PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 05:31:31 +00:00
Code Issues Projects Releases Wiki Activity

loosen the requirements for a split-handshake syn detection to allow the likes of SYN|PSH. See this thread: http://seclists.org/nmap-dev/2010/q2/739

Browse Source
This commit is contained in:
fyodor
2010-06-11 06:17:52 +00:00
parent 0585746788
commit 6ac6e2fad5
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scan_engine.cc
View File

@@ -4102,10 +4102,6 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
/* Yeah! An open port */
newstate = PORT_OPEN;
current_reason = ER_SYNACK;
} else if (USI->scantype == SYN_SCAN && tcp->th_flags == TH_SYN) {
/* A SYN from a TCP Split Handshake - open port */
newstate = PORT_OPEN;
current_reason = ER_SYN;
} else if (tcp->th_flags & TH_RST) {
current_reason = ER_RESETPEER;
if (USI->scantype == WINDOW_SCAN ) {
@@ -4113,6 +4109,10 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
} else if (USI->scantype == ACK_SCAN) {
newstate = PORT_UNFILTERED;
} else newstate = PORT_CLOSED;
} else if (USI->scantype == SYN_SCAN && (tcp->th_flags & TH_SYN)) {
/* A SYN from a TCP Split Handshake - http://nmap.org/misc/split-handshake.pdf - open port */
newstate = PORT_OPEN;
current_reason = ER_SYN;
} else {
if (o.debugging)
error("Received scan response with unexpected TCP flags: %d", tcp->th_flags);