PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Don't use htons to unconditionally swap bytes.

Browse Source 
htons is a no-op on big-endian architectures. This affected idle scan IP
ID computations.

http://seclists.org/nmap-dev/2013/q2/529
This commit is contained in:
david
2013-06-30 02:22:13 +00:00
parent 9e82bb6c4e
commit af8c57a1b8
2 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG
View File

@@ -1,5 +1,9 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
o Fixed a byte-ordering problem on little-endian architectures when
doing idle scan with a zombie that uses broken ID incremements.
[David Fifield]
o [Ncat] Ncat now support chained certificates with the --ssl-cert o [Ncat] Ncat now support chained certificates with the --ssl-cert
option. [Greg Bailey] option. [Greg Bailey]

7
idle_scan.cc
View File

@@ -237,6 +237,9 @@ static int ipid_proxy_probe(struct idle_proxy_info *proxy, int *probes_sent,
return ipid; return ipid;
} }
static u16 byteswap_u16(u16 h) {
return ((h&0xff) << 8) | ((h>>8)&0xff);
}
/* Returns the number of increments between an early IP ID and a later /* Returns the number of increments between an early IP ID and a later
one, assuming the given IP ID Sequencing class. Returns -1 if the one, assuming the given IP ID Sequencing class. Returns -1 if the
@@ -248,8 +251,8 @@ static int ipid_distance(int seqclass , u16 startid, u16 endid) {
if (seqclass == IPID_SEQ_BROKEN_INCR) { if (seqclass == IPID_SEQ_BROKEN_INCR) {
/* Convert to network byte order */ /* Convert to network byte order */
startid = htons(startid); startid = byteswap_u16(startid);
endid = htons(endid); endid = byteswap_u16(endid);
return endid - startid; return endid - startid;
} }