PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

little rDNS fix from Doug

Browse Source
This commit is contained in:
fyodor
2006-08-08 22:50:15 +00:00
parent 2d36c91639
commit 71ac6ae95a
3 changed files with 22 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG
View File

@@ -1,6 +1,9 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
o Applied a couple of nsock bugfixes from Diman Todorov. These don't o Worked with Zhao to improve the new OS detection system with
better algorithms and bug fixes.
o Applied some nsock bugfixes from Diman Todorov. These don't
affect the current version of Nmap, but are important for his upcoming affect the current version of Nmap, but are important for his upcoming
Nmap Scripting Engine. Nmap Scripting Engine.
@@ -9,6 +12,10 @@ o Integrated all 2nd quarter service detection fingerprint
representing 415 protocols. Thanks to version detection czar Doug representing 415 protocols. Thanks to version detection czar Doug
Hoyte for doing this. Hoyte for doing this.
o Fixed a bug in the rDNS system which prevented us from querying
certain authoritative DNS servers which have recursion explicitly
disabled. Thanks to Doug Hoyte for the patch.
o Cleaned up Nmap DNS reporting to be a little more useful and o Cleaned up Nmap DNS reporting to be a little more useful and
concise. Thanks to Doug Hoyte for the patch. concise. Thanks to Doug Hoyte for the patch.

7
nmap_dns.cc
View File

@@ -674,9 +674,10 @@ static void read_evt_handler(nsock_pool nsp, nsock_event evt, void *nothing) {
// 0xFA == 11111010 (we're not concerned with AA or RD bits) // 0xFA == 11111010 (we're not concerned with AA or RD bits)
if ((buf[2] & 0xFA) != 0x80) return; if ((buf[2] & 0xFA) != 0x80) return;
// Check that Recursion is available, the zero field is all zeros // Check that the zero field is all zeros and there is no error condition.
// and there is no error condition: // We don't care if recursion is available or not since we might be querying
if (buf[3] != 0x80) { // an authoritative DNS server.
if (buf[3] != 0x80 && buf[3] != 0) {
if ((buf[3] & 0xF) == 2) errcode = 2; if ((buf[3] & 0xF) == 2) errcode = 2;
else if ((buf[3] & 0xF) == 3) errcode = 3; else if ((buf[3] & 0xF) == 3) errcode = 3;
else return; else return;

12
osscan2.cc
View File

@@ -13,7 +13,7 @@ using namespace std;
extern NmapOps o; extern NmapOps o;
/* 7 options: /* 7 options:
* 0~5: six options for TSeq/TOps/TWin/T1 probes. * 0~5: six options for SEQ/OPS/WIN/T1 probes.
* 6: T2~T7 probes. * 6: T2~T7 probes.
* *
* option 0: WScale (10), Nop, MSS (1460), Timestamp, Nop, Nop, SackP, Nop, Nop * option 0: WScale (10), Nop, MSS (1460), Timestamp, Nop, Nop, SackP, Nop, Nop
@@ -2103,7 +2103,7 @@ bool HostOsScan::processTUdpResp(HostOsScanStats *hss, struct ip *ip) {
struct icmp *icmp; struct icmp *icmp;
struct ip *ip2; struct ip *ip2;
int numtests = 12; int numtests;
unsigned short checksum; unsigned short checksum;
unsigned short *checksumptr; unsigned short *checksumptr;
udphdr_bsd *udp; udphdr_bsd *udp;
@@ -2112,6 +2112,14 @@ bool HostOsScan::processTUdpResp(HostOsScanStats *hss, struct ip *ip) {
int current_testno = 0; int current_testno = 0;
unsigned char *datastart, *dataend; unsigned char *datastart, *dataend;
#if !defined(SOLARIS) && !defined(SUNOS) && !defined(IRIX) && !defined(HPUX)
numtests = 12;
#else
/* We don't do RID test under these operating systems, thus the
number of test is 1 less. */
numtests = 11;
#endif
if (hss->FP_TUdp) return false; if (hss->FP_TUdp) return false;
icmp = ((struct icmp *)(((char *) ip) + 4 * ip->ip_hl)); icmp = ((struct icmp *)(((char *) ip) + 4 * ip->ip_hl));