PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 06:01:28 +00:00
Code Issues Projects Releases Wiki Activity

Fixed IPProto Scan on localhost when using --data-length to add at least 8 bytes of data. There is a check to see if the packet is at least 28 bytes long (IP header and 8 bytes of data), and if it's at least that big it's considered good. So if the protocol matches, it's considered open. The problem was we didn't check for our own probes, so if we scan localhost with --data-length >=8, everything was labeled open.

Browse Source
This commit is contained in:
kris
2007-01-28 02:25:27 +00:00
parent 6d4ef2aa7e
commit c2427f32d3
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
scan_engine.cc
View File

@@ -2885,8 +2885,13 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probe = *probeI; probe = *probeI;
if (probe->protocol() == ip->ip_p) { if (probe->protocol() == ip->ip_p) {
/* We got a packet from the dst host in the protocol we looked for, so it /* if this is our probe we sent to localhost, then it doesn't count! */
must be open */ if (ip->ip_src.s_addr == ip->ip_dst.s_addr &&
probe->ipid() == ntohs(ip->ip_id))
continue;
/* We got a packet from the dst host in the protocol we looked for, and
it wasn't our probe to ourselves, so it must be open */
newstate = PORT_OPEN; newstate = PORT_OPEN;
goodone = true; goodone = true;
} }