, u32 *timestamp, u32 *echots) {
int gettcpopt_ts(const struct tcp_hdr *tcp, u32 *timestamp, u32 *echots) {
unsigned char *p;
int len = 0;

2
tcpip.h
View File

@@ -369,7 +369,7 @@ const u8 *readip_pcap(pcap_t *pd, unsigned int *len, long to_usec,
parameters (if non-null) are filled with 0. Remember that the
correct way to check for errors is to look at the return value
since a zero ts or echots could possibly be valid. */
int gettcpopt_ts(struct tcp_hdr *tcp, u32 *timestamp, u32 *echots);
int gettcpopt_ts(const struct tcp_hdr *tcp, u32 *timestamp, u32 *echots);
/* Maximize the receive buffer of a socket descriptor (up to 500K) */
void max_rcvbuf(int sd);