From a0e4664f21b9931be0dfc8bf73f0b5499be14461 Mon Sep 17 00:00:00 2001 From: david Date: Fri, 2 Sep 2011 04:11:01 +0000 Subject: [PATCH] Whitespace. --- scripts/targets-ipv6-multicast-echo.nse | 42 ++++++------ .../targets-ipv6-multicast-invalid-dst.nse | 32 ++++----- scripts/targets-ipv6-multicast-slaac.nse | 67 +++++++++---------- 3 files changed, 70 insertions(+), 71 deletions(-) diff --git a/scripts/targets-ipv6-multicast-echo.nse b/scripts/targets-ipv6-multicast-echo.nse index 07440001e..04572ee9e 100644 --- a/scripts/targets-ipv6-multicast-echo.nse +++ b/scripts/targets-ipv6-multicast-echo.nse @@ -22,8 +22,8 @@ require 'packet' local bit = require 'bit' prerule = function() - return nmap.is_privileged() and - (stdnse.get_script_args("interface") or nmap.get_interface()) + return nmap.is_privileged() and + (stdnse.get_script_args("interface") or nmap.get_interface()) end catch = function() @@ -51,7 +51,7 @@ end action = function() local if_name = stdnse.get_script_args("targets-ipv6-multicast.interface") or nmap.get_interface() - local if_nfo = get_ipv6_interface_info_by_name(if_name) + local if_nfo = get_ipv6_interface_info_by_name(if_name) if not if_nfo then stdnse.print_debug("Invalid interface: " .. if_name) return false @@ -61,16 +61,16 @@ action = function() local dst_mac = packet.mactobin("33:33:00:00:00:01") local dst_ip6 = packet.ip6tobin("ff02::1") local id_set = {} - + ---------------------------------------------------------------------------- --Multicast echo ping probe - + local dnet = nmap.new_dnet() local pcap = nmap.new_socket() - + try(dnet:ethernet_open(if_name)) pcap:pcap_open(if_name, 128, false, "icmp6 and ip6[6:1] = 58 and ip6[40:1] = 129") - + local probe = packet.Frame:new() probe.mac_src = src_mac probe.mac_dst = dst_mac @@ -81,42 +81,42 @@ action = function() probe.echo_data = "Nmap host discovery." probe:build_icmpv6_echo_request() probe:build_icmpv6_header() - probe:build_ipv6_packet() + probe:build_ipv6_packet() probe:build_ether_frame() - + try(dnet:ethernet_send(probe.frame_buf)) - - pcap:set_timeout(1000) + + pcap:set_timeout(1000) local pcap_timeout_count = 0 local nse_timeout = 5 local start_time = nmap:clock() local cur_time = nmap:clock() - + local found_targets = 0 - - repeat + + repeat local status, length, layer2, layer3 = pcap:pcap_receive() cur_time = nmap:clock() if not status then pcap_timeout_count = pcap_timeout_count + 1 else - local reply = packet.Frame:new(layer2..layer3) + local reply = packet.Frame:new(layer2..layer3) if reply.mac_dst == src_mac then - local identifier = get_identifier(reply.ip6_src) + local identifier = get_identifier(reply.ip6_src) if not id_set[identifier] then id_set[identifier] = true local target_str = packet.toipv6(reply.ip6_src) target.add(target_str) found_targets = found_targets + 1 - end - end + end + end end until pcap_timeout_count >= 2 or cur_time - start_time >= nse_timeout - + stdnse.print_debug(0, "[Echo ping] Found %d targets.", found_targets) - + dnet:ethernet_close() pcap:pcap_close() - + return true end diff --git a/scripts/targets-ipv6-multicast-invalid-dst.nse b/scripts/targets-ipv6-multicast-invalid-dst.nse index 1c4ac0667..2fc12fea9 100644 --- a/scripts/targets-ipv6-multicast-invalid-dst.nse +++ b/scripts/targets-ipv6-multicast-invalid-dst.nse @@ -22,8 +22,8 @@ require 'packet' local bit = require 'bit' prerule = function() - return nmap.is_privileged() and - (stdnse.get_script_args("interface") or nmap.get_interface()) + return nmap.is_privileged() and + (stdnse.get_script_args("interface") or nmap.get_interface()) end catch = function() @@ -62,7 +62,7 @@ end action = function() local if_name = stdnse.get_script_args("targets-ipv6-multicast.interface") or nmap.get_interface() - local if_nfo = get_ipv6_interface_info_by_name(if_name) + local if_nfo = get_ipv6_interface_info_by_name(if_name) if not if_nfo then stdnse.print_debug("Invalid interface: " .. if_name) return false @@ -72,16 +72,16 @@ action = function() local dst_mac = packet.mactobin("33:33:00:00:00:01") local dst_ip6 = packet.ip6tobin("ff02::1") local id_set = {} - + ---------------------------------------------------------------------------- ---Multicast invalid destination exheader probe +--Multicast invalid destination exheader probe local dnet = nmap.new_dnet() local pcap = nmap.new_socket() - + try(dnet:ethernet_open(if_name)) pcap:pcap_open(if_name, 128, false, "icmp6 and ip6[6:1] = 58 and ip6[40:1] = 4") - + local probe = packet.Frame:new() probe.mac_src = src_mac probe.mac_dst = dst_mac @@ -99,18 +99,18 @@ action = function() probe:build_ipv6_packet() probe:build_ether_frame() - + try(dnet:ethernet_send(probe.frame_buf)) - - pcap:set_timeout(1000) + + pcap:set_timeout(1000) local pcap_timeout_count = 0 local nse_timeout = 5 local start_time = nmap:clock() local cur_time = nmap:clock() - + local found_targets = 0 - - repeat + + repeat local status, length, layer2, layer3 = pcap:pcap_receive() cur_time = nmap:clock() if not status then @@ -125,16 +125,16 @@ action = function() if not id_set[identifier] then id_set[identifier] = true local target_str = packet.toipv6(target_addr) - target.add(target_str) + target.add(target_str) end end end until pcap_timeout_count >= 2 or cur_time - start_time >= nse_timeout stdnse.print_debug(0, "[Invalid DSTOPTS] Found %d targets.", found_targets) - + dnet:ethernet_close() pcap:pcap_close() - + return true end diff --git a/scripts/targets-ipv6-multicast-slaac.nse b/scripts/targets-ipv6-multicast-slaac.nse index f69c9a6a5..f7acf9ed3 100644 --- a/scripts/targets-ipv6-multicast-slaac.nse +++ b/scripts/targets-ipv6-multicast-slaac.nse @@ -20,8 +20,8 @@ require "os" require "math" prerule = function() - return nmap.is_privileged() and - (stdnse.get_script_args("targets-ipv6-multicast.interface") or nmap.get_interface()) + return nmap.is_privileged() and + (stdnse.get_script_args("targets-ipv6-multicast.interface") or nmap.get_interface()) end catch = function() @@ -49,15 +49,15 @@ end --- Get a Unique-local Address with random global ID. -- @param local_scope The scope of the address, local or reserved. --- @return A 16-byte string of IPv6 address, and the length of the prefix. +-- @return A 16-byte string of IPv6 address, and the length of the prefix. local function get_radom_ula_prefix(local_scope) local ula_prefix math.randomseed(os.time()) local global_id = string.char(math.random(256)-1,math.random(256)-1,math.random(256)-1,math.random(256)-1,math.random(256)-1) - + if local_scope then ula_prefix = packet.ip6tobin("fd00::") - else + else ula_prefix = packet.ip6tobin("fc00::") end ula_prefix = string.sub(ula_prefix,1,1) .. global_id .. string.sub(ula_prefix,7,-1) @@ -72,25 +72,24 @@ end -- @param preferred_time integer that represents the preferred time of the prefix. local function build_router_advert(mac_src,prefix,prefix_len,valid_time,preferred_time) local ra_msg = string.char(0x0, --cur hop limit - 0x08, --flags - 0x00,0x00, --router lifetime - 0x00,0x00,0x00,0x00, --reachable time - 0x00,0x00,0x00,0x00) --retrans timer - local prefix_option_msg = string.char(prefix_len, - 0xc0) .. --flags: Onlink, Auto - packet.set_u32("....",0,valid_time) .. - packet.set_u32("....",0,preferred_time) .. - string.char(0,0,0,0) .. --unknown - prefix + 0x08, --flags + 0x00,0x00, --router lifetime + 0x00,0x00,0x00,0x00, --reachable time + 0x00,0x00,0x00,0x00) --retrans timer + local prefix_option_msg = string.char(prefix_len, 0xc0) .. --flags: Onlink, Auto + packet.set_u32("....",0,valid_time) .. + packet.set_u32("....",0,preferred_time) .. + string.char(0,0,0,0) .. --unknown + prefix local icmpv6_prefix_option = packet.Packet:set_icmpv6_option(packet.ND_OPT_PREFIX_INFORMATION,prefix_option_msg) - local icmpv6_src_link_option = packet.Packet:set_icmpv6_option(packet.ND_OPT_SOURCE_LINKADDR,mac_src) + local icmpv6_src_link_option = packet.Packet:set_icmpv6_option(packet.ND_OPT_SOURCE_LINKADDR,mac_src) local icmpv6_payload = ra_msg .. icmpv6_prefix_option .. icmpv6_src_link_option return icmpv6_payload end action = function() local if_name = stdnse.get_script_args("targets-ipv6-multicast.interface") or nmap.get_interface() - local if_nfo = get_ipv6_interface_info_by_name(if_name) + local if_nfo = get_ipv6_interface_info_by_name(if_name) if not if_nfo then stdnse.print_debug("Invalid interface: " .. if_name) return false @@ -102,11 +101,11 @@ action = function() local id_set = {} ---------------------------------------------------------------------------- ---SLAAC-based host discovery probe +--SLAAC-based host discovery probe local dnet = nmap.new_dnet() local pcap = nmap.new_socket() - + try(dnet:ethernet_open(if_name)) pcap:pcap_open(if_name, 128, true, "src ::0/128 and dst net ff02::1:0:0/96 and icmp6 and ip6[6:1] = 58 and ip6[40:1] = 135") @@ -118,7 +117,7 @@ action = function() -- Sometimes it makes sense to regard the several addresses of a host as different hosts, as the host's administrator may apply different firewall configurations on them. local valid_lifetime = 6 local preferred_lifetime = 6 - + local probe = packet.Frame:new() probe.ip6_src = packet.mac_to_lladdr(src_mac) @@ -130,21 +129,21 @@ action = function() probe:build_icmpv6_header(packet.ND_ROUTER_ADVERT, 0, icmpv6_payload) probe:build_ipv6_packet() probe:build_ether_frame() - + try(dnet:ethernet_send(probe.frame_buf)) - + local expected_mac_dst_prefix = packet.mactobin("33:33:ff:00:00:00") local expected_ip6_src = packet.ip6tobin("::") local expected_ip6_dst_prefix = packet.ip6tobin("ff02::1:0:0") - + pcap:set_timeout(1000) local pcap_timeout_count = 0 local nse_timeout = 5 local start_time = nmap:clock() local cur_time = nmap:clock() - + local found_targets = 0 - + repeat local status, length, layer2, layer3 = pcap:pcap_receive() cur_time = nmap:clock() @@ -153,26 +152,26 @@ action = function() else local reply = packet.Frame:new(layer2) if string.sub(reply.mac_dst, 1, 3) == string.sub(expected_mac_dst_prefix, 1, 3) then - reply = packet.Packet:new(layer3) - if reply.ip6_src == expected_ip6_src and - string.sub(expected_ip6_dst_prefix,1,12) == string.sub(reply.ip6_dst,1,12) then - local ula_target_addr_str = packet.toipv6(reply.ns_target) + reply = packet.Packet:new(layer3) + if reply.ip6_src == expected_ip6_src and + string.sub(expected_ip6_dst_prefix,1,12) == string.sub(reply.ip6_dst,1,12) then + local ula_target_addr_str = packet.toipv6(reply.ns_target) local identifier = get_identifier(reply.ns_target) found_targets = found_targets + 1 - --Filter out the reduplicative identifiers. + --Filter out the reduplicative identifiers. --A host will send several NS packets with the same interface identifier if it receives several RA packets with different prefix during the discovery phase. - if not id_set[identifier] then + if not id_set[identifier] then id_set[identifier] = true local actual_addr_str = packet.toipv6(actual_prefix .. identifier) target.add(actual_addr_str) end - end + end end end until pcap_timeout_count >= 2 or cur_time - start_time >= nse_timeout - + stdnse.print_debug(0, "[SLAAC] Found %d targets.", found_targets) - + dnet:ethernet_close() pcap:pcap_close() return true