PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity

Revert r32301..r32306.

Browse Source 
Committed accidentally.
This commit is contained in:
david
2013-09-12 08:20:13 +00:00
parent 08e38545a3
commit 28599f1567
15 changed files with 59 additions and 939 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ncat/Makefile.in
View File

@@ -83,19 +83,15 @@ DATAFILES = certs/ca-bundle.crt
endif
ifneq ($(HAVE_LUA),)
LUA_SRCS = ncat_lua.c ncat_lua_exec.c ncat_lua_filters.c ncat_lua_connect.c
LUA_OBJS = ncat_lua.o ncat_lua_exec.o ncat_lua_filters.o ncat_lua_connect.o
LUA_SRCS = ncat_lua.c
LUA_OBJS = ncat_lua.o
LUA_LIBS = @LIBLUA_LIBS@ -lm
LUA_CFLAGS += -DHAVE_LUA=1 -I../liblua
# This is the result of lua_setup() pulling in recv/send routines, which
# in turn pull a few other files.
MORE_TEST_OBJS = http.o http_digest.o base64.o ncat_ssl.o ncat_connect.o
else
LUA_SRCS =
LUA_OBJS =
LUA_LIBS =
LUA_CFLAGS =
MORE_TEST_OBJS =
endif
SRCS += $(LUA_SRCS)
@@ -139,16 +135,16 @@ config.h:
$(SHELL) ./config.status; \
fi
test/addrset: test/addrset.o ncat_core.o sys_wrap.o util.o ncat_posix.o $(MORE_TEST_OBJS) $(LUA_OBJS)
test/addrset: test/addrset.o ncat_core.o sys_wrap.o util.o ncat_posix.o $(LUA_OBJS)
$(CC) -o $@ $(CFLAGS) $(LDFLAGS) $^ $(NSOCKLIB) $(NBASELIB) $(OPENSSL_LIBS) $(PCAP_LIBS) $(LUA_LIBS) $(LIBS)
test/test-uri: test/test-uri.o base64.o http.o ncat_core.o sys_wrap.o util.o ncat_posix.o $(MORE_TEST_OBJS) $(LUA_OBJS)
test/test-uri: test/test-uri.o base64.o http.o ncat_core.o sys_wrap.o util.o ncat_posix.o $(LUA_OBJS)
$(CC) -o $@ $(CFLAGS) $(LDFLAGS) $^ $(NSOCKLIB) $(NBASELIB) $(OPENSSL_LIBS) $(PCAP_LIBS) $(LUA_LIBS) $(LIBS)
test/test-cmdline-split: test/test-cmdline-split.o ncat_posix.o ncat_core.o sys_wrap.o util.o $(MORE_TEST_OBJS) $(LUA_OBJS)
test/test-cmdline-split: test/test-cmdline-split.o ncat_posix.o ncat_core.o sys_wrap.o util.o $(LUA_OBJS)
$(CC) -o $@ $(CFLAGS) $(LDFLAGS) $^ $(NSOCKLIB) $(NBASELIB) $(OPENSSL_LIBS) $(PCAP_LIBS) $(LUA_LIBS) $(LIBS)
test/test-wildcard: test/test-wildcard.o ncat_core.o ncat_ssl.o sys_wrap.o util.o ncat_posix.o $(MORE_TEST_OBJS) $(LUA_OBJS)
test/test-wildcard: test/test-wildcard.o ncat_core.o ncat_ssl.o sys_wrap.o util.o ncat_posix.o $(LUA_OBJS)
$(CC) -o $@ $(CFLAGS) $(LDFLAGS) $^ $(NSOCKLIB) $(NBASELIB) $(OPENSSL_LIBS) $(PCAP_LIBS) $(LUA_LIBS) $(LIBS)
.PHONY: uninstall all clean distclean

4
ncat/ncat.vcxproj
View File

@@ -199,8 +199,6 @@
<ClCompile Include="ncat_exec_win.c" />
<ClCompile Include="ncat_listen.c" />
<ClCompile Include="ncat_lua.c" />
<ClCompile Include="ncat_lua_exec.c" />
<ClCompile Include="ncat_lua_filters.c" />
<ClCompile Include="ncat_main.c" />
<ClCompile Include="ncat_proxy.c" />
<ClCompile Include="ncat_ssl.c" />
@@ -219,8 +217,6 @@
<ClInclude Include="ncat_exec.h" />
<ClInclude Include="ncat_listen.h" />
<ClInclude Include="ncat_lua.h" />
<ClInclude Include="ncat_lua_exec.h" />
<ClInclude Include="ncat_lua_filters.h" />
<ClInclude Include="ncat_proxy.h" />
<ClInclude Include="ncat_ssl.h" />
<ClInclude Include="..\mswin32\packet_types.h" />

64
ncat/ncat_connect.c
View File

@@ -151,11 +151,6 @@
#define SHUT_WR SD_SEND
#endif
#ifdef HAVE_LUA
#include "ncat_lua_filters.h"
#include "ncat_lua_connect.h"
#endif
struct conn_state {
nsock_iod sock_nsi;
nsock_iod stdin_nsi;
@@ -174,6 +169,7 @@ static void connect_handler(nsock_pool nsp, nsock_event evt, void *data);
static void post_connect(nsock_pool nsp, nsock_iod iod);
static void read_stdin_handler(nsock_pool nsp, nsock_event evt, void *data);
static void read_socket_handler(nsock_pool nsp, nsock_event evt, void *data);
static void write_socket_handler(nsock_pool nsp, nsock_event evt, void *data);
static void idle_timer_handler(nsock_pool nsp, nsock_event evt, void *data);
static void refresh_idle_timer(nsock_pool nsp);
@@ -553,10 +549,6 @@ int ncat_connect(void)
cs.sock_nsi = nsi_new(mypool, NULL);
if (cs.sock_nsi == NULL)
bye("Failed to create nsock_iod.");
#ifdef HAVE_LUA
if (o.script)
lua_nsock_save(mypool, cs.sock_nsi);
#endif
if (nsi_set_hostname(cs.sock_nsi, o.target) == -1)
bye("Failed to set hostname on iod.");
@@ -714,10 +706,6 @@ int ncat_connect(void)
/* Create IOD for nsp->stdin */
if ((cs.stdin_nsi = nsi_new2(mypool, 0, NULL)) == NULL)
bye("Failed to create stdin nsiod.");
#ifdef HAVE_LUA
if (o.script)
lua_nsock_save(mypool, cs.sock_nsi);
#endif
post_connect(mypool, cs.sock_nsi);
}
@@ -804,14 +792,8 @@ static void post_connect(nsock_pool nsp, nsock_iod iod)
/* Start the initial reads. */
if (!o.sendonly) {
#ifdef HAVE_LUA
if (o.script)
lua_nsock_read(0);
else
#endif
if (!o.sendonly)
nsock_read(nsp, cs.sock_nsi, read_socket_handler, -1, NULL);
}
if (!o.recvonly)
nsock_readbytes(nsp, cs.stdin_nsi, read_stdin_handler, -1, NULL, 0);
@@ -863,13 +845,7 @@ static void read_stdin_handler(nsock_pool nsp, nsock_event evt, void *data)
buf = tmp;
}
#ifdef HAVE_LUA
if (o.script)
lua_nsock_write(nsp, cs.sock_nsi, buf, nbytes);
else
#endif
nsock_write(nsp, cs.sock_nsi, write_socket_handler, -1, NULL, buf, nbytes);
ncat_log_send(buf, nbytes);
if (tmp)
@@ -878,11 +854,12 @@ static void read_stdin_handler(nsock_pool nsp, nsock_event evt, void *data)
refresh_idle_timer(nsp);
}
/* Handle nsock errors. */
int check_nsock_error(nsock_pool nsp, nsock_event evt)
static void read_socket_handler(nsock_pool nsp, nsock_event evt, void *data)
{
enum nse_status status = nse_status(evt);
enum nse_type type = nse_type(evt);
char *buf;
int nbytes;
ncat_assert(type == NSE_TYPE_READ);
@@ -891,7 +868,7 @@ int check_nsock_error(nsock_pool nsp, nsock_event evt)
/* In --recv-only mode or non-TCP mode, exit after EOF on the socket. */
if (o.proto != IPPROTO_TCP || (o.proto == IPPROTO_TCP && o.recvonly))
nsock_loop_quit(nsp);
return 1;
return;
} else if (status == NSE_STATUS_ERROR) {
loguser("%s.\n", socket_strerror(nse_errorcode(evt)));
exit(1);
@@ -899,46 +876,29 @@ int check_nsock_error(nsock_pool nsp, nsock_event evt)
loguser("%s.\n", socket_strerror(ETIMEDOUT));
exit(1);
} else if (status == NSE_STATUS_CANCELLED || status == NSE_STATUS_KILL) {
return 1;
return;
} else {
ncat_assert(status == NSE_STATUS_SUCCESS);
}
return 0;
}
/* Handle some post-read activities. */
void ncat_nsock_postread(nsock_pool nsp, nsock_event evt, const char *buf, int nbytes)
{
buf = nse_readbuf(evt, &nbytes);
if (o.linedelay)
ncat_delay_timer(o.linedelay);
if (nbytes > 0) {
if (o.telnet)
dotelnet(nsi_getsd(nse_iod(evt)), (unsigned char *) buf, nbytes);
/* Write socket data to stdout */
Write(STDOUT_FILENO, buf, nbytes);
ncat_log_recv(buf, nbytes);
}
nsock_readbytes(nsp, cs.sock_nsi, read_socket_handler, -1, NULL, 0);
refresh_idle_timer(nsp);
}
static void read_socket_handler(nsock_pool nsp, nsock_event evt, void *data)
{
char *buf;
int nbytes;
if (check_nsock_error(nsp, evt))
return;
buf = nse_readbuf(evt, &nbytes);
ncat_nsock_postread(nsp, evt, buf, nbytes);
nsock_readbytes(nsp, cs.sock_nsi, read_socket_handler, -1, NULL, 0);
}
void write_socket_handler(nsock_pool nsp, nsock_event evt, void *data)
static void write_socket_handler(nsock_pool nsp, nsock_event evt, void *data)
{
enum nse_status status = nse_status(evt);
enum nse_type type = nse_type(evt);

8
ncat/ncat_connect.h
View File

@@ -123,13 +123,5 @@
#include "nsock.h"
#ifdef HAVE_LUA
#include "ncat_lua.h"
#include "ncat_lua_connect.h"
#endif
/* handle nsock-powered connections */
extern int ncat_connect(void);
int check_nsock_error(nsock_pool nsp, nsock_event evt);
void ncat_nsock_postread(nsock_pool nsp, nsock_event evt, const char *buf, int nbytes);
void write_socket_handler(nsock_pool nsp, nsock_event evt, void *data);

1
ncat/ncat_core.c
View File

@@ -201,7 +201,6 @@ void options_init(void)
o.cmdexec = NULL;
o.execmode = EXEC_PLAIN;
o.script = 0;
o.proxy_auth = NULL;
o.proxytype = NULL;

1
ncat/ncat_core.h
View File

@@ -195,7 +195,6 @@ struct options {
/* When execmode == EXEC_LUA, cmdexec is the name of the file to run. */
char *cmdexec;
enum exec_mode execmode;
int script;
char *proxy_auth;
char *proxytype;

66
ncat/ncat_lua.c
View File

@@ -123,33 +123,17 @@
#include "ncat.h"
#include "ncat_lua.h"
#include "ncat_lua_filters.h"
lua_State *filters_L = NULL;
lua_State *luaexec_L = NULL;
int error_handler_idx = -1;
static lua_State *L;
static int last_function_number;
void lua_report(lua_State *L, char *prefix, int panic)
static void report(char *prefix)
{
const char *errormsg;
errormsg = lua_tostring(L, -1);
if (errormsg == NULL)
errormsg = "(error object is not a string)";
if (panic)
bye("%s: %s.", prefix, errormsg);
else
loguser("%s: %s.", prefix, errormsg);
}
void dump_stack(lua_State *L, char* title) {
int i;
logdebug("DUMPING THE STACK title=%s.\n", title);
for (i = 1; i <= lua_gettop(L); ++i) {
fprintf(stderr, "%d %s %s\n", i, luaL_typename(L, i), luaL_tolstring(L, i, 0));
lua_pop(L, 1);
}
logdebug("END OF DUMP.\n\n");
}
static int traceback (lua_State *L)
@@ -167,30 +151,32 @@ static int traceback (lua_State *L)
return 1;
}
void lua_setup(char *cmdexec, int script)
void lua_setup(void)
{
ncat_assert(cmdexec != NULL);
ncat_assert(o.cmdexec != NULL);
lua_State **L = script ? &filters_L : &luaexec_L;
L = luaL_newstate();
luaL_openlibs(L);
if (*L == NULL) {
*L = luaL_newstate();
luaL_openlibs(*L);
if (luaL_loadfile(L, o.cmdexec) != 0)
report("Error loading the Lua script");
if (error_handler_idx == -1) {
/* install the traceback function */
error_handler_idx = lua_gettop(*L);
lua_pushcfunction(*L, traceback);
lua_insert(*L, error_handler_idx);
}
if (script)
lua_filters_setup();
}
if (luaL_loadfile(*L, cmdexec) != 0)
lua_report(*L, "Error loading the Lua script", 1);
if (script)
lua_run_filter(cmdexec);
last_function_number = lua_gettop(L);
lua_pushcfunction(L, traceback);
lua_insert(L, last_function_number);
}
void lua_run(void)
{
if (lua_pcall(L, 0, 0, last_function_number) != LUA_OK && !lua_isnil(L, -1)) {
/* handle the error; the code below is taken from lua.c, Lua source code */
lua_remove(L, last_function_number);
report("Error running the Lua script");
} else {
if (o.debug)
logdebug("%s returned successfully.\n", o.cmdexec);
lua_close(L);
exit(EXIT_SUCCESS);
}
}

10
ncat/ncat_lua.h
View File

@@ -136,13 +136,7 @@ extern "C" {
}
#endif
extern lua_State *luaexec_L;
extern lua_State *filters_L;
extern int error_handler_idx;
void lua_report(lua_State *L, char *prefix, int panic);
void dump_stack(lua_State *L, char* title);
void lua_setup(char *cmdexec, int script);
void lua_setup(void);
void lua_run(void);
#endif

139
ncat/ncat_lua_exec.c
View File

@@ -1,139 +0,0 @@
/***************************************************************************
* ncat_lua_exec.c -- ncat --lua-exec facilities *
***********************IMPORTANT NMAP LICENSE TERMS************************
* *
* The Nmap Security Scanner is (C) 1996-2013 Insecure.Com LLC. Nmap is *
* also a registered trademark of Insecure.Com LLC. This program is free *
* software; you may redistribute and/or modify it under the terms of the *
* GNU General Public License as published by the Free Software *
* Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE CLARIFICATIONS *
* AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your right to use, *
* modify, and redistribute this software under certain conditions. If *
* you wish to embed Nmap technology into proprietary software, we sell *
* alternative licenses (contact sales@nmap.com). Dozens of software *
* vendors already license Nmap technology such as host discovery, port *
* scanning, OS detection, version detection, and the Nmap Scripting *
* Engine. *
* *
* Note that the GPL places important restrictions on "derivative works", *
* yet it does not provide a detailed definition of that term. To avoid *
* misunderstandings, we interpret that term as broadly as copyright law *
* allows. For example, we consider an application to constitute a *
* derivative work for the purpose of this license if it does any of the *
* following with any software or content covered by this license *
* ("Covered Software"): *
* *
* o Integrates source code from Covered Software. *
* *
* o Reads or includes copyrighted data files, such as Nmap's nmap-os-db *
* or nmap-service-probes. *
* *
* o Is designed specifically to execute Covered Software and parse the *
* results (as opposed to typical shell or execution-menu apps, which will *
* execute anything you tell them to). *
* *
* o Includes Covered Software in a proprietary executable installer. The *
* installers produced by InstallShield are an example of this. Including *
* Nmap with other software in compressed or archival form does not *
* trigger this provision, provided appropriate open source decompression *
* or de-archiving software is widely available for no charge. For the *
* purposes of this license, an installer is considered to include Covered *
* Software even if it actually retrieves a copy of Covered Software from *
* another source during runtime (such as by downloading it from the *
* Internet). *
* *
* o Links (statically or dynamically) to a library which does any of the *
* above. *
* *
* o Executes a helper program, module, or script to do any of the above. *
* *
* This list is not exclusive, but is meant to clarify our interpretation *
* of derived works with some common examples. Other people may interpret *
* the plain GPL differently, so we consider this a special exception to *
* the GPL that we apply to Covered Software. Works which meet any of *
* these conditions must conform to all of the terms of this license, *
* particularly including the GPL Section 3 requirements of providing *
* source code and allowing free redistribution of the work as a whole. *
* *
* As another special exception to the GPL terms, Insecure.Com LLC grants *
* permission to link the code of this program with any version of the *
* OpenSSL library which is distributed under a license identical to that *
* listed in the included docs/licenses/OpenSSL.txt file, and distribute *
* linked combinations including the two. *
* *
* Any redistribution of Covered Software, including any derived works, *
* must obey and carry forward all of the terms of this license, including *
* obeying all GPL rules and restrictions. For example, source code of *
* the whole work must be provided and free redistribution must be *
* allowed. All GPL references to "this License", are to be treated as *
* including the terms and conditions of this license text as well. *
* *
* Because this license imposes special exceptions to the GPL, Covered *
* Work may not be combined (even as part of a larger work) with plain GPL *
* software. The terms, conditions, and exceptions of this license must *
* be included as well. This license is incompatible with some other open *
* source licenses as well. In some cases we can relicense portions of *
* Nmap or grant special permissions to use it in other open source *
* software. Please contact fyodor@nmap.org with any such requests. *
* Similarly, we don't incorporate incompatible open source software into *
* Covered Software without special permission from the copyright holders. *
* *
* If you have any questions about the licensing restrictions on using *
* Nmap in other works, are happy to help. As mentioned above, we also *
* offer alternative license to integrate Nmap into proprietary *
* applications and appliances. These contracts have been sold to dozens *
* of software vendors, and generally include a perpetual license as well *
* as providing for priority support and updates. They also fund the *
* continued development of Nmap. Please email sales@nmap.com for further *
* information. *
* *
* If you have received a written license agreement or contract for *
* Covered Software stating terms other than these, you may choose to use *
* and redistribute Covered Software under those terms instead of these. *
* *
* Source is provided to this software because we believe users have a *
* right to know exactly what a program is going to do before they run it. *
* This also allows you to audit the software for security holes (none *
* have been found so far). *
* *
* Source code also allows you to port Nmap to new platforms, fix bugs, *
* and add new features. You are highly encouraged to send your changes *
* to the dev@nmap.org mailing list for possible incorporation into the *
* main distribution. By sending these changes to Fyodor or one of the *
* Insecure.Org development mailing lists, or checking them into the Nmap *
* source code repository, it is understood (unless you specify otherwise) *
* that you are offering the Nmap Project (Insecure.Com LLC) the *
* unlimited, non-exclusive right to reuse, modify, and relicense the *
* code. Nmap will always be available Open Source, but this is important *
* because the inability to relicense code has caused devastating problems *
* for other Free Software projects (such as KDE and NASM). We also *
* occasionally relicense the code to third parties as discussed above. *
* If you wish to specify special license conditions of your *
* contributions, just say so when you send them. *
* *
* This program is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Nmap *
* license file for more details (it's in a COPYING file included with *
* Nmap, and also available from https://svn.nmap.org/nmap/COPYING *
* *
***************************************************************************/
/* $Id$ */
#include "ncat.h"
#include "ncat_lua.h"
void lua_run(void)
{
if (lua_pcall(luaexec_L, 0, 0, error_handler_idx) != LUA_OK && !lua_isnil(luaexec_L, -1)) {
/* handle the error; the code below is taken from lua.c, Lua source code */
lua_remove(luaexec_L, error_handler_idx);
lua_report(luaexec_L, "Error running the Lua script", 1);
} else {
if (o.debug)
logdebug("%s returned successfully.\n", o.cmdexec);
lua_close(luaexec_L);
exit(EXIT_SUCCESS);
}
}

143
ncat/ncat_lua_exec.h
View File

@@ -1,143 +0,0 @@
/***************************************************************************
* ncat_lua_exec.h -- ncat --lua-exec facilities header file *
***********************IMPORTANT NMAP LICENSE TERMS************************
* *
* The Nmap Security Scanner is (C) 1996-2013 Insecure.Com LLC. Nmap is *
* also a registered trademark of Insecure.Com LLC. This program is free *
* software; you may redistribute and/or modify it under the terms of the *
* GNU General Public License as published by the Free Software *
* Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE CLARIFICATIONS *
* AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your right to use, *
* modify, and redistribute this software under certain conditions. If *
* you wish to embed Nmap technology into proprietary software, we sell *
* alternative licenses (contact sales@nmap.com). Dozens of software *
* vendors already license Nmap technology such as host discovery, port *
* scanning, OS detection, version detection, and the Nmap Scripting *
* Engine. *
* *
* Note that the GPL places important restrictions on "derivative works", *
* yet it does not provide a detailed definition of that term. To avoid *
* misunderstandings, we interpret that term as broadly as copyright law *
* allows. For example, we consider an application to constitute a *
* derivative work for the purpose of this license if it does any of the *
* following with any software or content covered by this license *
* ("Covered Software"): *
* *
* o Integrates source code from Covered Software. *
* *
* o Reads or includes copyrighted data files, such as Nmap's nmap-os-db *
* or nmap-service-probes. *
* *
* o Is designed specifically to execute Covered Software and parse the *
* results (as opposed to typical shell or execution-menu apps, which will *
* execute anything you tell them to). *
* *
* o Includes Covered Software in a proprietary executable installer. The *
* installers produced by InstallShield are an example of this. Including *
* Nmap with other software in compressed or archival form does not *
* trigger this provision, provided appropriate open source decompression *
* or de-archiving software is widely available for no charge. For the *
* purposes of this license, an installer is considered to include Covered *
* Software even if it actually retrieves a copy of Covered Software from *
* another source during runtime (such as by downloading it from the *
* Internet). *
* *
* o Links (statically or dynamically) to a library which does any of the *
* above. *
* *
* o Executes a helper program, module, or script to do any of the above. *
* *
* This list is not exclusive, but is meant to clarify our interpretation *
* of derived works with some common examples. Other people may interpret *
* the plain GPL differently, so we consider this a special exception to *
* the GPL that we apply to Covered Software. Works which meet any of *
* these conditions must conform to all of the terms of this license, *
* particularly including the GPL Section 3 requirements of providing *
* source code and allowing free redistribution of the work as a whole. *
* *
* As another special exception to the GPL terms, Insecure.Com LLC grants *
* permission to link the code of this program with any version of the *
* OpenSSL library which is distributed under a license identical to that *
* listed in the included docs/licenses/OpenSSL.txt file, and distribute *
* linked combinations including the two. *
* *
* Any redistribution of Covered Software, including any derived works, *
* must obey and carry forward all of the terms of this license, including *
* obeying all GPL rules and restrictions. For example, source code of *
* the whole work must be provided and free redistribution must be *
* allowed. All GPL references to "this License", are to be treated as *
* including the terms and conditions of this license text as well. *
* *
* Because this license imposes special exceptions to the GPL, Covered *
* Work may not be combined (even as part of a larger work) with plain GPL *
* software. The terms, conditions, and exceptions of this license must *
* be included as well. This license is incompatible with some other open *
* source licenses as well. In some cases we can relicense portions of *
* Nmap or grant special permissions to use it in other open source *
* software. Please contact fyodor@nmap.org with any such requests. *
* Similarly, we don't incorporate incompatible open source software into *
* Covered Software without special permission from the copyright holders. *
* *
* If you have any questions about the licensing restrictions on using *
* Nmap in other works, are happy to help. As mentioned above, we also *
* offer alternative license to integrate Nmap into proprietary *
* applications and appliances. These contracts have been sold to dozens *
* of software vendors, and generally include a perpetual license as well *
* as providing for priority support and updates. They also fund the *
* continued development of Nmap. Please email sales@nmap.com for further *
* information. *
* *
* If you have received a written license agreement or contract for *
* Covered Software stating terms other than these, you may choose to use *
* and redistribute Covered Software under those terms instead of these. *
* *
* Source is provided to this software because we believe users have a *
* right to know exactly what a program is going to do before they run it. *
* This also allows you to audit the software for security holes (none *
* have been found so far). *
* *
* Source code also allows you to port Nmap to new platforms, fix bugs, *
* and add new features. You are highly encouraged to send your changes *
* to the dev@nmap.org mailing list for possible incorporation into the *
* main distribution. By sending these changes to Fyodor or one of the *
* Insecure.Org development mailing lists, or checking them into the Nmap *
* source code repository, it is understood (unless you specify otherwise) *
* that you are offering the Nmap Project (Insecure.Com LLC) the *
* unlimited, non-exclusive right to reuse, modify, and relicense the *
* code. Nmap will always be available Open Source, but this is important *
* because the inability to relicense code has caused devastating problems *
* for other Free Software projects (such as KDE and NASM). We also *
* occasionally relicense the code to third parties as discussed above. *
* If you wish to specify special license conditions of your *
* contributions, just say so when you send them. *
* *
* This program is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Nmap *
* license file for more details (it's in a COPYING file included with *
* Nmap, and also available from https://svn.nmap.org/nmap/COPYING *
* *
***************************************************************************/
/* $Id$ */
#ifndef _NCAT_LUA_EXEC_H
#define _NCAT_LUA_EXEC_H
#ifdef __cplusplus
extern "C" {
#endif
#include "lua.h"
#include "lualib.h"
#include "lauxlib.h"
#ifdef __cplusplus
}
#endif
void lua_run(void);
void lua_unregister_fd(struct fdinfo *fdn);
#endif

343
ncat/ncat_lua_filters.c
View File

@@ -1,343 +0,0 @@
/***************************************************************************
* ncat_lua_filters.c -- Ncat Lua filters shared code *
***********************IMPORTANT NMAP LICENSE TERMS************************
* *
* The Nmap Security Scanner is (C) 1996-2013 Insecure.Com LLC. Nmap is *
* also a registered trademark of Insecure.Com LLC. This program is free *
* software; you may redistribute and/or modify it under the terms of the *
* GNU General Public License as published by the Free Software *
* Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE CLARIFICATIONS *
* AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your right to use, *
* modify, and redistribute this software under certain conditions. If *
* you wish to embed Nmap technology into proprietary software, we sell *
* alternative licenses (contact sales@nmap.com). Dozens of software *
* vendors already license Nmap technology such as host discovery, port *
* scanning, OS detection, version detection, and the Nmap Scripting *
* Engine. *
* *
* Note that the GPL places important restrictions on "derivative works", *
* yet it does not provide a detailed definition of that term. To avoid *
* misunderstandings, we interpret that term as broadly as copyright law *
* allows. For example, we consider an application to constitute a *
* derivative work for the purpose of this license if it does any of the *
* following with any software or content covered by this license *
* ("Covered Software"): *
* *
* o Integrates source code from Covered Software. *
* *
* o Reads or includes copyrighted data files, such as Nmap's nmap-os-db *
* or nmap-service-probes. *
* *
* o Is designed specifically to execute Covered Software and parse the *
* results (as opposed to typical shell or execution-menu apps, which will *
* execute anything you tell them to). *
* *
* o Includes Covered Software in a proprietary executable installer. The *
* installers produced by InstallShield are an example of this. Including *
* Nmap with other software in compressed or archival form does not *
* trigger this provision, provided appropriate open source decompression *
* or de-archiving software is widely available for no charge. For the *
* purposes of this license, an installer is considered to include Covered *
* Software even if it actually retrieves a copy of Covered Software from *
* another source during runtime (such as by downloading it from the *
* Internet). *
* *
* o Links (statically or dynamically) to a library which does any of the *
* above. *
* *
* o Executes a helper program, module, or script to do any of the above. *
* *
* This list is not exclusive, but is meant to clarify our interpretation *
* of derived works with some common examples. Other people may interpret *
* the plain GPL differently, so we consider this a special exception to *
* the GPL that we apply to Covered Software. Works which meet any of *
* these conditions must conform to all of the terms of this license, *
* particularly including the GPL Section 3 requirements of providing *
* source code and allowing free redistribution of the work as a whole. *
* *
* As another special exception to the GPL terms, Insecure.Com LLC grants *
* permission to link the code of this program with any version of the *
* OpenSSL library which is distributed under a license identical to that *
* listed in the included docs/licenses/OpenSSL.txt file, and distribute *
* linked combinations including the two. *
* *
* Any redistribution of Covered Software, including any derived works, *
* must obey and carry forward all of the terms of this license, including *
* obeying all GPL rules and restrictions. For example, source code of *
* the whole work must be provided and free redistribution must be *
* allowed. All GPL references to "this License", are to be treated as *
* including the terms and conditions of this license text as well. *
* *
* Because this license imposes special exceptions to the GPL, Covered *
* Work may not be combined (even as part of a larger work) with plain GPL *
* software. The terms, conditions, and exceptions of this license must *
* be included as well. This license is incompatible with some other open *
* source licenses as well. In some cases we can relicense portions of *
* Nmap or grant special permissions to use it in other open source *
* software. Please contact fyodor@nmap.org with any such requests. *
* Similarly, we don't incorporate incompatible open source software into *
* Covered Software without special permission from the copyright holders. *
* *
* If you have any questions about the licensing restrictions on using *
* Nmap in other works, are happy to help. As mentioned above, we also *
* offer alternative license to integrate Nmap into proprietary *
* applications and appliances. These contracts have been sold to dozens *
* of software vendors, and generally include a perpetual license as well *
* as providing for priority support and updates. They also fund the *
* continued development of Nmap. Please email sales@nmap.com for further *
* information. *
* *
* If you have received a written license agreement or contract for *
* Covered Software stating terms other than these, you may choose to use *
* and redistribute Covered Software under those terms instead of these. *
* *
* Source is provided to this software because we believe users have a *
* right to know exactly what a program is going to do before they run it. *
* This also allows you to audit the software for security holes (none *
* have been found so far). *
* *
* Source code also allows you to port Nmap to new platforms, fix bugs, *
* and add new features. You are highly encouraged to send your changes *
* to the dev@nmap.org mailing list for possible incorporation into the *
* main distribution. By sending these changes to Fyodor or one of the *
* Insecure.Org development mailing lists, or checking them into the Nmap *
* source code repository, it is understood (unless you specify otherwise) *
* that you are offering the Nmap Project (Insecure.Com LLC) the *
* unlimited, non-exclusive right to reuse, modify, and relicense the *
* code. Nmap will always be available Open Source, but this is important *
* because the inability to relicense code has caused devastating problems *
* for other Free Software projects (such as KDE and NASM). We also *
* occasionally relicense the code to third parties as discussed above. *
* If you wish to specify special license conditions of your *
* contributions, just say so when you send them. *
* *
* This program is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Nmap *
* license file for more details (it's in a COPYING file included with *
* Nmap, and also available from https://svn.nmap.org/nmap/COPYING *
* *
***************************************************************************/
/* $Id$ */
#include "ncat.h"
#include "ncat_lua.h"
#include "ncat_lua_filters.h"
static int make_socket_function_idx;
static void lua_set_registry(const char *key);
static int lua_do_nothing(lua_State *L)
{
return 0;
}
static void lua_create_supersocket()
{
lua_newtable(filters_L);
lua_pushstring(filters_L, "recv");
if (o.listen)
lua_pushcfunction(filters_L, lua_do_nothing); /* TODO */
else
lua_pushcfunction(filters_L, lua_nsock_recv_raw);
lua_settable(filters_L, -3);
lua_pushstring(filters_L, "send");
if (o.listen)
lua_pushcfunction(filters_L, lua_do_nothing);
else
lua_pushcfunction(filters_L, lua_nsock_write_raw);
lua_settable(filters_L, -3);
lua_set_registry("socket");
}
void lua_filters_setup()
{
/* Initialize the registry. */
lua_pushlightuserdata(filters_L, filters_L);
lua_newtable(filters_L);
lua_settable(filters_L, LUA_REGISTRYINDEX);
lua_newtable(filters_L);
lua_set_registry("connections");
lua_newtable(filters_L);
lua_set_registry("connection_roots");
lua_create_supersocket();
luaL_loadstring(filters_L, "return function(function_self, self, arg2) "
"local super = arg2 or self.super "
"local ret "
"if super then "
"ret = {} "
"for _, m in pairs({'send','recv'}) do "
/* Set the method to one that calls super and passes it
all the arguments we got, returning everything we'd get.
*/
"ret[m] = function(self, ...) "
"return table.unpack({self.super[m](self.super, ...)}) "
"end "
"end "
"else "
"ret = {} "
"end "
"for k, v in pairs(self) do "
"ret[k] = v "
"end "
"if super then "
"ret.super = function_self(function_self, super) "
"end "
"return ret "
"end ");
lua_pcall(filters_L, 0, 1, error_handler_idx);
make_socket_function_idx = lua_gettop(filters_L);
}
void lua_fetch_registry(const char *key)
{
lua_pushlightuserdata(filters_L, filters_L);
lua_gettable(filters_L, LUA_REGISTRYINDEX);
lua_pushstring(filters_L, key);
lua_gettable(filters_L, -2);
lua_insert(filters_L, -2);
lua_pop(filters_L, 1);
}
static void lua_set_registry(const char *key)
{
lua_pushlightuserdata(filters_L, filters_L);
lua_gettable(filters_L, LUA_REGISTRYINDEX);
lua_insert(filters_L, -2);
lua_pushstring(filters_L, key);
lua_insert(filters_L, -2);
lua_settable(filters_L, -3);
lua_pop(filters_L, 1);
}
void lua_run_filter(char *cmdexec)
{
lua_pcall(filters_L, 0, 1, error_handler_idx);
if (!lua_istable(filters_L, -1))
bye("%s did not return a table.", cmdexec);
/* Overwrite the socket variable with new_socket(socket_from_file,
socket). */
lua_pushvalue(filters_L, make_socket_function_idx);
lua_insert(filters_L, -2);
lua_pushvalue(filters_L, make_socket_function_idx);
lua_insert(filters_L, -3);
lua_fetch_registry("socket");
if (lua_pcall(filters_L, 3, 1, error_handler_idx) != LUA_OK)
lua_report(filters_L, cmdexec, 1);
lua_set_registry("socket");
}
/* Try to find the connection in the global table named "connections" with fd
as the key. If it's not there, create it, find its topmost "super", set its
"fd" to the given struct ncat_lua_state and save it in connection_supers.
Leave the socket on the stack. If *fdn is NULL, we assume that fd=0 and
we're in connect mode. Also, if *created is not NULL, it is set to 1 if
the socket put on the stack was just created. */
struct ncat_lua_state* get_connection(struct fdinfo *fdn, int *created)
{
struct ncat_lua_state *ret;
int connections_key;
if (fdn == NULL)
connections_key = 0;
else
connections_key = fdn->fd;
/* Try to access connections[fd]. Leave connections[] on the stack. */
lua_fetch_registry("connections");
lua_pushinteger(filters_L, connections_key);
lua_gettable(filters_L, -2);
if (lua_isnil(filters_L, -1)) {
lua_pop(filters_L, 1); /* nil means we hadn't added the connection yet, pop it. */
/* Basically: connections[fd] = new_socket(socket) */
lua_pushinteger(filters_L, connections_key);
lua_pushvalue(filters_L, make_socket_function_idx);
lua_pushvalue(filters_L, make_socket_function_idx);
lua_fetch_registry("socket");
if (lua_pcall(filters_L, 2, 1, error_handler_idx) != LUA_OK)
lua_report(filters_L, "Error creating the socket", 1);
lua_pushvalue(filters_L, -1); /* Make a copy of the connection we created. */
lua_insert(filters_L, -4); /* Move it below connection, 5 and original table. */
lua_settable(filters_L, -3);
lua_pop(filters_L, 1); /* Get rid of connections[]. */
/* Make another copy of the table - we'll work on the current one
looking for the topmost super. */
lua_pushvalue(filters_L, -1);
for(;;) {
lua_pushvalue(filters_L, -1); /* Copy the current table */
lua_pushstring(filters_L, "super");
lua_gettable(filters_L, -2);
lua_insert(filters_L, -2); /* Move the copy to the top, pop it */
lua_pop(filters_L, 1);
if (lua_isnil(filters_L, -1)) {
lua_pop(filters_L, 1); /* Pop the nil */
break; /* There's no super, we're at the top */
}
lua_insert(filters_L, -2); /* Get rid of the old table */
lua_pop(filters_L, 1);
}
ret = (struct ncat_lua_state *) Calloc(1, sizeof(*ret));
if (fdn != NULL)
ret->fdn = *fdn;
/* Set the "lua_state" to a pointer to ret. */
lua_pushlightuserdata(filters_L, ret);
lua_setfield(filters_L, -2, "lua_state");
lua_fetch_registry("connection_roots");
lua_pushinteger(filters_L, connections_key);
lua_pushvalue(filters_L, -3);
lua_remove(filters_L, -4);
lua_settable(filters_L, -3);
lua_pop(filters_L, 1);
if (created != NULL)
*created = 1;
} else {
lua_insert(filters_L, -2); /* Get rid of connections[]. */
lua_pop(filters_L, 1);
/* Get the struct ncat_lua_state from connection_roots[fd].lua_state. */
lua_fetch_registry("connection_roots");
lua_pushinteger(filters_L, connections_key);
lua_gettable(filters_L, -2);
lua_getfield(filters_L, -1, "lua_state");
ret = (struct ncat_lua_state *) lua_touserdata(filters_L, -1);
lua_pop(filters_L, 3); /* Pop the userdata, the table and connection_roots. */
if (created != NULL)
*created = 0;
}
return ret;
}
/* Read "lua_state" field from socket table available under stack index given
as the second argument. If after the call *ret is set to a non-negative
value, it must be returned. */
struct ncat_lua_state* lua_fetch_userdata(lua_State *L, int idx, int *ret)
{
struct ncat_lua_state *nls;
*ret = -1;
lua_getfield(L, idx, "lua_state");
nls = (struct ncat_lua_state *) lua_touserdata(L, -1);
if (nls == NULL) {
lua_pushnil(L);
lua_pushstring(L, "Socket already closed");
*ret = 2;
}
return nls;
}

150
ncat/ncat_lua_filters.h
View File

@@ -1,150 +0,0 @@
/***************************************************************************
* ncat_lua_filters.h -- Ncat Lua filters shared code headers *
***********************IMPORTANT NMAP LICENSE TERMS************************
* *
* The Nmap Security Scanner is (C) 1996-2013 Insecure.Com LLC. Nmap is *
* also a registered trademark of Insecure.Com LLC. This program is free *
* software; you may redistribute and/or modify it under the terms of the *
* GNU General Public License as published by the Free Software *
* Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE CLARIFICATIONS *
* AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your right to use, *
* modify, and redistribute this software under certain conditions. If *
* you wish to embed Nmap technology into proprietary software, we sell *
* alternative licenses (contact sales@nmap.com). Dozens of software *
* vendors already license Nmap technology such as host discovery, port *
* scanning, OS detection, version detection, and the Nmap Scripting *
* Engine. *
* *
* Note that the GPL places important restrictions on "derivative works", *
* yet it does not provide a detailed definition of that term. To avoid *
* misunderstandings, we interpret that term as broadly as copyright law *
* allows. For example, we consider an application to constitute a *
* derivative work for the purpose of this license if it does any of the *
* following with any software or content covered by this license *
* ("Covered Software"): *
* *
* o Integrates source code from Covered Software. *
* *
* o Reads or includes copyrighted data files, such as Nmap's nmap-os-db *
* or nmap-service-probes. *
* *
* o Is designed specifically to execute Covered Software and parse the *
* results (as opposed to typical shell or execution-menu apps, which will *
* execute anything you tell them to). *
* *
* o Includes Covered Software in a proprietary executable installer. The *
* installers produced by InstallShield are an example of this. Including *
* Nmap with other software in compressed or archival form does not *
* trigger this provision, provided appropriate open source decompression *
* or de-archiving software is widely available for no charge. For the *
* purposes of this license, an installer is considered to include Covered *
* Software even if it actually retrieves a copy of Covered Software from *
* another source during runtime (such as by downloading it from the *
* Internet). *
* *
* o Links (statically or dynamically) to a library which does any of the *
* above. *
* *
* o Executes a helper program, module, or script to do any of the above. *
* *
* This list is not exclusive, but is meant to clarify our interpretation *
* of derived works with some common examples. Other people may interpret *
* the plain GPL differently, so we consider this a special exception to *
* the GPL that we apply to Covered Software. Works which meet any of *
* these conditions must conform to all of the terms of this license, *
* particularly including the GPL Section 3 requirements of providing *
* source code and allowing free redistribution of the work as a whole. *
* *
* As another special exception to the GPL terms, Insecure.Com LLC grants *
* permission to link the code of this program with any version of the *
* OpenSSL library which is distributed under a license identical to that *
* listed in the included docs/licenses/OpenSSL.txt file, and distribute *
* linked combinations including the two. *
* *
* Any redistribution of Covered Software, including any derived works, *
* must obey and carry forward all of the terms of this license, including *
* obeying all GPL rules and restrictions. For example, source code of *
* the whole work must be provided and free redistribution must be *
* allowed. All GPL references to "this License", are to be treated as *
* including the terms and conditions of this license text as well. *
* *
* Because this license imposes special exceptions to the GPL, Covered *
* Work may not be combined (even as part of a larger work) with plain GPL *
* software. The terms, conditions, and exceptions of this license must *
* be included as well. This license is incompatible with some other open *
* source licenses as well. In some cases we can relicense portions of *
* Nmap or grant special permissions to use it in other open source *
* software. Please contact fyodor@nmap.org with any such requests. *
* Similarly, we don't incorporate incompatible open source software into *
* Covered Software without special permission from the copyright holders. *
* *
* If you have any questions about the licensing restrictions on using *
* Nmap in other works, are happy to help. As mentioned above, we also *
* offer alternative license to integrate Nmap into proprietary *
* applications and appliances. These contracts have been sold to dozens *
* of software vendors, and generally include a perpetual license as well *
* as providing for priority support and updates. They also fund the *
* continued development of Nmap. Please email sales@nmap.com for further *
* information. *
* *
* If you have received a written license agreement or contract for *
* Covered Software stating terms other than these, you may choose to use *
* and redistribute Covered Software under those terms instead of these. *
* *
* Source is provided to this software because we believe users have a *
* right to know exactly what a program is going to do before they run it. *
* This also allows you to audit the software for security holes (none *
* have been found so far). *
* *
* Source code also allows you to port Nmap to new platforms, fix bugs, *
* and add new features. You are highly encouraged to send your changes *
* to the dev@nmap.org mailing list for possible incorporation into the *
* main distribution. By sending these changes to Fyodor or one of the *
* Insecure.Org development mailing lists, or checking them into the Nmap *
* source code repository, it is understood (unless you specify otherwise) *
* that you are offering the Nmap Project (Insecure.Com LLC) the *
* unlimited, non-exclusive right to reuse, modify, and relicense the *
* code. Nmap will always be available Open Source, but this is important *
* because the inability to relicense code has caused devastating problems *
* for other Free Software projects (such as KDE and NASM). We also *
* occasionally relicense the code to third parties as discussed above. *
* If you wish to specify special license conditions of your *
* contributions, just say so when you send them. *
* *
* This program is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Nmap *
* license file for more details (it's in a COPYING file included with *
* Nmap, and also available from https://svn.nmap.org/nmap/COPYING *
* *
***************************************************************************/
/* $Id$ */
#ifndef _NCAT_LUA_FILTERS_H
#define _NCAT_LUA_FILTERS_H
struct ncat_lua_state {
struct fdinfo fdn;
/* Only used in connect mode: */
int in_send;
/* Needed for receiving */
nsock_event evt;
/* 1 if the next read should be performed by nsock_readbytes, 0 if
nsock_read. */
int readbytes;
/* Needed for sending */
nsock_pool nsp;
nsock_iod nsiod;
};
void lua_fetch_registry(const char *key);
void lua_run_filter(char *cmdexec);
void lua_filters_setup();
struct ncat_lua_state* get_connection(struct fdinfo *fdn, int *created);
struct ncat_lua_state* lua_fetch_userdata(lua_State *L, int idx, int *ret);
#endif

30
ncat/ncat_main.c
View File

@@ -148,11 +148,6 @@
#ifdef HAVE_LUA
#include "ncat_lua.h"
#include "ncat_lua_exec.h"
char** filter_filenames = NULL;
int filter_filenames_no = 0;
#endif
static int ncat_connect_mode(void);
@@ -282,7 +277,6 @@ int main(int argc, char *argv[])
#ifdef HAVE_LUA
{"lua-exec", required_argument, NULL, 0},
{"lua-exec-internal",required_argument, NULL, 0},
{"load-lua-socket-file", required_argument, NULL, 'L'},
#endif
{"max-conns", required_argument, NULL, 'm'},
{"help", no_argument, NULL, 'h'},
@@ -337,7 +331,7 @@ int main(int argc, char *argv[])
while (1) {
/* handle command line arguments */
int option_index;
int c = getopt_long(argc, argv, "46UCc:e:g:G:i:km:hp:d:lo:x:ts:uvw:nL:",
int c = getopt_long(argc, argv, "46UCc:e:g:G:i:km:hp:d:lo:x:ts:uvw:n",
long_options, &option_index);
/* That's the end of the options. */
@@ -550,15 +544,9 @@ int main(int argc, char *argv[])
#endif
ncat_assert(argc == 3);
o.cmdexec = argv[2];
lua_setup(o.cmdexec, 0);
lua_setup();
lua_run();
}
break;
case 'L':
o.script = 1;
filter_filenames_no++;
filter_filenames = (char **)safe_realloc(filter_filenames, sizeof(char *) * filter_filenames_no);
filter_filenames[filter_filenames_no-1] = Strdup(optarg);
#endif
break;
case 'h':
@@ -578,8 +566,6 @@ int main(int argc, char *argv[])
" -e, --exec <command> Executes the given command\n"
#ifdef HAVE_LUA
" --lua-exec <filename> Executes the given Lua script\n"
//This line is clearly too long. The option name, IMHO, too.
" -L --load-lua-socket-file Applies the Lua filter script\n"
#endif
" -g hop1[,hop2,...] Loose source routing hop points (8 max)\n"
" -G <n> Loose source routing hop pointer (4, 8, 12, ...)\n"
@@ -882,18 +868,8 @@ connection brokering should work.");
set_lf_mode();
#ifdef HAVE_LUA
if (o.script) {
int i;
for (i = 0; i < filter_filenames_no; i++) {
if (o.verbose)
loguser("Applying Lua filter: %s\n", filter_filenames[i]);
lua_setup(filter_filenames[i], 1);
free(filter_filenames[i]);
}
free(filter_filenames);
}
if (o.execmode == EXEC_LUA)
lua_setup(o.cmdexec, 0);
lua_setup();
#endif
if (o.listen)

2
ncat/ncat_posix.c
View File

@@ -122,7 +122,7 @@
/* $Id$ */
#include "ncat.h"
#include "ncat_lua_exec.h"
#include "ncat_lua.h"
char **cmdline_split(const char *cmdexec);

3
ncat/scripts/filters/null.lua
View File

@@ -1,3 +0,0 @@
--Do everything that self.super does.
return {}