PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 06:01:28 +00:00
Code Issues Projects Releases Wiki Activity

about to do more os fingerprint integration

Browse Source
This commit is contained in:
fyodor
2006-12-03 00:34:19 +00:00
parent 9c21e40623
commit 9c686d4a12
6 changed files with 491 additions and 457 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
CHANGELOG
View File

@@ -1,4 +1,18 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
4.20
o Fixed (I hope) the "getinterfaces: intf_loop() failed" error which
was seen on Windows Vista. The problem was apparently in
intf-win32.c of libcnet (need to define MIB_IF_TYPE_MAX to
MAX_IF_TYPE rather than 32). Thanks to Dan Griffin
(dan(a)jwsecure.com) for tracking this down!
o Applied a couple minor bug fixes from Marek Majkowski to IP options
support (which he previously added) and packet tracing.
o Incorporated SLNP (Simple Library Network Protocol) version
detection support. Thanks to Tibor Csogor (tibi(a)tiborius.net) for
the patch.
4.20RC1 4.20RC1

13
libdnet-stripped/NMAP_MODIFICATIONS
View File

@@ -297,3 +297,16 @@ Index: src/intf.c
return (-1); return (-1);
entry->intf_mtu = ifr.ifr_mtu; entry->intf_mtu = ifr.ifr_mtu;
o Made the following change for Windows Vista support (thanks to Dan
Griffin):
--- old/intf-win32.c 2005-12-28 16:30:38.000000000 -0800
+++ intf-win32.c 2006-11-26 20:46:13.000000000 -0800
@@ -31,7 +31,7 @@
int max;
};
-#define MIB_IF_TYPE_MAX 32 /* XXX - ipifcons.h */
+#define MIB_IF_TYPE_MAX MAX_IF_TYPE /* XXX - ipifcons.h */
struct intf_handle {
struct ifcombo ifcombo[MIB_IF_TYPE_MAX];

2
libdnet-stripped/src/intf-win32.c
View File

@@ -31,7 +31,7 @@ struct ifcombo {
int max; int max;
}; };
#define MIB_IF_TYPE_MAX 32 /* XXX - ipifcons.h */ #define MIB_IF_TYPE_MAX MAX_IF_TYPE /* XXX - ipifcons.h */
struct intf_handle { struct intf_handle {
struct ifcombo ifcombo[MIB_IF_TYPE_MAX]; struct ifcombo ifcombo[MIB_IF_TYPE_MAX];

6
nmap-os-db
View File

@@ -203,8 +203,7 @@ U1(DF=N%T=40%TG=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=0%RUL=G%RUD=G)
IE(DFI=S%T=40%TG=40%TOSI=S%CD=S%SI=S%DLI=S) IE(DFI=S%T=40%TG=40%TOSI=S%CD=S%SI=S%DLI=S)
# Apple Mac OS 10.4.8/ppc (Darwin tetralyre 8.8.0 Darwin Kernel Version 8.8.0: Fri Sep 8 17:18:57 PDT # Apple Mac OS 10.4.8/ppc (Darwin tetralyre 8.8.0 Darwin Kernel Version 8.8.0: Fri Sep 8 17:18:57 PDT
# Darwin 8.8.1 Darwin Kernel Version 8.8.1: Mon Sep 25 # Darwin 8.8.1 Darwin Kernel Version 8.8.1: Mon Sep 25 19:42:00 PDT 2006; root:xnu-792.13.8.obj~1/RELEASE_I386 i386 i386
19:42:00 PDT 2006; root:xnu-792.13.8.obj~1/RELEASE_I386 i386 i386
Fingerprint Apple Mac OS X 10.4.8 (Tiger) Fingerprint Apple Mac OS X 10.4.8 (Tiger)
Class Apple | Mac OS X | 10.4.X | general purpose Class Apple | Mac OS X | 10.4.X | general purpose
SEQ(SP=FB-105%GCD=<7%ISR=FF-10B%TI=I%II=I%SS=S%TS=0|1) SEQ(SP=FB-105%GCD=<7%ISR=FF-10B%TI=I%II=I%SS=S%TS=0|1)
@@ -638,7 +637,8 @@ IE(DFI=S%T=FF%TG=FF%TOSI=S%CD=S%SI=S|OS:S%DLI=S)
# D-Link DI-624 wireless router rev. C, firmware 2.76 (24 Aug 2006) # D-Link DI-624 wireless router rev. C, firmware 2.76 (24 Aug 2006)
# D-Link DI-524 WAP Firmware 1.21 # D-Link DI-524 WAP Firmware 1.21
Fingerprint D-Link DI-624 or DI-524 WAP # D-Link DI-604, firmware 3.52
Fingerprint D-Link DI-524, DI-604, or DI-624 WAP
Class D-Link | embedded || broadband router Class D-Link | embedded || broadband router
SEQ(SP=B-15%GCD=FA7F|1F4FE|2EF7D|3E9FC|4E47B|5DEFA%ISR=96-A0%TI=I%II=I%SS=S%TS=U) SEQ(SP=B-15%GCD=FA7F|1F4FE|2EF7D|3E9FC|4E47B|5DEFA%ISR=96-A0%TI=I%II=I%SS=S%TS=U)
OPS(O1=M5B0%O2=M5B0%O3=M5B0%O4=M5B0%O5=M5B0%O6=M5B0) OPS(O1=M5B0%O2=M5B0%O3=M5B0%O4=M5B0%O5=M5B0%O6=M5B0)

7
nmap-services
View File

@@ -1844,6 +1844,8 @@ ppp 3000/tcp # User-level ppp daemon, or chili!soft asp
nessusd 3001/tcp # Nessus Security Scanner (www.nessus.org) Daemon or chili!soft asp nessusd 3001/tcp # Nessus Security Scanner (www.nessus.org) Daemon or chili!soft asp
deslogin 3005/tcp # encrypted symmetric telnet/login deslogin 3005/tcp # encrypted symmetric telnet/login
deslogind 3006/tcp # deslogind 3006/tcp #
slnp 3025/tcp # SLNP (Simple Library Network Protocol) by Sisis Informationssysteme GmbH
slnp 3045/tcp # SLNP (Simple Library Network Protocol) by Sisis Informationssysteme GmbH
cfs 3049/tcp # cryptographic file system (nfs) (proposed) cfs 3049/tcp # cryptographic file system (nfs) (proposed)
cfs 3049/udp # cryptographic file system (nfs) cfs 3049/udp # cryptographic file system (nfs)
PowerChute 3052/tcp PowerChute 3052/tcp
@@ -1859,11 +1861,15 @@ ccmail 3264/udp # cc:mail/lotus
globalcatLDAP 3268/tcp # Global Catalog LDAP globalcatLDAP 3268/tcp # Global Catalog LDAP
globalcatLDAPssl 3269/tcp # Global Catalog LDAP over ssl globalcatLDAPssl 3269/tcp # Global Catalog LDAP over ssl
meetingmaker 3292/tcp # Meeting maker time management software meetingmaker 3292/tcp # Meeting maker time management software
saprouter 3299/tcp # SAProuter
mysql 3306/tcp # mySQL mysql 3306/tcp # mySQL
dec-notes 3333/tcp # DEC Notes dec-notes 3333/tcp # DEC Notes
dec-notes 3333/udp # DEC Notes dec-notes 3333/udp # DEC Notes
msdtc 3372/tcp # MS distributed transaction coordinator msdtc 3372/tcp # MS distributed transaction coordinator
ms-term-serv 3389/tcp # Microsoft Remote Display Protocol ms-term-serv 3389/tcp # Microsoft Remote Display Protocol
saposs 3397/tcp # SAP Oss
sapcomm 3398/tcp # SAPcomm
sapeps 3399/tcp # SAP EPS
squid-snmp 3401/udp # Squid proxy SNMP port squid-snmp 3401/udp # Squid proxy SNMP port
bmap 3421/tcp # Bull Apprise portmapper bmap 3421/tcp # Bull Apprise portmapper
bmap 3421/udp # Bull Apprise portmapper bmap 3421/udp # Bull Apprise portmapper
@@ -2119,6 +2125,7 @@ http-alt 8000/tcp # A common alternative http port
ajp12 8007/tcp # Apache JServ Protocol 1.x ajp12 8007/tcp # Apache JServ Protocol 1.x
ajp13 8009/tcp # Apache JServ Protocol 1.3 ajp13 8009/tcp # Apache JServ Protocol 1.3
ftp-proxy 8021/tcp # Common FTP proxy port ftp-proxy 8021/tcp # Common FTP proxy port
slnp 8076/tcp # SLNP (Simple Library Network Protocol) by Sisis Informationssysteme GmbH
http-proxy 8080/tcp # Common HTTP proxy/second web server port http-proxy 8080/tcp # Common HTTP proxy/second web server port
blackice-icecap 8081/tcp # ICECap user console blackice-icecap 8081/tcp # ICECap user console
blackice-alerts 8082/tcp # BlackIce Alerts sent to this port blackice-alerts 8082/tcp # BlackIce Alerts sent to this port

4
tcpip.cc
View File

@@ -487,7 +487,7 @@ static const char *ippackethdrinfo(const u8 *packet, u32 len) {
srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport), ipinfo, tcpinfo); srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport), ipinfo, tcpinfo);
} else { // at least first 16 bytes of TCP header are there } else { // at least first 16 bytes of TCP header are there
snprintf(tcpinfo, sizeof(tcpinfo), "seq=%lu win=%hi", snprintf(tcpinfo, sizeof(tcpinfo), "seq=%lu win=%hu",
(unsigned long) ntohl(tcp->th_seq), (unsigned long) ntohl(tcp->th_seq),
ntohs(tcp->th_win)); ntohs(tcp->th_win));
p = tflags; p = tflags;
@@ -500,7 +500,7 @@ static const char *ippackethdrinfo(const u8 *packet, u32 len) {
*p++ = 'A'; *p++ = 'A';
snprintf(buf, sizeof(buf), " ack=%lu", snprintf(buf, sizeof(buf), " ack=%lu",
(unsigned long) ntohl(tcp->th_ack)); (unsigned long) ntohl(tcp->th_ack));
strncat(tcpinfo, buf, sizeof(tcpinfo) - 1); strncat(tcpinfo, buf, sizeof(tcpinfo) - strlen(tcpinfo) - 1);
} }
if (tcp->th_flags & TH_URG) *p++ = 'U'; if (tcp->th_flags & TH_URG) *p++ = 'U';
if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */ if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */