PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-31 03:49:01 +00:00
Code Issues Projects Releases Wiki Activity

Avoid using commonly-spoofed-closed ports as ping/timing ports

Browse Source
This commit is contained in:
dmiller
2018-03-28 20:17:44 +00:00
parent 02e3add66e
commit 6680f5648d
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scan_engine.cc
View File

@@ -1796,6 +1796,13 @@ static unsigned int pingprobe_score(const probespec *pspec, int state) {
score = 2;
else if (pspec->pd.tcp.flags == TH_SYN && (state == PORT_OPEN || state == PORT_UNKNOWN))
score = 3;
else if (pspec->pd.tcp.dport == 25 ||
pspec->pd.tcp.dport == 113 ||
pspec->pd.tcp.dport == 135 ||
pspec->pd.tcp.dport == 139 ||
pspec->pd.tcp.dport == 445)
/* Frequently spoofed port numbers */
score = 5;
else
score = 6;
break;