diff --git a/CHANGELOG b/CHANGELOG index 9455e66cb..b6ce85380 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,10 @@ # Nmap Changelog ($Id$); -*-text-*- -3.97Shmoo + +o The 26 Nmap commands that previously included an underscore + (--max_rtt_timeout, --senc_eth, --host_timeout, etc.) have been + renamed to use a hyphen in the preferred format + (i.e. --max-rtt-timeout). Underscores are still supported for + backwared compatability. o Added run time interaction as documented at http://www.insecure.org/nmap/man/man-runtime-interaction.html . diff --git a/NmapOps.cc b/NmapOps.cc index db0c2fe7c..e71abd50c 100644 --- a/NmapOps.cc +++ b/NmapOps.cc @@ -425,7 +425,7 @@ void NmapOps::ValidateOptions() { } if (max_parallelism && min_parallelism && (min_parallelism > max_parallelism)) { - fatal("--min_parallelism must be less than or equal to --max_parallelism"); + fatal("--min-parallelism must be less than or equal to --max-parallelism"); } if (af() == AF_INET6 && (numdecoys|osscan|bouncescan|fragscan|ackscan|finscan|idlescan|ipprotscan|maimonscan|nullscan|rpcscan|synscan|udpscan|windowscan|xmasscan)) { diff --git a/main.cc b/main.cc index 705f02a57..1340fde77 100644 --- a/main.cc +++ b/main.cc @@ -164,6 +164,7 @@ int main(int argc, char *argv[], char *envp[]) { int interactivemode = 0; int fd; struct timeval tv; + int arglen = 0; #ifdef __amigaos__ if(!OpenLibs()) { @@ -299,15 +300,16 @@ int main(int argc, char *argv[], char *envp[]) { fatal("Bad arguments to f!"); } strncpy(fakeargs, myargv[i], sizeof(fakeargs)); - } else if (strcasecmp(myargv[i], "--nmap_path") == 0) { + } else if (optcmp(myargv[i], "--nmap-path") == 0) { if (++i > myargc -1) { fatal("Bad arguments to f!"); } strncpy(nmappath, myargv[i], sizeof(nmappath)); } else { - if (strlen(nmapargs) + strlen(myargv[i]) + 1 < sizeof(nmapargs)) { + arglen = strlen(nmapargs); + if (arglen + strlen(myargv[i]) + 1 < sizeof(nmapargs)) { strcat(nmapargs, " "); - strcat(nmapargs, myargv[i]); + strncat(nmapargs, myargv[i], arglen - 1); } else fatal("Arguments too long."); } } @@ -344,7 +346,7 @@ int main(int argc, char *argv[], char *envp[]) { } } if (!*nmappath) { - fatal("Could not find Nmap -- you must add --nmap_path argument"); + fatal("Could not find Nmap -- you must add --nmap-path argument"); } /* We should be courteous and give Nmap reasonable signal defaults */ diff --git a/nmap.cc b/nmap.cc index 91419230f..17064bec2 100644 --- a/nmap.cc +++ b/nmap.cc @@ -249,21 +249,30 @@ int nmap_main(int argc, char *argv[]) { {"help", no_argument, 0, 'h'}, {"iflist", no_argument, 0, 0}, {"max_parallelism", required_argument, 0, 'M'}, + {"max-parallelism", required_argument, 0, 'M'}, {"min_parallelism", required_argument, 0, 0}, + {"min-parallelism", required_argument, 0, 0}, {"timing", required_argument, 0, 'T'}, {"timing", no_argument, 0, 0}, {"max_rtt_timeout", required_argument, 0, 0}, - {"min_rtt_timeout", required_argument, 0, 0}, + {"min-rtt-timeout", required_argument, 0, 0}, {"initial_rtt_timeout", required_argument, 0, 0}, + {"initial-rtt-timeout", required_argument, 0, 0}, {"excludefile", required_argument, 0, 0}, {"exclude", required_argument, 0, 0}, {"max_hostgroup", required_argument, 0, 0}, + {"max-hostgroup", required_argument, 0, 0}, {"min_hostgroup", required_argument, 0, 0}, + {"min-hostgroup", required_argument, 0, 0}, {"scanflags", required_argument, 0, 0}, {"host_timeout", required_argument, 0, 0}, + {"host-timeout", required_argument, 0, 0}, {"scan_delay", required_argument, 0, 0}, + {"scan-delay", required_argument, 0, 0}, {"max_scan_delay", required_argument, 0, 0}, + {"max-scan-delay", required_argument, 0, 0}, {"max_retries", required_argument, 0, 0}, + {"max-retries", required_argument, 0, 0}, {"oA", required_argument, 0, 0}, {"oN", required_argument, 0, 0}, {"oM", required_argument, 0, 0}, @@ -275,17 +284,27 @@ int nmap_main(int argc, char *argv[]) { {"iR", required_argument, 0, 0}, {"sI", required_argument, 0, 0}, {"source_port", required_argument, 0, 'g'}, + {"source-port", required_argument, 0, 'g'}, {"randomize_hosts", no_argument, 0, 0}, + {"randomize-hosts", no_argument, 0, 0}, {"osscan_limit", no_argument, 0, 0}, /* skip OSScan if no open ports */ + {"osscan-limit", no_argument, 0, 0}, /* skip OSScan if no open ports */ {"osscan_guess", no_argument, 0, 0}, /* More guessing flexability */ + {"osscan-guess", no_argument, 0, 0}, /* More guessing flexability */ {"fuzzy", no_argument, 0, 0}, /* Alias for osscan_guess */ {"packet_trace", no_argument, 0, 0}, /* Display all packets sent/rcv */ + {"packet-trace", no_argument, 0, 0}, /* Display all packets sent/rcv */ {"version_trace", no_argument, 0, 0}, /* Display -sV related activity */ + {"version-trace", no_argument, 0, 0}, /* Display -sV related activity */ {"data_length", required_argument, 0, 0}, + {"data-length", required_argument, 0, 0}, {"send_eth", no_argument, 0, 0}, + {"send-eth", no_argument, 0, 0}, {"send_ip", no_argument, 0, 0}, + {"send-ip", no_argument, 0, 0}, {"stylesheet", required_argument, 0, 0}, {"no_stylesheet", no_argument, 0, 0}, + {"no-stylesheet", no_argument, 0, 0}, {"webxml", no_argument, 0, 0}, {"rH", no_argument, 0, 0}, {"vv", no_argument, 0, 0}, @@ -293,17 +312,23 @@ int nmap_main(int argc, char *argv[]) { {"privileged", no_argument, 0, 0}, {"mtu", required_argument, 0, 0}, {"append_output", no_argument, 0, 0}, + {"append-output", no_argument, 0, 0}, {"noninteractive", no_argument, 0, 0}, {"spoof_mac", required_argument, 0, 0}, + {"spoof-mac", required_argument, 0, 0}, {"thc", no_argument, 0, 0}, {"badsum", no_argument, 0, 0}, {"ttl", required_argument, 0, 0}, /* Time to live */ {"allports", no_argument, 0, 0}, {"version_intensity", required_argument, 0, 0}, + {"version-intensity", required_argument, 0, 0}, {"version_light", no_argument, 0, 0}, + {"version-light", no_argument, 0, 0}, {"version_all", no_argument, 0, 0}, + {"version-all", no_argument, 0, 0}, {"system_dns", no_argument, 0, 0}, {"dns_servers", required_argument, 0, 0}, + {"dns-servers", required_argument, 0, 0}, {0, 0, 0, 0} }; @@ -327,23 +352,23 @@ int nmap_main(int argc, char *argv[]) { while((arg = getopt_long_only(argc,fakeargv,"6Ab:D:d::e:Ffg:hIi:M:m:nOo:P:p:qRrS:s:T:Vv", long_options, &option_index)) != EOF) { switch(arg) { case 0: - if (strcmp(long_options[option_index].name, "max_rtt_timeout") == 0) { + if (optcmp(long_options[option_index].name, "max-rtt-timeout") == 0) { l = tval2msecs(optarg); - if (l < 5) fatal("Bogus --max_rtt_timeout argument specified, must be at least 5"); + if (l < 5) fatal("Bogus --max-rtt-timeout argument specified, must be at least 5"); if (l < 20) { error("WARNING: You specified a round-trip time timeout (%ld ms) that is EXTRAORDINARILY SMALL. Accuracy may suffer.", l); } o.setMaxRttTimeout(l); - } else if (strcmp(long_options[option_index].name, "min_rtt_timeout") == 0) { + } else if (optcmp(long_options[option_index].name, "min-rtt-timeout") == 0) { l = tval2msecs(optarg); - if (l < 0) fatal("Bogus --min_rtt_timeout argument specified"); + if (l < 0) fatal("Bogus --min-rtt-timeout argument specified"); if (l > 50000) { - error("Warning: min_rtt_timeout is given in milliseconds, your value seems pretty large."); + error("Warning: min-rtt-timeout is given in milliseconds, your value seems pretty large."); } o.setMinRttTimeout(l); - } else if (strcmp(long_options[option_index].name, "initial_rtt_timeout") == 0) { + } else if (optcmp(long_options[option_index].name, "initial-rtt-timeout") == 0) { l = tval2msecs(optarg); - if (l <= 0) fatal("Bogus --initial_rtt_timeout argument specified. Must be positive"); + if (l <= 0) fatal("Bogus --initial-rtt-timeout argument specified. Must be positive"); o.setInitialRttTimeout(l); } else if (strcmp(long_options[option_index].name, "excludefile") == 0) { excludefd = fopen(optarg, "r"); @@ -354,12 +379,12 @@ int nmap_main(int argc, char *argv[]) { if (excludefd) fatal("--excludefile and --exclude options are mutually exclusive."); exclude_spec = strdup(optarg); - } else if (strcmp(long_options[option_index].name, "max_hostgroup") == 0) { + } else if (optcmp(long_options[option_index].name, "max-hostgroup") == 0) { o.setMaxHostGroupSz(atoi(optarg)); - } else if (strcmp(long_options[option_index].name, "min_hostgroup") == 0) { + } else if (optcmp(long_options[option_index].name, "min-hostgroup") == 0) { o.setMinHostGroupSz(atoi(optarg)); if (atoi(optarg) > 100) - error("Warning: You specified a highly aggressive --min_hostgroup."); + error("Warning: You specified a highly aggressive --min-hostgroup."); } else if (strcmp(long_options[option_index].name, "scanflags") == 0) { o.scanflags = parse_scanflags(optarg); if (o.scanflags < 0) { @@ -367,17 +392,17 @@ int nmap_main(int argc, char *argv[]) { } } else if (strcmp(long_options[option_index].name, "iflist") == 0 ) { iflist = true; - } else if (strcmp(long_options[option_index].name, "min_parallelism") == 0 ) { + } else if (optcmp(long_options[option_index].name, "min-parallelism") == 0 ) { o.min_parallelism = atoi(optarg); - if (o.min_parallelism < 1) fatal("Argument to --min_parallelism must be at least 1!"); + if (o.min_parallelism < 1) fatal("Argument to --min-parallelism must be at least 1!"); if (o.min_parallelism > 100) { - error("Warning: Your --min_parallelism option is pretty high! Don't complain to Fyodor if all hell breaks loose!"); + error("Warning: Your --min-parallelism option is pretty high! This can hurt reliability."); } - } else if (strcmp(long_options[option_index].name, "host_timeout") == 0) { l = tval2msecs(optarg); - if (l <= 200) fatal("--host_timeout must be at least 200 milliseconds"); + } else if (optcmp(long_options[option_index].name, "host-timeout") == 0) { l = tval2msecs(optarg); + if (l <= 200) fatal("--host-timeout must be at least 200 milliseconds"); o.host_timeout = l; if (o.host_timeout < 1000) { - error("host_timeout is given in milliseconds, so you specified less than a second (%lims). This is allowed but not recommended.", o.host_timeout); + error("host-timeout is given in milliseconds, so you specified less than a second (%lims). This is allowed but not recommended.", o.host_timeout); } } else if (strcmp(long_options[option_index].name, "ttl") == 0) { o.ttl = atoi(optarg); @@ -386,74 +411,74 @@ int nmap_main(int argc, char *argv[]) { } } else if (strcmp(long_options[option_index].name, "datadir") == 0) { o.datadir = strdup(optarg); - } else if (strcmp(long_options[option_index].name, "append_output") == 0) { + } else if (optcmp(long_options[option_index].name, "append-output") == 0) { o.append_output = 1; } else if (strcmp(long_options[option_index].name, "noninteractive") == 0) { /* Do nothing */ - } else if (strcmp(long_options[option_index].name, "spoof_mac") == 0) { + } else if (optcmp(long_options[option_index].name, "spoof-mac") == 0) { /* I need to deal with this later, once I'm sure that I have output files set up, --datadir, etc. */ spoofmac = optarg; } else if (strcmp(long_options[option_index].name, "allports") == 0) { o.override_excludeports = 1; - } else if (strcmp(long_options[option_index].name, "version_intensity") == 0) { + } else if (optcmp(long_options[option_index].name, "version-intensity") == 0) { o.version_intensity = atoi(optarg); if (o.version_intensity < 0 || o.version_intensity > 9) - fatal("version_intensity must be between 0 and 9"); - } else if (strcmp(long_options[option_index].name, "version_light") == 0) { + fatal("version-intensity must be between 0 and 9"); + } else if (optcmp(long_options[option_index].name, "version-light") == 0) { o.version_intensity = 2; - } else if (strcmp(long_options[option_index].name, "version_all") == 0) { + } else if (optcmp(long_options[option_index].name, "version-all") == 0) { o.version_intensity = 9; - } else if (strcmp(long_options[option_index].name, "scan_delay") == 0) { + } else if (optcmp(long_options[option_index].name, "scan-delay") == 0) { l = tval2msecs(optarg); - if (l < 0) fatal("Bogus --scan_delay argument specified."); + if (l < 0) fatal("Bogus --scan-delay argument specified."); o.scan_delay = l; if (o.scan_delay > o.maxTCPScanDelay()) o.setMaxTCPScanDelay(o.scan_delay); if (o.scan_delay > o.maxUDPScanDelay()) o.setMaxUDPScanDelay(o.scan_delay); o.max_parallelism = 1; - } else if (strcmp(long_options[option_index].name, "max_scan_delay") == 0) { + } else if (optcmp(long_options[option_index].name, "max-scan-delay") == 0) { l = tval2msecs(optarg); - if (l < 0) fatal("--max_scan_delay cannot be negative."); + if (l < 0) fatal("--max-scan-delay cannot be negative."); o.setMaxTCPScanDelay(l); o.setMaxUDPScanDelay(l); - } else if (strcmp(long_options[option_index].name, "max_retries") == 0) { + } else if (optcmp(long_options[option_index].name, "max-retries") == 0) { int num_retrans = atoi(optarg); if (num_retrans < 0) - fatal("max_retransmissions must be positive"); + fatal("max-retransmissions must be positive"); o.setMaxRetransmissions(num_retrans); - } else if (strcmp(long_options[option_index].name, "randomize_hosts") == 0 + } else if (optcmp(long_options[option_index].name, "randomize-hosts") == 0 || strcmp(long_options[option_index].name, "rH") == 0) { o.randomize_hosts = 1; o.ping_group_sz = PING_GROUP_SZ * 4; - } else if (strcmp(long_options[option_index].name, "osscan_limit") == 0) { + } else if (optcmp(long_options[option_index].name, "osscan-limit") == 0) { o.osscan_limit = 1; - } else if (strcmp(long_options[option_index].name, "osscan_guess") == 0 + } else if (optcmp(long_options[option_index].name, "osscan-guess") == 0 || strcmp(long_options[option_index].name, "fuzzy") == 0) { o.osscan_guess = 1; - } else if (strcmp(long_options[option_index].name, "packet_trace") == 0) { + } else if (optcmp(long_options[option_index].name, "packet-trace") == 0) { o.setPacketTrace(true); - } else if (strcmp(long_options[option_index].name, "version_trace") == 0) { + } else if (optcmp(long_options[option_index].name, "version-trace") == 0) { o.setVersionTrace(true); o.debugging++; - } else if (strcmp(long_options[option_index].name, "data_length") == 0) { + } else if (optcmp(long_options[option_index].name, "data-length") == 0) { o.extra_payload_length = atoi(optarg); if (o.extra_payload_length < 0) { - fatal("data_length must be greater than 0"); + fatal("data-length must be greater than 0"); } else if (o.extra_payload_length > 0) { o.extra_payload = (char *) safe_malloc(o.extra_payload_length); get_random_bytes(o.extra_payload, o.extra_payload_length); } - } else if (strcmp(long_options[option_index].name, "send_eth") == 0) { + } else if (optcmp(long_options[option_index].name, "send-eth") == 0) { o.sendpref = PACKET_SEND_ETH_STRONG; - } else if (strcmp(long_options[option_index].name, "send_ip") == 0) { + } else if (optcmp(long_options[option_index].name, "send-ip") == 0) { o.sendpref = PACKET_SEND_IP_STRONG; } else if (strcmp(long_options[option_index].name, "stylesheet") == 0) { o.setXSLStyleSheet(optarg); - } else if (strcmp(long_options[option_index].name, "no_stylesheet") == 0) { + } else if (optcmp(long_options[option_index].name, "no-stylesheet") == 0) { o.setXSLStyleSheet(NULL); - } else if (strcmp(long_options[option_index].name, "system_dns") == 0) { + } else if (strcmp(long_options[option_index].name, "system-dns") == 0) { o.mass_dns = false; - } else if (strcmp(long_options[option_index].name, "dns_servers") == 0) { + } else if (optcmp(long_options[option_index].name, "dns-servers") == 0) { o.dns_servers = strdup(optarg); } else if (strcmp(long_options[option_index].name, "webxml") == 0) { o.setXSLStyleSheet("http://www.insecure.org/nmap/data/nmap.xsl"); @@ -599,7 +624,7 @@ int nmap_main(int argc, char *argv[]) { o.max_parallelism = atoi(optarg); if (o.max_parallelism < 1) fatal("Argument to -M must be at least 1!"); if (o.max_parallelism > 900) { - error("Warning: Your max_parallelism (-M) option is absurdly high! Don't complain to Fyodor if all hell breaks loose!"); + error("Warning: Your max-parallelism (-M) option is extraordinarily high, which can hurt reliability"); } break; case 'm': @@ -842,7 +867,7 @@ int nmap_main(int argc, char *argv[]) { #ifdef WIN32 if (o.sendpref & PACKET_SEND_IP) { - error("WARNING: raw IP (rather than raw ethernet) packet sending attempted on Windows. This probably won't work. Consider --send_eth next time.\n"); + error("WARNING: raw IP (rather than raw ethernet) packet sending attempted on Windows. This probably won't work. Consider --send-eth next time.\n"); } #endif @@ -861,7 +886,7 @@ int nmap_main(int argc, char *argv[]) { while(*p) { if (*p == ':') p++; if (isxdigit(*p) && isxdigit(*(p+1))) { - if (pos >= 6) fatal("Bogus --spoof_mac value encountered (%s) -- only up to 6 bytes permitted", spoofmac); + if (pos >= 6) fatal("Bogus --spoof-mac value encountered (%s) -- only up to 6 bytes permitted", spoofmac); tmphex[0] = *p; tmphex[1] = *(p+1); tmphex[2] = '\0'; mac_data[pos] = (u8) strtol(tmphex, NULL, 16); pos++; @@ -871,7 +896,7 @@ int nmap_main(int argc, char *argv[]) { if (*p) { /* Failed to parse it as a MAC prefix -- treating as a vendor substring instead */ if (!MACCorp2Prefix(spoofmac, mac_data)) - fatal("Could not parse as a prefix nor find as a vendor substring the given --spoof_mac argument: %s. If you are giving hex digits, there must be an even number of them.", spoofmac); + fatal("Could not parse as a prefix nor find as a vendor substring the given --spoof-mac argument: %s. If you are giving hex digits, there must be an even number of them.", spoofmac); pos = 3; } } @@ -1352,13 +1377,13 @@ int gather_logfile_resumption_state(char *fname, int *myargc, char ***myargv) { fatal("Unable to parse supposed log file %s. Perhaps the Nmap execution had not finished at least one host? In that case there is no use \"resuming\"", fname); - strcpy(nmap_arg_buffer, "nmap --append_output "); + strcpy(nmap_arg_buffer, "nmap --append-output "); if ((q-p) + 21 + 1 >= (int) sizeof(nmap_arg_buffer)) fatal("0verfl0w"); memcpy(nmap_arg_buffer + 21, p, q-p); nmap_arg_buffer[21 + q-p] = '\0'; - if (strstr(nmap_arg_buffer, "--randomize_hosts") != NULL) { - error("WARNING: You are attempting to resume a scan which used --randomize_hosts. Some hosts in the last randomized batch make be missed and others may be repeated once"); + if (strstr(nmap_arg_buffer, "--randomize-hosts") != NULL) { + error("WARNING: You are attempting to resume a scan which used --randomize-hosts. Some hosts in the last randomized batch make be missed and others may be repeated once"); } *myargc = arg_parse(nmap_arg_buffer, myargv); @@ -1604,8 +1629,8 @@ printf("%s %s ( %s )\n" " -PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports\n" " -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes\n" " -n/-R: Never do DNS resolution/Always resolve [default: sometimes]\n" - " --dns_servers : Specify custom DNS servers\n" - " --system_dns: Use OS's DNS resolver\n" + " --dns-servers : Specify custom DNS servers\n" + " --system-dns: Use OS's DNS resolver\n" "SCAN TECHNIQUES:\n" " -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans\n" " -sN/sF/sX: TCP Null, FIN, and Xmas scans\n" @@ -1620,32 +1645,32 @@ printf("%s %s ( %s )\n" " -r: Scan ports consecutively - don't randomize\n" "SERVICE/VERSION DETECTION:\n" " -sV: Probe open ports to determine service/version info\n" - " --version_intensity : Set from 0 (light) to 9 (try all probes)\n" - " --version_light: Limit to most likely probes (intensity 2)\n" - " --version_all: Try every single probe (intensity 9)\n" - " --version_trace: Show detailed version scan activity (for debugging)\n" + " --version-intensity : Set from 0 (light) to 9 (try all probes)\n" + " --version-light: Limit to most likely probes (intensity 2)\n" + " --version-all: Try every single probe (intensity 9)\n" + " --version-trace: Show detailed version scan activity (for debugging)\n" "OS DETECTION:\n" " -O: Enable OS detection\n" - " --osscan_limit: Limit OS detection to promising targets\n" - " --osscan_guess: Guess OS more aggressively\n" + " --osscan-limit: Limit OS detection to promising targets\n" + " --osscan-guess: Guess OS more aggressively\n" "TIMING AND PERFORMANCE:\n" " -T[0-5]: Set timing template (higher is faster)\n" - " --min_hostgroup/max_hostgroup : Parallel host scan group sizes\n" - " --min_parallelism/max_parallelism : Probe parallelization\n" - " --min_rtt_timeout/max_rtt_timeout/initial_rtt_timeout : Specifies\n" + " --min-hostgroup/max-hostgroup : Parallel host scan group sizes\n" + " --min-parallelism/max-parallelism : Probe parallelization\n" + " --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout : Specifies\n" " probe round trip time.\n" - " --max_retries : Caps number of port scan probe retransmissions.\n" - " --host_timeout : Give up on target after this long\n" - " --scan_delay/--max_scan_delay : Adjust delay between probes\n" + " --max-retries : Caps number of port scan probe retransmissions.\n" + " --host-timeout : Give up on target after this long\n" + " --scan-delay/--max-scan-delay : Adjust delay between probes\n" "FIREWALL/IDS EVASION AND SPOOFING:\n" " -f; --mtu : fragment packets (optionally w/given MTU)\n" " -D : Cloak a scan with decoys\n" " -S : Spoof source address\n" " -e : Use specified interface\n" - " -g/--source_port : Use given port number\n" - " --data_length : Append random data to sent packets\n" + " -g/--source-port : Use given port number\n" + " --data-length : Append random data to sent packets\n" " --ttl : Set IP time-to-live field\n" - " --spoof_mac : Spoof your MAC address\n" + " --spoof-mac : Spoof your MAC address\n" " --badsum: Send packets with a bogus TCP/UDP checksum\n" "OUTPUT:\n" " -oN/-oX/-oS/-oG : Output scan in normal, XML, s|: Output in the three major formats at once\n" " -v: Increase verbosity level (use twice for more effect)\n" " -d[level]: Set or increase debugging level (Up to 9 is meaningful)\n" - " --packet_trace: Show all packets sent and received\n" + " --packet-trace: Show all packets sent and received\n" " --iflist: Print host interfaces and routes (for debugging)\n" - " --append_output: Append to rather than clobber specified output files\n" + " --append-output: Append to rather than clobber specified output files\n" " --resume : Resume an aborted scan\n" " --stylesheet : XSL stylesheet to transform XML output to HTML\n" " --webxml: Reference stylesheet from Insecure.Org for more portable XML\n" - " --no_stylesheet: Prevent associating of XSL stylesheet w/XML output\n" + " --no-stylesheet: Prevent associating of XSL stylesheet w/XML output\n" "MISC:\n" " -6: Enable IPv6 scanning\n" " -A: Enables OS detection and Version detection\n" " --datadir : Specify custom Nmap data file location\n" - " --send_eth/--send_ip: Send using raw ethernet frames or IP packets\n" + " --send-eth/--send-ip: Send using raw ethernet frames or IP packets\n" " --privileged: Assume that the user is fully privileged\n" " -V: Print version number\n" " -h: Print this help summary page.\n" @@ -1684,13 +1709,13 @@ waits for nmap to finish. Results are printed to the\n\ screen (of course you can still use file output commands).\n\ ! -- runs shell command given in the foreground\n\ x -- Exit Nmap\n\ -f [--spoof ] [--nmap_path ] \n\ +f [--spoof ] [--nmap-path ] \n\ -- Executes nmap in the background (results are NOT\n\ printed to the screen). You should generally specify a\n\ file for results (with -oX, -oG, or -oN). If you specify\n\ fakeargs with --spoof, Nmap will try to make those\n\ appear in ps listings. If you wish to execute a special\n\ -version of Nmap, specify --nmap_path.\n\ +version of Nmap, specify --nmap-path.\n\ n -h -- Obtain help with Nmap syntax\n\ h -- Prints this help screen.\n\ Examples:\n\ @@ -1705,18 +1730,6 @@ char *seqreport(struct seq_info *seq) { int i; snprintf(report, sizeof(report), "TCP Sequence Prediction: Class=%s\n Difficulty=%d (%s)\n", seqclass2ascii(seq->seqclass), seq->index, seqidx2difficultystr(seq->index)); - if (o.verbose > 1 || o.debugging ) { - p = tmp; - strcpy(p, "TCP ISN Seq. Numbers: "); - p += 22; - for(i=0; i < seq->responses; i++) { - if (p - tmp + 20 > ((int) sizeof(tmp))) - fatal("0verfl0w Error #234112"); - p += snprintf(p, 16, "%X ", seq->seqs[i]); - } - *--p = '\n'; - strcat(report, tmp); - } return report; } @@ -1911,7 +1924,7 @@ char *grab_next_host_spec(FILE *inputfd, int argc, char **fakeargv) { do { ip.s_addr = get_random_u32(); } while (ip_is_reserved(&ip)); - strcpy(host_spec, inet_ntoa(ip)); + Strncpy(host_spec, inet_ntoa(ip), sizeof(host_spec)); } else if (!inputfd) { return( (optind < argc)? fakeargv[optind++] : NULL); } else { diff --git a/nmap_dns.cc b/nmap_dns.cc index 693b30874..2e2b5c411 100644 --- a/nmap_dns.cc +++ b/nmap_dns.cc @@ -113,7 +113,7 @@ // Attempts to resolve host names in parallel using a set // of DNS servers. DNS servers are found here: // -// --dns_servers (all platforms - overrides everything else) +// --dns-servers (all platforms - overrides everything else) // // /etc/resolv.conf (only on unix) // @@ -208,7 +208,7 @@ int read_timeouts[][4] = { #define CAPACITY_MIN 10 #define CAPACITY_MAX 200 #define CAPACITY_UP_STEP 2 -#define CAPACITY_MINOR_DOWN_SCALE 0.95 +#define CAPACITY_MINOR_DOWN_SCALE 0.9 #define CAPACITY_MAJOR_DOWN_SCALE 0.7 // Each request will try to resolve on at most this many servers: @@ -311,8 +311,7 @@ void output_summary() { log_write(LOG_STDOUT, "mass_rdns: %.2fs %d/%d [#: %lu, OK: %d, NX: %d, DR: %d, SF: %d, TR: %d]\n", TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0, tp, stat_actual, - servs.size(), stat_ok, stat_nx, stat_dropped, stat_sf, stat_trans); - + (unsigned long) servs.size(), stat_ok, stat_nx, stat_dropped, stat_sf, stat_trans); } @@ -1217,7 +1216,7 @@ void nmap_mass_rdns(Target **targets, int num_targets) { // TR: Total number of transmissions necessary. The number of domains is ideal, higher is worse log_write(LOG_STDOUT, "DNS resolution of %d IPs took %.2fs. Mode: Async [#: %lu, OK: %d, NX: %d, DR: %d, SF: %d, TR: %d, CN: %d]\n", stat_actual, TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0, - servs.size(), stat_ok, stat_nx, stat_dropped, stat_sf, stat_trans, stat_cname); + (unsigned long) servs.size(), stat_ok, stat_nx, stat_dropped, stat_sf, stat_trans, stat_cname); } else { log_write(LOG_STDOUT, "DNS resolution of %d IPs took %.2fs. Mode: System [OK: %d, ??: %d]\n", stat_actual, TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0, diff --git a/nmapfe/nmapfe_sig.c b/nmapfe/nmapfe_sig.c index 0023d925e..e28d607ec 100644 --- a/nmapfe/nmapfe_sig.c +++ b/nmapfe/nmapfe_sig.c @@ -527,31 +527,31 @@ static int command_size = 0; if (GTK_TOGGLE_BUTTON(opt.startRtt)->active) { int val = gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(opt.startRttTime)); - sprintf(command+strlen(command), "--initial_rtt_timeout %d ", val); + sprintf(command+strlen(command), "--initial-rtt-timeout %d ", val); } if (GTK_TOGGLE_BUTTON(opt.minRtt)->active) { int val = gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(opt.minRttTime)); - sprintf(command+strlen(command), "--min_rtt_timeout %d ", val); + sprintf(command+strlen(command), "--min-rtt-timeout %d ", val); } if (GTK_TOGGLE_BUTTON(opt.maxRtt)->active) { int val = gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(opt.maxRttTime)); - sprintf(command+strlen(command), "--max_rtt_timeout %d ", val); + sprintf(command+strlen(command), "--max-rtt-timeout %d ", val); } if (GTK_TOGGLE_BUTTON(opt.hostTimeout)->active) { int val = gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(opt.hostTimeoutTime)); - sprintf(command+strlen(command), "--host_timeout %d ", val); + sprintf(command+strlen(command), "--host-timeout %d ", val); } if (GTK_TOGGLE_BUTTON(opt.scanDelay)->active) { int val = gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(opt.scanDelayTime)); - sprintf(command+strlen(command), "--scan_delay %d ", val); + sprintf(command+strlen(command), "--scan-delay %d ", val); } if (GTK_TOGGLE_BUTTON(opt.ipv4Ttl)->active) { @@ -563,7 +563,7 @@ static int command_size = 0; if (GTK_TOGGLE_BUTTON(opt.minPar)->active) { int val = gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(opt.minParSocks)); - sprintf(command+strlen(command), "--min_parallelism %d ", val); + sprintf(command+strlen(command), "--min-parallelism %d ", val); } if (GTK_TOGGLE_BUTTON(opt.maxPar)->active) { @@ -664,7 +664,7 @@ static int command_size = 0; strcat(command, " "); if (GTK_TOGGLE_BUTTON(opt.outputAppend)->active) - strcat(command, "--append_output "); + strcat(command, "--append-output "); } } diff --git a/output.cc b/output.cc index 868922b25..c30e62776 100644 --- a/output.cc +++ b/output.cc @@ -579,7 +579,9 @@ log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "%d service%s unrecognized despite ret char* xml_convert (const char* str) { char *temp, ch=0, prevch = 0, *p; - temp = (char *) malloc(strlen(str)*6+1); + int strl = strlen(str); + temp = (char *) malloc(strl*6+1); + char *end = temp + strl * 6 + 1; for (p = temp;(prevch = ch, ch = *str);str++) { char *a; switch (ch) { @@ -607,7 +609,8 @@ char* xml_convert (const char* str) { *p++ = ch; continue; } - strcpy(p,a); p += strlen(a); + assert(end - p > 1); + Strncpy(p,a, end - p - 1); p += strlen(a); // SAFE } *p = 0; temp = (char *) realloc(temp,strlen(temp)+1); @@ -1016,10 +1019,16 @@ static void printosclassificationoutput(const struct OS_Classification_Results * if (strcmp(fullfamily[familyno], tmpbuf) == 0) { // got a match ... do we need to add the generation? if (OSR->OSC[classno]->OS_Generation && !strstr(familygenerations[familyno], OSR->OSC[classno]->OS_Generation)) { + int flen = strlen(familygenerations[familyno]); // We add it, preceded by | if something is already there - if (strlen(familygenerations[familyno]) + 2 + strlen(OSR->OSC[classno]->OS_Generation) >= 48) fatal("buffer 0verfl0w of familygenerations"); - if (*familygenerations[familyno]) strcat(familygenerations[familyno], "|"); - strcat(familygenerations[familyno], OSR->OSC[classno]->OS_Generation); + if (flen + 2 + strlen(OSR->OSC[classno]->OS_Generation) >= + sizeof(familygenerations[familyno])) + fatal("buffer 0verfl0w of familygenerations"); + if (*familygenerations[familyno]) + strcat(familygenerations[familyno], "|"); + strncat(familygenerations[familyno], + OSR->OSC[classno]->OS_Generation, + sizeof(familygenerations[familyno]) - flen); } break; } diff --git a/utils.cc b/utils.cc index b7035017d..dc2d2880e 100644 --- a/utils.cc +++ b/utils.cc @@ -209,6 +209,23 @@ char *chomp(char *string) { return string; } +/* Compare a canonical option name (e.g. "max-scan-delay") with a + user-generated option such as "max_scan_delay" and returns 0 if the + two values are considered equivalant (for example, - and _ are + considered to be the same), nonzero otherwise. */ +int optcmp(const char *a, const char *b) { + while(*a && *b) { + if ((*a == '_' || *a == '-') && (*b != '_' && *b != '-')) + return 1; + if (*a != *b) + return 1; + a++; b++; + } + if (*a || *b) + return 1; + return 0; +} + /* Convert a comma-separated list of ASCII u16-sized numbers into the given 'dest' array, which is of total size (meaning sizeof() as opposed to numelements) of destsize. If min_elem and max_elem are diff --git a/utils.h b/utils.h index 98128e089..fb668b16a 100644 --- a/utils.h +++ b/utils.h @@ -190,6 +190,12 @@ template T box(T bmin, T bmax, T bnum) { void hdump(unsigned char *packet, unsigned int len); void lamont_hdump(char *cp, unsigned int length); +/* Compare a canonical option name (e.g. "max-scan-delay") with a + user-generated option such as "max_scan_delay" and returns 0 if the + two values are considered equivalant (for example, - and _ are + considered to be the same), nonzero otherwise. */ +int optcmp(const char *canonical, const char *instance); + /* Scramble the contents of an array*/ void genfry(unsigned char *arr, int elem_sz, int num_elem); void shortfry(unsigned short *arr, int num_elem);