mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 12:41:29 +00:00
Implement Evil bit option in Nping. Fixes #2486
This commit is contained in:
nnposter
@@ -101,6 +101,7 @@ int ArgParser::parseArguments(int argc, char *argv[]) {
|
|||||||
u8 *auxbuff=NULL;
|
u8 *auxbuff=NULL;
|
||||||
u16 *portlist=NULL;
|
u16 *portlist=NULL;
|
||||||
char errstr[256];
|
char errstr[256];
|
||||||
|
char *script_kiddie;
|
||||||
|
|
||||||
struct option long_options[] = {
|
struct option long_options[] = {
|
||||||
|
|
||||||
@@ -188,6 +189,7 @@ int ArgParser::parseArguments(int argc, char *argv[]) {
|
|||||||
{"id", required_argument, 0, 0},
|
{"id", required_argument, 0, 0},
|
||||||
{"df", no_argument, 0, 0},
|
{"df", no_argument, 0, 0},
|
||||||
{"mf", no_argument, 0, 0},
|
{"mf", no_argument, 0, 0},
|
||||||
|
{"evil", no_argument, 0, 0},
|
||||||
{"ttl", required_argument, 0, 0},
|
{"ttl", required_argument, 0, 0},
|
||||||
{"badsum-ip", no_argument, 0, 0},
|
{"badsum-ip", no_argument, 0, 0},
|
||||||
{"ip-options", required_argument, 0, 0},
|
{"ip-options", required_argument, 0, 0},
|
||||||
@@ -700,6 +702,9 @@ int ArgParser::parseArguments(int argc, char *argv[]) {
|
|||||||
/* More fragments bit */
|
/* More fragments bit */
|
||||||
} else if (strcmp(long_options[option_index].name, "mf") == 0 ){
|
} else if (strcmp(long_options[option_index].name, "mf") == 0 ){
|
||||||
o.setMF();
|
o.setMF();
|
||||||
|
/* Reserved / Evil bit */
|
||||||
|
} else if (strcmp(long_options[option_index].name, "evil") == 0 ){
|
||||||
|
o.setRF();
|
||||||
/* Time to live (hop-limit in IPv6) */
|
/* Time to live (hop-limit in IPv6) */
|
||||||
} else if (strcmp(long_options[option_index].name, "ttl") == 0 ||
|
} else if (strcmp(long_options[option_index].name, "ttl") == 0 ||
|
||||||
strcmp(long_options[option_index].name, "hop-limit") == 0 ){
|
strcmp(long_options[option_index].name, "hop-limit") == 0 ){
|
||||||
@@ -1099,6 +1104,11 @@ int ArgParser::parseArguments(int argc, char *argv[]) {
|
|||||||
} /* End of getopt while */
|
} /* End of getopt while */
|
||||||
|
|
||||||
|
|
||||||
|
/* Option --evil is implied when SCRIPT_KIDDIE has a non-zero value */
|
||||||
|
script_kiddie = getenv("SCRIPT_KIDDIE");
|
||||||
|
if (script_kiddie != NULL && strcmp(script_kiddie, "0") != 0)
|
||||||
|
o.setRF();
|
||||||
|
|
||||||
/* Now it's time to parse target host specifications. As nmap does, Nping
|
/* Now it's time to parse target host specifications. As nmap does, Nping
|
||||||
* treats everything getopt() can't parse as a host specification. At this
|
* treats everything getopt() can't parse as a host specification. At this
|
||||||
* point, var optind should point to the argv[] position that contains the
|
* point, var optind should point to the argv[] position that contains the
|
||||||
@@ -1185,6 +1195,7 @@ void ArgParser::printUsage(void){
|
|||||||
" --id <id> : Set identification field (16 bits).\n"
|
" --id <id> : Set identification field (16 bits).\n"
|
||||||
" --df : Set Don't Fragment flag.\n"
|
" --df : Set Don't Fragment flag.\n"
|
||||||
" --mf : Set More Fragments flag.\n"
|
" --mf : Set More Fragments flag.\n"
|
||||||
|
" --evil : Set Reserved / Evil flag.\n"
|
||||||
" --ttl <hops> : Set time to live [0-255].\n"
|
" --ttl <hops> : Set time to live [0-255].\n"
|
||||||
" --badsum-ip : Use a random invalid checksum. \n"
|
" --badsum-ip : Use a random invalid checksum. \n"
|
||||||
" --ip-options <S|R [route]|L [route]|T|U ...> : Set IP options\n"
|
" --ip-options <S|R [route]|L [route]|T|U ...> : Set IP options\n"
|
||||||
|
|||||||
@@ -1179,6 +1179,20 @@ bool NpingOps::getDF(){
|
|||||||
} /* End of getDF() */
|
} /* End of getDF() */
|
||||||
|
|
||||||
|
|
||||||
|
/** Set Reserved / Evil flag */
|
||||||
|
int NpingOps::setRF(){
|
||||||
|
this->rf = true;
|
||||||
|
this->rf_set = true;
|
||||||
|
return OP_SUCCESS;
|
||||||
|
} /* End of setRF() */
|
||||||
|
|
||||||
|
|
||||||
|
/** Get Reserved / Evil flag */
|
||||||
|
bool NpingOps::getRF(){
|
||||||
|
return this->rf;
|
||||||
|
} /* End of getRF() */
|
||||||
|
|
||||||
|
|
||||||
/* Returns true if option has been set */
|
/* Returns true if option has been set */
|
||||||
bool NpingOps::issetMF(){
|
bool NpingOps::issetMF(){
|
||||||
return this->mf_set;
|
return this->mf_set;
|
||||||
@@ -1191,6 +1205,12 @@ bool NpingOps::issetDF(){
|
|||||||
} /* End of isset() */
|
} /* End of isset() */
|
||||||
|
|
||||||
|
|
||||||
|
/* Returns true if option has been set */
|
||||||
|
bool NpingOps::issetRF(){
|
||||||
|
return this->rf_set;
|
||||||
|
} /* End of isset() */
|
||||||
|
|
||||||
|
|
||||||
/** Sets Maximum Transmission Unit length. Supplied parameter must be a positive
|
/** Sets Maximum Transmission Unit length. Supplied parameter must be a positive
|
||||||
* integer and must be a multiple of 8.
|
* integer and must be a multiple of 8.
|
||||||
* @return OP_SUCCESS on success and OP_FAILURE in case of error. */
|
* @return OP_SUCCESS on success and OP_FAILURE in case of error. */
|
||||||
@@ -2577,6 +2597,7 @@ bool NpingOps::canRunUDPWithoutPrivileges(){
|
|||||||
this->issetIdentification() ||
|
this->issetIdentification() ||
|
||||||
this->issetMF() ||
|
this->issetMF() ||
|
||||||
this->issetDF() ||
|
this->issetDF() ||
|
||||||
|
this->issetRF() ||
|
||||||
this->issetIPv4SourceAddress() ||
|
this->issetIPv4SourceAddress() ||
|
||||||
this->issetIPv6SourceAddress() ||
|
this->issetIPv6SourceAddress() ||
|
||||||
this->issetIPOptions() ||
|
this->issetIPOptions() ||
|
||||||
|
|||||||
@@ -184,6 +184,8 @@ class NpingOps {
|
|||||||
bool mf_set;
|
bool mf_set;
|
||||||
bool df; /* Don't fragment flag */
|
bool df; /* Don't fragment flag */
|
||||||
bool df_set;
|
bool df_set;
|
||||||
|
bool rf; /* Reserved / Evil flag */
|
||||||
|
bool rf_set;
|
||||||
u32 mtu; /* Custom MTU len (for IP fragmentation) */
|
u32 mtu; /* Custom MTU len (for IP fragmentation) */
|
||||||
bool mtu_set;
|
bool mtu_set;
|
||||||
bool badsum_ip; /* Generate invalid checksums in TCP/UDP */
|
bool badsum_ip; /* Generate invalid checksums in TCP/UDP */
|
||||||
@@ -433,6 +435,10 @@ class NpingOps {
|
|||||||
bool getDF();
|
bool getDF();
|
||||||
bool issetDF();
|
bool issetDF();
|
||||||
|
|
||||||
|
int setRF();
|
||||||
|
bool getRF();
|
||||||
|
bool issetRF();
|
||||||
|
|
||||||
struct in_addr getIPv4SourceAddress();
|
struct in_addr getIPv4SourceAddress();
|
||||||
int setIPv4SourceAddress(struct in_addr i);
|
int setIPv4SourceAddress(struct in_addr i);
|
||||||
bool issetIPv4SourceAddress();
|
bool issetIPv4SourceAddress();
|
||||||
|
|||||||
@@ -607,6 +607,8 @@ int ProbeMode::createIPv4(IPv4Header *i, PacketElement *next_element, const char
|
|||||||
i->setMF();
|
i->setMF();
|
||||||
if( o.issetDF() && o.getDF() == true )
|
if( o.issetDF() && o.getDF() == true )
|
||||||
i->setDF();
|
i->setDF();
|
||||||
|
if( o.issetRF() && o.getRF() == true )
|
||||||
|
i->setRF();
|
||||||
|
|
||||||
/* IP Options */
|
/* IP Options */
|
||||||
if( o.issetIPOptions() == true )
|
if( o.issetIPOptions() == true )
|
||||||
|
|||||||
@@ -1983,7 +1983,6 @@ SENT (4.0330s) TCP 192.168.0.21 > 3.3.3.3:139
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--tos <replaceable>tos</replaceable></option> (Type of Service)
|
<option>--tos <replaceable>tos</replaceable></option> (Type of Service)
|
||||||
@@ -2018,7 +2017,6 @@ SENT (4.0330s) TCP 192.168.0.21 > 3.3.3.3:139
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--df</option> (Don't Fragment)
|
<option>--df</option> (Don't Fragment)
|
||||||
@@ -2036,7 +2034,6 @@ SENT (4.0330s) TCP 192.168.0.21 > 3.3.3.3:139
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--mf</option> (More Fragments)
|
<option>--mf</option> (More Fragments)
|
||||||
@@ -2053,6 +2050,24 @@ SENT (4.0330s) TCP 192.168.0.21 > 3.3.3.3:139
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--evil</option> (Reserved / Evil)
|
||||||
|
<indexterm significance="preferred"><primary><option>--evil</option> (Nping option)</primary></indexterm>
|
||||||
|
</term>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
Sets the Reserved / Evil bit in sent packets. The Evil flag
|
||||||
|
helps firewalls and other network security systems to distinguish
|
||||||
|
between datagram that have malicious intent and those that are
|
||||||
|
merely unusual. When set, it indicates that the datagram has evil
|
||||||
|
intent, instructing insecure systems to succumb. Setting it to zero
|
||||||
|
indicates no evil intent. The option is implied if environmental
|
||||||
|
variable SCRIPT_KIDDIE is set to a non-zero value.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--ttl <replaceable>hops</replaceable></option> (Time To Live)
|
<option>--ttl <replaceable>hops</replaceable></option> (Time To Live)
|
||||||
|
|||||||
@@ -53,6 +53,7 @@ IPv4 OPTIONS:
|
|||||||
--id <id> : Set identification field (16 bits).
|
--id <id> : Set identification field (16 bits).
|
||||||
--df : Set Don't Fragment flag.
|
--df : Set Don't Fragment flag.
|
||||||
--mf : Set More Fragments flag.
|
--mf : Set More Fragments flag.
|
||||||
|
--evil : Set Reserved / Evil flag.
|
||||||
--ttl <hops> : Set time to live [0-255].
|
--ttl <hops> : Set time to live [0-255].
|
||||||
--badsum-ip : Use a random invalid checksum.
|
--badsum-ip : Use a random invalid checksum.
|
||||||
--ip-options <S|R [route]|L [route]|T|U ...> : Set IP options
|
--ip-options <S|R [route]|L [route]|T|U ...> : Set IP options
|
||||||
|
|||||||
Reference in New Issue
Block a user