From c2427f32d34f4f26f7fdb38c77bbae53d55109f1 Mon Sep 17 00:00:00 2001 From: kris Date: Sun, 28 Jan 2007 02:25:27 +0000 Subject: [PATCH] Fixed IPProto Scan on localhost when using --data-length to add at least 8 bytes of data. There is a check to see if the packet is at least 28 bytes long (IP header and 8 bytes of data), and if it's at least that big it's considered good. So if the protocol matches, it's considered open. The problem was we didn't check for our own probes, so if we scan localhost with --data-length >=8, everything was labeled open. --- scan_engine.cc | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/scan_engine.cc b/scan_engine.cc index 4c8adc8a2..e2753f2d8 100644 --- a/scan_engine.cc +++ b/scan_engine.cc @@ -2885,8 +2885,13 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) { probe = *probeI; if (probe->protocol() == ip->ip_p) { - /* We got a packet from the dst host in the protocol we looked for, so it - must be open */ + /* if this is our probe we sent to localhost, then it doesn't count! */ + if (ip->ip_src.s_addr == ip->ip_dst.s_addr && + probe->ipid() == ntohs(ip->ip_id)) + continue; + + /* We got a packet from the dst host in the protocol we looked for, and + it wasn't our probe to ourselves, so it must be open */ newstate = PORT_OPEN; goodone = true; }