PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Replace all tab characters at the beginnings of lines with 8 spaces.

Browse Source 
Mixed indentation annoyed my vim.
This commit is contained in:
d33tah
2014-01-05 19:14:26 +00:00
parent 3570ca78d8
commit 4816358475
40 changed files with 1055 additions and 1055 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
FingerPrintResults.h
View File

@@ -150,13 +150,13 @@ class FingerPrintResults {
virtual ~FingerPrintResults();
double accuracy[MAX_FP_RESULTS]; /* Percentage of match (1.0 == perfect
match) in same order as matches[] below */
match) in same order as matches[] below */
FingerMatch *matches[MAX_FP_RESULTS]; /* ptrs to matching references --
highest accuracy matches first */
highest accuracy matches first */
int num_perfect_matches; /* Number of 1.0 accuracy matches in matches[] */
int num_matches; /* Total number of matches in matches[] */
int overall_results; /* OSSCAN_TOOMANYMATCHES, OSSCAN_NOMATCHES,
OSSCAN_SUCCESS, etc */
OSSCAN_SUCCESS, etc */
/* Ensures that the results are available and then returns them.
You should only call this AFTER all matching has been completed
@@ -167,11 +167,11 @@ class FingerPrintResults {
const struct OS_Classification_Results *getOSClassification();
int osscan_opentcpport; /* Open TCP port used for scannig (if one found --
otherwise -1) */
otherwise -1) */
int osscan_closedtcpport; /* Closed TCP port used for scannig (if one found --
otherwise -1) */
otherwise -1) */
int osscan_closedudpport; /* Closed UDP port used for scannig (if one found --
otherwise -1) */
otherwise -1) */
int distance; /* How "far" is this FP gotten from? */
int distance_guess; /* How "far" is this FP gotten from? by guessing based on ttl. */

2
MACLookup.cc
View File

@@ -192,7 +192,7 @@ static void mac_prefix_init() {
MacTable[pfx] = cp_strdup(vendor);
} else {
if (o.debugging > 1)
error("MAC prefix %06X is duplicated in %s; ignoring duplicates.", pfx, filename);
error("MAC prefix %06X is duplicated in %s; ignoring duplicates.", pfx, filename);
}
}

28
NmapOps.cc
View File

@@ -412,10 +412,10 @@ bool NmapOps::RawScan() {
void NmapOps::ValidateOptions() {
const char *privreq = "root privileges.";
const char *privreq = "root privileges.";
#ifdef WIN32
if (!have_pcap)
privreq = "WinPcap version 3.1 or higher and\n\
if (!have_pcap)
privreq = "WinPcap version 3.1 or higher and\n\
iphlpapi.dll. You seem to be missing one or both of these. Winpcap is\n\
available from http://www.winpcap.org. iphlpapi.dll comes with Win98 and\n\
later operating sytems and NT 4.0 with SP4 or greater. For previous windows\n\
@@ -674,17 +674,17 @@ void NmapOps::setSpoofMACAddress(u8 *mac_data) {
#ifndef NOLUA
void NmapOps::chooseScripts(char* argument) {
char *p;
char *p;
for (;;) {
p = strchr(argument, ',');
if (p == NULL) {
chosenScripts.push_back(std::string(argument));
break;
} else {
chosenScripts.push_back(std::string(argument, p - argument));
argument = p + 1;
}
}
for (;;) {
p = strchr(argument, ',');
if (p == NULL) {
chosenScripts.push_back(std::string(argument));
break;
} else {
chosenScripts.push_back(std::string(argument, p - argument));
argument = p + 1;
}
}
}
#endif

18
NmapOps.h
View File

@@ -169,8 +169,8 @@ class NmapOps {
void ValidateOptions(); /* Checks that the options given are
reasonable and consistant. If they aren't, the
function may bail out of Nmap or make small
adjustments (quietly or with a warning to the
user). */
adjustments (quietly or with a warning to the
user). */
int isr00t;
/* Whether we have pcap functions (can be false on Windows). */
bool have_pcap;
@@ -289,19 +289,19 @@ class NmapOps {
bool open_only;
int scanflags; /* if not -1, this value should dictate the TCP flags
for the core portscaning routine (eg to change a
FIN scan into a PSH scan. Sort of a hack, but can
be very useful sometimes. */
for the core portscaning routine (eg to change a
FIN scan into a PSH scan. Sort of a hack, but can
be very useful sometimes. */
int defeat_rst_ratelimit; /* Solaris 9 rate-limits RSTs so scanning is very
slow against it. If we don't distinguish between closed and filtered ports,
we can get the list of open ports very fast */
struct in_addr resume_ip; /* The last IP in the log file if user
requested --restore . Otherwise
restore_ip.s_addr == 0. Also
target_struct_get will eventually set it
to 0. */
requested --restore . Otherwise
restore_ip.s_addr == 0. Also
target_struct_get will eventually set it
to 0. */
// Version Detection Options
int override_excludeports;

56
NmapOutputTable.cc
View File

@@ -153,8 +153,8 @@ NmapOutputTable::~NmapOutputTable() {
for(col = 0; col < numColumns; col++) {
cell = getCellAddy(row, col);
if (cell->weAllocated) {
assert(cell->str);
free(cell->str);
assert(cell->str);
free(cell->str);
}
}
}
@@ -166,7 +166,7 @@ NmapOutputTable::~NmapOutputTable() {
}
void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool fullrow,
bool copy, const char *item, int itemlen) {
bool copy, const char *item, int itemlen) {
struct NmapOutputTableCell *cell;
int mc = maxColLen[column];
@@ -181,7 +181,7 @@ void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool fullro
}
void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool copy, const char *item,
int itemlen) {
int itemlen) {
struct NmapOutputTableCell *cell;
assert(row < numRows);
@@ -215,9 +215,9 @@ void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool copy,
}
void NmapOutputTable::addItemFormatted(unsigned int row,
unsigned int column,
bool fullrow,
const char *fmt, ...) {
unsigned int column,
bool fullrow,
const char *fmt, ...) {
struct NmapOutputTableCell *cell;
int mc = maxColLen[column];
unsigned int res;
@@ -241,20 +241,20 @@ void NmapOutputTable::addItemFormatted(unsigned int row,
/* True if every column in nrow is empty */
bool NmapOutputTable::emptyRow(unsigned int nrow) {
NmapOutputTableCell *cell;
unsigned int col;
bool isEmpty = true;
assert(nrow < numRows);
NmapOutputTableCell *cell;
unsigned int col;
bool isEmpty = true;
assert(nrow < numRows);
for(col = 0 ; col < numColumns; col++) {
cell = getCellAddy(nrow, col);
if(cell->strlength > 0) {
isEmpty = false;
break;
}
}
return isEmpty;
for(col = 0 ; col < numColumns; col++) {
cell = getCellAddy(nrow, col);
if(cell->strlength > 0) {
isEmpty = false;
break;
}
}
return isEmpty;
}
// This function sticks the entire table into a character buffer.
@@ -280,14 +280,14 @@ char *NmapOutputTable::printableTable(int *size) {
validthisrow = 0;
if(emptyRow(row))
continue;
continue;
cell = getCellAddy(row, 0);
if(cell->fullrow && cell->strlength > 0) {
/* Full rows are easy, just make sure we have the space + \n\0 */
if (cell->strlength + p + 2 > tableoutsz) {
tableoutsz = (cell->strlength + p + 2) * 2;
tableout = (char *) safe_realloc(tableout, tableoutsz);
tableoutsz = (cell->strlength + p + 2) * 2;
tableout = (char *) safe_realloc(tableout, tableoutsz);
}
memcpy(tableout + p, cell->str, cell->strlength);
p += cell->strlength;
@@ -295,11 +295,11 @@ char *NmapOutputTable::printableTable(int *size) {
for(col = 0; col < numColumns; col++) {
cell = getCellAddy(row, col);
clen = maxColLen[col];
/* Cells get padded with an extra space + \n\0 */
if (clen + p + 3 > tableoutsz) {
tableoutsz = (cell->strlength + p + 2) * 2;
tableout = (char *) safe_realloc(tableout, tableoutsz);
}
/* Cells get padded with an extra space + \n\0 */
if (clen + p + 3 > tableoutsz) {
tableoutsz = (cell->strlength + p + 2) * 2;
tableout = (char *) safe_realloc(tableout, tableoutsz);
}
if (cell->strlength > 0) {
memcpy(tableout + p, cell->str, cell->strlength);
p += cell->strlength;

2
NmapOutputTable.h
View File

@@ -161,7 +161,7 @@ class NmapOutputTable {
// Like addItem except this version takes a printf-style format string followed by varargs
void addItemFormatted(unsigned int row, unsigned int column, bool fullrow, const char *fmt, ...)
__attribute__ ((format (printf, 5, 6))); // Offset by 1 to account for implicit "this" parameter.
__attribute__ ((format (printf, 5, 6))); // Offset by 1 to account for implicit "this" parameter.
// This function sticks the entire table into a character buffer.
// Note that the buffer is likely to be reused if you call the

22
Target.cc
View File

@@ -179,11 +179,11 @@ void Target::Initialize() {
const char * Target::deviceName() const {
return (devname[0] != '\0')? devname : NULL;
return (devname[0] != '\0')? devname : NULL;
}
const char * Target::deviceFullName() const {
return (devfullname[0] != '\0')? devfullname : NULL;
return (devfullname[0] != '\0')? devfullname : NULL;
}
void Target::Recycle() {
@@ -232,7 +232,7 @@ void Target::GenerateTargetIPString() {
#else
(char *) NULL,
#endif
targetipstring, sizeof(targetipstring)) == NULL) {
targetipstring, sizeof(targetipstring)) == NULL) {
fatal("Failed to convert target address to presentation format!?! Error: %s", strerror(socket_errno()));
}
}
@@ -252,7 +252,7 @@ void Target::GenerateSourceIPString() {
#else
(char *) NULL,
#endif
sourceipstring, sizeof(sourceipstring)) == NULL) {
sourceipstring, sizeof(sourceipstring)) == NULL) {
fatal("Failed to convert source address to presentation format!?! Error: %s", strerror(socket_errno()));
}
}
@@ -392,8 +392,8 @@ void Target::setHostName(const char *name) {
// I think only a-z A-Z 0-9 . and - are allowed, but I'll be a little more
// generous.
if (!isalnum((int) (unsigned char) *p) && !strchr(".-+=:_~*", *p)) {
log_write(LOG_STDOUT, "Illegal character(s) in hostname -- replacing with '*'\n");
*p = '*';
log_write(LOG_STDOUT, "Illegal character(s) in hostname -- replacing with '*'\n");
*p = '*';
}
p++;
}
@@ -566,14 +566,14 @@ const u8 *Target::NextHopMACAddress() const {
}
int Target::osscanPerformed(void) {
return osscan_flag;
return osscan_flag;
}
void Target::osscanSetFlag(int flag) {
if(osscan_flag == OS_PERF_UNREL)
return;
else
osscan_flag = flag;
if(osscan_flag == OS_PERF_UNREL)
return;
else
osscan_flag = flag;
}

12
Target.h
View File

@@ -149,17 +149,17 @@
#endif
enum osscan_flags {
OS_NOTPERF=0, OS_PERF, OS_PERF_UNREL
OS_NOTPERF=0, OS_PERF, OS_PERF_UNREL
};
/* The method used to calculate the Target::distance, included in OS
fingerprints. */
enum dist_calc_method {
DIST_METHOD_NONE,
DIST_METHOD_LOCALHOST,
DIST_METHOD_DIRECT,
DIST_METHOD_ICMP,
DIST_METHOD_TRACEROUTE
DIST_METHOD_NONE,
DIST_METHOD_LOCALHOST,
DIST_METHOD_DIRECT,
DIST_METHOD_ICMP,
DIST_METHOD_TRACEROUTE
};
struct host_timeout_nfo {

66
global_structures.h
View File

@@ -167,15 +167,15 @@ struct udpprobeinfo {
struct scanstats {
int packet_incr;
int initial_packet_width; /* Number of queries in parallel we should
start with */
start with */
double fallback_percent;
int numqueries_outstanding; /* How many unexpired queries are on the 'net
right now? */
right now? */
double numqueries_ideal; /* How many do we WANT to be on the 'net right now? */
int max_width; /* What is the MOST we will tolerate at once. Can be
modified via --max_parallelism */
modified via --max_parallelism */
int min_width; /* We must always allow at least this many at once. Can
be modified via --min_parallelism*/
be modified via --min_parallelism*/
int ports_left;
int changed; /* Has anything changed since last round? */
int alreadydecreasedqueries;
@@ -240,7 +240,7 @@ struct FingerPrintDB {
struct ultra_timing_vals {
double cwnd; /* Congestion window - in probes */
int ssthresh; /* The threshold above which mode is changed from slow start
to congestion avoidance */
to congestion avoidance */
/* The number of replies we would expect if every probe produced a reply. This
is almost like the total number of probes sent but it is not incremented
until a reply is received or a probe times out. This and
@@ -269,20 +269,20 @@ struct scan_performance_vars {
int host_initial_cwnd; /* Initial congestion window for ind. hosts */
int group_initial_cwnd; /* Initial congestion window for all hosts as a group */
int max_cwnd; /* I should never have more than this many probes
outstanding */
outstanding */
int slow_incr; /* How many probes are incremented for each response
in slow start mode */
in slow start mode */
int ca_incr; /* How many probes are incremented per (roughly) rtt in
congestion avoidance mode */
congestion avoidance mode */
int cc_scale_max; /* The maximum scaling factor for congestion window
increments. */
increments. */
int initial_ssthresh;
double group_drop_cwnd_divisor; /* all-host group cwnd divided by this
value if any packet drop occurs */
value if any packet drop occurs */
double group_drop_ssthresh_divisor; /* used to drop the group ssthresh when
any drop occurs */
any drop occurs */
double host_drop_ssthresh_divisor; /* used to drop the host ssthresh when
any drop occurs */
any drop occurs */
/* Do initialization after the global NmapOps table has been filled in. */
void init();
@@ -316,27 +316,27 @@ struct ipid_info {
* Each element is to point to an array of port/protocol numbers
*/
struct scan_lists {
/* The "synprobes" are also used when doing a connect() ping */
unsigned short *syn_ping_ports;
unsigned short *ack_ping_ports;
unsigned short *udp_ping_ports;
unsigned short *sctp_ping_ports;
unsigned short *proto_ping_ports;
int syn_ping_count;
int ack_ping_count;
int udp_ping_count;
int sctp_ping_count;
int proto_ping_count;
//the above fields are only used for host discovery
//the fields below are only used for port scanning
unsigned short *tcp_ports;
int tcp_count;
unsigned short *udp_ports;
int udp_count;
unsigned short *sctp_ports;
int sctp_count;
unsigned short *prots;
int prot_count;
/* The "synprobes" are also used when doing a connect() ping */
unsigned short *syn_ping_ports;
unsigned short *ack_ping_ports;
unsigned short *udp_ping_ports;
unsigned short *sctp_ping_ports;
unsigned short *proto_ping_ports;
int syn_ping_count;
int ack_ping_count;
int udp_ping_count;
int sctp_ping_count;
int proto_ping_count;
//the above fields are only used for host discovery
//the fields below are only used for port scanning
unsigned short *tcp_ports;
int tcp_count;
unsigned short *udp_ports;
int udp_count;
unsigned short *sctp_ports;
int sctp_count;
unsigned short *prots;
int prot_count;
};
typedef enum { STYPE_UNKNOWN, HOST_DISCOVERY, ACK_SCAN, SYN_SCAN, FIN_SCAN, XMAS_SCAN, UDP_SCAN, CONNECT_SCAN, NULL_SCAN, WINDOW_SCAN, SCTP_INIT_SCAN, SCTP_COOKIE_ECHO_SCAN, MAIMON_SCAN, IPPROT_SCAN, PING_SCAN, PING_SCAN_ARP, IDLE_SCAN, BOUNCE_SCAN, SERVICE_SCAN, OS_SCAN, SCRIPT_PRE_SCAN, SCRIPT_SCAN, SCRIPT_POST_SCAN, TRACEROUTE, PING_SCAN_ND }stype;

48
idle_scan.cc
View File

@@ -129,27 +129,27 @@
/* $Id$ */
/* IPv6 fragment ID sequence algorithms. http://seclists.org/nmap-dev/2013/q3/369.
Android 4.1 (Linux 3.0.15) | Per host, incremental (1)
FreeBSD 7.4 | Random
FreeBSD 9.1 | Random
iOS 6.1.2 | Random
Linux 2.6.32 | Per host, incremental (2)
Linux 3.2 | Per host, incremental (1)
Linux 3.8 | Per host, incremental
OpenBSD 4.6 | Random
OpenBSD 5.2 | Random
OS X 10.6.7 | Global, incremental (3)
OS X 10.8.3 | Random
Solaris 11 | Per host, incremental
Windows Server 2003 R2 Standard 64bit, SP2 | Global, incremental
Windows Server 2008 Standard 32bit, SP1 | Global, incremental
Windows Server 2008 R2 Standard 64bit, SP1 | Global, incremental by 2
Windows Server 2012 Standard 64bit | Global, incremental by 2
Windows XP Professional 32bit, SP3 | Global, incremental (4)
Windows Vista Business 64bit, SP1 | Global, incremental
Windows 7 Home Premium 32bit, SP1 | Global, incremental by 2
Windows 7 Ultimate 32bit, SP1 | Global, incremental by 2
Windows 8 Enterprise 32 bit | Global, incremental by 2
Android 4.1 (Linux 3.0.15) | Per host, incremental (1)
FreeBSD 7.4 | Random
FreeBSD 9.1 | Random
iOS 6.1.2 | Random
Linux 2.6.32 | Per host, incremental (2)
Linux 3.2 | Per host, incremental (1)
Linux 3.8 | Per host, incremental
OpenBSD 4.6 | Random
OpenBSD 5.2 | Random
OS X 10.6.7 | Global, incremental (3)
OS X 10.8.3 | Random
Solaris 11 | Per host, incremental
Windows Server 2003 R2 Standard 64bit, SP2 | Global, incremental
Windows Server 2008 Standard 32bit, SP1 | Global, incremental
Windows Server 2008 R2 Standard 64bit, SP1 | Global, incremental by 2
Windows Server 2012 Standard 64bit | Global, incremental by 2
Windows XP Professional 32bit, SP3 | Global, incremental (4)
Windows Vista Business 64bit, SP1 | Global, incremental
Windows 7 Home Premium 32bit, SP1 | Global, incremental by 2
Windows 7 Ultimate 32bit, SP1 | Global, incremental by 2
Windows 8 Enterprise 32 bit | Global, incremental by 2
*/
#include "idle_scan.h"
@@ -175,7 +175,7 @@ struct idle_proxy_info {
u16 probe_port; /* The port we use for probing IP ID infoz */
u16 max_groupsz; /* We won't test groups larger than this ... */
u16 min_groupsz; /* We won't allow the group size to fall below this
level. Affected by --min-parallelism */
level. Affected by --min-parallelism */
double current_groupsz; /* Current group size being used ... depends on
conditions ... won't be higher than
max_groupsz */
@@ -1030,7 +1030,7 @@ static int idlescan_countopen2(struct idle_proxy_info *proxy,
int openports;
int tries;
int proxyprobes_sent = 0; /* diff. from tries 'cause sometimes we
skip tries */
skip tries */
int proxyprobes_rcvd = 0; /* To determine if packets were dr0pped */
int sent, rcvd;
int ipid_dist;
@@ -1224,7 +1224,7 @@ static int idlescan_countopen(struct idle_proxy_info *proxy,
sleep(tries * tries);
if (tries == 5)
sleep(45); /* We're gonna give up if this fails, so we will be a bit
patient */
patient */
/* Since the host may have received packets while we were sleeping,
lets update our proxy IP ID counter */
proxy->latestid = ipid_proxy_probe(proxy, NULL, NULL);

12
main.cc
View File

@@ -180,12 +180,12 @@ int main(int argc, char *argv[]) {
set_program_name(argv[0]);
#ifdef __amigaos__
if(!OpenLibs()) {
error("Couldn't open TCP/IP Stack Library(s)!");
exit(20);
}
MiamiBPFInit((struct Library *)MiamiBase, (struct Library *)SocketBase);
MiamiPCapInit((struct Library *)MiamiBase, (struct Library *)SocketBase);
if(!OpenLibs()) {
error("Couldn't open TCP/IP Stack Library(s)!");
exit(20);
}
MiamiBPFInit((struct Library *)MiamiBase, (struct Library *)SocketBase);
MiamiPCapInit((struct Library *)MiamiBase, (struct Library *)SocketBase);
#endif
#ifdef MTRACE

28
nmap.cc
View File

@@ -928,8 +928,8 @@ void parse_options(int argc, char **argv) {
} else if (optcmp(long_options[option_index].name, "disable-arp-ping") == 0) {
o.implicitARPPing = false;
} else if (optcmp(long_options[option_index].name, "route-dst") == 0) {
/* The --route-dst debugging option: push these on a list to be
resolved later after options like -6 and -S have been parsed. */
/* The --route-dst debugging option: push these on a list to be
resolved later after options like -6 and -S have been parsed. */
route_dst_hosts.push_back(optarg);
} else {
fatal("Unknown long option (%s) given@#!$#$", long_options[option_index].name);
@@ -963,7 +963,7 @@ void parse_options(int argc, char **argv) {
do {
q = strchr(p, ',');
if (q)
*q = '\0';
*q = '\0';
if (!strcasecmp(p, "me")) {
if (o.decoyturn != -1)
fatal("Can only use 'ME' as a decoy once.\n");
@@ -1035,7 +1035,7 @@ void parse_options(int argc, char **argv) {
o.magic_port = atoi(optarg);
o.magic_port_set = true;
if (o.magic_port == 0)
error("WARNING: a source port of zero may not work on all systems.");
error("WARNING: a source port of zero may not work on all systems.");
break;
case 'h':
printusage(0);
@@ -1471,10 +1471,10 @@ void apply_delayed_options() {
const char *p = delayed_options.spoofmac;
while (*p) {
if (*p == ':')
p++;
p++;
if (isxdigit((int) (unsigned char) *p) && isxdigit((int) (unsigned char) * (p + 1))) {
if (pos >= 6)
fatal("Bogus --spoof-mac value encountered (%s) -- only up to 6 bytes permitted", delayed_options.spoofmac);
fatal("Bogus --spoof-mac value encountered (%s) -- only up to 6 bytes permitted", delayed_options.spoofmac);
tmphex[0] = *p;
tmphex[1] = *(p + 1);
tmphex[2] = '\0';
@@ -1632,9 +1632,9 @@ int nmap_main(int argc, char *argv[]) {
printf("%s %s", rnfo.ii.devname, rnfo.ii.devfullname);
printf(" srcaddr %s", inet_ntop_ez(&rnfo.srcaddr, sizeof(rnfo.srcaddr)));
if (rnfo.direct_connect)
printf(" direct");
printf(" direct");
else
printf(" nexthop %s", inet_ntop_ez(&rnfo.nexthop, sizeof(rnfo.nexthop)));
printf(" nexthop %s", inet_ntop_ez(&rnfo.nexthop, sizeof(rnfo.nexthop)));
}
printf("\n");
}
@@ -1962,9 +1962,9 @@ int nmap_main(int argc, char *argv[]) {
o.current_scantype = BOUNCE_SCAN;
keyWasPressed(); // Check if a status message should be printed
if (ftp.sd <= 0)
ftp_anon_connect(&ftp);
ftp_anon_connect(&ftp);
if (ftp.sd > 0)
bounce_scan(Targets[targetno], ports.tcp_ports, ports.tcp_count, &ftp);
bounce_scan(Targets[targetno], ports.tcp_ports, ports.tcp_count, &ftp);
}
}
@@ -2224,7 +2224,7 @@ int gather_logfile_resumption_state(char *fname, int *myargc, char ***myargv) {
if (found) {
q = strchr(found, '\n');
if (!q)
fatal("Unable to parse supposed log file %s. Sorry", fname);
fatal("Unable to parse supposed log file %s. Sorry", fname);
*q = '\0';
p = strchr(found, '(');
if (!p) { /* No DNS reverse lookup, found should already contain IP */
@@ -2482,7 +2482,7 @@ static void getpts_aux(const char *origexpr, int nested, u8 *porttbl, int range_
// Skip over a following ',' so we're ready to keep parsing
if (*current_range == ',')
current_range++;
current_range++;
continue;
} else if (*current_range == ']') {
@@ -2520,7 +2520,7 @@ static void getpts_aux(const char *origexpr, int nested, u8 *porttbl, int range_
i = addportsfromservmask(servmask, porttbl, range_type);
if (range_type & SCAN_PROTOCOLS)
i += addprotocolsfromservmask(servmask, porttbl);
i += addprotocolsfromservmask(servmask, porttbl);
if (i == 0)
fatal("Found no matches for the service mask '%s' and your specified protocols", servmask);
@@ -2601,7 +2601,7 @@ static void getpts_aux(const char *origexpr, int nested, u8 *porttbl, int range_
if (*current_range == ']') {
if (!nested)
fatal("Unexpected ] character in port/protocol specification");
fatal("Unexpected ] character in port/protocol specification");
return;
}

6
nmap.h
View File

@@ -279,8 +279,8 @@ void *realloc();
#define MAX_SOCKETS 36
#define MAX_TIMEOUTS MAX_SOCKETS /* How many timed out connection attempts
in a row before we decide the host is
dead? */
in a row before we decide the host is
dead? */
#define _STR(X) #X
#define STR(X) _STR(X)
#define DEFAULT_TCP_PROBE_PORT 80 /* The ports TCP ping probes go to if
@@ -328,7 +328,7 @@ void *realloc();
#ifndef MAX_RTT_TIMEOUT
#define MAX_RTT_TIMEOUT 10000 /* Never allow more than 10 secs for packet round
trip */
trip */
#endif
#define INITIAL_RTT_TIMEOUT 1000 /* Allow 1 second initially for packet responses */

28
nmap_dns.cc
View File

@@ -404,7 +404,7 @@ static void do_possible_writes() {
if (tpreq) {
if (o.debugging >= TRACE_DEBUG_LEVEL)
log_write(LOG_STDOUT, "mass_rdns: TRANSMITTING for <%s> (server <%s>)\n", tpreq->targ->targetipstr() , servI->hostname.c_str());
log_write(LOG_STDOUT, "mass_rdns: TRANSMITTING for <%s> (server <%s>)\n", tpreq->targ->targetipstr() , servI->hostname.c_str());
stat_trans++;
put_dns_packet_on_wire(tpreq);
}
@@ -666,7 +666,7 @@ static int encoded_name_to_normal(const unsigned char *buf, char *output, int ou
// Takes a pointer to the start of a DNS name inside a packet. It makes
// sure that there is enough space in the name, deals with compression, etc.
static int advance_past_dns_name(u8 *buf, int buflen, int curbuf,
int *nameloc) {
int *nameloc) {
int compression=0;
if (curbuf <= 0 || curbuf >= buflen) return -1;
@@ -1353,19 +1353,19 @@ void nmap_mass_rdns(Target **targets, int num_targets) {
if (stat_actual > 0) {
if (o.debugging || o.verbose >= 3) {
if (o.mass_dns && o.af() == AF_INET) {
// #: Number of DNS servers used
// OK: Number of fully reverse resolved queries
// NX: Number of confirmations of 'No such reverse domain eXists'
// DR: Dropped IPs (no valid responses were received)
// SF: Number of IPs that got 'Server Failure's
// TR: Total number of transmissions necessary. The number of domains is ideal, higher is worse
log_write(LOG_STDOUT, "DNS resolution of %d IPs took %.2fs. Mode: Async [#: %lu, OK: %d, NX: %d, DR: %d, SF: %d, TR: %d, CN: %d]\n",
stat_actual, TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0,
(unsigned long) servs.size(), stat_ok, stat_nx, stat_dropped, stat_sf, stat_trans, stat_cname);
// #: Number of DNS servers used
// OK: Number of fully reverse resolved queries
// NX: Number of confirmations of 'No such reverse domain eXists'
// DR: Dropped IPs (no valid responses were received)
// SF: Number of IPs that got 'Server Failure's
// TR: Total number of transmissions necessary. The number of domains is ideal, higher is worse
log_write(LOG_STDOUT, "DNS resolution of %d IPs took %.2fs. Mode: Async [#: %lu, OK: %d, NX: %d, DR: %d, SF: %d, TR: %d, CN: %d]\n",
stat_actual, TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0,
(unsigned long) servs.size(), stat_ok, stat_nx, stat_dropped, stat_sf, stat_trans, stat_cname);
} else {
log_write(LOG_STDOUT, "DNS resolution of %d IPs took %.2fs. Mode: System [OK: %d, ??: %d]\n",
stat_actual, TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0,
stat_ok, stat_actual - stat_ok);
log_write(LOG_STDOUT, "DNS resolution of %d IPs took %.2fs. Mode: System [OK: %d, ??: %d]\n",
stat_actual, TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0,
stat_ok, stat_actual - stat_ok);
}
}
}

10
nmap_error.cc
View File

@@ -203,8 +203,8 @@ void pfatal(const char *fmt, ...) {
#ifdef WIN32
error_number = GetLastError();
FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER|FORMAT_MESSAGE_FROM_SYSTEM,
NULL, error_number, MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR) &strerror_s, 0, NULL);
NULL, error_number, MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR) &strerror_s, 0, NULL);
#else
error_number = errno;
strerror_s = strerror(error_number);
@@ -218,7 +218,7 @@ void pfatal(const char *fmt, ...) {
va_end(ap);
log_write(LOG_NORMAL|LOG_STDERR, "%s: %s (%d)\n",
errbuf, strerror_s, error_number);
errbuf, strerror_s, error_number);
if (xml_tag_open())
xml_close_start_tag();
@@ -265,8 +265,8 @@ void gh_perror(const char *fmt, ...) {
#ifdef WIN32
error_number = GetLastError();
FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER|FORMAT_MESSAGE_FROM_SYSTEM,
NULL, error_number, MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR) &strerror_s, 0, NULL);
NULL, error_number, MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR) &strerror_s, 0, NULL);
#else
error_number = errno;
strerror_s = strerror(error_number);

2
nmap_ftp.cc
View File

@@ -183,7 +183,7 @@ int ftp_anon_connect(struct ftpinfo *ftp) {
if (o.verbose || o.debugging)
log_write(LOG_STDOUT, "Attempting connection to ftp://%s:%s@%s:%i\n",
ftp->user, ftp->pass, ftp->server_name, ftp->port);
ftp->user, ftp->pass, ftp->server_name, ftp->port);
if ((sd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
gh_perror("Couldn't create %s socket", __func__);

2
nmap_ftp.h
View File

@@ -153,6 +153,6 @@ int parse_bounce_argument(struct ftpinfo *ftp, char *url);
rewritten. But I don't think it is used much anyway. If I'm going to
allow FTP bounce scan, I should really allow SOCKS proxy scan. */
void bounce_scan(Target *target, u16 *portarray, int numports,
struct ftpinfo *ftp);
struct ftpinfo *ftp);
#endif /* NMAP_FTP_H */

90
nmap_tty.cc
View File

@@ -158,9 +158,9 @@ static void tty_done() { return; }
static void tty_flush(void)
{
static HANDLE stdinput = GetStdHandle(STD_INPUT_HANDLE);
static HANDLE stdinput = GetStdHandle(STD_INPUT_HANDLE);
FlushConsoleInputBuffer(stdinput);
FlushConsoleInputBuffer(stdinput);
}
#else
@@ -182,49 +182,49 @@ static struct termios saved_ti;
static int tty_getchar()
{
int c, numChars;
int c, numChars;
#ifdef __CYGWIN32__
fd_set set;
struct timeval tv;
fd_set set;
struct timeval tv;
#endif
if (tty_fd && tcgetpgrp(tty_fd) == getpid()) {
if (tty_fd && tcgetpgrp(tty_fd) == getpid()) {
// This is so that when the terminal has been disconnected, it will be
// reconnected when possible. If it slows things down, just remove it
// tty_init();
#ifdef __CYGWIN32__
FD_ZERO(&set); FD_SET(tty_fd, &set);
tv.tv_sec = 0; tv.tv_usec = 0;
if (select(tty_fd + 1, &set, NULL, NULL, &tv) <= 0)
return -1;
FD_ZERO(&set); FD_SET(tty_fd, &set);
tv.tv_sec = 0; tv.tv_usec = 0;
if (select(tty_fd + 1, &set, NULL, NULL, &tv) <= 0)
return -1;
#endif
c = 0;
c = 0;
numChars = read(tty_fd, &c, 1);
if (numChars > 0) return c;
}
if (numChars > 0) return c;
}
return -1;
return -1;
}
static void tty_done()
{
if (!tty_fd) return;
if (!tty_fd) return;
tcsetattr(tty_fd, TCSANOW, &saved_ti);
tcsetattr(tty_fd, TCSANOW, &saved_ti);
close(tty_fd);
tty_fd = 0;
close(tty_fd);
tty_fd = 0;
}
static void tty_flush(void)
{
/* we don't need to test for tty_fd==0 here because
* this isn't called unless we succeeded
*/
/* we don't need to test for tty_fd==0 here because
* this isn't called unless we succeeded
*/
tcflush(tty_fd, TCIFLUSH);
tcflush(tty_fd, TCIFLUSH);
}
/*
@@ -234,30 +234,30 @@ static void tty_flush(void)
*/
void tty_init()
{
struct termios ti;
struct termios ti;
if(o.noninteractive)
return;
if(o.noninteractive)
return;
if (tty_fd)
return;
if (tty_fd)
return;
if ((tty_fd = open("/dev/tty", O_RDONLY | O_NONBLOCK)) < 0) return;
if ((tty_fd = open("/dev/tty", O_RDONLY | O_NONBLOCK)) < 0) return;
#ifndef __CYGWIN32__
if (tcgetpgrp(tty_fd) != getpid()) {
close(tty_fd); return;
}
if (tcgetpgrp(tty_fd) != getpid()) {
close(tty_fd); return;
}
#endif
tcgetattr(tty_fd, &ti);
saved_ti = ti;
ti.c_lflag &= ~(ICANON | ECHO);
ti.c_cc[VMIN] = 1;
ti.c_cc[VTIME] = 0;
tcsetattr(tty_fd, TCSANOW, &ti);
tcgetattr(tty_fd, &ti);
saved_ti = ti;
ti.c_lflag &= ~(ICANON | ECHO);
ti.c_cc[VMIN] = 1;
ti.c_cc[VTIME] = 0;
tcsetattr(tty_fd, TCSANOW, &ti);
atexit(tty_done);
atexit(tty_done);
}
#endif //!win32
@@ -285,7 +285,7 @@ bool keyWasPressed()
log_write(LOG_STDOUT, "Verbosity Increased to %d.\n", o.verbose);
} else if (c == 'V') {
if (o.verbose > 0)
o.verbose--;
o.verbose--;
log_write(LOG_STDOUT, "Verbosity Decreased to %d.\n", o.verbose);
} else if (c == 'd') {
o.debugging++;
@@ -301,12 +301,12 @@ bool keyWasPressed()
log_write(LOG_STDOUT, "Packet Tracing disabled.\n");
} else if (c == '?') {
log_write(LOG_STDOUT,
"Interactive keyboard commands:\n"
"? Display this information\n"
"v/V Increase/decrease verbosity\n"
"d/D Increase/decrease debugging\n"
"p/P Enable/disable packet tracing\n"
"anything else Print status\n"
"Interactive keyboard commands:\n"
"? Display this information\n"
"v/V Increase/decrease verbosity\n"
"d/D Increase/decrease debugging\n"
"p/P Enable/disable packet tracing\n"
"anything else Print status\n"
"More help: http://nmap.org/book/man-runtime-interaction.html\n");
} else {
printStatusMessage();

108
nse_binlib.cc
View File

@@ -192,15 +192,15 @@ static int l_unpack(lua_State *L) /** unpack(f,s, [init]) */
N++;
if (i+N > len) {done = 1; break;}
for (unsigned int ii = i; ii < i+N; ii++) {
sbyte = 0x80;
for (int ij = 0; ij < 8; ij++) {
if (s[ii] & sbyte) {
luaL_addlstring(&buf, "1", 1);
} else {
luaL_addlstring(&buf, "0", 1);
}
sbyte = sbyte >> 1;
}
sbyte = 0x80;
for (int ij = 0; ij < 8; ij++) {
if (s[ii] & sbyte) {
luaL_addlstring(&buf, "1", 1);
} else {
luaL_addlstring(&buf, "0", 1);
}
sbyte = sbyte >> 1;
}
}
luaL_pushresult(&buf);
n++;
@@ -218,14 +218,14 @@ static int l_unpack(lua_State *L) /** unpack(f,s, [init]) */
N++;
if (i+N > len) {done = 1; break;}
for (unsigned int ii = i; ii < i+N; ii++) {
val = s[ii] & 0xF0;
val = val >> 4;
hdigit = HEXDIGITS(val);
luaL_addlstring(&buf, &hdigit, 1);
val = s[ii] & 0xF0;
val = val >> 4;
hdigit = HEXDIGITS(val);
luaL_addlstring(&buf, &hdigit, 1);
val = s[ii] & 0x0F;
hdigit = HEXDIGITS(val);
luaL_addlstring(&buf, &hdigit, 1);
val = s[ii] & 0x0F;
hdigit = HEXDIGITS(val);
luaL_addlstring(&buf, &hdigit, 1);
}
luaL_pushresult(&buf);
n++;
@@ -327,17 +327,17 @@ static int l_pack(lua_State *L) /** pack(f,...) */
unsigned int ii = 0, ia = 0;
const char *a = luaL_checklstring(L, i++, &l);
for (ia = 0; ia < l; ia+= 8) {
sbyte = 0;
for (ii = 0; ii+ia < l && ii < 8; ii++) {
sbyte = sbyte << 1;
if (a[ii+ia] != '0') {
sbyte++;
}
}
for (; ii < 8; ii++) {
sbyte = sbyte << 1;
}
luaL_addlstring(&b, (char *) &sbyte, 1);
sbyte = 0;
for (ii = 0; ii+ia < l && ii < 8; ii++) {
sbyte = sbyte << 1;
if (a[ii+ia] != '0') {
sbyte++;
}
}
for (; ii < 8; ii++) {
sbyte = sbyte << 1;
}
luaL_addlstring(&b, (char *) &sbyte, 1);
}
break;
}
@@ -357,32 +357,32 @@ static int l_pack(lua_State *L) /** pack(f,...) */
int odd = 0;
const char *a = luaL_checklstring(L, i++, &l);
for (ii = 0; ii < l; ii++) {
if (isxdigit((int) (unsigned char) a[ii])) {
if (isdigit((int) (unsigned char) a[ii])) {
sbyte += a[ii] - '0';
odd++;
} else if (a[ii] >= 'A' && a[ii] <= 'F') {
sbyte += a[ii] - 'A' + 10;
odd++;
} else if (a[ii] >= 'a' && a[ii] <= 'f') {
sbyte += a[ii] - 'a' + 10;
odd++;
}
if (odd == 1) {
sbyte = sbyte << 4;
} else if (odd == 2) {
luaL_addlstring(&b, (char *) &sbyte, 1);
sbyte = 0;
odd = 0;
}
} else if (isspace(a[ii])) {
/* ignore */
} else {
/* err ... ignore too*/
}
if (isxdigit((int) (unsigned char) a[ii])) {
if (isdigit((int) (unsigned char) a[ii])) {
sbyte += a[ii] - '0';
odd++;
} else if (a[ii] >= 'A' && a[ii] <= 'F') {
sbyte += a[ii] - 'A' + 10;
odd++;
} else if (a[ii] >= 'a' && a[ii] <= 'f') {
sbyte += a[ii] - 'a' + 10;
odd++;
}
if (odd == 1) {
sbyte = sbyte << 4;
} else if (odd == 2) {
luaL_addlstring(&b, (char *) &sbyte, 1);
sbyte = 0;
odd = 0;
}
} else if (isspace(a[ii])) {
/* ignore */
} else {
/* err ... ignore too*/
}
}
if (odd == 1) {
luaL_addlstring(&b, (char *) &sbyte, 1);
luaL_addlstring(&b, (char *) &sbyte, 1);
}
break;
}
@@ -399,9 +399,9 @@ static int l_pack(lua_State *L) /** pack(f,...) */
static const luaL_Reg binlib[] =
{
{"pack", l_pack},
{"unpack", l_unpack},
{NULL, NULL}
{"pack", l_pack},
{"unpack", l_unpack},
{NULL, NULL}
};
/*

2
nse_nmaplib.cc
View File

@@ -834,7 +834,7 @@ static int l_list_interfaces (lua_State *L)
nseU_setsfield(L, -1, "shortname", iflist[i].devname);
nseU_setnfield(L, -1, "netmask", iflist[i].netmask_bits);
nseU_setsfield(L, -1, "address", inet_ntop_ez(&(iflist[i].addr),
sizeof(iflist[i].addr) ));
sizeof(iflist[i].addr) ));
switch (iflist[i].device_type){
case devt_ethernet:

2
nse_nsock.cc
View File

@@ -566,7 +566,7 @@ static int l_sendto (lua_State *L)
trace(nu->nsiod, hexify((unsigned char *) string, size).c_str(), TO);
freeaddrinfo(dest);
return yield(L, nu, "SEND", TO, 0, NULL);
}
static void receive_callback (nsock_pool nsp, nsock_event nse, void *udata)

486
nse_pcrelib.cc
View File

@@ -27,379 +27,379 @@ extern "C" {
static int get_startoffset(lua_State *L, int stackpos, size_t len)
{
int startoffset = luaL_optint(L, stackpos, 1);
if(startoffset > 0)
startoffset--;
else if(startoffset < 0) {
startoffset += (int) len;
if(startoffset < 0)
startoffset = 0;
}
return startoffset;
int startoffset = luaL_optint(L, stackpos, 1);
if(startoffset > 0)
startoffset--;
else if(startoffset < 0) {
startoffset += (int) len;
if(startoffset < 0)
startoffset = 0;
}
return startoffset;
}
static int udata_tostring (lua_State *L, const char* type_handle,
const char* type_name)
const char* type_name)
{
char buf[256];
void *udata = luaL_checkudata(L, 1, type_handle);
char buf[256];
void *udata = luaL_checkudata(L, 1, type_handle);
if(udata) {
(void)Snprintf(buf, 255, "%s (%p)", type_name, udata);
lua_pushstring(L, buf);
}
else {
(void)Snprintf(buf, 255, "must be userdata of type '%s'", type_name);
(void)luaL_argerror(L, 1, buf);
}
if(udata) {
(void)Snprintf(buf, 255, "%s (%p)", type_name, udata);
lua_pushstring(L, buf);
}
else {
(void)Snprintf(buf, 255, "must be userdata of type '%s'", type_name);
(void)luaL_argerror(L, 1, buf);
}
free(udata);
return 1;
free(udata);
return 1;
}
typedef struct { const char* key; lua_Number val; } flags_pair;
static int get_flags (lua_State *L, const flags_pair *arr)
{
const flags_pair *p;
lua_newtable(L);
for(p=arr; p->key != NULL; p++) {
lua_pushstring(L, p->key);
lua_pushnumber(L, p->val);
lua_rawset(L, -3);
}
return 1;
const flags_pair *p;
lua_newtable(L);
for(p=arr; p->key != NULL; p++) {
lua_pushstring(L, p->key);
lua_pushnumber(L, p->val);
lua_rawset(L, -3);
}
return 1;
}
const char pcre_handle[] = "pcre_regex_handle";
const char pcre_typename[] = "pcre_regex";
typedef struct {
pcre *pr;
pcre_extra *extra;
int *match;
int ncapt;
const unsigned char *tables;
pcre *pr;
pcre_extra *extra;
int *match;
int ncapt;
const unsigned char *tables;
} pcre2; /* a better name is needed */
static const unsigned char *Lpcre_maketables(lua_State *L, int stackpos)
{
const unsigned char *tables;
char old_locale[256];
char *locale = strdup(luaL_checkstring(L, stackpos));
const unsigned char *tables;
char old_locale[256];
char *locale = strdup(luaL_checkstring(L, stackpos));
if(locale == NULL)
luaL_error(L, "cannot set locale");
if(locale == NULL)
luaL_error(L, "cannot set locale");
strncpy(old_locale, setlocale(LC_CTYPE, NULL), 255); /* store the locale */
strncpy(old_locale, setlocale(LC_CTYPE, NULL), 255); /* store the locale */
if(setlocale(LC_CTYPE, locale) == NULL) /* set new locale */
luaL_error(L, "cannot set locale");
if(setlocale(LC_CTYPE, locale) == NULL) /* set new locale */
luaL_error(L, "cannot set locale");
tables = pcre_maketables(); /* make tables with new locale */
(void)setlocale(LC_CTYPE, old_locale); /* restore the old locale */
tables = pcre_maketables(); /* make tables with new locale */
(void)setlocale(LC_CTYPE, old_locale); /* restore the old locale */
free(locale);
return tables;
free(locale);
return tables;
}
static int Lpcre_comp(lua_State *L)
{
char buf[256];
const char *error;
int erroffset;
pcre2 *ud;
const char *pattern = luaL_checkstring(L, 1);
int cflags = luaL_optint(L, 2, 0);
const unsigned char *tables = NULL;
char buf[256];
const char *error;
int erroffset;
pcre2 *ud;
const char *pattern = luaL_checkstring(L, 1);
int cflags = luaL_optint(L, 2, 0);
const unsigned char *tables = NULL;
if(lua_gettop(L) > 2 && !lua_isnil(L, 3))
tables = Lpcre_maketables(L, 3);
if(tables == NULL)
luaL_error(L, "PCRE compilation failed");
if(lua_gettop(L) > 2 && !lua_isnil(L, 3))
tables = Lpcre_maketables(L, 3);
if(tables == NULL)
luaL_error(L, "PCRE compilation failed");
ud = (pcre2*)lua_newuserdata(L, sizeof(pcre2));
luaL_getmetatable(L, pcre_handle);
(void)lua_setmetatable(L, -2);
ud->match = NULL;
ud->extra = NULL;
ud->tables = tables; /* keep this for eventual freeing */
ud = (pcre2*)lua_newuserdata(L, sizeof(pcre2));
luaL_getmetatable(L, pcre_handle);
(void)lua_setmetatable(L, -2);
ud->match = NULL;
ud->extra = NULL;
ud->tables = tables; /* keep this for eventual freeing */
ud->pr = pcre_compile(pattern, cflags, &error, &erroffset, tables);
if(!ud->pr) {
(void)Snprintf(buf, 255, "%s (pattern offset: %d)", error, erroffset+1);
/* show offset 1-based as it's common in Lua */
luaL_error(L, buf);
}
ud->pr = pcre_compile(pattern, cflags, &error, &erroffset, tables);
if(!ud->pr) {
(void)Snprintf(buf, 255, "%s (pattern offset: %d)", error, erroffset+1);
/* show offset 1-based as it's common in Lua */
luaL_error(L, buf);
}
ud->extra = pcre_study(ud->pr, 0, &error);
if(error) luaL_error(L, error);
ud->extra = pcre_study(ud->pr, 0, &error);
if(error) luaL_error(L, error);
pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_CAPTURECOUNT, &ud->ncapt);
/* need (2 ints per capture, plus one for substring match) * 3/2 */
ud->match = (int *) safe_malloc((ud->ncapt + 1) * 3 * sizeof(int));
pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_CAPTURECOUNT, &ud->ncapt);
/* need (2 ints per capture, plus one for substring match) * 3/2 */
ud->match = (int *) safe_malloc((ud->ncapt + 1) * 3 * sizeof(int));
return 1;
return 1;
}
static void Lpcre_getargs(lua_State *L, pcre2 **pud, const char **text,
size_t *text_len)
size_t *text_len)
{
*pud = (pcre2 *)luaL_checkudata(L, 1, pcre_handle);
if(*pud == NULL)
(void)luaL_argerror(L, 1, ("compiled regexp expected"));
*text = luaL_checklstring(L, 2, text_len);
*pud = (pcre2 *)luaL_checkudata(L, 1, pcre_handle);
if(*pud == NULL)
(void)luaL_argerror(L, 1, ("compiled regexp expected"));
*text = luaL_checklstring(L, 2, text_len);
}
typedef void (*Lpcre_push_matches) (lua_State *L, const char *text, pcre2 *ud);
static void Lpcre_push_substrings (lua_State *L, const char *text, pcre2 *ud)
{
unsigned int i, j;
unsigned int namecount;
unsigned char *name_table;
int name_entry_size;
unsigned char *tabptr;
const int *match = ud->match;
unsigned int i, j;
unsigned int namecount;
unsigned char *name_table;
int name_entry_size;
unsigned char *tabptr;
const int *match = ud->match;
lua_newtable(L);
for (i = 1; i <= (unsigned) ud->ncapt; i++) {
j = i * 2;
if (match[j] >= 0)
lua_pushlstring(L, text + match[j], (size_t)(match[j + 1] - match[j]));
else
lua_pushboolean(L, 0);
lua_rawseti(L, -2, i);
}
lua_newtable(L);
for (i = 1; i <= (unsigned) ud->ncapt; i++) {
j = i * 2;
if (match[j] >= 0)
lua_pushlstring(L, text + match[j], (size_t)(match[j + 1] - match[j]));
else
lua_pushboolean(L, 0);
lua_rawseti(L, -2, i);
}
/* now do named subpatterns - NJG */
(void)pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_NAMECOUNT, &namecount);
if (namecount <= 0)
return;
(void)pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_NAMETABLE, &name_table);
(void)pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_NAMEENTRYSIZE, &name_entry_size);
tabptr = name_table;
for (i = 0; i < namecount; i++) {
unsigned int n = (tabptr[0] << 8) | tabptr[1]; /* number of the capturing parenthesis */
if (n > 0 && n <= (unsigned) ud->ncapt) { /* check range */
unsigned int j = n * 2;
lua_pushstring(L, (char*)tabptr + 2); /* name of the capture, zero terminated */
if (match[j] >= 0)
lua_pushlstring(L, text + match[j], match[j + 1] - match[j]);
else
lua_pushboolean(L, 0);
lua_rawset(L, -3);
}
tabptr += name_entry_size;
}
/* now do named subpatterns - NJG */
(void)pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_NAMECOUNT, &namecount);
if (namecount <= 0)
return;
(void)pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_NAMETABLE, &name_table);
(void)pcre_fullinfo(ud->pr, ud->extra, PCRE_INFO_NAMEENTRYSIZE, &name_entry_size);
tabptr = name_table;
for (i = 0; i < namecount; i++) {
unsigned int n = (tabptr[0] << 8) | tabptr[1]; /* number of the capturing parenthesis */
if (n > 0 && n <= (unsigned) ud->ncapt) { /* check range */
unsigned int j = n * 2;
lua_pushstring(L, (char*)tabptr + 2); /* name of the capture, zero terminated */
if (match[j] >= 0)
lua_pushlstring(L, text + match[j], match[j + 1] - match[j]);
else
lua_pushboolean(L, 0);
lua_rawset(L, -3);
}
tabptr += name_entry_size;
}
}
static void Lpcre_push_offsets (lua_State *L, const char *text, pcre2 * ud)
{
unsigned int i, j, k;
if(text) {
/* suppress compiler warning */
}
lua_newtable(L);
for (i=1, j=1; i <= (unsigned) ud->ncapt; i++) {
k = i * 2;
if (ud->match[k] >= 0) {
lua_pushnumber(L, ud->match[k] + 1);
lua_rawseti(L, -2, j++);
lua_pushnumber(L, ud->match[k+1]);
lua_rawseti(L, -2, j++);
}
else {
lua_pushboolean(L, 0);
lua_rawseti(L, -2, j++);
lua_pushboolean(L, 0);
lua_rawseti(L, -2, j++);
}
}
unsigned int i, j, k;
if(text) {
/* suppress compiler warning */
}
lua_newtable(L);
for (i=1, j=1; i <= (unsigned) ud->ncapt; i++) {
k = i * 2;
if (ud->match[k] >= 0) {
lua_pushnumber(L, ud->match[k] + 1);
lua_rawseti(L, -2, j++);
lua_pushnumber(L, ud->match[k+1]);
lua_rawseti(L, -2, j++);
}
else {
lua_pushboolean(L, 0);
lua_rawseti(L, -2, j++);
lua_pushboolean(L, 0);
lua_rawseti(L, -2, j++);
}
}
}
static int Lpcre_match_generic(lua_State *L, Lpcre_push_matches push_matches)
{
int res;
const char *text;
pcre2 *ud;
size_t elen;
int startoffset;
int eflags = luaL_optint(L, 4, 0);
int res;
const char *text;
pcre2 *ud;
size_t elen;
int startoffset;
int eflags = luaL_optint(L, 4, 0);
Lpcre_getargs(L, &ud, &text, &elen);
startoffset = get_startoffset(L, 3, elen);
Lpcre_getargs(L, &ud, &text, &elen);
startoffset = get_startoffset(L, 3, elen);
res = pcre_exec(ud->pr, ud->extra, text, (int)elen, startoffset, eflags,
ud->match, (ud->ncapt + 1) * 3);
if (res >= 0) {
lua_pushnumber(L, (lua_Number) ud->match[0] + 1);
lua_pushnumber(L, (lua_Number) ud->match[1]);
(*push_matches)(L, text, ud);
return 3;
}
return 0;
res = pcre_exec(ud->pr, ud->extra, text, (int)elen, startoffset, eflags,
ud->match, (ud->ncapt + 1) * 3);
if (res >= 0) {
lua_pushnumber(L, (lua_Number) ud->match[0] + 1);
lua_pushnumber(L, (lua_Number) ud->match[1]);
(*push_matches)(L, text, ud);
return 3;
}
return 0;
}
static int Lpcre_match(lua_State *L)
{
return Lpcre_match_generic(L, Lpcre_push_substrings);
return Lpcre_match_generic(L, Lpcre_push_substrings);
}
static int Lpcre_exec(lua_State *L)
{
return Lpcre_match_generic(L, Lpcre_push_offsets);
return Lpcre_match_generic(L, Lpcre_push_offsets);
}
static int Lpcre_gmatch(lua_State *L)
{
int res;
size_t len;
int nmatch = 0, limit = 0;
const char *text;
pcre2 *ud;
int maxmatch = luaL_optint(L, 4, 0);
int eflags = luaL_optint(L, 5, 0);
int startoffset = 0;
Lpcre_getargs(L, &ud, &text, &len);
luaL_checktype(L, 3, LUA_TFUNCTION);
int res;
size_t len;
int nmatch = 0, limit = 0;
const char *text;
pcre2 *ud;
int maxmatch = luaL_optint(L, 4, 0);
int eflags = luaL_optint(L, 5, 0);
int startoffset = 0;
Lpcre_getargs(L, &ud, &text, &len);
luaL_checktype(L, 3, LUA_TFUNCTION);
if(maxmatch > 0) /* this must be stated in the docs */
limit = 1;
if(maxmatch > 0) /* this must be stated in the docs */
limit = 1;
while (!limit || nmatch < maxmatch) {
res = pcre_exec(ud->pr, ud->extra, text, (int)len, startoffset, eflags,
ud->match, (ud->ncapt + 1) * 3);
if (res >= 0) {
nmatch++;
lua_pushvalue(L, 3);
lua_pushlstring(L, text + ud->match[0], ud->match[1] - ud->match[0]);
Lpcre_push_substrings(L, text, ud);
lua_call(L, 2, 1);
if(lua_toboolean(L, -1))
break;
lua_pop(L, 1);
startoffset = ud->match[1];
} else
break;
}
lua_pushnumber(L, nmatch);
return 1;
while (!limit || nmatch < maxmatch) {
res = pcre_exec(ud->pr, ud->extra, text, (int)len, startoffset, eflags,
ud->match, (ud->ncapt + 1) * 3);
if (res >= 0) {
nmatch++;
lua_pushvalue(L, 3);
lua_pushlstring(L, text + ud->match[0], ud->match[1] - ud->match[0]);
Lpcre_push_substrings(L, text, ud);
lua_call(L, 2, 1);
if(lua_toboolean(L, -1))
break;
lua_pop(L, 1);
startoffset = ud->match[1];
} else
break;
}
lua_pushnumber(L, nmatch);
return 1;
}
static int Lpcre_gc (lua_State *L)
{
pcre2 *ud = (pcre2 *)luaL_checkudata(L, 1, pcre_handle);
if (ud) {
if(ud->pr) pcre_free(ud->pr);
if(ud->extra) pcre_free(ud->extra);
if(ud->tables) pcre_free((void *)ud->tables);
if(ud->match) free(ud->match);
}
return 0;
pcre2 *ud = (pcre2 *)luaL_checkudata(L, 1, pcre_handle);
if (ud) {
if(ud->pr) pcre_free(ud->pr);
if(ud->extra) pcre_free(ud->extra);
if(ud->tables) pcre_free((void *)ud->tables);
if(ud->match) free(ud->match);
}
return 0;
}
static int Lpcre_tostring (lua_State *L) {
return udata_tostring(L, pcre_handle, pcre_typename);
return udata_tostring(L, pcre_handle, pcre_typename);
}
static int Lpcre_vers (lua_State *L)
{
lua_pushstring(L, pcre_version());
return 1;
lua_pushstring(L, pcre_version());
return 1;
}
static flags_pair pcre_flags[] =
{
{ "CASELESS", PCRE_CASELESS },
{ "MULTILINE", PCRE_MULTILINE },
{ "DOTALL", PCRE_DOTALL },
{ "EXTENDED", PCRE_EXTENDED },
{ "ANCHORED", PCRE_ANCHORED },
{ "DOLLAR_ENDONLY", PCRE_DOLLAR_ENDONLY },
{ "EXTRA", PCRE_EXTRA },
{ "NOTBOL", PCRE_NOTBOL },
{ "NOTEOL", PCRE_NOTEOL },
{ "UNGREEDY", PCRE_UNGREEDY },
{ "NOTEMPTY", PCRE_NOTEMPTY },
{ "UTF8", PCRE_UTF8 },
{ "CASELESS", PCRE_CASELESS },
{ "MULTILINE", PCRE_MULTILINE },
{ "DOTALL", PCRE_DOTALL },
{ "EXTENDED", PCRE_EXTENDED },
{ "ANCHORED", PCRE_ANCHORED },
{ "DOLLAR_ENDONLY", PCRE_DOLLAR_ENDONLY },
{ "EXTRA", PCRE_EXTRA },
{ "NOTBOL", PCRE_NOTBOL },
{ "NOTEOL", PCRE_NOTEOL },
{ "UNGREEDY", PCRE_UNGREEDY },
{ "NOTEMPTY", PCRE_NOTEMPTY },
{ "UTF8", PCRE_UTF8 },
#if PCRE_MAJOR >= 4
{ "NO_AUTO_CAPTURE", PCRE_NO_AUTO_CAPTURE },
{ "NO_UTF8_CHECK", PCRE_NO_UTF8_CHECK },
{ "NO_AUTO_CAPTURE", PCRE_NO_AUTO_CAPTURE },
{ "NO_UTF8_CHECK", PCRE_NO_UTF8_CHECK },
#endif
#ifdef PCRE_AUTO_CALLOUT
{ "AUTO_CALLOUT", PCRE_AUTO_CALLOUT },
{ "AUTO_CALLOUT", PCRE_AUTO_CALLOUT },
#endif
#ifdef PCRE_PARTIAL
{ "PARTIAL", PCRE_PARTIAL },
{ "PARTIAL", PCRE_PARTIAL },
#endif
#ifdef PCRE_DFA_SHORTEST
{ "DFA_SHORTEST", PCRE_DFA_SHORTEST },
{ "DFA_SHORTEST", PCRE_DFA_SHORTEST },
#endif
#ifdef PCRE_DFA_RESTART
{ "DFA_RESTART", PCRE_DFA_RESTART },
{ "DFA_RESTART", PCRE_DFA_RESTART },
#endif
#ifdef PCRE_FIRSTLINE
{ "FIRSTLINE", PCRE_FIRSTLINE },
{ "FIRSTLINE", PCRE_FIRSTLINE },
#endif
#ifdef PCRE_DUPNAMES
{ "DUPNAMES", PCRE_DUPNAMES },
{ "DUPNAMES", PCRE_DUPNAMES },
#endif
#ifdef PCRE_NEWLINE_CR
{ "NEWLINE_CR", PCRE_NEWLINE_CR },
{ "NEWLINE_CR", PCRE_NEWLINE_CR },
#endif
#ifdef PCRE_NEWLINE_LF
{ "NEWLINE_LF", PCRE_NEWLINE_LF },
{ "NEWLINE_LF", PCRE_NEWLINE_LF },
#endif
#ifdef PCRE_NEWLINE_CRLF
{ "NEWLINE_CRLF", PCRE_NEWLINE_CRLF },
{ "NEWLINE_CRLF", PCRE_NEWLINE_CRLF },
#endif
#ifdef PCRE_NEWLINE_ANY
{ "NEWLINE_ANY", PCRE_NEWLINE_ANY },
{ "NEWLINE_ANY", PCRE_NEWLINE_ANY },
#endif
#ifdef PCRE_NEWLINE_ANYCRLF
{ "NEWLINE_ANYCRLF", PCRE_NEWLINE_ANYCRLF },
{ "NEWLINE_ANYCRLF", PCRE_NEWLINE_ANYCRLF },
#endif
#ifdef PCRE_BSR_ANYCRLF
{ "BSR_ANYCRLF", PCRE_BSR_ANYCRLF },
{ "BSR_ANYCRLF", PCRE_BSR_ANYCRLF },
#endif
#ifdef PCRE_BSR_UNICODE
{ "BSR_UNICODE", PCRE_BSR_UNICODE },
{ "BSR_UNICODE", PCRE_BSR_UNICODE },
#endif
{ NULL, 0 }
{ NULL, 0 }
};
static int Lpcre_get_flags (lua_State *L) {
return get_flags(L, pcre_flags);
return get_flags(L, pcre_flags);
}
static const luaL_Reg pcremeta[] = {
{"exec", Lpcre_exec},
{"match", Lpcre_match},
{"gmatch", Lpcre_gmatch},
{"__gc", Lpcre_gc},
{"__tostring", Lpcre_tostring},
{NULL, NULL}
{"exec", Lpcre_exec},
{"match", Lpcre_match},
{"gmatch", Lpcre_gmatch},
{"__gc", Lpcre_gc},
{"__tostring", Lpcre_tostring},
{NULL, NULL}
};
/* Open the library */
static const luaL_Reg pcrelib[] = {
{"new", Lpcre_comp},
{"flags", Lpcre_get_flags},
{"version", Lpcre_vers},
{NULL, NULL}
{"new", Lpcre_comp},
{"flags", Lpcre_get_flags},
{"version", Lpcre_vers},
{NULL, NULL}
};
LUALIB_API int luaopen_pcrelib(lua_State *L)
{
luaL_newmetatable(L, pcre_handle);
lua_pushliteral(L, "__index");
luaL_newlib(L, pcremeta);
lua_rawset(L, -3);
lua_pop(L, 1);
luaL_newmetatable(L, pcre_handle);
lua_pushliteral(L, "__index");
luaL_newlib(L, pcremeta);
lua_rawset(L, -3);
lua_pop(L, 1);
luaL_newlib(L, pcrelib);
return 1;
luaL_newlib(L, pcrelib);
return 1;
}

4
osscan.h
View File

@@ -174,7 +174,7 @@ void free_fingerprint_file(FingerPrintDB *DB);
accuracy (between 0 and 1) is returned). If MatchPoints is not NULL, it is
a special "fingerprints" which tells how many points each test is worth. */
double compare_fingerprints(const FingerPrint *referenceFP, const FingerPrint *observedFP,
const FingerPrint *MatchPoints, int verbose);
const FingerPrint *MatchPoints, int verbose);
/* Takes a fingerprint and looks for matches inside the passed in
reference fingerprint DB. The results are stored in in FPR (which
@@ -183,7 +183,7 @@ double compare_fingerprints(const FingerPrint *referenceFP, const FingerPrint *o
accuracy_threshhold will be included. The max matches returned is
the maximum that fits in a FingerPrintResultsIPv4 class. */
void match_fingerprint(const FingerPrint *FP, FingerPrintResultsIPv4 *FPR,
const FingerPrintDB *DB, double accuracy_threshold);
const FingerPrintDB *DB, double accuracy_threshold);
/* Returns true if perfect match -- if num_subtests & num_subtests_succeeded are non_null it updates them. if shortcircuit is zero, it does all the tests, otherwise it returns when the first one fails */

2
osscan2.cc
View File

@@ -3633,7 +3633,7 @@ int OSScan::os_scan_ipv4(std::vector<Target *> &Targets) {
char targetstr[128];
bool plural = (OSI.numIncompleteHosts() != 1);
if (!plural) {
(*(OSI.incompleteHosts.begin()))->target->NameIP(targetstr, sizeof(targetstr));
(*(OSI.incompleteHosts.begin()))->target->NameIP(targetstr, sizeof(targetstr));
} else Snprintf(targetstr, sizeof(targetstr), "%d hosts", (int) OSI.numIncompleteHosts());
log_write(LOG_STDOUT, "%s OS detection (try #%d) against %s\n", (itry == 0)? "Initiating" : "Retrying", itry + 1, targetstr);
log_flush_all();

2
output.cc
View File

@@ -285,7 +285,7 @@ void win32_fatal_raw_sockets(const char *devname) {
if (devname != NULL) {
fatal("Only ethernet devices can be used for raw scans on Windows, and\n"
"\"%s\" is not an ethernet device. Use the --unprivileged option\n"
"for this scan.", devname);
"for this scan.", devname);
} else {
fatal("Only ethernet devices can be used for raw scans on Windows. Use\n"
"the --unprivileged option for this scan.", devname);

32
portlist.cc
View File

@@ -352,7 +352,7 @@ static char *cstringSanityCheck(const char* string, int len) {
int slen;
if(!string)
return NULL;
return NULL;
slen = strlen(string);
if (slen > len) slen = len;
@@ -521,8 +521,8 @@ void PortList::setPortState(u16 portno, u8 protocol, int state) {
if ((state == PORT_OPEN && o.verbose) || (o.debugging > 1)) {
log_write(LOG_STDOUT, "Discovered %s port %hu/%s%s\n",
statenum2str(state), portno,
proto2ascii_lowercase(protocol), idstr? idstr : "");
statenum2str(state), portno,
proto2ascii_lowercase(protocol), idstr? idstr : "");
log_flush(LOG_STDOUT);
}
@@ -610,7 +610,7 @@ int PortList::getStateCounts(int state) const {
except that if you ask for both TCP, UDP & SCTP, every TCP port
will be returned before we start returning UDP and SCTP ports */
Port *PortList::nextPort(const Port *cur, Port *next,
int allowed_protocol, int allowed_state) {
int allowed_protocol, int allowed_state) {
int proto;
int mapped_pno;
Port *port;
@@ -728,8 +728,8 @@ int PortList::forgetPort(u16 portno, u8 protocol) {
if (o.verbose) {
log_write(LOG_STDOUT, "Deleting port %hu/%s, which we thought was %s\n",
portno, proto2ascii_lowercase(answer->proto),
statenum2str(answer->state));
portno, proto2ascii_lowercase(answer->proto),
statenum2str(answer->state));
log_flush(LOG_STDOUT);
}
@@ -810,8 +810,8 @@ int PortList::nextIgnoredState(int prevstate) {
/* If a previous state was given, we must have fewer ports than
that one, or be tied but be a larger state number */
if (prevstate != PORT_UNKNOWN &&
(getStateCounts(state) > getStateCounts(prevstate) ||
(getStateCounts(state) == getStateCounts(prevstate) && state <= prevstate)))
(getStateCounts(state) > getStateCounts(prevstate) ||
(getStateCounts(state) == getStateCounts(prevstate) && state <= prevstate)))
continue;
/* We only qualify if we have more ports than the current best */
@@ -906,7 +906,7 @@ int PortList::setStateReason(u16 portno, u8 proto, reason_t reason, u8 ttl,
answer->reason.ip_addr.sockaddr.sa_family = AF_UNSPEC;
else
answer->reason.set_ip_addr(ip_addr);
answer->reason.ttl = ttl;
answer->reason.ttl = ttl;
return 0;
}
@@ -932,13 +932,13 @@ void random_port_cheat(u16 *ports, int portcount) {
// see if the currentport is a popular port
for(popportidx = 0; popportidx < num_pop_ports; popportidx++) {
if (ports[allportidx] == pop_ports[popportidx]) {
// This one is popular! Swap it near to the beginning.
if (allportidx != earlyreplidx) {
ports[allportidx] = ports[earlyreplidx];
ports[earlyreplidx] = pop_ports[popportidx];
}
earlyreplidx++;
break;
// This one is popular! Swap it near to the beginning.
if (allportidx != earlyreplidx) {
ports[allportidx] = ports[earlyreplidx];
ports[earlyreplidx] = pop_ports[popportidx];
}
earlyreplidx++;
break;
}
}
}

16
portlist.h
View File

@@ -144,7 +144,7 @@
#define PORT_OPENFILTERED 7 /* Like udp/fin/xmas/null/ipproto scan with no response */
#define PORT_CLOSEDFILTERED 8 /* Idle scan */
#define PORT_HIGHEST_STATE 9 /* ***IMPORTANT -- BUMP THIS UP WHEN STATES ARE
ADDED *** */
ADDED *** */
#define TCPANDUDPANDSCTP IPPROTO_MAX
#define UDPANDSCTP (IPPROTO_MAX + 1)
@@ -285,13 +285,13 @@ class PortList {
// SERVICE_TUNNEL_NONE (normal) or SERVICE_TUNNEL_SSL (means ssl was
// detected and we tried to tunnel through it ).
void setServiceProbeResults(u16 portno, int protocol,
enum serviceprobestate sres, const char *sname,
enum service_tunnel_type tunnel, const char *product,
const char *version, const char *hostname,
const char *ostype, const char *devicetype,
const char *extrainfo,
const std::vector<const char *> *cpe,
const char *fingerprint);
enum serviceprobestate sres, const char *sname,
enum service_tunnel_type tunnel, const char *product,
const char *version, const char *hostname,
const char *ostype, const char *devicetype,
const char *extrainfo,
const std::vector<const char *> *cpe,
const char *fingerprint);
// pass in an allocated struct serviceDeductions (don't worry about initializing, and
// you don't have to free any internal ptrs. See the serviceDeductions definition for

298
portreasons.cc
View File

@@ -227,8 +227,8 @@ static reason_codes icmpv4_to_reason(int icmp_type, int icmp_code) {
switch(icmp_type){
case ICMP_ECHOREPLY:
return ER_ECHOREPLY;
case ICMP_ECHOREPLY:
return ER_ECHOREPLY;
case ICMP_UNREACH:
switch(icmp_code){
@@ -270,8 +270,8 @@ static reason_codes icmpv6_to_reason(int icmp_type, int icmp_code) {
switch(icmp_type){
case ICMPV6_ECHOREPLY:
return ER_ECHOREPLY;
case ICMPV6_ECHOREPLY:
return ER_ECHOREPLY;
case ICMPV6_UNREACH:
switch(icmp_code) {
@@ -293,7 +293,7 @@ static reason_codes icmpv6_to_reason(int icmp_type, int icmp_code) {
return ER_UNKNOWN;
case ICMPV6_PARAMPROBLEM:
return ER_PARAMPROBLEM;
return ER_PARAMPROBLEM;
case ICMPV6_TIMEXCEED:
return ER_TIMEEXCEEDED;
@@ -302,41 +302,41 @@ static reason_codes icmpv6_to_reason(int icmp_type, int icmp_code) {
};
reason_codes icmp_to_reason(u8 proto, int icmp_type, int icmp_code) {
if (proto == IPPROTO_ICMP)
return icmpv4_to_reason(icmp_type, icmp_code);
else if (proto == IPPROTO_ICMPV6)
return icmpv6_to_reason(icmp_type, icmp_code);
else
return ER_UNKNOWN;
if (proto == IPPROTO_ICMP)
return icmpv4_to_reason(icmp_type, icmp_code);
else if (proto == IPPROTO_ICMPV6)
return icmpv6_to_reason(icmp_type, icmp_code);
else
return ER_UNKNOWN;
}
static void state_reason_summary_init(state_reason_summary_t *r) {
r->reason_id = ER_UNKNOWN;
r->count = 0;
r->next = NULL;
r->reason_id = ER_UNKNOWN;
r->count = 0;
r->next = NULL;
}
static void state_reason_summary_dinit(state_reason_summary_t *r) {
state_reason_summary_t *tmp;
state_reason_summary_t *tmp;
while(r != NULL) {
tmp = r->next;
free(r);
r = tmp;
}
while(r != NULL) {
tmp = r->next;
free(r);
r = tmp;
}
}
/* Counts how different valid state reasons exist */
static int state_summary_size(state_reason_summary_t *head) {
state_reason_summary_t *current = head;
int size = 0;
state_reason_summary_t *current = head;
int size = 0;
while(current) {
if(current->count > 0)
size++;
current = current->next;
}
return size;
while(current) {
if(current->count > 0)
size++;
current = current->next;
}
return size;
}
/* Simon Tatham's linked list merge sort
@@ -345,11 +345,11 @@ static int state_summary_size(state_reason_summary_t *head) {
* because it does not require the O(N) extra space
* needed with arrays */
static state_reason_summary_t *reason_sort(state_reason_summary_t *list) {
state_reason_summary_t *p, *q, *e, *tail;
int insize = 1, nmerges, psize, qsize, i;
state_reason_summary_t *p, *q, *e, *tail;
int insize = 1, nmerges, psize, qsize, i;
if (!list)
return NULL;
return NULL;
while (1) {
p = list;
@@ -363,27 +363,27 @@ static state_reason_summary_t *reason_sort(state_reason_summary_t *list) {
psize = 0;
for (i = 0; i < insize; i++) {
psize++;
q = q->next;
q = q->next;
if (!q) break;
}
qsize = insize;
while (psize > 0 || (qsize > 0 && q)) {
if (psize == 0) {
e = q; q = q->next; qsize--;
} else if (qsize == 0 || !q) {
e = p; p = p->next; psize--;
} else if (q->count<p->count) {
e = p; p = p->next; psize--;
} else {
e = q; q = q->next; qsize--;
}
e = q; q = q->next; qsize--;
} else if (qsize == 0 || !q) {
e = p; p = p->next; psize--;
} else if (q->count<p->count) {
e = p; p = p->next; psize--;
} else {
e = q; q = q->next; qsize--;
}
if (tail) {
tail->next = e;
} else {
list = e;
}
tail = e;
if (tail) {
tail->next = e;
} else {
list = e;
}
tail = e;
}
p = q;
}
@@ -398,68 +398,68 @@ static state_reason_summary_t *reason_sort(state_reason_summary_t *list) {
/* Builds and aggregates reason state summary messages */
static int update_state_summary(state_reason_summary_t *head, reason_t reason_id) {
state_reason_summary_t *tmp = head;
state_reason_summary_t *tmp = head;
if(tmp == NULL)
return -1;
if(tmp == NULL)
return -1;
while(1) {
if(tmp->reason_id == reason_id) {
tmp->count++;
return 0;
}
while(1) {
if(tmp->reason_id == reason_id) {
tmp->count++;
return 0;
}
if(tmp->next == NULL) {
tmp->next = (state_reason_summary_t *)safe_malloc(sizeof(state_reason_summary_t));
tmp = tmp->next;
break;
}
tmp = tmp->next;
}
state_reason_summary_init(tmp);
tmp->reason_id = reason_id;
tmp->count = 1;
return 0;
if(tmp->next == NULL) {
tmp->next = (state_reason_summary_t *)safe_malloc(sizeof(state_reason_summary_t));
tmp = tmp->next;
break;
}
tmp = tmp->next;
}
state_reason_summary_init(tmp);
tmp->reason_id = reason_id;
tmp->count = 1;
return 0;
}
/* Converts Port objects and their corrosponsing state_reason structures into
* state_reason_summary structures using update_state_summary */
static unsigned int get_state_summary(state_reason_summary_t *head, PortList *Ports, int state) {
Port *current = NULL;
Port *current = NULL;
Port port;
state_reason_summary_t *reason;
unsigned int total = 0;
unsigned short proto = (o.ipprotscan) ? IPPROTO_IP : TCPANDUDPANDSCTP;
state_reason_summary_t *reason;
unsigned int total = 0;
unsigned short proto = (o.ipprotscan) ? IPPROTO_IP : TCPANDUDPANDSCTP;
if(head == NULL)
return 0;
reason = head;
if(head == NULL)
return 0;
reason = head;
while((current = Ports->nextPort(current, &port, proto, state)) != NULL) {
if(Ports->isIgnoredState(current->state)) {
total++;
update_state_summary(reason, current->reason.reason_id);
}
}
return total;
while((current = Ports->nextPort(current, &port, proto, state)) != NULL) {
if(Ports->isIgnoredState(current->state)) {
total++;
update_state_summary(reason, current->reason.reason_id);
}
}
return total;
}
/* parse and sort reason summary for main print_* functions */
static state_reason_summary_t *print_state_summary_internal(PortList *Ports, int state) {
state_reason_summary_t *reason_head;
state_reason_summary_t *reason_head;
reason_head = (state_reason_summary_t *)safe_malloc(sizeof(state_reason_summary_t));
reason_head = (state_reason_summary_t *)safe_malloc(sizeof(state_reason_summary_t));
state_reason_summary_init(reason_head);
state_reason_summary_init(reason_head);
if((get_state_summary(reason_head, Ports, state) < 1)) {
state_reason_summary_dinit(reason_head);
return NULL;
}
if((get_state_summary(reason_head, Ports, state) < 1)) {
state_reason_summary_dinit(reason_head);
return NULL;
}
if((reason_head = reason_sort(reason_head)) == NULL)
return NULL;
return reason_head;
if((reason_head = reason_sort(reason_head)) == NULL)
return NULL;
return reason_head;
}
/* looks up reason_id's and returns with the plural or singular
@@ -475,90 +475,90 @@ const char *reason_str(reason_t reason_code, unsigned int number) {
}
void state_reason_init(state_reason_t *reason) {
reason->reason_id = ER_UNKNOWN;
reason->ip_addr.sockaddr.sa_family = AF_UNSPEC;
reason->ttl = 0;
reason->reason_id = ER_UNKNOWN;
reason->ip_addr.sockaddr.sa_family = AF_UNSPEC;
reason->ttl = 0;
}
/* Main external interface to converting, building, sorting and
* printing plain-text state reason summaries */
void print_state_summary(PortList *Ports, unsigned short type) {
state_reason_summary_t *reason_head, *currentr;
bool first_time = true;
const char *separator = ", ";
int states;
state_reason_summary_t *reason_head, *currentr;
bool first_time = true;
const char *separator = ", ";
int states;
if((reason_head = print_state_summary_internal(Ports, 0)) == NULL)
return;
if((reason_head = print_state_summary_internal(Ports, 0)) == NULL)
return;
if(type == STATE_REASON_EMPTY)
log_write(LOG_PLAIN, " because of");
else if(type == STATE_REASON_FULL)
log_write(LOG_PLAIN, "Reason:");
else
assert(0);
if(type == STATE_REASON_EMPTY)
log_write(LOG_PLAIN, " because of");
else if(type == STATE_REASON_FULL)
log_write(LOG_PLAIN, "Reason:");
else
assert(0);
states = state_summary_size(reason_head);
currentr = reason_head;
while(currentr != NULL) {
if(states == 1 && (!first_time))
separator = " and ";
if(currentr->count > 0) {
log_write(LOG_PLAIN, "%s%d %s", (first_time) ? " " : separator,
currentr->count, reason_str(currentr->reason_id, currentr->count));
first_time = false;
states = state_summary_size(reason_head);
currentr = reason_head;
while(currentr != NULL) {
if(states == 1 && (!first_time))
separator = " and ";
if(currentr->count > 0) {
log_write(LOG_PLAIN, "%s%d %s", (first_time) ? " " : separator,
currentr->count, reason_str(currentr->reason_id, currentr->count));
first_time = false;
}
states--;
currentr = currentr->next;
}
if(type == STATE_REASON_FULL)
log_write(LOG_PLAIN, "\n");
state_reason_summary_dinit(reason_head);
}
states--;
currentr = currentr->next;
}
if(type == STATE_REASON_FULL)
log_write(LOG_PLAIN, "\n");
state_reason_summary_dinit(reason_head);
}
void print_xml_state_summary(PortList *Ports, int state) {
state_reason_summary_t *reason_head, *currentr;
state_reason_summary_t *reason_head, *currentr;
if((currentr = reason_head = print_state_summary_internal(Ports, state)) == NULL)
return;
if((currentr = reason_head = print_state_summary_internal(Ports, state)) == NULL)
return;
while(currentr != NULL) {
if(currentr->count > 0) {
xml_open_start_tag("extrareasons");
xml_attribute("reason", "%s", reason_str(currentr->reason_id, currentr->count));
xml_attribute("count", "%d", currentr->count);
xml_close_empty_tag();
xml_newline();
}
currentr = currentr->next;
}
while(currentr != NULL) {
if(currentr->count > 0) {
xml_open_start_tag("extrareasons");
xml_attribute("reason", "%s", reason_str(currentr->reason_id, currentr->count));
xml_attribute("count", "%d", currentr->count);
xml_close_empty_tag();
xml_newline();
}
currentr = currentr->next;
}
state_reason_summary_dinit(reason_head);
}
/* converts target into reason message for ping scans. Uses a static
* buffer so new values overwrite old values */
char *target_reason_str(Target *t) {
static char reason[128];
memset(reason,'\0', 128);
Snprintf(reason, 128, "received %s", reason_str(t->reason.reason_id, SINGULAR));
return reason;
static char reason[128];
memset(reason,'\0', 128);
Snprintf(reason, 128, "received %s", reason_str(t->reason.reason_id, SINGULAR));
return reason;
}
/* Build an output string based on reason and source ip address.
* uses a static return value so previous values will be over
* written by subsequent calls */
char *port_reason_str(state_reason_t r) {
static char reason[128];
memset(reason,'\0', 128);
if (r.ip_addr.sockaddr.sa_family == AF_UNSPEC) {
Snprintf(reason, sizeof(reason), "%s", reason_str(r.reason_id, SINGULAR));
} else {
struct sockaddr_storage ss;
memcpy(&ss, &r.ip_addr, sizeof(r.ip_addr));
Snprintf(reason, sizeof(reason), "%s from %s", reason_str(r.reason_id, SINGULAR),
inet_ntop_ez(&ss, sizeof(ss)));
}
return reason;
static char reason[128];
memset(reason,'\0', 128);
if (r.ip_addr.sockaddr.sa_family == AF_UNSPEC) {
Snprintf(reason, sizeof(reason), "%s", reason_str(r.reason_id, SINGULAR));
} else {
struct sockaddr_storage ss;
memcpy(&ss, &r.ip_addr, sizeof(r.ip_addr));
Snprintf(reason, sizeof(reason), "%s from %s", reason_str(r.reason_id, SINGULAR),
inet_ntop_ez(&ss, sizeof(ss)));
}
return reason;
}

46
portreasons.h
View File

@@ -158,42 +158,42 @@ public:
/* stored inside a Port Object and describes
* why a port is in a specific state */
typedef struct port_reason {
reason_t reason_id;
union {
struct sockaddr_in in;
struct sockaddr_in6 in6;
struct sockaddr sockaddr;
} ip_addr;
unsigned short ttl;
reason_t reason_id;
union {
struct sockaddr_in in;
struct sockaddr_in6 in6;
struct sockaddr sockaddr;
} ip_addr;
unsigned short ttl;
int set_ip_addr(const struct sockaddr_storage *ss);
int set_ip_addr(const struct sockaddr_storage *ss);
} state_reason_t;
/* used to calculate state reason summaries.
* I.E 10 ports filter because of 10 no-responses */
typedef struct port_reason_summary {
reason_t reason_id;
unsigned int count;
struct port_reason_summary *next;
reason_t reason_id;
unsigned int count;
struct port_reason_summary *next;
} state_reason_summary_t;
enum reason_codes {
ER_RESETPEER, ER_CONREFUSED, ER_CONACCEPT,
ER_SYNACK, ER_SYN, ER_UDPRESPONSE, ER_PROTORESPONSE, ER_ACCES,
ER_RESETPEER, ER_CONREFUSED, ER_CONACCEPT,
ER_SYNACK, ER_SYN, ER_UDPRESPONSE, ER_PROTORESPONSE, ER_ACCES,
ER_NETUNREACH, ER_HOSTUNREACH, ER_PROTOUNREACH,
ER_PORTUNREACH, ER_ECHOREPLY,
ER_NETUNREACH, ER_HOSTUNREACH, ER_PROTOUNREACH,
ER_PORTUNREACH, ER_ECHOREPLY,
ER_DESTUNREACH, ER_SOURCEQUENCH, ER_NETPROHIBITED,
ER_HOSTPROHIBITED, ER_ADMINPROHIBITED,
ER_TIMEEXCEEDED, ER_TIMESTAMPREPLY,
ER_DESTUNREACH, ER_SOURCEQUENCH, ER_NETPROHIBITED,
ER_HOSTPROHIBITED, ER_ADMINPROHIBITED,
ER_TIMEEXCEEDED, ER_TIMESTAMPREPLY,
ER_ADDRESSMASKREPLY, ER_NOIPIDCHANGE, ER_IPIDCHANGE,
ER_ARPRESPONSE, ER_NDRESPONSE, ER_TCPRESPONSE, ER_NORESPONSE,
ER_INITACK, ER_ABORT,
ER_LOCALHOST, ER_SCRIPT, ER_UNKNOWN, ER_USER,
ER_NOROUTE, ER_BEYONDSCOPE, ER_REJECTROUTE, ER_PARAMPROBLEM,
ER_ADDRESSMASKREPLY, ER_NOIPIDCHANGE, ER_IPIDCHANGE,
ER_ARPRESPONSE, ER_NDRESPONSE, ER_TCPRESPONSE, ER_NORESPONSE,
ER_INITACK, ER_ABORT,
ER_LOCALHOST, ER_SCRIPT, ER_UNKNOWN, ER_USER,
ER_NOROUTE, ER_BEYONDSCOPE, ER_REJECTROUTE, ER_PARAMPROBLEM,
};
/* A map of reason_codes to plural and singular *

10
protocols.cc
View File

@@ -176,12 +176,12 @@ static int nmap_protocols_init() {
/* Now we make sure our protocols don't have duplicates */
for(current = protocol_table[protno % PROTOCOL_TABLE_SIZE], previous = NULL;
current; current = current->next) {
current; current = current->next) {
if (protno == current->protoent->p_proto) {
if (o.debugging) {
error("Protocol %d is duplicated in protocols file %s", ntohs(protno), filename);
}
break;
if (o.debugging) {
error("Protocol %d is duplicated in protocols file %s", ntohs(protno), filename);
}
break;
}
previous = current;
}

8
scan_engine.cc
View File

@@ -421,7 +421,7 @@ public:
/* Total # of probes outstanding (active) for all Hosts */
int num_probes_active;
UltraScanInfo *USI; /* The USI which contains this GSS. Use for at least
getting the current time w/o gettimeofday() */
getting the current time w/o gettimeofday() */
struct ultra_timing_vals timing;
struct timeout_info to; /* Group-wide packet rtt/timeout info */
int numtargets; /* Total # of targets scanned -- includes finished and incomplete hosts */
@@ -484,7 +484,7 @@ public:
~HostScanStats();
int freshPortsLeft(); /* Returns the number of ports remaining to probe */
int next_portidx; /* Index of the next port to probe in the relevent
ports array in USI.ports */
ports array in USI.ports */
bool sent_arp; /* Has an ARP probe been sent for the target yet? */
/* massping state. */
@@ -708,7 +708,7 @@ public:
bool isRawScan();
struct timeval now; /* Updated after potentially meaningful delays. This can
be used to save a call to gettimeofday() */
be used to save a call to gettimeofday() */
GroupScanStats *gstats;
struct ultra_scan_performance_vars perf;
/* A circular buffer of the incompleteHosts. nextIncompleteHost() gives
@@ -773,7 +773,7 @@ public:
pcap_t *pd;
eth_t *ethsd;
u32 seqmask; /* This mask value is used to encode values in sequence
numbers. It is set randomly in UltraScanInfo::Init() */
numbers. It is set randomly in UltraScanInfo::Init() */
private:
unsigned int numInitialTargets;

4
scan_engine.h
View File

@@ -187,7 +187,7 @@ typedef struct probespec {
/* 3rd generation Nmap scanning function. Handles most Nmap port scan types */
void ultra_scan(std::vector<Target *> &Targets, struct scan_lists *ports,
stype scantype, struct timeout_info *to = NULL);
stype scantype, struct timeout_info *to = NULL);
/* Determines an ideal number of hosts to be scanned (port scan, os
scan, version detection, etc.) in parallel after the ping scan is
@@ -198,6 +198,6 @@ void ultra_scan(std::vector<Target *> &Targets, struct scan_lists *ports,
number of hosts scanned in parallel, though rarely to significant
levels. */
int determineScanGroupSize(int hosts_scanned_so_far,
struct scan_lists *ports);
struct scan_lists *ports);
#endif /* SCAN_ENGINE_H */

430
service_scan.cc
View File

@@ -174,7 +174,7 @@ public:
// fingerprint can be printed when nothing matches the service. You
// can obtain the fingerprint (if any) via getServiceFingerprint();
void addToServiceFingerprint(const char *probeName, const u8 *resp,
int resplen);
int resplen);
// Get the service fingerprint. It is NULL if there is none, such
// as if there was a match before any other probes were finished (or
@@ -546,11 +546,11 @@ const struct MatchDetails *ServiceProbeMatch::testMatch(const u8 *buf, int bufle
#ifdef PCRE_ERROR_MATCHLIMIT // earlier PCRE versions lack this
if (rc == PCRE_ERROR_MATCHLIMIT) {
if (o.debugging || o.verbose > 1)
error("Warning: Hit PCRE_ERROR_MATCHLIMIT when probing for service %s with the regex '%s'", servicename, matchstr);
error("Warning: Hit PCRE_ERROR_MATCHLIMIT when probing for service %s with the regex '%s'", servicename, matchstr);
} else
#endif // PCRE_ERROR_MATCHLIMIT
if (rc != PCRE_ERROR_NOMATCH) {
fatal("Unexpected PCRE error (%d) when probing for service %s with the regex '%s'", rc, servicename, matchstr);
fatal("Unexpected PCRE error (%d) when probing for service %s with the regex '%s'", rc, servicename, matchstr);
}
} else {
// Yeah! Match apparently succeeded.
@@ -584,7 +584,7 @@ const struct MatchDetails *ServiceProbeMatch::testMatch(const u8 *buf, int bufle
// ')'. Otherwise we return -1 and the values of args and args_end
// are undefined.
static int getsubstcommandargs(struct substargs *args, char *args_start,
char **args_end) {
char **args_end) {
char *p;
unsigned int len;
if (!args || !args_start) return -1;
@@ -600,22 +600,22 @@ static int getsubstcommandargs(struct substargs *args, char *args_start,
// OK - it is a string
// Do we have space for another arg?
if (args->num_args == SUBSTARGS_MAX_ARGS)
return -1;
return -1;
do {
args_start++;
if (*args_start == '"' && (*(args_start - 1) != '\\' || *(args_start - 2) == '\\'))
break;
len = args->str_args_len[args->num_args];
if (len >= SUBSTARGS_STRLEN - 1)
return -1;
args->str_args[args->num_args][len] = *args_start;
args->str_args_len[args->num_args]++;
args_start++;
if (*args_start == '"' && (*(args_start - 1) != '\\' || *(args_start - 2) == '\\'))
break;
len = args->str_args_len[args->num_args];
if (len >= SUBSTARGS_STRLEN - 1)
return -1;
args->str_args[args->num_args][len] = *args_start;
args->str_args_len[args->num_args]++;
} while(*args_start);
len = args->str_args_len[args->num_args];
args->str_args[args->num_args][len] = '\0';
// Now handle escaped characters and such
if (!cstring_unescape(args->str_args[args->num_args], &len))
return -1;
return -1;
args->str_args_len[args->num_args] = len;
args->arg_types[args->num_args] = SUBSTARGS_ARGTYPE_STRING;
args->num_args++;
@@ -707,8 +707,8 @@ static char *transform_cpe(const char *s) {
// variable. subject, subjectlen, ovector, and nummatches mean the same as in
// dotmplsubst().
static char *substvar(char *tmplvar, char **tmplvarend,
const u8 *subject, int subjectlen, int *ovector,
int nummatches) {
const u8 *subject, int subjectlen, int *ovector,
int nummatches) {
char substcommand[16];
char *p = NULL;
char *p_end;
@@ -784,7 +784,7 @@ static char *substvar(char *tmplvar, char **tmplvarend,
if (command_args.num_args != 3 ||
command_args.arg_types[0] != SUBSTARGS_ARGTYPE_INT ||
command_args.arg_types[1] != SUBSTARGS_ARGTYPE_STRING ||
command_args.arg_types[2] != SUBSTARGS_ARGTYPE_STRING) {
command_args.arg_types[2] != SUBSTARGS_ARGTYPE_STRING) {
return NULL;
}
subnum = command_args.int_args[0];
@@ -803,9 +803,9 @@ static char *substvar(char *tmplvar, char **tmplvarend,
strbuf_append(&result, &n, &len, (const char *) subject + i, 1); // no match
i++;
} else {
// The find string was found, copy it to newstring
// The find string was found, copy it to newstring
strbuf_append(&result, &n, &len, replstr, replstrlen);
i += findstrlen;
i += findstrlen;
}
}
} else return NULL; // Unknown command
@@ -827,9 +827,9 @@ static char *substvar(char *tmplvar, char **tmplvarend,
// function is applied to all substitutions before they are inserted
// into the result string.
static int dotmplsubst(const u8 *subject, int subjectlen,
int *ovector, int nummatches, char *tmpl, char *newstr,
int newstrlen,
char *(*transform)(const char *) = NULL) {
int *ovector, int nummatches, char *tmpl, char *newstr,
int newstrlen,
char *(*transform)(const char *) = NULL) {
int newlen;
char *srcstart=tmpl, *srcend;
char *dst = newstr;
@@ -845,25 +845,25 @@ static int dotmplsubst(const u8 *subject, int subjectlen,
if (!srcend) {
// Only literal text remain!
while(*srcstart) {
if (dst >= newstrend - 1)
return -1;
*dst++ = *srcstart++;
if (dst >= newstrend - 1)
return -1;
*dst++ = *srcstart++;
}
*dst = '\0';
while (--dst >= newstr) {
if (isspace((int) (unsigned char) *dst) || *dst == ',')
*dst = '\0';
else break;
if (isspace((int) (unsigned char) *dst) || *dst == ',')
*dst = '\0';
else break;
}
return 0;
} else {
// Copy the literal text up to the '$', then do the substitution
newlen = srcend - srcstart;
if (newlen > 0) {
if (newstrend - dst <= newlen - 1)
return -1;
memcpy(dst, srcstart, newlen);
dst += newlen;
if (newstrend - dst <= newlen - 1)
return -1;
memcpy(dst, srcstart, newlen);
dst += newlen;
}
srcstart = srcend;
subst = substvar(srcstart, &srcend, subject, subjectlen, ovector, nummatches);
@@ -909,8 +909,8 @@ static int dotmplsubst(const u8 *subject, int subjectlen,
// call (assuming the corresponding length passed in is at least 1)
int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
int *ovector, int nummatches, char *product, int productlen,
char *version, int versionlen, char *info, int infolen,
int *ovector, int nummatches, char *product, int productlen,
char *version, int versionlen, char *info, int infolen,
char *hostname, int hostnamelen, char *ostype, int ostypelen,
char *devicetype, int devicetypelen,
char *cpe_a, int cpe_alen,
@@ -937,9 +937,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
rc = dotmplsubst(subject, subjectlen, ovector, nummatches, product_template, product, productlen);
if (rc != 0) {
error("Warning: Servicescan failed to fill product_template (subjectlen: %d, productlen: %d). Capture exceeds length? Match string was line %d: p/%s/%s/%s", subjectlen, productlen, deflineno,
(product_template)? product_template : "",
(version_template)? version_template : "",
(info_template)? info_template : "");
(product_template)? product_template : "",
(version_template)? version_template : "",
(info_template)? info_template : "");
if (productlen > 0) *product = '\0';
retval = -1;
}
@@ -949,9 +949,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
rc = dotmplsubst(subject, subjectlen, ovector, nummatches, version_template, version, versionlen);
if (rc != 0) {
error("Warning: Servicescan failed to fill version_template (subjectlen: %d, versionlen: %d). Capture exceeds length? Match string was line %d: v/%s/%s/%s", subjectlen, versionlen, deflineno,
(product_template)? product_template : "",
(version_template)? version_template : "",
(info_template)? info_template : "");
(product_template)? product_template : "",
(version_template)? version_template : "",
(info_template)? info_template : "");
if (versionlen > 0) *version = '\0';
retval = -1;
}
@@ -961,9 +961,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
rc = dotmplsubst(subject, subjectlen, ovector, nummatches, info_template, info, infolen);
if (rc != 0) {
error("Warning: Servicescan failed to fill info_template (subjectlen: %d, infolen: %d). Capture exceeds length? Match string was line %d: i/%s/%s/%s", subjectlen, infolen, deflineno,
(product_template)? product_template : "",
(version_template)? version_template : "",
(info_template)? info_template : "");
(product_template)? product_template : "",
(version_template)? version_template : "",
(info_template)? info_template : "");
if (infolen > 0) *info = '\0';
retval = -1;
}
@@ -973,7 +973,7 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
rc = dotmplsubst(subject, subjectlen, ovector, nummatches, hostname_template, hostname, hostnamelen);
if (rc != 0) {
error("Warning: Servicescan failed to fill hostname_template (subjectlen: %d, hostnamelen: %d). Capture exceeds length? Match string was line %d: h/%s/", subjectlen, hostnamelen, deflineno,
(hostname_template)? hostname_template : "");
(hostname_template)? hostname_template : "");
if (hostnamelen > 0) *hostname = '\0';
retval = -1;
}
@@ -983,7 +983,7 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
rc = dotmplsubst(subject, subjectlen, ovector, nummatches, ostype_template, ostype, ostypelen);
if (rc != 0) {
error("Warning: Servicescan failed to fill ostype_template (subjectlen: %d, ostypelen: %d). Capture exceeds length? Match string was line %d: o/%s/", subjectlen, ostypelen, deflineno,
(ostype_template)? ostype_template : "");
(ostype_template)? ostype_template : "");
if (ostypelen > 0) *ostype = '\0';
retval = -1;
}
@@ -993,7 +993,7 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
rc = dotmplsubst(subject, subjectlen, ovector, nummatches, devicetype_template, devicetype, devicetypelen);
if (rc != 0) {
error("Warning: Servicescan failed to fill devicetype_template (subjectlen: %d, devicetypelen: %d). Too long? Match string was line %d: d/%s/", subjectlen, devicetypelen, deflineno,
(devicetype_template)? devicetype_template : "");
(devicetype_template)? devicetype_template : "");
if (devicetypelen > 0) *devicetype = '\0';
retval = -1;
}
@@ -1029,7 +1029,7 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen,
rc = dotmplsubst(subject, subjectlen, ovector, nummatches, cpe_templates[i], cpe, cpelen, transform_cpe);
if (rc != 0) {
error("Warning: Servicescan failed to fill cpe_%c (subjectlen: %d, devicetypelen: %d). Too long? Match string was line %d: d/%s/", part, subjectlen, devicetypelen, deflineno,
(devicetype_template)? devicetype_template : "");
(devicetype_template)? devicetype_template : "");
if (devicetypelen > 0) *devicetype = '\0';
retval = -1;
}
@@ -1121,7 +1121,7 @@ void ServiceProbe::setProbeString(const u8 *ps, int stringlen) {
}
void ServiceProbe::setPortVector(std::vector<u16> *portv, const char *portstr,
int lineno) {
int lineno) {
const char *current_range;
char *endptr;
long int rangestart = 0, rangeend = 0;
@@ -1133,7 +1133,7 @@ void ServiceProbe::setPortVector(std::vector<u16> *portv, const char *portstr,
if (isdigit((int) (unsigned char) *current_range)) {
rangestart = strtol(current_range, &endptr, 10);
if (rangestart < 0 || rangestart > 65535) {
fatal("Parse error on line %d of nmap-service-probes: Ports must be between 0 and 65535 inclusive", lineno);
fatal("Parse error on line %d of nmap-service-probes: Ports must be between 0 and 65535 inclusive", lineno);
}
current_range = endptr;
while(isspace((int) (unsigned char) *current_range)) current_range++;
@@ -1148,13 +1148,13 @@ void ServiceProbe::setPortVector(std::vector<u16> *portv, const char *portstr,
} else if (*current_range == '-') {
current_range++;
if (isdigit((int) (unsigned char) *current_range)) {
rangeend = strtol(current_range, &endptr, 10);
if (rangeend < 0 || rangeend > 65535 || rangeend < rangestart) {
fatal("Parse error on line %d of nmap-service-probes: Ports must be between 0 and 65535 inclusive", lineno);
}
current_range = endptr;
rangeend = strtol(current_range, &endptr, 10);
if (rangeend < 0 || rangeend > 65535 || rangeend < rangestart) {
fatal("Parse error on line %d of nmap-service-probes: Ports must be between 0 and 65535 inclusive", lineno);
}
current_range = endptr;
} else {
fatal("Parse error on line %d of nmap-service-probes: An example of proper portlist form is \"21-25,53,80\"", lineno);
fatal("Parse error on line %d of nmap-service-probes: An example of proper portlist form is \"21-25,53,80\"", lineno);
}
} else {
fatal("Parse error on line %d of nmap-service-probes: An example of proper portlist form is \"21-25,53,80\"", lineno);
@@ -1185,7 +1185,7 @@ void ServiceProbe::setPortVector(std::vector<u16> *portv, const char *portstr,
// are a comma separated list of ports and ranges
// (e.g. 53,80,6000-6010).
void ServiceProbe::setProbablePorts(enum service_tunnel_type tunnel,
const char *portstr, int lineno) {
const char *portstr, int lineno) {
if (tunnel == SERVICE_TUNNEL_NONE)
setPortVector(&probableports, portstr, lineno);
else {
@@ -1291,31 +1291,31 @@ void parse_nmap_service_probe_file(AllProbes *AP, char *filename) {
while(fgets(line, sizeof(line), fp)) {
lineno++;
if (*line == '\n' || *line == '#')
continue;
continue;
if (strncmp(line, "Probe ", 6) == 0) {
if (newProbe->isNullProbe()) {
assert(!AP->nullProbe);
AP->nullProbe = newProbe;
} else {
AP->probes.push_back(newProbe);
}
goto anotherprobe;
if (newProbe->isNullProbe()) {
assert(!AP->nullProbe);
AP->nullProbe = newProbe;
} else {
AP->probes.push_back(newProbe);
}
goto anotherprobe;
} else if (strncmp(line, "ports ", 6) == 0) {
newProbe->setProbablePorts(SERVICE_TUNNEL_NONE, line + 6, lineno);
newProbe->setProbablePorts(SERVICE_TUNNEL_NONE, line + 6, lineno);
} else if (strncmp(line, "sslports ", 9) == 0) {
newProbe->setProbablePorts(SERVICE_TUNNEL_SSL, line + 9, lineno);
newProbe->setProbablePorts(SERVICE_TUNNEL_SSL, line + 9, lineno);
} else if (strncmp(line, "rarity ", 7) == 0) {
newProbe->setRarity(line + 7, lineno);
newProbe->setRarity(line + 7, lineno);
} else if (strncmp(line, "fallback ", 9) == 0) {
newProbe->fallbackStr = strdup(line + 9);
newProbe->fallbackStr = strdup(line + 9);
} else if (strncmp(line, "totalwaitms ", 12) == 0) {
long waitms = strtol(line + 12, NULL, 10);
if (waitms < 100 || waitms > 300000)
fatal("Error on line %d of nmap-service-probes file (%s): bad totalwaitms value. Must be between 100 and 300000 milliseconds", lineno, filename);
newProbe->totalwaitms = waitms;
long waitms = strtol(line + 12, NULL, 10);
if (waitms < 100 || waitms > 300000)
fatal("Error on line %d of nmap-service-probes file (%s): bad totalwaitms value. Must be between 100 and 300000 milliseconds", lineno, filename);
newProbe->totalwaitms = waitms;
} else if (strncmp(line, "match ", 6) == 0 || strncmp(line, "softmatch ", 10) == 0) {
newProbe->addMatch(line, lineno);
newProbe->addMatch(line, lineno);
} else if (strncmp(line, "Exclude ", 8) == 0) {
fatal("The Exclude directive must precede all Probes in nmap-service-probes");
} else fatal("Parse error on line %d of nmap-service-probes file: %s -- unknown directive", lineno, filename);
@@ -1444,7 +1444,7 @@ ServiceProbe *AllProbes::getProbeByName(const char *name, int proto) {
for(vi = probes.begin(); vi != probes.end(); vi++) {
if ((*vi)->getProbeProtocol() == proto &&
strcmp(name, (*vi)->getName()) == 0)
strcmp(name, (*vi)->getName()) == 0)
return *vi;
}
@@ -1524,10 +1524,10 @@ void AllProbes::compileFallbacks() {
while (tp != NULL && i<(MAXFALLBACKS-1)) {
(*curr)->fallbacks[i] = getProbeByName(tp, (*curr)->getProbeProtocol());
if ((*curr)->fallbacks[i] == NULL)
if ((*curr)->fallbacks[i] == NULL)
fatal("%s: Unknown fallback specified in Probe %s: '%s'", __func__, (*curr)->getName(), tp);
i++;
tp = strtok(NULL, ",\r\n\t ");
i++;
tp = strtok(NULL, ",\r\n\t ");
}
if (i == MAXFALLBACKS-1)
@@ -1607,7 +1607,7 @@ void ServiceNFO::addServiceString(const char *s, int wrapat) {
// be printed when nothing matches the service. You can obtain the
// fingerprint (if any) via getServiceFingerprint();
void ServiceNFO::addToServiceFingerprint(const char *probeName, const u8 *resp,
int resplen) {
int resplen) {
int spaceleft = servicefpalloc - servicefplen;
int servicewrap=74; // Wrap after 74 chars / line
int respused = MIN(resplen, (o.debugging)? 1300 : 900); // truncate to reasonable size
@@ -1656,9 +1656,9 @@ void ServiceNFO::addToServiceFingerprint(const char *probeName, const u8 *resp,
addServiceChar((char) resp[srcidx], servicewrap);
else if (resp[srcidx] == '\0') {
/* We need to be careful with this, because if it is followed by
an ASCII number, PCRE will treat it differently. */
an ASCII number, PCRE will treat it differently. */
if (srcidx + 1 >= respused || !isdigit((int) resp[srcidx + 1]))
addServiceString("\\0", servicewrap);
addServiceString("\\0", servicewrap);
else addServiceString("\\x00", servicewrap);
} else if (strchr("\\?\"[]().*+$^|", resp[srcidx])) {
addServiceChar('\\', servicewrap);
@@ -1719,7 +1719,7 @@ ServiceProbe *ServiceNFO::currentProbe() {
assert(AP->nullProbe);
return AP->nullProbe;
} else if (probe_state == PROBESTATE_MATCHINGPROBES ||
probe_state == PROBESTATE_NONMATCHINGPROBES) {
probe_state == PROBESTATE_NONMATCHINGPROBES) {
return *current_probe;
}
return NULL;
@@ -1761,7 +1761,7 @@ bool dropdown = false;
while (current_probe != AP->probes.end()) {
// For the first run, we only do probes that match this port number
if ((proto == (*current_probe)->getProbeProtocol()) &&
(*current_probe)->portIsProbable(tunnel, portno)) {
(*current_probe)->portIsProbable(tunnel, portno)) {
// This appears to be a valid probe. Let's do it!
return *current_probe;
}
@@ -1781,9 +1781,9 @@ bool dropdown = false;
// be available via this probe. Also, the Probe's rarity must be <= to our
// version detection intensity level.
if ((proto == (*current_probe)->getProbeProtocol()) &&
!(*current_probe)->portIsProbable(tunnel, portno) &&
(*current_probe)->getRarity() <= o.version_intensity &&
(!softMatchFound || (*current_probe)->serviceIsPossible(probe_matched))) {
!(*current_probe)->portIsProbable(tunnel, portno) &&
(*current_probe)->getRarity() <= o.version_intensity &&
(!softMatchFound || (*current_probe)->serviceIsPossible(probe_matched))) {
// Valid, probe. Let's do it!
return *current_probe;
}
@@ -1948,7 +1948,7 @@ static void adjustPortStateIfNecessary(ServiceNFO *svc) {
// Sends probe text to an open connection. In the case of a NULL probe, there
// may be no probe text
static int send_probe_text(nsock_pool nsp, nsock_iod nsi, ServiceNFO *svc,
ServiceProbe *probe) {
ServiceProbe *probe) {
const u8 *probestring;
int probestringlen;
@@ -1964,7 +1964,7 @@ static void adjustPortStateIfNecessary(ServiceNFO *svc) {
assert(probestringlen > 0);
// Now we write the string to the IOD
nsock_write(nsp, nsi, servicescan_write_handler, svc->probe_timemsleft(probe), svc,
(const char *) probestring, probestringlen);
(const char *) probestring, probestringlen);
return 0;
}
@@ -1975,7 +1975,7 @@ static void adjustPortStateIfNecessary(ServiceNFO *svc) {
// new connection will be made even if the previous probe was the NULL probe.
// You would do this, for example, if the other side has closed the connection.
static void startNextProbe(nsock_pool nsp, nsock_iod nsi, ServiceGroup *SG,
ServiceNFO *svc, bool alwaysrestart) {
ServiceNFO *svc, bool alwaysrestart) {
bool isInitial = svc->probe_state == PROBESTATE_INITIAL;
ServiceProbe *probe = svc->currentProbe();
struct sockaddr_storage ss;
@@ -1989,7 +1989,7 @@ static void startNextProbe(nsock_pool nsp, nsock_iod nsi, ServiceGroup *SG,
svc->currentprobe_exec_time = *nsock_gettimeofday();
send_probe_text(nsp, nsi, svc, probe);
nsock_read(nsp, nsi, servicescan_read_handler,
svc->probe_timemsleft(probe, nsock_gettimeofday()), svc);
svc->probe_timemsleft(probe, nsock_gettimeofday()), svc);
} else {
// Should only happen if someone has a highly perverse nmap-service-probes
// file. Null scan should generally never be the only probe.
@@ -2004,41 +2004,41 @@ static void startNextProbe(nsock_pool nsp, nsock_iod nsi, ServiceGroup *SG,
if (probe) {
// For a TCP probe, we start by requesting a new connection to the target
if (svc->proto == IPPROTO_TCP) {
nsi_delete(nsi, NSOCK_PENDING_SILENT);
if ((svc->niod = nsi_new(nsp, svc)) == NULL) {
fatal("Failed to allocate Nsock I/O descriptor in %s()", __func__);
}
if (o.spoofsource) {
o.SourceSockAddr(&ss, &ss_len);
nsi_set_localaddr(svc->niod, &ss, ss_len);
}
if (o.ipoptionslen)
nsi_set_ipoptions(svc->niod, o.ipoptions, o.ipoptionslen);
nsi_delete(nsi, NSOCK_PENDING_SILENT);
if ((svc->niod = nsi_new(nsp, svc)) == NULL) {
fatal("Failed to allocate Nsock I/O descriptor in %s()", __func__);
}
if (o.spoofsource) {
o.SourceSockAddr(&ss, &ss_len);
nsi_set_localaddr(svc->niod, &ss, ss_len);
}
if (o.ipoptionslen)
nsi_set_ipoptions(svc->niod, o.ipoptions, o.ipoptionslen);
if (svc->target->TargetName()) {
if (nsi_set_hostname(svc->niod, svc->target->TargetName()) == -1)
fatal("nsi_set_hostname(\"%s\" failed in %s()", svc->target->TargetName(), __func__);
fatal("nsi_set_hostname(\"%s\" failed in %s()", svc->target->TargetName(), __func__);
}
svc->target->TargetSockAddr(&ss, &ss_len);
if (svc->tunnel == SERVICE_TUNNEL_NONE) {
nsock_connect_tcp(nsp, svc->niod, servicescan_connect_handler,
DEFAULT_CONNECT_TIMEOUT, svc,
(struct sockaddr *) &ss, ss_len,
svc->portno);
} else {
assert(svc->tunnel == SERVICE_TUNNEL_SSL);
nsock_connect_ssl(nsp, svc->niod, servicescan_connect_handler,
DEFAULT_CONNECT_SSL_TIMEOUT, svc,
(struct sockaddr *) &ss,
ss_len, svc->proto, svc->portno, svc->ssl_session);
}
svc->target->TargetSockAddr(&ss, &ss_len);
if (svc->tunnel == SERVICE_TUNNEL_NONE) {
nsock_connect_tcp(nsp, svc->niod, servicescan_connect_handler,
DEFAULT_CONNECT_TIMEOUT, svc,
(struct sockaddr *) &ss, ss_len,
svc->portno);
} else {
assert(svc->tunnel == SERVICE_TUNNEL_SSL);
nsock_connect_ssl(nsp, svc->niod, servicescan_connect_handler,
DEFAULT_CONNECT_SSL_TIMEOUT, svc,
(struct sockaddr *) &ss,
ss_len, svc->proto, svc->portno, svc->ssl_session);
}
} else {
assert(svc->proto == IPPROTO_UDP);
/* Can maintain the same UDP "connection" */
svc->currentprobe_exec_time = *nsock_gettimeofday();
send_probe_text(nsp, nsi, svc, probe);
// Now let us read any results
nsock_read(nsp, nsi, servicescan_read_handler,
svc->probe_timemsleft(probe, nsock_gettimeofday()), svc);
assert(svc->proto == IPPROTO_UDP);
/* Can maintain the same UDP "connection" */
svc->currentprobe_exec_time = *nsock_gettimeofday();
send_probe_text(nsp, nsi, svc, probe);
// Now let us read any results
nsock_read(nsp, nsi, servicescan_read_handler,
svc->probe_timemsleft(probe, nsock_gettimeofday()), svc);
}
} else {
// No more probes remaining! Failed to match
@@ -2064,7 +2064,7 @@ static void startNextProbe(nsock_pool nsp, nsock_iod nsi, ServiceGroup *SG,
*/
static int scanThroughTunnel(nsock_pool nsp, nsock_iod nsi, ServiceGroup *SG,
ServiceNFO *svc) {
ServiceNFO *svc) {
if (svc->probe_matched && strncmp(svc->probe_matched, "ssl/", 4) == 0) {
/* The service has been detected without having to make an SSL connection */
@@ -2156,7 +2156,7 @@ static void end_svcprobe(nsock_pool nsp, enum serviceprobestate probe_state, Ser
svc->probe_state = probe_state;
member = find(SG->services_in_progress.begin(), SG->services_in_progress.end(),
svc);
svc);
if (member != SG->services_in_progress.end()) {
assert(*member == svc);
SG->services_in_progress.erase(member);
@@ -2164,7 +2164,7 @@ static void end_svcprobe(nsock_pool nsp, enum serviceprobestate probe_state, Ser
/* A probe can finish from services_remaining if the host times out before the
probe has even started */
member = find(SG->services_remaining.begin(), SG->services_remaining.end(),
svc);
svc);
assert(member != SG->services_remaining.end());
assert(*member == svc);
SG->services_remaining.erase(member);
@@ -2193,7 +2193,7 @@ static int launchSomeServiceProbes(nsock_pool nsp, ServiceGroup *SG) {
static int warn_no_scanning=1;
while (SG->services_in_progress.size() < SG->ideal_parallelism &&
!SG->services_remaining.empty()) {
!SG->services_remaining.empty()) {
// Start executing a probe from the new list and move it to in_progress
svc = SG->services_remaining.front();
if (svc->target->timedOut(nsock_gettimeofday())) {
@@ -2227,14 +2227,14 @@ static int launchSomeServiceProbes(nsock_pool nsp, ServiceGroup *SG) {
svc->target->TargetSockAddr(&ss, &ss_len);
if (svc->proto == IPPROTO_TCP)
nsock_connect_tcp(nsp, svc->niod, servicescan_connect_handler,
DEFAULT_CONNECT_TIMEOUT, svc,
(struct sockaddr *)&ss, ss_len,
svc->portno);
DEFAULT_CONNECT_TIMEOUT, svc,
(struct sockaddr *)&ss, ss_len,
svc->portno);
else {
assert(svc->proto == IPPROTO_UDP);
nsock_connect_udp(nsp, svc->niod, servicescan_connect_handler,
svc, (struct sockaddr *) &ss, ss_len,
svc->portno);
svc, (struct sockaddr *) &ss, ss_len,
svc->portno);
}
// Now remove it from the remaining service list
SG->services_remaining.pop_front();
@@ -2263,9 +2263,9 @@ static void servicescan_connect_handler(nsock_pool nsp, nsock_event nse, void *m
// Snag our SSL_SESSION from the nsi for use in subsequent connections.
if (nsi_checkssl(nsi)) {
if ( svc->ssl_session ) {
if (svc->ssl_session == (SSL_SESSION *)(nsi_get0_ssl_session(nsi))) {
//nada
} else {
if (svc->ssl_session == (SSL_SESSION *)(nsi_get0_ssl_session(nsi))) {
//nada
} else {
SSL_SESSION_free((SSL_SESSION*)svc->ssl_session);
svc->ssl_session = (SSL_SESSION *)(nsi_get1_ssl_session(nsi));
}
@@ -2347,8 +2347,8 @@ static void servicescan_write_handler(nsock_pool nsp, nsock_event nse, void *myd
}
if (status == NSE_STATUS_ERROR || status == NSE_STATUS_PROXYERROR) {
err = nse_errorcode(nse);
error("Got nsock WRITE error #%d (%s)", err, strerror(err));
err = nse_errorcode(nse);
error("Got nsock WRITE error #%d (%s)", err, strerror(err));
}
// Uh-oh. Some sort of write failure ... maybe the connection closed
@@ -2395,53 +2395,53 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
if (MD && MD->serviceName) {
// WOO HOO!!!!!! MATCHED! But might be soft
if (MD->isSoft && svc->probe_matched) {
if (strcmp(svc->probe_matched, MD->serviceName) != 0)
error("WARNING: Service %s:%hu had already soft-matched %s, but now soft-matched %s; ignoring second value", svc->target->targetipstr(), svc->portno, svc->probe_matched, MD->serviceName);
// No error if its the same - that happens frequently. For
// example, if we read more data for the same probe response
// it will probably still match.
if (strcmp(svc->probe_matched, MD->serviceName) != 0)
error("WARNING: Service %s:%hu had already soft-matched %s, but now soft-matched %s; ignoring second value", svc->target->targetipstr(), svc->portno, svc->probe_matched, MD->serviceName);
// No error if its the same - that happens frequently. For
// example, if we read more data for the same probe response
// it will probably still match.
} else {
if (o.debugging > 1 || o.versionTrace()) {
if (MD->product || MD->version || MD->info)
log_write(LOG_PLAIN, "Service scan match (Probe %s matched with %s line %d): %s:%hu is %s%s. Version: |%s|%s|%s|\n",
if (o.debugging > 1 || o.versionTrace()) {
if (MD->product || MD->version || MD->info)
log_write(LOG_PLAIN, "Service scan match (Probe %s matched with %s line %d): %s:%hu is %s%s. Version: |%s|%s|%s|\n",
probe->getName(), (*probe->fallbacks[fallbackDepth]).getName(),
MD->lineno,
svc->target->targetipstr(), svc->portno, (svc->tunnel == SERVICE_TUNNEL_SSL)? "SSL/" : "",
MD->serviceName, (MD->product)? MD->product : "", (MD->version)? MD->version : "",
(MD->info)? MD->info : "");
else
log_write(LOG_PLAIN, "Service scan %s match (Probe %s matched with %s line %d): %s:%hu is %s%s\n",
MD->lineno,
svc->target->targetipstr(), svc->portno, (svc->tunnel == SERVICE_TUNNEL_SSL)? "SSL/" : "",
MD->serviceName, (MD->product)? MD->product : "", (MD->version)? MD->version : "",
(MD->info)? MD->info : "");
else
log_write(LOG_PLAIN, "Service scan %s match (Probe %s matched with %s line %d): %s:%hu is %s%s\n",
(MD->isSoft)? "soft" : "hard",
probe->getName(), (*probe->fallbacks[fallbackDepth]).getName(),
MD->lineno,
svc->target->targetipstr(), svc->portno, (svc->tunnel == SERVICE_TUNNEL_SSL)? "SSL/" : "", MD->serviceName);
}
svc->probe_matched = MD->serviceName;
if (MD->product)
Strncpy(svc->product_matched, MD->product, sizeof(svc->product_matched));
if (MD->version)
Strncpy(svc->version_matched, MD->version, sizeof(svc->version_matched));
if (MD->info)
Strncpy(svc->extrainfo_matched, MD->info, sizeof(svc->extrainfo_matched));
if (MD->hostname)
Strncpy(svc->hostname_matched, MD->hostname, sizeof(svc->hostname_matched));
if (MD->ostype)
Strncpy(svc->ostype_matched, MD->ostype, sizeof(svc->ostype_matched));
if (MD->devicetype)
Strncpy(svc->devicetype_matched, MD->devicetype, sizeof(svc->devicetype_matched));
if (MD->cpe_a)
Strncpy(svc->cpe_a_matched, MD->cpe_a, sizeof(svc->cpe_a_matched));
if (MD->cpe_h)
Strncpy(svc->cpe_h_matched, MD->cpe_h, sizeof(svc->cpe_h_matched));
if (MD->cpe_o)
Strncpy(svc->cpe_o_matched, MD->cpe_o, sizeof(svc->cpe_o_matched));
svc->softMatchFound = MD->isSoft;
if (!svc->softMatchFound) {
// We might be able to continue scan through a tunnel protocol
// like SSL
if (scanThroughTunnel(nsp, nsi, SG, svc) == 0)
end_svcprobe(nsp, PROBESTATE_FINISHED_HARDMATCHED, SG, svc, nsi);
}
svc->target->targetipstr(), svc->portno, (svc->tunnel == SERVICE_TUNNEL_SSL)? "SSL/" : "", MD->serviceName);
}
svc->probe_matched = MD->serviceName;
if (MD->product)
Strncpy(svc->product_matched, MD->product, sizeof(svc->product_matched));
if (MD->version)
Strncpy(svc->version_matched, MD->version, sizeof(svc->version_matched));
if (MD->info)
Strncpy(svc->extrainfo_matched, MD->info, sizeof(svc->extrainfo_matched));
if (MD->hostname)
Strncpy(svc->hostname_matched, MD->hostname, sizeof(svc->hostname_matched));
if (MD->ostype)
Strncpy(svc->ostype_matched, MD->ostype, sizeof(svc->ostype_matched));
if (MD->devicetype)
Strncpy(svc->devicetype_matched, MD->devicetype, sizeof(svc->devicetype_matched));
if (MD->cpe_a)
Strncpy(svc->cpe_a_matched, MD->cpe_a, sizeof(svc->cpe_a_matched));
if (MD->cpe_h)
Strncpy(svc->cpe_h_matched, MD->cpe_h, sizeof(svc->cpe_h_matched));
if (MD->cpe_o)
Strncpy(svc->cpe_o_matched, MD->cpe_o, sizeof(svc->cpe_o_matched));
svc->softMatchFound = MD->isSoft;
if (!svc->softMatchFound) {
// We might be able to continue scan through a tunnel protocol
// like SSL
if (scanThroughTunnel(nsp, nsi, SG, svc) == 0)
end_svcprobe(nsp, PROBESTATE_FINISHED_HARDMATCHED, SG, svc, nsi);
}
}
}
@@ -2453,12 +2453,12 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
// avoid reading megs from services like chargen. But better
// approach is needed.
if (svc->probe_timemsleft(probe) > 0 && readstrlen < 4096) {
nsock_read(nsp, nsi, servicescan_read_handler, svc->probe_timemsleft(probe), svc);
nsock_read(nsp, nsi, servicescan_read_handler, svc->probe_timemsleft(probe), svc);
} else {
// Failed -- lets go to the next probe.
if (readstrlen > 0)
svc->addToServiceFingerprint(probe->getName(), readstr, readstrlen);
startNextProbe(nsp, nsi, SG, svc, false);
// Failed -- lets go to the next probe.
if (readstrlen > 0)
svc->addToServiceFingerprint(probe->getName(), readstr, readstrlen);
startNextProbe(nsp, nsi, SG, svc, false);
}
}
} else if (status == NSE_STATUS_TIMEOUT) {
@@ -2469,7 +2469,7 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
readstr = svc->getcurrentproberesponse(&readstrlen);
if (readstrlen > 0)
svc->addToServiceFingerprint(svc->currentProbe()->getName(), readstr,
readstrlen);
readstrlen);
startNextProbe(nsp, nsi, SG, svc, false);
} else if (status == NSE_STATUS_EOF) {
@@ -2479,7 +2479,7 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
readstr = svc->getcurrentproberesponse(&readstrlen);
if (readstrlen > 0)
svc->addToServiceFingerprint(svc->currentProbe()->getName(), readstr,
readstrlen);
readstrlen);
if (probe->isNullProbe() && readstrlen == 0) {
// TODO: Perhaps should do further verification before making this assumption
end_svcprobe(nsp, PROBESTATE_FINISHED_TCPWRAPPED, SG, svc, nsi);
@@ -2499,12 +2499,12 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
case ECONNABORTED:
// Jerk hung up on us. Probably didn't like our probe. We treat it as with EOF above.
if (probe->isNullProbe()) {
// TODO: Perhaps should do further verification before making this assumption
end_svcprobe(nsp, PROBESTATE_FINISHED_TCPWRAPPED, SG, svc, nsi);
// TODO: Perhaps should do further verification before making this assumption
end_svcprobe(nsp, PROBESTATE_FINISHED_TCPWRAPPED, SG, svc, nsi);
} else {
// Perhaps this service didn't like the particular probe text. We'll try the
// next one
startNextProbe(nsp, nsi, SG, svc, true);
// Perhaps this service didn't like the particular probe text. We'll try the
// next one
startNextProbe(nsp, nsi, SG, svc, true);
}
break;
case EHOSTUNREACH:
@@ -2534,7 +2534,7 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
break;
default:
fatal("Unexpected error in NSE_TYPE_READ callback. Error code: %d (%s)", err,
socket_strerror(err));
socket_strerror(err));
}
} else if (status == NSE_STATUS_KILL) {
/* User probablby specified host_timeout and so the service scan is
@@ -2584,23 +2584,23 @@ std::list<ServiceNFO *>::iterator svc;
cpe.push_back((*svc)->cpe_o_matched);
(*svc)->target->ports.setServiceProbeResults((*svc)->portno, (*svc)->proto,
(*svc)->probe_state,
(*svc)->probe_matched,
(*svc)->tunnel,
*(*svc)->product_matched? (*svc)->product_matched : NULL,
*(*svc)->version_matched? (*svc)->version_matched : NULL,
*(*svc)->extrainfo_matched? (*svc)->extrainfo_matched : NULL,
*(*svc)->hostname_matched? (*svc)->hostname_matched : NULL,
*(*svc)->ostype_matched? (*svc)->ostype_matched : NULL,
*(*svc)->devicetype_matched? (*svc)->devicetype_matched : NULL,
(cpe.size() > 0) ? &cpe : NULL,
shouldWePrintFingerprint(*svc) ? (*svc)->getServiceFingerprint(NULL) : NULL);
(*svc)->probe_state,
(*svc)->probe_matched,
(*svc)->tunnel,
*(*svc)->product_matched? (*svc)->product_matched : NULL,
*(*svc)->version_matched? (*svc)->version_matched : NULL,
*(*svc)->extrainfo_matched? (*svc)->extrainfo_matched : NULL,
*(*svc)->hostname_matched? (*svc)->hostname_matched : NULL,
*(*svc)->ostype_matched? (*svc)->ostype_matched : NULL,
*(*svc)->devicetype_matched? (*svc)->devicetype_matched : NULL,
(cpe.size() > 0) ? &cpe : NULL,
shouldWePrintFingerprint(*svc) ? (*svc)->getServiceFingerprint(NULL) : NULL);
} else {
(*svc)->target->ports.setServiceProbeResults((*svc)->portno, (*svc)->proto,
(*svc)->probe_state, NULL,
(*svc)->tunnel, NULL, NULL, NULL, NULL, NULL, NULL,
NULL,
(*svc)->getServiceFingerprint(NULL));
(*svc)->probe_state, NULL,
(*svc)->tunnel, NULL, NULL, NULL, NULL, NULL, NULL,
NULL,
(*svc)->getServiceFingerprint(NULL));
}
}
}
@@ -2642,10 +2642,10 @@ static void remove_excluded_ports(AllProbes *AP, ServiceGroup *SG) {
IPPROTO2STR(svc->proto));
svc->target->ports.setServiceProbeResults(svc->portno, svc->proto,
PROBESTATE_EXCLUDED, NULL,
SERVICE_TUNNEL_NONE,
PROBESTATE_EXCLUDED, NULL,
SERVICE_TUNNEL_NONE,
"Excluded from version scan", NULL,
NULL, NULL, NULL, NULL, NULL, NULL);
NULL, NULL, NULL, NULL, NULL, NULL);
SG->services_remaining.erase(i);
SG->services_finished.push_back(svc);
@@ -2698,9 +2698,9 @@ int service_scan(std::vector<Target *> &Targets) {
} else Snprintf(targetstr, sizeof(targetstr), "%u hosts", (unsigned) Targets.size());
log_write(LOG_STDOUT, "Scanning %u %s on %s\n",
(unsigned) SG->services_remaining.size(),
(SG->services_remaining.size() == 1)? "service" : "services",
targetstr);
(unsigned) SG->services_remaining.size(),
(SG->services_remaining.size() == 1)? "service" : "services",
targetstr);
}
// Lets create a nsock pool for managing all the concurrent probes
@@ -2741,12 +2741,12 @@ int service_scan(std::vector<Target *> &Targets) {
char additional_info[128];
if (SG->num_hosts_timedout == 0)
Snprintf(additional_info, sizeof(additional_info), "%u %s on %u %s",
(unsigned) SG->services_finished.size(),
(SG->services_finished.size() == 1)? "service" : "services",
(unsigned) Targets.size(), (Targets.size() == 1)? "host" : "hosts");
(unsigned) SG->services_finished.size(),
(SG->services_finished.size() == 1)? "service" : "services",
(unsigned) Targets.size(), (Targets.size() == 1)? "host" : "hosts");
else Snprintf(additional_info, sizeof(additional_info), "%u %s timed out",
SG->num_hosts_timedout,
(SG->num_hosts_timedout == 1)? "host" : "hosts");
SG->num_hosts_timedout,
(SG->num_hosts_timedout == 1)? "host" : "hosts");
SG->SPM->endTask(NULL, additional_info);
}

8
service_scan.h
View File

@@ -242,8 +242,8 @@ class ServiceProbeMatch {
// for a string, that string will have zero length after the function
// call (assuming the corresponding length passed in is at least 1)
int getVersionStr(const u8 *subject, int subjectlen, int *ovector,
int nummatches, char *product, int productlen,
char *version, int versionlen, char *info, int infolen,
int nummatches, char *product, int productlen,
char *version, int versionlen, char *info, int infolen,
char *hostname, int hostnamelen, char *ostype, int ostypelen,
char *devicetype, int devicetypelen,
char *cpe_a, int cpe_alen,
@@ -295,7 +295,7 @@ class ServiceProbe {
// are a comma separated list of ports and ranges
// (e.g. 53,80,6000-6010).
void setProbablePorts(enum service_tunnel_type tunnel,
const char *portstr, int lineno);
const char *portstr, int lineno);
/* Returns true if the passed in port is on the list of probable
ports for this probe and tunnel type. Use a tunnel of
@@ -337,7 +337,7 @@ class ServiceProbe {
private:
void setPortVector(std::vector<u16> *portv, const char *portstr,
int lineno);
int lineno);
char *probename;
u8 *probestring;

68
services.cc
View File

@@ -199,22 +199,22 @@ static int nmap_services_init() {
error("Unable to find nmap-services! Resorting to /etc/services");
strcpy(filename, "/etc/services");
#else
int len, wnt = GetVersion() < 0x80000000;
int len, wnt = GetVersion() < 0x80000000;
error("Unable to find nmap-services! Resorting to /etc/services");
if(wnt)
len = GetSystemDirectory(filename, 480); // be safe
else
len = GetWindowsDirectory(filename, 480); // be safe
if(!len)
error("Get%sDirectory failed (%d) @#!#@",
wnt ? "System" : "Windows", GetLastError());
else
{
if(wnt)
strcpy(filename + len, "\\drivers\\etc\\services");
else
strcpy(filename + len, "\\services");
}
if(wnt)
len = GetSystemDirectory(filename, 480); // be safe
else
len = GetWindowsDirectory(filename, 480); // be safe
if(!len)
error("Get%sDirectory failed (%d) @#!#@",
wnt ? "System" : "Windows", GetLastError());
else
{
if(wnt)
strcpy(filename + len, "\\drivers\\etc\\services");
else
strcpy(filename + len, "\\services");
}
#endif
}
@@ -239,27 +239,27 @@ static int nmap_services_init() {
ratio = 0;
} else if (res == 4) {
if (strchr(ratio_str, '/')) {
res = sscanf(ratio_str, "%d/%d", &ratio_n, &ratio_d);
if (res != 2)
fatal("%s:%d contains invalid port ratio string: %s", filename, lineno, ratio_str);
res = sscanf(ratio_str, "%d/%d", &ratio_n, &ratio_d);
if (res != 2)
fatal("%s:%d contains invalid port ratio string: %s", filename, lineno, ratio_str);
if (ratio_n < 0 || ratio_d < 0)
fatal("%s:%d contains an invalid negative value", filename, lineno);
if (ratio_n > ratio_d)
fatal("%s:%d has a ratio %g. All ratios must be < 1", filename, lineno, (double)ratio_n/ratio_d);
if (ratio_d == 0)
fatal("%s:%d has a ratio denominator of 0 causing a division by 0 error", filename, lineno);
ratio = (double)ratio_n / ratio_d;
ratio_format = 1;
if (ratio_n < 0 || ratio_d < 0)
fatal("%s:%d contains an invalid negative value", filename, lineno);
if (ratio_n > ratio_d)
fatal("%s:%d has a ratio %g. All ratios must be < 1", filename, lineno, (double)ratio_n/ratio_d);
if (ratio_d == 0)
fatal("%s:%d has a ratio denominator of 0 causing a division by 0 error", filename, lineno);
ratio = (double)ratio_n / ratio_d;
ratio_format = 1;
} else if (strncmp(ratio_str, "0.", 2) == 0) {
/* We assume the ratio is in floating point notation already */
ratio = strtod(ratio_str, NULL);
ratio_format = 1;
/* We assume the ratio is in floating point notation already */
ratio = strtod(ratio_str, NULL);
ratio_format = 1;
} else {
ratio = 0;
ratio = 0;
}
} else {
continue;
@@ -292,7 +292,7 @@ static int nmap_services_init() {
/* possibly misplaced comment, but who cares? */
} else {
if (o.debugging)
error("Unknown protocol (%s) on line %d of services file %s.", proto, lineno, filename);
error("Unknown protocol (%s) on line %d of services file %s.", proto, lineno, filename);
continue;
}

2
struct_ip.h
View File

@@ -2,7 +2,7 @@
something else in <netinet/ip.h>:
struct ip {
struct ip_firstfour ip_ff;
struct ip_firstfour ip_ff;
#define ip_v ip_ff.ip_fv
#define ip_hl ip_ff.ip_fhl
#define ip_vhl ip_ff.ip_fvhl

6
targets.h
View File

@@ -209,10 +209,10 @@ public:
int max_batch_sz; /* The size of the hostbatch[] array */
int current_batch_sz; /* The number of VALID members of hostbatch[] */
int next_batch_no; /* The index of the next hostbatch[] member to be given
back to the user */
back to the user */
int randomize; /* Whether each batch should be "shuffled" prior to the ping
scan (they will also be out of order when given back one
at a time to the client program */
scan (they will also be out of order when given back one
at a time to the client program */
TargetGroup current_group; /* For batch chunking -- targets in queue */
/* Returns true iff the defer buffer is not yet full. */

116
tcpip.h
View File

@@ -247,15 +247,15 @@ class PacketTrace {
makes this function slightly more efficient by avoiding a gettimeofday()
call. */
static void trace(pdirection pdir, const u8 *packet, u32 len,
struct timeval *now=NULL);
struct timeval *now=NULL);
/* Adds a trace entry when a connect() is attempted if packet tracing
is enabled. Pass IPPROTO_TCP or IPPROTO_UDP as the protocol. The
sock may be a sockaddr_in or sockaddr_in6. The return code of
connect is passed in connectrc. If the return code is -1, get the
errno and pass that as connect_errno. */
static void traceConnect(u8 proto, const struct sockaddr *sock,
int socklen, int connectrc, int connect_errno,
const struct timeval *now);
int socklen, int connectrc, int connect_errno,
const struct timeval *now);
/* Takes an ARP PACKET (including ethernet header) and prints it if
packet tracing is enabled. 'frame' must point to the 14-byte
ethernet header (e.g. starting with destination addr). The
@@ -263,7 +263,7 @@ class PacketTrace {
Optional 'now' argument makes this function slightly more
efficient by avoiding a gettimeofday() call. */
static void traceArp(pdirection pdir, const u8 *frame, u32 len,
struct timeval *now);
struct timeval *now);
static void traceND(pdirection pdir, const u8 *frame, u32 len,
struct timeval *now);
};
@@ -276,7 +276,7 @@ class PacketCounter {
#else
unsigned long long
#endif
sendPackets, sendBytes, recvPackets, recvBytes;
sendPackets, sendBytes, recvPackets, recvBytes;
};
@@ -321,11 +321,11 @@ int send_ip_packet(int sd, const struct eth_nfo *eth,
finished with the packet. The packet length is returned in
packetlen, which must be a valid int pointer. */
u8 *build_ip_raw(const struct in_addr *source, const struct in_addr *victim,
u8 proto,
int ttl, u16 ipid, u8 tos, bool df,
const u8* ipopt, int ipoptlen,
const char *data, u16 datalen,
u32 *packetlen);
u8 proto,
int ttl, u16 ipid, u8 tos, bool df,
const u8* ipopt, int ipoptlen,
const char *data, u16 datalen,
u32 *packetlen);
u8 *build_ipv6_raw(const struct in6_addr *source,
const struct in6_addr *victim, u8 tc, u32 flowlabel,
@@ -339,13 +339,13 @@ u8 *build_ipv6_raw(const struct in6_addr *source,
finished with the packet. The packet length is returned in
packetlen, which must be a valid int pointer. */
u8 *build_tcp_raw(const struct in_addr *source, const struct in_addr *victim,
int ttl, u16 ipid, u8 tos, bool df,
const u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 seq, u32 ack, u8 reserved, u8 flags, u16 window, u16 urp,
const u8 *options, int optlen,
const char *data, u16 datalen,
u32 *packetlen);
int ttl, u16 ipid, u8 tos, bool df,
const u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 seq, u32 ack, u8 reserved, u8 flags, u16 window, u16 urp,
const u8 *options, int optlen,
const char *data, u16 datalen,
u32 *packetlen);
u8 *build_tcp_raw_ipv6(const struct in6_addr *source,
const struct in6_addr *victim, u8 tc, u32 flowlabel,
@@ -357,22 +357,22 @@ u8 *build_tcp_raw_ipv6(const struct in6_addr *source,
/* Build and send a raw tcp packet. If TTL is -1, a partially random
(but likely large enough) one is chosen */
int send_tcp_raw( int sd, const struct eth_nfo *eth,
const struct in_addr *source, const struct in_addr *victim,
int ttl, bool df,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 seq, u32 ack, u8 reserved, u8 flags, u16 window, u16 urp,
u8 *options, int optlen,
const char *data, u16 datalen);
const struct in_addr *source, const struct in_addr *victim,
int ttl, bool df,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 seq, u32 ack, u8 reserved, u8 flags, u16 window, u16 urp,
u8 *options, int optlen,
const char *data, u16 datalen);
int send_tcp_raw_decoys( int sd, const struct eth_nfo *eth,
const struct in_addr *victim,
int ttl, bool df,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 seq, u32 ack, u8 reserved, u8 flags, u16 window, u16 urp,
u8 *options, int optlen,
const char *data, u16 datalen);
const struct in_addr *victim,
int ttl, bool df,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 seq, u32 ack, u8 reserved, u8 flags, u16 window, u16 urp,
u8 *options, int optlen,
const char *data, u16 datalen);
/* Builds a UDP packet (including an IP header) by packing the fields
with the given information. It allocates a new buffer to store the
@@ -382,7 +382,7 @@ int send_tcp_raw_decoys( int sd, const struct eth_nfo *eth,
packetlen, which must be a valid int pointer. */
u8 *build_udp_raw(const struct in_addr *source, const struct in_addr *victim,
int ttl, u16 ipid, u8 tos, bool df,
u8* ipopt, int ipoptlen,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
const char *data, u16 datalen,
u32 *packetlen);
@@ -393,18 +393,18 @@ u8 *build_udp_raw_ipv6(const struct in6_addr *source,
const char *data, u16 datalen, u32 *packetlen);
int send_udp_raw( int sd, const struct eth_nfo *eth,
struct in_addr *source, const struct in_addr *victim,
int ttl, u16 ipid,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
const char *data, u16 datalen);
struct in_addr *source, const struct in_addr *victim,
int ttl, u16 ipid,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
const char *data, u16 datalen);
int send_udp_raw_decoys( int sd, const struct eth_nfo *eth,
const struct in_addr *victim,
int ttl, u16 ipid,
u8* ipops, int ip,
u16 sport, u16 dport,
const char *data, u16 datalen);
const struct in_addr *victim,
int ttl, u16 ipid,
u8* ipops, int ip,
u16 sport, u16 dport,
const char *data, u16 datalen);
/* Builds an SCTP packet (including an IP header) by packing the fields
with the given information. It allocates a new buffer to store the
@@ -413,12 +413,12 @@ int send_udp_raw_decoys( int sd, const struct eth_nfo *eth,
finished with the packet. The packet length is returned in
packetlen, which must be a valid int pointer. */
u8 *build_sctp_raw(const struct in_addr *source, const struct in_addr *victim,
int ttl, u16 ipid, u8 tos, bool df,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 vtag, char *chunks, int chunkslen,
const char *data, u16 datalen,
u32 *packetlen);
int ttl, u16 ipid, u8 tos, bool df,
u8* ipopt, int ipoptlen,
u16 sport, u16 dport,
u32 vtag, char *chunks, int chunkslen,
const char *data, u16 datalen,
u32 *packetlen);
u8 *build_sctp_raw_ipv6(const struct in6_addr *source,
const struct in6_addr *victim, u8 tc, u32 flowlabel,
@@ -435,10 +435,10 @@ u8 *build_sctp_raw_ipv6(const struct in6_addr *source,
id/seq will be converted to network byte order (if it differs from
HBO) */
u8 *build_icmp_raw(const struct in_addr *source, const struct in_addr *victim,
int ttl, u16 ipid, u8 tos, bool df,
u8* ipopt, int ipoptlen,
u16 seq, unsigned short id, u8 ptype, u8 pcode,
const char *data, u16 datalen, u32 *packetlen);
int ttl, u16 ipid, u8 tos, bool df,
u8* ipopt, int ipoptlen,
u16 seq, unsigned short id, u8 ptype, u8 pcode,
const char *data, u16 datalen, u32 *packetlen);
u8 *build_icmpv6_raw(const struct in6_addr *source,
const struct in6_addr *victim, u8 tc, u32 flowlabel,
@@ -453,10 +453,10 @@ u8 *build_icmpv6_raw(const struct in6_addr *source,
which must be a valid int pointer.
*/
u8 *build_igmp_raw(const struct in_addr *source, const struct in_addr *victim,
int ttl, u16 ipid, u8 tos, bool df,
u8* ipopt, int ipoptlen,
u8 ptype, u8 pcode,
const char *data, u16 datalen, u32 *packetlen);
int ttl, u16 ipid, u8 tos, bool df,
u8* ipopt, int ipoptlen,
u8 ptype, u8 pcode,
const char *data, u16 datalen, u32 *packetlen);
// Returns whether the packet receive time value obtaned from libpcap
@@ -512,7 +512,7 @@ int setTargetMACIfAvailable(Target *target, struct link_header *linkhdr,
bool setTargetNextHopMAC(Target *target);
bool getNextHopMAC(const char *iface, const u8 *srcmac, const struct sockaddr_storage *srcss,
const struct sockaddr_storage *dstss, u8 *dstmac);
const struct sockaddr_storage *dstss, u8 *dstmac);
@@ -539,7 +539,7 @@ int read_na_pcap(pcap_t *pd, u8 *sendermac, struct sockaddr_in6 *senderIP, long
blocking to the extent possible, and -1 to block forever. Returns
-1 or exits if ther is an error. */
int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP,
long to_usec, struct timeval *rcvdtime);
long to_usec, struct timeval *rcvdtime);
/* Examines the given tcp packet and obtains the TCP timestamp option
information if available. Note that the CALLER must ensure that

12
timing.cc
View File

@@ -156,8 +156,8 @@ void adjust_timeouts(struct timeval sent, struct timeout_info *to) {
back or it could be for efficiency because the caller already knows
the current time */
void adjust_timeouts2(const struct timeval *sent,
const struct timeval *received,
struct timeout_info *to) {
const struct timeval *received,
struct timeout_info *to) {
long delta = 0;
if (o.debugging > 3) {
@@ -187,14 +187,14 @@ void adjust_timeouts2(const struct timeval *sent,
if (delta >= 8000000 || delta < 0) {
if (o.verbose)
error("%s: packet supposedly had rtt of %ld microseconds. Ignoring time.", __func__, delta);
error("%s: packet supposedly had rtt of %ld microseconds. Ignoring time.", __func__, delta);
return;
}
rttdelta = delta - to->srtt;
/* sanity check 2*/
if (rttdelta > 1500000 && rttdelta > 3 * to->srtt + 2 * to->rttvar) {
if (o.debugging) {
log_write(LOG_STDOUT, "Bogus rttdelta: %ld (srtt %d) ... ignoring\n", rttdelta, to->srtt);
log_write(LOG_STDOUT, "Bogus rttdelta: %ld (srtt %d) ... ignoring\n", rttdelta, to->srtt);
}
return;
}
@@ -210,7 +210,7 @@ void adjust_timeouts2(const struct timeval *sent,
/* It hurts to do this ... it really does ... but otherwise we are being
too risky */
to->timeout = box(o.minRttTimeout() * 1000, o.maxRttTimeout() * 1000,
to->timeout);
to->timeout);
if (o.scan_delay)
to->timeout = MAX((unsigned) to->timeout, o.scan_delay * 1000);
@@ -624,7 +624,7 @@ static double estimate_time_left(double perc_done,
because the estimate has changed significantly. Returns whether
or not a line was printed.*/
bool ScanProgressMeter::printStatsIfNecessary(double perc_done,
const struct timeval *now) {
const struct timeval *now) {
struct timeval tvtmp;
double time_left_s;
bool printit = false;

4
timing.h
View File

@@ -141,8 +141,8 @@ void initialize_timeout_info(struct timeout_info *to);
back or it could be for efficiency because the caller already knows
the current time */
void adjust_timeouts2(const struct timeval *sent,
const struct timeval *received,
struct timeout_info *to);
const struct timeval *received,
struct timeout_info *to);
/* Adjust our timeout values based on the time the latest probe took for a
response. We update our RTT averages, etc. */