PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity

reordering UDP port selection for Traceroute: a closed port is now chosen before an open one.

Browse Source
This commit is contained in:
kris
2008-02-15 19:45:34 +00:00
parent 477967e69b
commit a02bf67a70
2 changed files with 25 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG
View File

@@ -56,6 +56,11 @@ o Added IPv6 host support to the RPC scan. Attempting this before
(via -sV) caused a segmentation fault. Thanks to Will Cladek for (via -sV) caused a segmentation fault. Thanks to Will Cladek for
the report. [Kris] the report. [Kris]
o Reordered the UDP port selection for Traceroute: a closed port is
now chosen before an open one. This is because an open UDP port is
usually due to running version detection (-sV), so a Traceroute
probe wouldn't elicit a response. [Kris]
o We now escape newlines, carriage returns, and tabs (\n\r\t) in XML o We now escape newlines, carriage returns, and tabs (\n\r\t) in XML
output. While those are allowed in XML attributes, they get output. While those are allowed in XML attributes, they get
normalized which can make formatting the output difficult for normalized which can make formatting the output difficult for

22
traceroute.cc
View File

@@ -325,8 +325,8 @@ Traceroute::getTracePort (u8 proto, Target * t) {
u16 open_port = 1; u16 open_port = 1;
u16 closed_port = 1; u16 closed_port = 1;
u16 filtered_port = 1; u16 filtered_port = 1;
u16 state = 0;
u16 port = 0; u16 port = 0;
int state = -1;
struct Port *np; struct Port *np;
/* Use the first specified port for ping traceroutes */ /* Use the first specified port for ping traceroutes */
@@ -347,21 +347,31 @@ Traceroute::getTracePort (u8 proto, Target * t) {
open_port = (!scaninfo.open_response) ? 0 : 1; open_port = (!scaninfo.open_response) ? 0 : 1;
} }
/* First we try to find an open port, if not we try to find a closed /* For UDP we try for a closed port, then an open one. For everything else
* port and lastly we try to find a filtered port */ * we try the opposite. When all else fails, we try for filtered */
if (proto == IPPROTO_UDP) {
if (closed_port && t->ports.getStateCounts (proto, scaninfo.closed_state))
state = scaninfo.closed_state;
else if (open_port && t->ports.getStateCounts (proto, scaninfo.open_state))
state = scaninfo.open_state;
} else {
if (open_port && t->ports.getStateCounts (proto, scaninfo.open_state)) if (open_port && t->ports.getStateCounts (proto, scaninfo.open_state))
state = scaninfo.open_state; state = scaninfo.open_state;
else if (closed_port && t->ports.getStateCounts (proto, scaninfo.closed_state)) else if (closed_port && t->ports.getStateCounts (proto, scaninfo.closed_state))
state = scaninfo.closed_state; state = scaninfo.closed_state;
else if (filtered_port && t->ports.getStateCounts (proto, PORT_FILTERED)) { }
if (state == -1 && filtered_port &&
t->ports.getStateCounts (proto, PORT_FILTERED)) {
state = PORT_FILTERED; state = PORT_FILTERED;
if (o.verbose) if (o.verbose)
log_write (LOG_PLAIN, "%s: only filtered %s available, results may be incorrect\n", log_write (LOG_PLAIN, "%s: only filtered %s available, results may be incorrect\n",
t->targetipstr (), o.ipprotscan ? "protocols" : "ports"); t->targetipstr (), o.ipprotscan ? "protocols" : "ports");
} else {
return -1;
} }
if (state == -1)
return -1;
np = t->ports.nextPort (NULL, proto, state); np = t->ports.nextPort (NULL, proto, state);
if (!np) if (!np)
return -1; return -1;