diff --git a/CHANGELOG b/CHANGELOG index 5d2b429d1..0659ba893 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -3,6 +3,11 @@ Nmap 4.20ALPHA3 o Added back Win32 support thanks to a patch by kx +o Fixed the English translation of TCP sequence difficulty reported by + Brandon Enright, and also removed fingerprint printing for 1st + generation fingerprints (I don't really want to deal with those + anymore). Thanks to Zhao Lei for writing this patch. + o Fix a problem which caused OS detection to be done in some cases even if the user didn't request it. Thanks to Diman Todorov for the fix. diff --git a/nmap.cc b/nmap.cc index 9169f047a..4672b93be 100644 --- a/nmap.cc +++ b/nmap.cc @@ -1948,6 +1948,19 @@ n -sS -O -v example.com/24\n\ f --spoof \"/usr/local/bin/pico -z hello.c\" -sS -oN e.log example.com/24\n\n"); } +char *seqreport1(struct seq_info *seq) { + static char report[512]; + + snprintf(report, sizeof(report), "TCP Sequence Prediction: Class=%s\n Difficulty=%d (%s)\n", seqclass2ascii(seq->seqclass), seq->index, seqidx2difficultystr1(seq->index)); + return report; +} + +/* Convert a TCP sequence prediction difficulty index like 1264386 + into a difficulty string like "Worthy Challenge */ +const char *seqidx2difficultystr1(unsigned long idx) { + return (idx < 10)? "Trivial joke" : (idx < 80)? "Easy" : (idx < 3000)? "Medium" : (idx < 5000)? "Formidable" : (idx < 100000)? "Worthy challenge" : "Good luck!"; +} + char *seqreport(struct seq_info *seq) { static char report[512]; @@ -1958,9 +1971,10 @@ char *seqreport(struct seq_info *seq) { /* Convert a TCP sequence prediction difficulty index like 1264386 into a difficulty string like "Worthy Challenge */ const char *seqidx2difficultystr(unsigned long idx) { - return (idx < 10)? "Trivial joke" : (idx < 80)? "Easy" : (idx < 3000)? "Medium" : (idx < 5000)? "Formidable" : (idx < 100000)? "Worthy challenge" : "Good luck!"; + return (idx < 3)? "Trivial joke" : (idx < 6)? "Easy" : (idx < 11)? "Medium" : (idx < 12)? "Formidable" : (idx < 16)? "Worthy challenge" : "Good luck!"; } + char *seqclass2ascii(int seqclass) { switch(seqclass) { case SEQ_CONSTANT: diff --git a/nmap.h b/nmap.h index a39912049..75267cc7f 100644 --- a/nmap.h +++ b/nmap.h @@ -474,6 +474,7 @@ char *scantype2str(stype scantype); void sigdie(int signo); void reaper(int signo); char *seqreport(struct seq_info *seq); +char *seqreport1(struct seq_info *seq); char *seqclass2ascii(int clas); char *ipidclass2ascii(int seqclass); char *tsseqclass2ascii(int seqclass); @@ -481,6 +482,7 @@ char *tsseqclass2ascii(int seqclass); /* Convert a TCP sequence prediction difficulty index like 1264386 into a difficulty string like "Worthy Challenge */ const char *seqidx2difficultystr(unsigned long idx); +const char *seqidx2difficultystr1(unsigned long idx); int nmap_fetchfile(char *filename_returned, int bufferlen, char *file); int gather_logfile_resumption_state(char *fname, int *myargc, char ***myargv); diff --git a/output.cc b/output.cc index 269ef0e7b..7e3b5e830 100644 --- a/output.cc +++ b/output.cc @@ -1216,8 +1216,8 @@ void printosscanoutput(Target *currenths) { char numlst[512]; /* For creating lists of numbers */ char *p; /* Used in manipulating numlst above */ FingerPrintResults *FPR; + int osscanSys = 0; int distance = -1; - bool wrapFP = true; /* Whether to wrap the fingerprint result. */ if (!currenths->osscan_performed) return; @@ -1225,27 +1225,31 @@ void printosscanoutput(Target *currenths) { if (currenths->FPR == NULL && currenths->FPR1 == NULL) { return; } else if (currenths->FPR != NULL && currenths->FPR1 == NULL) { + osscanSys = 2; FPR = currenths->FPR; } else if (currenths->FPR == NULL && currenths->FPR1 != NULL) { + osscanSys = 1; FPR = currenths->FPR1; - wrapFP = false; } else { /* Neither is NULL. This happens when new OS scan system fails to get a perfect match and falls back on the old OS scan system. */ if (currenths->FPR->num_perfect_matches > 0) { + osscanSys = 2; FPR = currenths->FPR; /* Just an ensurance. */ } else if (currenths->FPR1->num_perfect_matches > 0) { + osscanSys = 1; FPR = currenths->FPR1; - wrapFP = false; } else if (currenths->FPR->overall_results == OSSCAN_SUCCESS) { + osscanSys = 2; FPR = currenths->FPR; } else if (currenths->FPR1->overall_results == OSSCAN_SUCCESS) { + osscanSys = 1; FPR = currenths->FPR1; - wrapFP = false; } else { /* Both fails. */ + osscanSys = 2; FPR = currenths->FPR; } } @@ -1329,18 +1333,18 @@ void printosscanoutput(Target *currenths) { } log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "\n"); } - if (FPR->fingerprintSuitableForSubmission()) { + if (FPR->fingerprintSuitableForSubmission() && osscanSys == 2) { log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT,"No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).\nTCP/IP fingerprint:\n%s\n", mergeFPs(FPR->FPs, FPR->numFPs, true, currenths->v4hostip(), distance, currenths->MACAddress(), FPR->osscan_opentcpport, FPR->osscan_closedtcpport, FPR->osscan_closedudpport, - wrapFP)); + true)); } else { log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT,"No exact OS matches for host (test conditions non-ideal)."); if (o.verbose > 1) - log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT, "\nTCP/IP fingerprint:\n%s", - mergeFPs(FPR->FPs, FPR->numFPs, false, + log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT, "\nTCP/IP fingerprint by osscan system #%d:\n%s", + osscanSys, mergeFPs(FPR->FPs, FPR->numFPs, false, currenths->v4hostip(), distance, currenths->MACAddress(), FPR->osscan_opentcpport, FPR->osscan_closedtcpport, FPR->osscan_closedudpport, false)); @@ -1352,17 +1356,17 @@ void printosscanoutput(Target *currenths) { log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"OS Fingerprint:\n%s\n", fp2ascii(FPR->FPs[FPR->goodFP])); } } else if (FPR->overall_results == OSSCAN_NOMATCHES) { - if (FPR->fingerprintSuitableForSubmission()) { + if (FPR->fingerprintSuitableForSubmission() && osscanSys == 2) { log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT,"No OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).\nTCP/IP fingerprint:\n%s\n", mergeFPs(FPR->FPs, FPR->numFPs, true, currenths->v4hostip(), distance, currenths->MACAddress(), FPR->osscan_opentcpport, FPR->osscan_closedtcpport, FPR->osscan_closedudpport, - wrapFP)); + true)); } else { log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT,"No OS matches for host (test conditions non-ideal).\n"); if (o.verbose > 1) - log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT, "\nTCP/IP fingerprint:\n%s", - mergeFPs(FPR->FPs, FPR->numFPs, false, + log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT, "\nTCP/IP fingerprint by osscan system #%d:\n%s", + osscanSys, mergeFPs(FPR->FPs, FPR->numFPs, false, currenths->v4hostip(), distance, currenths->MACAddress(), FPR->osscan_opentcpport, FPR->osscan_closedtcpport, FPR->osscan_closedudpport, false)); @@ -1370,8 +1374,8 @@ void printosscanoutput(Target *currenths) { } else if (FPR->overall_results == OSSCAN_TOOMANYMATCHES || (FPR->num_perfect_matches > 8 && !o.debugging)) { log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"Too many fingerprints match this host to give specific OS details\n"); if (o.debugging || o.verbose) { - log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"TCP/IP fingerprint:\n%s", - mergeFPs(FPR->FPs, FPR->numFPs, false, + log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"TCP/IP fingerprint by osscan system #%d:\n%s", + osscanSys, mergeFPs(FPR->FPs, FPR->numFPs, false, currenths->v4hostip(), distance, currenths->MACAddress(), FPR->osscan_opentcpport, FPR->osscan_closedtcpport, FPR->osscan_closedudpport, false)); @@ -1414,8 +1418,12 @@ void printosscanoutput(Target *currenths) { } log_write(LOG_XML, "\n", (long) currenths->seq.index, seqclass2ascii(currenths->seq.seqclass), seqidx2difficultystr(currenths->seq.index), numlst); - if (o.verbose) + if (o.verbose) { + if (osscanSys == 1) + log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"%s", seqreport1(&(currenths->seq))); + else if(osscanSys == 2) log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"%s", seqreport(&(currenths->seq))); + } log_write(LOG_MACHINE,"\tSeq Index: %d", currenths->seq.index); }