PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity

I think I'm done with pcap upgrade and doug's pcap selectable_fd patch

Browse Source
This commit is contained in:
fyodor
2006-08-17 00:23:03 +00:00
parent 95d727ce3b
commit 3d9ccee8ff
12 changed files with 134 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGELOG
View File

@@ -1,7 +1,18 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
4.20ALPHA5
o Worked with Zhao to improve the new OS detection system with o Worked with Zhao to improve the new OS detection system with
better algorithms and bug fixes. better algorithms and bug fixes.
o Nmap now uses the (relatively) new libpcap pcap_get_selectable_fd
API on systems which support it. This means that we no longer need to
hack the included Pcap to better support Linux. So Nmap will now link
with an existing system libpcap by default on that platform if one is
detected.
o Updated the included libpcap from 0.9.3 to 0.9.4. The changes I
made are in libpcap/NMAP_MODIFICATIONS .
o Applied some nsock bugfixes from Diman Todorov. These don't o Applied some nsock bugfixes from Diman Todorov. These don't
affect the current version of Nmap, but are important for his upcoming affect the current version of Nmap, but are important for his upcoming
Nmap Scripting Engine. Nmap Scripting Engine.

2
Makefile.in
View File

@@ -1,4 +1,4 @@
export NMAP_VERSION = 4.20ALPHA4 export NMAP_VERSION = 4.20ALPHA5
NMAP_NAME= Nmap NMAP_NAME= Nmap
NMAP_URL= http://www.insecure.org/nmap/ NMAP_URL= http://www.insecure.org/nmap/
NMAP_PLATFORM=@host@ NMAP_PLATFORM=@host@

6
configure vendored
View File

@@ -5842,9 +5842,9 @@ fi
fi; fi;
if test $linux = yes; then #if test $linux = yes; then
have_libpcap=no # have_libpcap=no
fi #fi
if test $needs_cpp_precomp = yes; then if test $needs_cpp_precomp = yes; then
CXXFLAGS="-no-cpp-precomp $CXXFLAGS" CXXFLAGS="-no-cpp-precomp $CXXFLAGS"

6
configure.ac
View File

@@ -356,9 +356,9 @@ AC_ARG_WITH(libpcap,
esac] esac]
) )
if test $linux = yes; then #if test $linux = yes; then
have_libpcap=no # have_libpcap=no
fi #fi
if test $needs_cpp_precomp = yes; then if test $needs_cpp_precomp = yes; then
CXXFLAGS="-no-cpp-precomp $CXXFLAGS" CXXFLAGS="-no-cpp-precomp $CXXFLAGS"

2
docs/nmap.1
View File

@@ -2,7 +2,7 @@
.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
.\" Instead of manually editing it, you probably should edit the DocBook XML .\" Instead of manually editing it, you probably should edit the DocBook XML
.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. .\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
.TH "NMAP" "1" "08/07/2006" "" "Nmap Reference Guide" .TH "NMAP" "1" "08/16/2006" "" "Nmap Reference Guide"
.\" disable hyphenation .\" disable hyphenation
.nh .nh
.\" disable justification (adjust text to left margin only) .\" disable justification (adjust text to left margin only)

5
docs/nmap.usage.txt
View File

@@ -1,4 +1,4 @@
Nmap 4.20ALPHA4 ( http://www.insecure.org/nmap/ ) Nmap 4.20ALPHA5 ( http://www.insecure.org/nmap/ )
Usage: nmap [Scan Type(s)] [Options] {target specification} Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION: TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc. Can pass hostnames, IP addresses, networks, etc.
@@ -18,6 +18,7 @@ HOST DISCOVERY:
--system-dns: Use OS's DNS resolver --system-dns: Use OS's DNS resolver
SCAN TECHNIQUES: SCAN TECHNIQUES:
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans -sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags <flags>: Customize TCP scan flags --scanflags <flags>: Customize TCP scan flags
-sI <zombie host[:probeport]>: Idlescan -sI <zombie host[:probeport]>: Idlescan
@@ -36,8 +37,8 @@ SERVICE/VERSION DETECTION:
--version-trace: Show detailed version scan activity (for debugging) --version-trace: Show detailed version scan activity (for debugging)
OS DETECTION: OS DETECTION:
-O: Enable OS detection (try 2nd generation, then 1st if that fails) -O: Enable OS detection (try 2nd generation, then 1st if that fails)
-O1: Only use the old (1st generation) OS detection system
-O2: Only use the new OS detection system (no fallback) -O2: Only use the new OS detection system (no fallback)
-O1: Only use the old (1st generation) OS detection system
--osscan-limit: Limit OS detection to promising targets --osscan-limit: Limit OS detection to promising targets
--osscan-guess: Guess OS more aggressively --osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE: TIMING AND PERFORMANCE:

1
libdnet-stripped/include/stamp-h1
View File

@@ -1 +0,0 @@
timestamp for include/config.h

2
libpcap/NMAP_MODIFICATIONS
View File

@@ -204,3 +204,5 @@ is in use. Here is that patch:
# Makefile.in includes rules to generate version.h, so we assume # Makefile.in includes rules to generate version.h, so we assume
# that it will be generated if autoconf is used. # that it will be generated if autoconf is used.
o Ran autoconf to regenerate configure (I ship those with the Nmap
tarball rather than generating them at build time).

2
nmap_dns.cc
View File

@@ -1185,7 +1185,7 @@ static void nmap_mass_rdns_core(Target **targets, int num_targets) {
log_write(LOG_STDOUT, "Performing system-dns for %d domain names that use CNAMEs\n", (int) cname_reqs.size()); log_write(LOG_STDOUT, "Performing system-dns for %d domain names that use CNAMEs\n", (int) cname_reqs.size());
if (cname_reqs.size()) { if (cname_reqs.size()) {
snprintf(spmobuf, sizeof(spmobuf), "System CNAME DNS resolution of %d host%s.", cname_reqs.size(), cname_reqs.size()-1 ? "s" : ""); snprintf(spmobuf, sizeof(spmobuf), "System CNAME DNS resolution of %u host%s.", (unsigned) cname_reqs.size(), cname_reqs.size()-1 ? "s" : "");
SPM = new ScanProgressMeter(spmobuf); SPM = new ScanProgressMeter(spmobuf);
for(i=0, reqI = cname_reqs.begin(); reqI != cname_reqs.end(); reqI++, i++) { for(i=0, reqI = cname_reqs.begin(); reqI != cname_reqs.end(); reqI++, i++) {

2
nmap_winconfig.h
View File

@@ -106,7 +106,7 @@
/* Without this, Windows will give us all sorts of crap about using functions /* Without this, Windows will give us all sorts of crap about using functions
like strcpy() even if they are done safely */ like strcpy() even if they are done safely */
#define _CRT_SECURE_NO_DEPRECATE 1 #define _CRT_SECURE_NO_DEPRECATE 1
#define NMAP_VERSION "4.20ALPHA4" #define NMAP_VERSION "4.20ALPHA5"
#define NMAP_NAME "Nmap" #define NMAP_NAME "Nmap"
#define NMAP_URL "http://www.insecure.org/nmap" #define NMAP_URL "http://www.insecure.org/nmap"
#define NMAP_PLATFORM "i686-pc-windows-windows" #define NMAP_PLATFORM "i686-pc-windows-windows"

66
scripts/Makefile
View File

@@ -58,7 +58,7 @@ distro:
# Make the RPM .spec file # Make the RPM .spec file
sed -e s/\@VERSION\@/$(NMAP_VERSION)/g ../nmap.spec.in > ../nmap-$(NMAP_VERSION)-1.spec sed -e s/\@VERSION\@/$(NMAP_VERSION)/g ../nmap.spec.in > ../nmap-$(NMAP_VERSION)-1.spec
# Canonicalize and sort Nmap OS fingerprint DB # Canonicalize and sort Nmap OS fingerprint DB
sort-prints.pl ../nmap-os-fingerprints > nos && mv nos ../nmap-os-fingerprints # sort-prints.pl ../nmap-os-fingerprints > nos && mv nos ../nmap-os-fingerprints
$(MAKE) -C .. clean $(MAKE) -C .. clean
cd .. && rm -f $(LIBPCAPDIR)/config.cache $(LIBPCAPDIR)/Makefile cd .. && rm -f $(LIBPCAPDIR)/config.cache $(LIBPCAPDIR)/Makefile
cd .. && unix2dos README-WIN32 cd .. && unix2dos README-WIN32
@@ -92,42 +92,42 @@ distro:
nsis/Nmap.nsi resource.h RPC/Rpc_cut.h winclude.h winfix.cc \ nsis/Nmap.nsi resource.h RPC/Rpc_cut.h winclude.h winfix.cc \
winfix.h Makefile /usr/tmp/nmap-$(NMAP_VERSION)/mswin32 winfix.h Makefile /usr/tmp/nmap-$(NMAP_VERSION)/mswin32
$(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR) $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR)
cd ../$(LIBPCAPDIR); cp -a --parents acconfig.h aclocal.m4 arcnet.h \ cd ../$(LIBPCAPDIR); cp -dp --parents acconfig.h aclocal.m4 arcnet.h \
atmuni31.h bpf/net/bpf.h bpf/net/bpf_filter.c \ atmuni31.h bpf_dump.c bpf_image.c CHANGES \
bpf_dump.c bpf_image.c CHANGES \ config.guess config.h.in config.sub configure configure.ac \
ChmodBPF/ChmodBPF ChmodBPF/StartupParameters.plist config.guess \ CREDITS etherent.c ethertype.h fad-getad.c fad-gifc.c \
config.h config.h.in config.sub \
configure configure.ac CREDITS doc/pcap.txt doc/pcap.xml \
doc/pcap.html etherent.c ethertype.h fad-getad.c fad-gifc.c \
fad-glifc.c fad-null.c fad-win32.c FILES gencode.c gencode.h \ fad-glifc.c fad-null.c fad-win32.c FILES gencode.c gencode.h \
grammar.c grammar.y inet.c install-sh INSTALL.txt lbl/os-sunos4.h \ grammar.c grammar.y inet.c install-sh INSTALL.txt LICENSE \
lbl/os-ultrix4.h lbl/os-aix4.h lbl/os-osf4.h lbl/os-hpux11.h \ llc.h Makefile.in mkdep nametoaddr.c net nlpid.h \
lbl/os-osf5.h lbl/os-solaris2.h LICENSE llc.h Makefile.in \ NMAP_MODIFICATIONS optimize.c pcap1.h pcap.3 pcap-bpf.c \
missing/snprintf.c mkdep msdos/makefile.wc msdos/bin2c.c \ pcap-bpf.h pcap.c pcap-dag.c pcap-dag.h pcap-dlpi.c pcap-dos.c \
msdos/pkt_rx0.asm msdos/pktdrvr.h msdos/ndis2.h msdos/ndis2.c \ pcap-dos.h pcap-enet.c pcap.h pcap-int.h pcap-linux.c \
msdos/pkt_rx1.s msdos/common.dj msdos/makefile msdos/pktdrvr.c \ pcap-namedb.h pcap-nit.c pcap-nit.h pcap-null.c pcap-pf.c \
msdos/readme.dos msdos/ndis_0.asm msdos/makefile.dj nametoaddr.c \ pcap-pf.h pcap-septel.c pcap-septel.h pcap-snit.c pcap-snoop.c \
nlpid.h NMAP_MODIFICATIONS optimize.c packaging/pcap.spec.in \
pcap1.h pcap.3 pcap-bpf.c pcap-bpf.h pcap.c \
pcap-dag.c pcap-dag.h pcap-dlpi.c pcap-dos.c pcap-dos.h \
pcap-enet.c pcap.h pcap-int.h pcap-linux.c pcap-namedb.h \
pcap-nit.c pcap-nit.h pcap-null.c pcap-pf.c pcap-pf.h \
pcap-septel.c pcap-septel.h pcap-snit.c pcap-snoop.c \
pcap-stdinc.h pcap-win32.c pf.h ppp.h README README.aix \ pcap-stdinc.h pcap-win32.c pf.h ppp.h README README.aix \
README.dag README.hpux README.linux README.macosx README.septel \ README.dag README.hpux README.linux README.macosx README.septel \
README.tru64 README.Win32 savefile.c scanner.c scanner.l sll.h \ README.tru64 README.Win32 savefile.c scanner.c scanner.l sll.h \
sunatmpos.h SUNOS4/nit_if.o.sun4c.4.0.3c SUNOS4/nit_if.o.sun3 \ sunatmpos.h TODO tokdefs.h VERSION version.h \
SUNOS4/nit_if.o.sparc TODO tokdefs.h VERSION version.h \ ChmodBPF/ChmodBPF ChmodBPF/StartupParameters.plist \
Win32/Include/addrinfo.h Win32/Include/Gnuc.h \ doc/pcap.html doc/pcap.txt doc/pcap.xml lbl/os-aix4.h \
Win32/Include/arpa/nameser.h Win32/Include/cdecl_ext.h \ lbl/os-hpux11.h lbl/os-osf4.h lbl/os-osf5.h lbl/os-solaris2.h \
Win32/Include/ip6_misc.h Win32/Include/bittypes.h \ lbl/os-sunos4.h lbl/os-ultrix4.h missing/snprintf.c \
Win32/Include/net/if.h Win32/Include/net/paths.h \ msdos/bin2c.c msdos/common.dj msdos/makefile msdos/makefile.dj \
Win32/Include/net/netdb.h Win32/Include/sockstorage.h \ msdos/makefile.wc msdos/ndis_0.asm msdos/ndis2.c msdos/ndis2.h \
Win32/Include/inetprivate.h Win32/Src/getservent.c \ msdos/pktdrvr.c msdos/pktdrvr.h msdos/pkt_rx0.asm msdos/pkt_rx1.s \
Win32/Src/getaddrinfo.c Win32/Src/ffs.c Win32/Src/getnetbynm.c \ msdos/readme.dos SUNOS4/nit_if.o.sparc \
Win32/Src/inet_net.c Win32/Src/getnetent.c Win32/Src/getopt.c \ SUNOS4/nit_if.o.sun3 SUNOS4/nit_if.o.sun4c.4.0.3c \
Win32/Src/inet_aton.c Win32/Src/inet_pton.c Win32/Prj/libpcap.dsw \ bpf/net/bpf_filter.c Win32/Include/addrinfo.h \
Win32/Prj/libpcap.dsp \ Win32/Include/bittypes.h Win32/Include/cdecl_ext.h \
Win32/Include/Gnuc.h Win32/Include/inetprivate.h \
Win32/Include/ip6_misc.h \
Win32/Include/sockstorage.h Win32/Prj/libpcap.dsp \
Win32/Prj/libpcap.dsw Win32/Src/ffs.c Win32/Src/getaddrinfo.c \
Win32/Src/getnetbynm.c Win32/Src/getnetent.c Win32/Src/getopt.c \
Win32/Src/getservent.c Win32/Src/inet_aton.c Win32/Src/inet_net.c \
Win32/Src/inet_pton.c Win32/Include/arpa/nameser.h \
Win32/Include/net/if.h Win32/Include/net/netdb.h \
Win32/Include/net/paths.h \
/usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR) /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR)
$(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/docs $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/docs
cd ../docs; cp -a README nmap_gpgkeys.txt \ cd ../docs; cp -a README nmap_gpgkeys.txt \

68
tcpip.cc
View File

@@ -1557,11 +1557,13 @@ unsigned int offset = 0;
struct pcap_pkthdr head; struct pcap_pkthdr head;
char *p; char *p;
int datalink; int datalink;
int pcap_descriptor=-1; // -1 means we CANNOT select()
int timedout = 0; int timedout = 0;
struct timeval tv_start, tv_end; struct timeval tv_start, tv_end;
static char *alignedbuf = NULL; static char *alignedbuf = NULL;
static unsigned int alignedbufsz=0; static unsigned int alignedbufsz=0;
static int warning = 0; static int warning = 0;
if (linknfo) { memset(linknfo, 0, sizeof(*linknfo)); } if (linknfo) { memset(linknfo, 0, sizeof(*linknfo)); }
if (!pd) fatal("NULL packet device passed to readip_pcap"); if (!pd) fatal("NULL packet device passed to readip_pcap");
@@ -1647,6 +1649,14 @@ if (!pd) fatal("NULL packet device passed to readip_pcap");
if (to_usec > 0) { if (to_usec > 0) {
gettimeofday(&tv_start, NULL); gettimeofday(&tv_start, NULL);
} }
// Add other systems here if they don't support select()able pcap descriptors
#ifdef WIN32
pcap_descriptor = -1;
#else
pcap_descriptor = pcap_get_selectable_fd(pd);
#endif
do { do {
#ifdef WIN32 #ifdef WIN32
gettimeofday(&tv_end, NULL); gettimeofday(&tv_end, NULL);
@@ -1655,7 +1665,32 @@ if (!pd) fatal("NULL packet device passed to readip_pcap");
PacketSetReadTimeout(pd->adapter, to_left); PacketSetReadTimeout(pd->adapter, to_left);
#endif #endif
p = NULL;
if (pcap_descriptor != -1) {
fd_set rfds;
struct timeval sel_tv;
int rv=0;
FD_ZERO(&rfds);
FD_SET(pcap_descriptor, &rfds);
sel_tv.tv_sec = to_usec/1000000;
sel_tv.tv_usec = to_usec%1000000;
rv = select(pcap_descriptor+1, &rfds, NULL, NULL, to_usec ? &sel_tv : NULL);
if (rv == -1) {
fatal("Your system does not support select()ing on pcap devices (%s). PLEASE REPORT THIS ALONG WITH DETAILED SYSTEM INFORMATION TO THE nmap-dev MAILING LIST!", strerror(errno));
} else if (rv == 0) {
timedout = 1;
} else {
p = (char *) pcap_next(pd, &head); p = (char *) pcap_next(pd, &head);
}
} else {
// THIS CALL CAN BLOCK INAPPROPRIATLEY! (ie, will block until it sees another
// packet - to_usec notwithstanding) Use the select() code if possible.
p = (char *) pcap_next(pd, &head);
}
if (p) { if (p) {
if (head.caplen <= offset) { if (head.caplen <= offset) {
@@ -1805,6 +1840,7 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP,
int timedout = 0; int timedout = 0;
int badcounter = 0; int badcounter = 0;
struct timeval tv_start, tv_end; struct timeval tv_start, tv_end;
int pcap_descriptor = -1;
if (!pd) fatal("NULL packet device passed to readarp_reply_pcap"); if (!pd) fatal("NULL packet device passed to readarp_reply_pcap");
@@ -1839,7 +1875,39 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP,
} }
#endif #endif
// Add other systems here if they don't support select()able pcap descriptors
#ifdef WIN32
pcap_descriptor = -1;
#else
pcap_descriptor = pcap_get_selectable_fd(pd);
#endif
p = NULL;
if (pcap_descriptor != -1) {
fd_set rfds;
struct timeval sel_tv;
int rv=0;
FD_ZERO(&rfds);
FD_SET(pcap_descriptor, &rfds);
sel_tv.tv_sec = to_usec/1000000;
sel_tv.tv_usec = to_usec%1000000;
rv = select(pcap_descriptor+1, &rfds, NULL, NULL, to_usec ? &sel_tv : NULL);
if (rv == -1) {
fatal("Your system does not support select()ing on pcap devices (%s). PLEASE REPORT THIS ALONG WITH DETAILED SYSTEM INFORMATION TO THE nmap-dev MAILING LIST!", strerror(errno));
} else if (rv == 0) {
timedout = 1;
} else {
p = (u8 *) pcap_next(pd, &head); p = (u8 *) pcap_next(pd, &head);
}
} else {
// THIS CALL CAN BLOCK INAPPROPRIATLEY! (ie, will block until it sees another
// packet - to_usec notwithstanding) Use the select() code if possible.
p = (u8 *) pcap_next(pd, &head);
}
if (p && head.caplen >= 42) { /* >= because Ethernet padding makes 60 */ if (p && head.caplen >= 42) { /* >= because Ethernet padding makes 60 */
/* frame type 0x0806 (arp), hw type eth (0x0001), prot ip (0x0800), /* frame type 0x0806 (arp), hw type eth (0x0001), prot ip (0x0800),