PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-13 11:19:02 +00:00
Code Issues Projects Releases Wiki Activity

Improve fingermatch/fingerdiff in deciding which tests to use when there are multiple instances of the same test line

Browse Source
This commit is contained in:
fyodor
2006-09-12 10:17:37 +00:00
parent 9d936ce099
commit 6dedc52a1d
2 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/fingerdiff.cc
View File

@@ -132,7 +132,7 @@ int main(int argc, char *argv[]) {
char observedFPString[8192];
char line[512];
char *p, *endptr;
int i;
int i, rc;
int done=0;
FILE *fp;
@@ -182,9 +182,14 @@ int main(int argc, char *argv[]) {
if (readFP(stdin, observedFPString, sizeof(observedFPString)) == -1)
usage("Failed to read in supposed observed fingerprint from stdin\n");
observedFP = parse_single_fingerprint(observedFPString);
if (!observedFP) fatal("Sorry -- failed to parse the so-called reference fingerprint you entered");
if ((rc = remove_duplicate_tests(observedFP))) {
printf("[WARN] Adjusted fingerprint due to %d duplicated tests (we only look at the first).\n", rc);
}
/* OK, now I've got the fingerprints -- I just need to compare them ... */
accuracy = compare_fingerprints(referenceFP, observedFP, 1);
if (accuracy == 1)

22
scripts/fingerlib.cc
View File

@@ -290,6 +290,15 @@ int readFP(FILE *filep, char *FP, int FPsz ) {
return 0;
}
static int count_attributes(struct AVal *res) {
int count = 0;
while(res) {
count++;
res = res->next;
}
return count;
}
/* When Nmap prints a fingerprint for submission, it sometimes
includes duplicates of tests because 1 or more elements of that
test differ. While this is important for things like fingerfix
@@ -308,15 +317,18 @@ int remove_duplicate_tests(FingerPrint *FP) {
and if so, remove them */
for(inner = outer; inner->next; inner = inner->next) {
if (strcmp(outer->name, inner->next->name) == 0) {
/* DUPLICATE FOUND! REMOVE IT */
/* DUPLICATE FOUND! REMOVE THE ONE W/THE FEWEST ATTRIBUTES */
int outeratts = count_attributes(outer->results);
int inneratts = count_attributes(inner->next->results);
if (inneratts > outeratts) {
/* We do a swap of members because we can't change the address of 'FP' */
outer->results = inner->next->results; /* MEMORY LEAK BUT THATS OK */
}
dupsfound++;
tmp = inner->next;
inner->next = inner->next->next;
free(tmp);
inner->next = inner->next->next; /* MEMORY LEAK, BUT THATS OK */
}
if (!inner->next) break;
}
}
return dupsfound;
}