PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Large recode of nse_init.cc

Browse Source 
Now does most of it's work through Lua:

From Nmap-dev: "Many of the changes consist of changing how Nmap interfaces
with Lua that were sometimes awkward or inflexible. Most of the functions 
have been made to be callable directly by Lua which offers many technical
advantages: stack management is alleviated, errors are handled cleanly and
are more descriptive, and there is increased reusability."

Additionally:
   -- Moved all lua_State * symbols from "l" to "L". This is to maintain
      consistency with other Lua libraries (convention) and to make our macros portable.
   -- Moved file system manipulation over to nse_fs.cc (from nse_init.cc)
This commit is contained in:
batrick
2008-05-31 02:39:27 +00:00
parent 742ff67100
commit d0bc640db8
14 changed files with 1563 additions and 1388 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile.in
View File

@@ -60,9 +60,9 @@ INSTALLZENMAP=@INSTALLZENMAP@
UNINSTALLZENMAP=@UNINSTALLZENMAP@
ifneq (@LIBLUA_LIBS@,)
NSE_SRC=nse_main.cc nse_nsock.cc nse_init.cc nse_nmaplib.cc nse_debug.cc nse_pcrelib.cc nse_string.cc
NSE_HDRS=nse_main.h nse_nsock.h nse_init.h nse_nmaplib.h nse_debug.h nse_macros.h nse_pcrelib.h nse_string.h
NSE_OBJS=nse_main.o nse_nsock.o nse_init.o nse_nmaplib.o nse_debug.o nse_pcrelib.o nse_string.o
NSE_SRC=nse_main.cc nse_nsock.cc nse_init.cc nse_fs.cc nse_nmaplib.cc nse_debug.cc nse_pcrelib.cc nse_string.cc
NSE_HDRS=nse_main.h nse_nsock.h nse_init.h nse_fs.h nse_nmaplib.h nse_debug.h nse_macros.h nse_pcrelib.h nse_string.h
NSE_OBJS=nse_main.o nse_nsock.o nse_init.o nse_fs.o nse_nmaplib.o nse_debug.o nse_pcrelib.o nse_string.o
NSESTDLIB=nsestdlib
endif

12
mswin32/nmap.vcproj
View File

@@ -259,6 +259,10 @@
RelativePath="..\nse_init.cc"
>
</File>
<File
RelativePath="..\nse_fs.cc"
>
</File>
<File
RelativePath="..\nse_main.cc"
>
@@ -432,10 +436,6 @@
RelativePath="..\NmapOutputTable.h"
>
</File>
<File
RelativePath="..\nse_auxiliar.h"
>
</File>
<File
RelativePath="..\nse_debug.h"
>
@@ -444,6 +444,10 @@
RelativePath="..\nse_init.h"
>
</File>
<File
RelativePath="..\nse_fs.h"
>
</File>
<File
RelativePath="..\nse_macros.h"
>

4
nmap.cc
View File

@@ -2645,7 +2645,7 @@ void sigdie(int signo) {
* and is a directory. Otherwise returns 0.
*/
int fileexistsandisreadable(char *pathname) {
int fileexistsandisreadable(const char *pathname) {
char *pathname_buf = strdup(pathname);
int status = 0;
@@ -2671,7 +2671,7 @@ int fileexistsandisreadable(char *pathname) {
return status;
}
int nmap_fileexistsandisreadable(char* pathname) {
int nmap_fileexistsandisreadable(const char* pathname) {
return fileexistsandisreadable(pathname);
}

2
nmap.h
View File

@@ -434,7 +434,7 @@ const char *tsseqclass2ascii(int seqclass);
const char *seqidx2difficultystr(unsigned long idx);
const char *seqidx2difficultystr1(unsigned long idx);
int nmap_fetchfile(char *filename_returned, int bufferlen, const char *file);
int nmap_fileexistsandisreadable(char* pathname);
int nmap_fileexistsandisreadable(const char* pathname);
int gather_logfile_resumption_state(char *fname, int *myargc, char ***myargv);
#endif /* NMAP_H */

40
nse_debug.cc
View File

@@ -1,63 +1,63 @@
#include "nse_debug.h"
#include "output.h"
void l_dumpStack(lua_State* l) {
int stack_height = lua_gettop(l);
void l_dumpStack(lua_State *L) {
int stack_height = lua_gettop(L);
int i;
log_write(LOG_PLAIN, "-== Stack Dump Begin ==-\n");
for(i = -1; i >= 0 - stack_height; i--) {
log_write(LOG_PLAIN, "%d: ", i);
l_dumpValue(l, i);
l_dumpValue(L, i);
}
log_write(LOG_PLAIN, "-== Stack Dump End ==-\n");
}
void l_dumpValue(lua_State* l, int i) {
switch (lua_type(l, i))
void l_dumpValue(lua_State *L, int i) {
switch (lua_type(L, i))
{
case LUA_TTABLE:
l_dumpTable(l, i);
l_dumpTable(L, i);
break;
case LUA_TFUNCTION:
l_dumpFunction(l, i);
l_dumpFunction(L, i);
break;
case LUA_TSTRING:
log_write(LOG_PLAIN, "string '%s'\n", lua_tostring(l, i));
log_write(LOG_PLAIN, "string '%s'\n", lua_tostring(L, i));
break;
case LUA_TBOOLEAN:
log_write(LOG_PLAIN, "boolean: %s\n",
lua_toboolean(l, i) ? "true" : "false");
lua_toboolean(L, i) ? "true" : "false");
break;
case LUA_TNUMBER:
log_write(LOG_PLAIN, "number: %g\n", lua_tonumber(l, i));
log_write(LOG_PLAIN, "number: %g\n", lua_tonumber(L, i));
break;
default:
log_write(LOG_PLAIN, "%s\n", lua_typename(l, lua_type(l, i)));
log_write(LOG_PLAIN, "%s\n", lua_typename(L, lua_type(L, i)));
}
}
void l_dumpTable(lua_State *l, int index) {
void l_dumpTable(lua_State *L, int index) {
log_write(LOG_PLAIN, "table\n");
lua_pushnil(l);
lua_pushnil(L);
if (index<0) --index;
while(lua_next(l, index) != 0)
while(lua_next(L, index) != 0)
{
l_dumpValue(l, -2);
l_dumpValue(l, -1);
lua_pop(l, 1);
l_dumpValue(L, -2);
l_dumpValue(L, -1);
lua_pop(L, 1);
}
}
void l_dumpFunction(lua_State* l, int index) {
void l_dumpFunction(lua_State *L, int index) {
// lua_Debug ar;
log_write(LOG_PLAIN, "function\n");
// lua_pushvalue(l, index);
// lua_getinfo(l, ">n", &ar);
// lua_pushvalue(L, index);
// lua_getinfo(L, ">n", &ar);
//
// log_write(LOG_PLAIN, "\tname: %s %s\n", ar.namewhat, ar.name);
fflush(stdout);

190
nse_fs.cc Normal file
View File

@@ -0,0 +1,190 @@
#ifndef WIN32
#include "dirent.h"
#endif
#include "errno.h"
#include "nse_macros.h"
#include "nse_fs.h"
#include "nmap.h"
#include "nmap_error.h"
#include "NmapOps.h"
extern NmapOps o;
static bool filename_is_absolute(const char *file) {
if (file[0] == '/')
return true;
#ifdef WIN32
if ((file[0] != '\0' && file[1] == ':') || file[0] == '\\')
return true;
#endif
return false;
}
/* This is simply the most portable way to check
* if a file has a given extension.
* The portability comes at the price of reduced
* flexibility.
*/
int nse_check_extension (const char* ext, const char* path)
{
int pathlen = strlen(path);
int extlen = strlen(ext);
if (extlen > pathlen || pathlen > MAX_FILENAME_LEN)
return 0;
else
return strcmp(path + pathlen - extlen, ext) == 0;
}
int nse_fetchfile(char *path, size_t path_len, const char *file) {
int type = nmap_fetchfile(path, path_len, file);
// lets look in <nmap>/scripts too
if(type == 0) {
std::string alt_path = std::string(SCRIPT_ENGINE_LUA_DIR) + std::string(file);
type = nmap_fetchfile(path, path_len, alt_path.c_str());
}
return type;
}
/* This is a modification of nse_fetchfile that first looks for an
* absolute file name.
*/
int nse_fetchfile_absolute(char *path, size_t path_len, const char *file) {
if (filename_is_absolute(file)) {
if (o.debugging > 1)
log_write(LOG_STDOUT, "%s: Trying absolute path %s\n", SCRIPT_ENGINE, file);
Strncpy(path, file, path_len);
return nmap_fileexistsandisreadable(file);
}
return nse_fetchfile(path, path_len, file);
}
#ifdef WIN32
int nse_scandir (lua_State *L)
HANDLE dir;
WIN32_FIND_DATA entry;
std::string path;
BOOL morefiles = FALSE;
char *dirname = luaL_checkstring(L, 1);
int files_or_dirs = luaL_checkint(L, 2);
lua_createtable(L, 100, 0); // 100 files average
dir = FindFirstFile((std::string(dirname) + "\\*").c_str(), &entry);
if (dir == INVALID_HANDLE_VALUE)
{
error("%s: No files in '%s\\*'", SCRIPT_ENGINE, dirname);
return SCRIPT_ENGINE_ERROR;
}
while(!(morefiles == FALSE && GetLastError() == ERROR_NO_MORE_FILES)) {
// if we are looking for files and this file doesn't end with .nse or
// is a directory, then we don't look further at it
if(files_or_dirs == FILES) {
if(!(
(check_extension(SCRIPT_ENGINE_EXTENSION, entry.cFileName) == MATCH)
&& !(entry.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
)) {
morefiles = FindNextFile(dir, &entry);
continue;
}
// if we are looking for dirs and this dir
// isn't a directory, then we don't look further at it
} else if(files_or_dirs == DIRS) {
if(!(
(entry.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
)) {
morefiles = FindNextFile(dir, &entry);
continue;
}
// they have passed an invalid value for files_or_dirs
} else {
fatal("%s: In: %s:%i This should never happen.",
SCRIPT_ENGINE, __FILE__, __LINE__);
}
// otherwise we add it to the results
// we assume that dirname ends with a directory separator of some kind
path = std::string(dirname) + "\\" + std::string(entry.cFileName);
lua_pushstring(L, path.c_str());
lua_rawseti(L, -2, lua_objlen(L, -2) + 1);
morefiles = FindNextFile(dir, &entry);
}
return 1;
}
#else
int nse_scandir (lua_State *L) {
DIR* dir;
struct dirent* entry;
struct stat stat_entry;
const char *dirname = luaL_checkstring(L, 1);
int files_or_dirs = luaL_checkint(L, 2);
lua_createtable(L, 100, 0); // 100 files average
dir = opendir(dirname);
if(dir == NULL) {
error("%s: Could not open directory '%s'.", SCRIPT_ENGINE, dirname);
return SCRIPT_ENGINE_ERROR;
}
// note that if there is a symlink in the dir, we have to rely on
// the .nse extension
// if they provide a symlink to a dir which ends with .nse, things
// break :/
while((entry = readdir(dir)) != NULL) {
std::string path = std::string(dirname) + "/" + std::string(entry->d_name);
if(stat(path.c_str(), &stat_entry) != 0)
fatal("%s: In: %s:%i This should never happen.",
SCRIPT_ENGINE, __FILE__, __LINE__);
// if we are looking for files and this file doesn't end with .nse and
// isn't a file or a link, then we don't look further at it
if(files_or_dirs == FILES) {
if(!(
(nse_check_extension(SCRIPT_ENGINE_EXTENSION, entry->d_name))
&& (S_ISREG(stat_entry.st_mode)
|| S_ISLNK(stat_entry.st_mode))
)) {
continue;
}
// if we are looking for dirs and this dir
// isn't a dir or a link, then we don't look further at it
} else if(files_or_dirs == DIRS) {
if(!(
(S_ISDIR(stat_entry.st_mode)
|| S_ISLNK(stat_entry.st_mode))
)) {
continue;
}
// they have passed an invalid value for files_or_dirs
} else {
fatal("%s: In: %s:%i This should never happen.",
SCRIPT_ENGINE, __FILE__, __LINE__);
}
// otherwise we add it to the results
lua_pushstring(L, path.c_str());
lua_rawseti(L, -2, lua_objlen(L, -2) + 1);
}
closedir(dir);
return 1;
}
#endif

22
nse_fs.h Normal file
View File

@@ -0,0 +1,22 @@
#ifndef NSE_FS
#define NSE_FS
extern "C" {
#include "lua.h"
#include "lualib.h"
#include "lauxlib.h"
}
#include <vector>
#include <string>
#include <string.h>
int nse_check_extension (const char* ext, const char* path);
int nse_fetchfile(char *path, size_t path_len, const char *file);
int nse_fetchfile_absolute(char *path, size_t path_len, const char *file);
int nse_scandir (lua_State *L);
#endif

1375
nse_init.cc
View File

File diff suppressed because it is too large Load Diff

11
nse_init.h
View File

@@ -13,19 +13,18 @@ extern "C" {
// initialize the lua state
// opens the standard libraries and the nmap lua library
int init_lua(lua_State* l);
int init_lua(lua_State* L);
//takes the script arguments provided to nmap through --script-args and
//processes and checks them - leaves the processed string on the stack
int init_parseargs(lua_State* l);
int init_parseargs(lua_State* L);
//sets the previously parsed args inside nmap.registry
int init_setargs(lua_State* l);
int init_setargs(lua_State* L);
// you give it a description of scripts to run and it
// populates the tables 'hosttests' and 'porttests' in l with
// activation records for tests
int init_rules(lua_State* l, std::vector<std::string> chosenScripts);
int init_updatedb(lua_State* l);
int init_rules(lua_State *L);
int init_updatedb(lua_State* L);
#endif

5
nse_macros.h
View File

@@ -32,7 +32,7 @@
#define SCRIPT_ENGINE_EXTENSION ".nse"
#define SCRIPT_ENGINE_LUA_TRY(func) if (func != 0) {\
error("LUA INTERPRETER in %s:%d: %s", __FILE__, __LINE__, (char *)lua_tostring(l, -1));\
error("LUA INTERPRETER in %s:%d: %s", __FILE__, __LINE__, (char *)lua_tostring(L, -1));\
return SCRIPT_ENGINE_LUA_ERROR;\
}
@@ -40,10 +40,11 @@
return SCRIPT_ENGINE_ERROR;\
}
#define ARRAY_LEN(a) ((int)(sizeof(a) / sizeof(a[0])))
#define SCRIPT_ENGINE_VERBOSE(msg) if (o.debugging || o.verbose > 0) {msg};
#define SCRIPT_ENGINE_DEBUGGING(msg) if (o.debugging) {msg};
#define MATCH 0
#define MAX_FILENAME_LEN 4096
#define NOT_PRINTABLE '.'

369
nse_main.cc
View File

@@ -39,7 +39,8 @@ struct thread_record {
run_record* rr;
};
std::map<std::string, Target*> current_hosts;
int current_hosts = 0;
int errfunc = 0;
std::list<std::list<struct thread_record> > torun_scripts;
std::list<struct thread_record> running_scripts;
std::list<struct thread_record> waiting_scripts;
@@ -53,88 +54,118 @@ public:
// prior execution
int process_preparerunlevels(std::list<struct thread_record> torun_threads);
int process_preparehost(lua_State* l, Target* target, std::list<struct thread_record>& torun_threads);
int process_preparethread(lua_State* l, struct run_record rr, struct thread_record* tr);
int process_preparehost(lua_State* L, Target* target, std::list<struct thread_record>& torun_threads);
int process_preparethread(lua_State* L, struct run_record rr, struct thread_record* tr);
// helper functions
int process_getScriptId(lua_State* l, struct script_scan_result* ssr);
int process_getScriptId(lua_State* L, struct script_scan_result* ssr);
int process_pickScriptsForPort(
lua_State* l,
lua_State* L,
Target* target,
Port* port,
std::vector<run_record>& torun);
// execution
int process_mainloop(lua_State* l);
int process_waiting2running(lua_State* l, int resume_arguments);
int process_finalize(lua_State* l, unsigned int registry_idx);
int process_mainloop(lua_State* L);
int process_waiting2running(lua_State* L, int resume_arguments);
int process_finalize(lua_State* L, unsigned int registry_idx);
int script_updatedb() {
int status;
lua_State* l;
SCRIPT_ENGINE_VERBOSE(
log_write(LOG_STDOUT, "%s: Updating rule database.\n",
SCRIPT_ENGINE);
)
l = luaL_newstate();
if(l == NULL) {
error("%s: Failed luaL_newstate()", SCRIPT_ENGINE);
return 0;
}
status = init_lua(l);
if(status != SCRIPT_ENGINE_SUCCESS) {
goto finishup;
}
status = init_updatedb(l);
if(status != SCRIPT_ENGINE_SUCCESS) {
goto finishup;
}
log_write(LOG_STDOUT, "NSE script database updated successfully.\n");
finishup:
lua_close(l);
if(status != SCRIPT_ENGINE_SUCCESS) {
error("%s: Aborting database update.\n", SCRIPT_ENGINE);
return SCRIPT_ENGINE_ERROR;
} else {
return SCRIPT_ENGINE_SUCCESS;
}
static int panic (lua_State *L)
{
const char *err = lua_tostring(L, 1);
fatal("Unprotected error in Lua:\n%s\n", err);
return 0;
}
int script_updatedb (void)
{
int status;
int ret;
lua_State *L;
SCRIPT_ENGINE_VERBOSE(
log_write(LOG_STDOUT, "%s: Updating rule database.\n",
SCRIPT_ENGINE);
)
L = luaL_newstate();
if (L == NULL)
{
error("%s: Failed luaL_newstate()", SCRIPT_ENGINE);
return 0;
}
lua_atpanic(L, panic);
status = lua_cpcall(L, init_lua, NULL);
if (status != 0)
{
error("%s: error while initializing Lua State:\n%s\n",
SCRIPT_ENGINE, lua_tostring(L, -1));
ret = SCRIPT_ENGINE_ERROR;
goto finishup;
}
lua_settop(L, 0); // safety, is 0 anyway
lua_rawgeti(L, LUA_REGISTRYINDEX, errfunc); // index 1
lua_pushcclosure(L, init_updatedb, 0);
status = lua_pcall(L, 0, 0, 1);
if(status != 0)
{
error("%s: error while updating Script Database:\n%s\n",
SCRIPT_ENGINE, lua_tostring(L, -1));
ret = SCRIPT_ENGINE_ERROR;
goto finishup;
}
log_write(LOG_STDOUT, "NSE script database updated successfully.\n");
finishup:
lua_close(L);
if (ret != SCRIPT_ENGINE_SUCCESS)
{
error("%s: Aborting database update.\n", SCRIPT_ENGINE);
return SCRIPT_ENGINE_ERROR;
}
else
return SCRIPT_ENGINE_SUCCESS;
}
//int check_scripts(){
//}
/* check the script-arguments provided to nmap (--script-args) before
* scanning starts - otherwise the whole scan will run through and be
* aborted before script-scanning
*/
int script_check_args(){
lua_State* l;
const char *argbuf;
size_t argbuflen;
int script_check_args (void)
{
int ret = SCRIPT_ENGINE_SUCCESS, status;
lua_State* L = luaL_newstate();
l= luaL_newstate();
if(l==NULL){
fatal("Error opening lua, for checking arguments\n");
}
/* set all global libraries (we'll need the string-lib) */
SCRIPT_ENGINE_TRY(init_lua(l));
SCRIPT_ENGINE_TRY(init_parseargs(l));
lua_pushstring(l,"t={");
lua_insert(l,-2);
lua_pushstring(l,"}");
lua_concat(l,3);
argbuf=lua_tolstring(l,-1,&argbuflen);
luaL_loadbuffer(l,argbuf,argbuflen,"Script-Arguments-prerun");
SCRIPT_ENGINE_TRY(lua_pcall(l,0,0,0));
if (L == NULL)
fatal("Error opening lua, for checking arguments\n");
lua_atpanic(L, panic);
lua_close(l);
return SCRIPT_ENGINE_SUCCESS;
/* set all global libraries (we'll need the string-lib) */
status = lua_cpcall(L, init_lua, NULL);
if (status != 0)
{
error("%s: error while initializing Lua State:\n%s\n",
SCRIPT_ENGINE, lua_tostring(L, -1));
ret = SCRIPT_ENGINE_ERROR;
goto finishup;
}
lua_pushcclosure(L, init_parseargs, 0);
lua_pushstring(L, o.scriptargs);
lua_pcall(L, 1, 1, 0);
if (!lua_isfunction(L, -1))
ret = SCRIPT_ENGINE_ERROR;
finishup:
lua_close(L);
return ret;
}
/* open a lua instance
* open the lua standard libraries
* open all the scripts and prepare them for execution
@@ -147,7 +178,8 @@ int script_scan(std::vector<Target*> &targets) {
std::list<std::list<struct thread_record> >::iterator runlevel_iter;
std::list<struct thread_record>::iterator thr_iter;
std::list<struct thread_record> torun_threads;
lua_State* l;
std::vector<std::string>::iterator script_iter;
lua_State* L;
o.current_scantype = SCRIPT_SCAN;
@@ -166,34 +198,66 @@ int script_scan(std::vector<Target*> &targets) {
SCRIPT_ENGINE, (*targets.begin())->NameIP(targetstr, sizeof(targetstr)));
)
l = luaL_newstate();
if(l == NULL) {
L = luaL_newstate();
if(L == NULL) {
error("%s: Failed luaL_newstate()", SCRIPT_ENGINE);
return 0;
return SCRIPT_ENGINE_ERROR;
}
lua_atpanic(L, panic);
status = lua_cpcall(L, init_lua, NULL);
if (status != 0)
{
error("%s: error while initializing Lua State:\n%s\n",
SCRIPT_ENGINE, lua_tostring(L, -1));
status = SCRIPT_ENGINE_ERROR;
goto finishup;
}
status = init_lua(l);
if(status != SCRIPT_ENGINE_SUCCESS) {
goto finishup;
}
//set the arguments - if provided
status = init_setargs(l);
if(status != SCRIPT_ENGINE_SUCCESS) {
goto finishup;
}
status = lua_cpcall(L, init_setargs, NULL);
if (status != 0)
{
error("%s: error while setting arguments for scripts:\n%s\n",
SCRIPT_ENGINE, lua_tostring(L, -1));
status = SCRIPT_ENGINE_ERROR;
goto finishup;
}
status = init_rules(l, o.chosenScripts);
if(status != SCRIPT_ENGINE_SUCCESS) {
goto finishup;
}
lua_settop(L, 0); // safety, is 0 anyway
lua_rawgeti(L, LUA_REGISTRYINDEX, errfunc); // index 1
if (!lua_checkstack(L, o.chosenScripts.size() + 1))
{
error("%s: stack overflow at %s:%d", SCRIPT_ENGINE, __FILE__, __LINE__);
status = SCRIPT_ENGINE_ERROR;
goto finishup;
}
lua_pushcclosure(L, init_rules, 0);
for (script_iter = o.chosenScripts.begin();
script_iter != o.chosenScripts.end();
script_iter++)
lua_pushstring(L, script_iter->c_str());
status = lua_pcall(L, o.chosenScripts.size(), 0, 1);
if (status != 0)
{
error("%s: error while initializing script rules:\n%s\n",
SCRIPT_ENGINE, lua_tostring(L, -1));
status = SCRIPT_ENGINE_ERROR;
goto finishup;
}
SCRIPT_ENGINE_DEBUGGING(log_write(LOG_STDOUT, "%s: Matching rules.\n", SCRIPT_ENGINE);)
for(target_iter = targets.begin(); target_iter != targets.end(); target_iter++) {
std::string key = ((Target*) (*target_iter))->targetipstr();
current_hosts[key] = (Target*) *target_iter;
lua_rawgeti(L, LUA_REGISTRYINDEX, current_hosts);
lua_pushstring(L, key.c_str());
lua_pushlightuserdata(L, (void *) *target_iter);
lua_settable(L, -3);
lua_pop(L, 1);
status = process_preparehost(l, *target_iter, torun_threads);
status = process_preparehost(L, *target_iter, torun_threads);
if(status != SCRIPT_ENGINE_SUCCESS){
goto finishup;
}
@@ -222,7 +286,7 @@ int script_scan(std::vector<Target*> &targets) {
if (!thr_iter->rr->host->timeOutClockRunning())
thr_iter->rr->host->startTimeOutClock(NULL);
status = process_mainloop(l);
status = process_mainloop(L);
if(status != SCRIPT_ENGINE_SUCCESS){
goto finishup;
}
@@ -233,8 +297,7 @@ finishup:
SCRIPT_ENGINE_DEBUGGING(
log_write(LOG_STDOUT, "%s: Script scanning completed.\n", SCRIPT_ENGINE);
)
lua_close(l);
current_hosts.clear();
lua_close(L);
torun_scripts.clear();
if(status != SCRIPT_ENGINE_SUCCESS) {
error("%s: Aborting script scan.", SCRIPT_ENGINE);
@@ -244,7 +307,7 @@ finishup:
}
}
int process_mainloop(lua_State* l) {
int process_mainloop(lua_State *L) {
int state;
int unfinished = running_scripts.size() + waiting_scripts.size();
struct script_scan_result ssr;
@@ -333,8 +396,8 @@ int process_mainloop(lua_State* l) {
lua_pop(current.thread, 2);
}
SCRIPT_ENGINE_TRY(process_finalize(l, current.registry_idx));
SCRIPT_ENGINE_TRY(lua_gc(l, LUA_GCCOLLECT, 0));
SCRIPT_ENGINE_TRY(process_finalize(L, current.registry_idx));
SCRIPT_ENGINE_TRY(lua_gc(L, LUA_GCCOLLECT, 0));
} else {
// this script returned because of an error
// print the failing reason if the verbose level is high enough
@@ -342,7 +405,7 @@ int process_mainloop(lua_State* l) {
const char* errmsg = lua_tostring(current.thread, -1);
log_write(LOG_STDOUT, "%s: %s\n", SCRIPT_ENGINE, errmsg);
)
SCRIPT_ENGINE_TRY(process_finalize(l, current.registry_idx));
SCRIPT_ENGINE_TRY(process_finalize(L, current.registry_idx));
}
} // while
}
@@ -368,8 +431,8 @@ int has_target_finished(Target *target) {
return 1;
}
int process_finalize(lua_State* l, unsigned int registry_idx) {
luaL_unref(l, LUA_REGISTRYINDEX, registry_idx);
int process_finalize(lua_State* L, unsigned int registry_idx) {
luaL_unref(L, LUA_REGISTRYINDEX, registry_idx);
struct thread_record thr = running_scripts.front();
running_scripts.pop_front();
@@ -380,12 +443,12 @@ int process_finalize(lua_State* l, unsigned int registry_idx) {
return SCRIPT_ENGINE_SUCCESS;
}
int process_waiting2running(lua_State* l, int resume_arguments) {
int process_waiting2running(lua_State* L, int resume_arguments) {
std::list<struct thread_record>::iterator iter;
// find the lua state which has received i/o
for( iter = waiting_scripts.begin();
(*iter).thread != l;
(*iter).thread != L;
iter++) {
// It is very unlikely that a thread which
@@ -417,23 +480,23 @@ int process_waiting2running(lua_State* l, int resume_arguments) {
* if no 'id' field is found, the filename field is used which we set in the
* setup phase. If someone changed the filename field to a nonstring we complain
* */
int process_getScriptId(lua_State* l, struct script_scan_result *ssr) {
int process_getScriptId(lua_State* L, struct script_scan_result *ssr) {
lua_getfield(l, -2, "id");
lua_getfield(l, -3, "filename");
lua_getfield(L, -2, "id");
lua_getfield(L, -3, "filename");
if(lua_isstring(l, -2)) {
ssr->id = strdup(lua_tostring (l, -2));
} else if(lua_isstring(l, -1)) {
ssr->id = strdup(lua_tostring (l, -1));
if(lua_isstring(L, -2)) {
ssr->id = strdup(lua_tostring (L, -2));
} else if(lua_isstring(L, -1)) {
ssr->id = strdup(lua_tostring (L, -1));
} else {
error("%s: The script has no 'id' entry, the 'filename' entry was changed to:",
SCRIPT_ENGINE);
l_dumpValue(l, -1);
l_dumpValue(L, -1);
return SCRIPT_ENGINE_ERROR;
}
lua_pop(l, 2);
lua_pop(L, 2);
return SCRIPT_ENGINE_SUCCESS;
}
@@ -444,7 +507,7 @@ int process_getScriptId(lua_State* l, struct script_scan_result *ssr) {
* which want to run
* process all scripts in the list
* */
int process_preparehost(lua_State* l, Target* target, std::list<struct thread_record>& torun_threads) {
int process_preparehost(lua_State* L, Target* target, std::list<struct thread_record>& torun_threads) {
PortList* plist = &(target->ports);
Port* current = NULL;
size_t rules_count;
@@ -455,20 +518,20 @@ int process_preparehost(lua_State* l, Target* target, std::list<struct thread_re
/* find the matching hostrules
* */
lua_getglobal(l, HOSTTESTS);
rules_count = lua_objlen(l, -1);
lua_getglobal(L, HOSTTESTS);
rules_count = lua_objlen(L, -1);
for(i = 1; i <= rules_count; i++) {
lua_rawgeti(l, -1, i);
lua_rawgeti(L, -1, i);
lua_getfield(l, -1, "hostrule");
lua_getfield(L, -1, "hostrule");
lua_newtable(l);
set_hostinfo(l, target);
lua_newtable(L);
set_hostinfo(L, target);
SCRIPT_ENGINE_LUA_TRY(lua_pcall(l, 1, 1, 0));
SCRIPT_ENGINE_LUA_TRY(lua_pcall(L, 1, 1, 0));
if(lua_isboolean (l, -1) && lua_toboolean(l, -1)) {
if(lua_isboolean (L, -1) && lua_toboolean(L, -1)) {
rr.type = 0;
rr.index = i;
rr.port = NULL;
@@ -476,43 +539,43 @@ int process_preparehost(lua_State* l, Target* target, std::list<struct thread_re
torun.push_back(rr);
SCRIPT_ENGINE_DEBUGGING(
lua_getfield(l, -2, "filename");
lua_getfield(L, -2, "filename");
log_write(LOG_STDOUT, "%s: Will run %s against %s\n",
SCRIPT_ENGINE,
lua_tostring(l, -1),
lua_tostring(L, -1),
target->targetipstr());
lua_pop(l, 1);
lua_pop(L, 1);
)
}
lua_pop(l, 2);
lua_pop(L, 2);
}
/* find the matching port rules
* */
lua_getglobal(l, PORTTESTS);
lua_getglobal(L, PORTTESTS);
/* we only publish hostinfo once per portrule */
lua_newtable(l);
set_hostinfo(l, target);
lua_newtable(L);
set_hostinfo(L, target);
/* because of the port iteration API we need to awkwardly iterate
* over the kinds of ports we're interested in explictely.
* */
current = NULL;
while((current = plist->nextPort(current, TCPANDUDP, PORT_OPEN)) != NULL) {
SCRIPT_ENGINE_TRY(process_pickScriptsForPort(l, target, current, torun));
SCRIPT_ENGINE_TRY(process_pickScriptsForPort(L, target, current, torun));
}
while((current = plist->nextPort(current, TCPANDUDP, PORT_OPENFILTERED)) != NULL) {
SCRIPT_ENGINE_TRY(process_pickScriptsForPort(l, target, current, torun));
SCRIPT_ENGINE_TRY(process_pickScriptsForPort(L, target, current, torun));
}
while((current = plist->nextPort(current, TCPANDUDP, PORT_UNFILTERED)) != NULL) {
SCRIPT_ENGINE_TRY(process_pickScriptsForPort(l, target, current, torun));
SCRIPT_ENGINE_TRY(process_pickScriptsForPort(L, target, current, torun));
}
// pop the hostinfo, we don't need it anymore
lua_pop(l, 1);
lua_pop(L, 1);
/* ok, let's setup threads for the scripts which said they'd like
* to run
@@ -531,14 +594,14 @@ int process_preparehost(lua_State* l, Target* target, std::list<struct thread_re
* */
switch((*iter).type) {
case 0: // this script runs against a host
lua_pushvalue(l, -2);
SCRIPT_ENGINE_TRY(process_preparethread(l, (*iter), &tr));
lua_pop(l, 1);
lua_pushvalue(L, -2);
SCRIPT_ENGINE_TRY(process_preparethread(L, (*iter), &tr));
lua_pop(L, 1);
break;
case 1: // this script runs against a port
lua_pushvalue(l, -1);
SCRIPT_ENGINE_TRY(process_preparethread(l, (*iter), &tr));
lua_pop(l, 1);
lua_pushvalue(L, -1);
SCRIPT_ENGINE_TRY(process_preparethread(L, (*iter), &tr));
lua_pop(L, 1);
break;
default:
fatal("%s: In: %s:%i This should never happen.",
@@ -547,7 +610,7 @@ int process_preparehost(lua_State* l, Target* target, std::list<struct thread_re
torun_threads.push_back(tr);
}
lua_pop(l, 2);
lua_pop(L, 2);
torun.clear();
return SCRIPT_ENGINE_SUCCESS;
@@ -579,33 +642,33 @@ int process_preparerunlevels(std::list<struct thread_record> torun_threads) {
}
/* Because we can't iterate over all ports of interest in one go
* we need to du port matching in a separate function (unlike host
* we need to do port matching in a separate function (unlike host
* rule matching)
* Note that we assume that at -2 on the stack we can find the portrules
* and at -1 the hostinfo table
* */
int process_pickScriptsForPort(
lua_State* l,
lua_State* L,
Target* target,
Port* port,
std::vector<run_record>& torun) {
size_t rules_count = lua_objlen(l, -2);
size_t rules_count = lua_objlen(L, -2);
struct run_record rr;
unsigned int i;
for(i = 1; i <= rules_count; i++) {
lua_rawgeti(l, -2, i);
lua_rawgeti(L, -2, i);
lua_getfield(l, -1, PORTRULE);
lua_getfield(L, -1, PORTRULE);
lua_pushvalue(l, -3);
lua_pushvalue(L, -3);
lua_newtable(l);
set_portinfo(l, port);
lua_newtable(L);
set_portinfo(L, port);
SCRIPT_ENGINE_LUA_TRY(lua_pcall(l, 2, 1, 0));
SCRIPT_ENGINE_LUA_TRY(lua_pcall(L, 2, 1, 0));
if(lua_isboolean (l, -1) && lua_toboolean(l, -1)) {
if(lua_isboolean (L, -1) && lua_toboolean(L, -1)) {
rr.type = 1;
rr.index = i;
rr.port = port;
@@ -613,23 +676,23 @@ int process_pickScriptsForPort(
torun.push_back(rr);
SCRIPT_ENGINE_DEBUGGING(
lua_getfield(l, -2, "filename");
lua_getfield(L, -2, "filename");
log_write(LOG_STDOUT, "%s: Will run %s against %s:%d\n",
SCRIPT_ENGINE,
lua_tostring(l, -1),
lua_tostring(L, -1),
target->targetipstr(),
port->portno);
lua_pop(l, 1);
lua_pop(L, 1);
)
} else if(!lua_isboolean (l, -1)) {
lua_getfield(l, -2, "filename");
} else if(!lua_isboolean (L, -1)) {
lua_getfield(L, -2, "filename");
error("%s: Rule in %s returned %s but boolean was expected.",
SCRIPT_ENGINE,
lua_tostring(l, -1),
lua_typename(l, lua_type(l, -2)));
lua_tostring(L, -1),
lua_typename(L, lua_type(L, -2)));
return SCRIPT_ENGINE_LUA_ERROR;
}
lua_pop(l, 2);
lua_pop(L, 2);
}
return SCRIPT_ENGINE_SUCCESS;
@@ -639,14 +702,14 @@ int process_pickScriptsForPort(
* we store target info in the thread so that the mainloop
* knows where to put the script result
* */
int process_preparethread(lua_State* l, struct run_record rr, struct thread_record* tr){
int process_preparethread(lua_State* L, struct run_record rr, struct thread_record* tr){
lua_State *thread = lua_newthread(l);
lua_State *thread = lua_newthread(L);
lua_rawgeti(l, -2, rr.index); // get the script closure
lua_rawgeti(L, -2, rr.index); // get the script closure
// move the script closure into the thread
lua_xmove(l, thread, 1);
lua_xmove(L, thread, 1);
// store the target of this thread in the thread
struct run_record *rr_thread = (struct run_record*) safe_malloc(sizeof(struct run_record));
@@ -674,7 +737,7 @@ int process_preparethread(lua_State* l, struct run_record rr, struct thread_reco
// we store the thread in the registry to prevent
// garbage collection +
tr->registry_idx = luaL_ref(l, LUA_REGISTRYINDEX);
tr->registry_idx = luaL_ref(L, LUA_REGISTRYINDEX);
/* if this is a host rule we don't have
* a port state

345
nse_nmaplib.cc
View File

@@ -14,40 +14,41 @@
#define SCRIPT_ENGINE_GETSTRING(name) \
char* name; \
lua_getfield(l, -1, #name); \
if(lua_isnil(l, -1)) \
lua_getfield(L, -1, #name); \
if(lua_isnil(L, -1)) \
name = NULL; \
else \
name = strdup(lua_tostring(l, -1)); \
lua_pop(l, 1); \
name = strdup(lua_tostring(L, -1)); \
lua_pop(L, 1); \
#define SCRIPT_ENGINE_PUSHSTRING_NOTNULL(c_str, str) if(c_str != NULL) {\
lua_pushstring(l, c_str); \
lua_setfield(l, -2, str); \
lua_pushstring(L, c_str); \
lua_setfield(L, -2, str); \
}
extern NmapOps o;
extern std::map<std::string, Target*> current_hosts;
/* extern std::map<std::string, Target*> current_hosts; */
extern int current_hosts;
void set_version(lua_State* l, struct serviceDeductions sd);
void set_version(lua_State *L, struct serviceDeductions sd);
static int l_exc_newtry(lua_State *l);
static int l_port_accessor(lua_State* l);
static int l_print_debug_unformatted(lua_State *l);
static int l_get_port_state(lua_State* l, Target* target, Port* port);
static int l_set_port_state(lua_State* l, Target* target, Port* port);
static int l_set_port_version(lua_State* l, Target* target, Port* port);
static int l_exc_newtry(lua_State *L);
static int l_port_accessor(lua_State *L);
static int l_print_debug_unformatted(lua_State *L);
static int l_get_port_state(lua_State *L, Target* target, Port* port);
static int l_set_port_state(lua_State *L, Target* target, Port* port);
static int l_set_port_version(lua_State *L, Target* target, Port* port);
static int l_get_verbosity(lua_State *);
static int l_get_debugging(lua_State *);
static int l_get_have_ssl(lua_State *l);
static int l_fetchfile(lua_State *l);
static int l_get_have_ssl(lua_State *L);
static int l_fetchfile(lua_State *L);
int l_clock_ms(lua_State* l);
int l_clock_ms(lua_State *L);
/* register the nmap lib
* we assume that we can write to a table at -1 on the stack
* */
int set_nmaplib(lua_State* l) {
/* int set_nmaplib(lua_State *L) {
static luaL_reg nmaplib [] = {
{"get_port_state", l_port_accessor},
{"set_port_state", l_port_accessor},
@@ -67,52 +68,82 @@ int set_nmaplib(lua_State* l) {
const luaL_Reg* lib;
for (lib = nmaplib; lib->func; lib++) {
lua_pushcfunction(l, lib->func);
lua_setfield(l, -2, lib->name);
lua_pushcfunction(L, lib->func);
lua_setfield(L, -2, lib->name);
}
lua_newtable(l);
lua_setfield(l, -2, "registry");
lua_newtable(L);
lua_setfield(L, -2, "registry");
SCRIPT_ENGINE_TRY(l_nsock_open(l));
SCRIPT_ENGINE_TRY(l_dnet_open(l));
SCRIPT_ENGINE_TRY(l_nsock_open(L));
SCRIPT_ENGINE_TRY(l_dnet_open(L));
return SCRIPT_ENGINE_SUCCESS;
} */
int luaopen_nmap (lua_State *L)
{
static luaL_reg nmaplib [] = {
{"get_port_state", l_port_accessor},
{"set_port_state", l_port_accessor},
{"set_port_version", l_port_accessor},
{"new_socket", l_nsock_new},
{"new_dnet", l_dnet_new},
{"get_interface_link", l_dnet_get_interface_link},
{"clock_ms", l_clock_ms},
{"print_debug_unformatted", l_print_debug_unformatted},
{"new_try", l_exc_newtry},
{"verbosity", l_get_verbosity},
{"debugging", l_get_debugging},
{"have_ssl", l_get_have_ssl},
{"fetchfile", l_fetchfile},
{NULL, NULL}
};
luaL_register(L, "nmap", nmaplib);
lua_newtable(L);
lua_setfield(L, -2, "registry");
SCRIPT_ENGINE_TRY(l_nsock_open(L));
SCRIPT_ENGINE_TRY(l_dnet_open(L));
return 0;
}
/* set some port state information onto the
* table which is currently on the stack
* */
void set_portinfo(lua_State* l, Port* port) {
void set_portinfo(lua_State *L, Port* port) {
struct serviceDeductions sd;
port->getServiceDeductions(&sd);
lua_pushnumber(l, (double) port->portno);
lua_setfield(l, -2, "number");
lua_pushnumber(L, (double) port->portno);
lua_setfield(L, -2, "number");
lua_pushstring(l, sd.name);
lua_setfield(l, -2, "service");
lua_pushstring(L, sd.name);
lua_setfield(L, -2, "service");
lua_pushstring(l, (port->proto == IPPROTO_TCP)? "tcp": "udp");
lua_setfield(l, -2, "protocol");
lua_pushstring(L, (port->proto == IPPROTO_TCP)? "tcp": "udp");
lua_setfield(L, -2, "protocol");
lua_newtable(l);
set_version(l, sd);
lua_setfield(l, -2, "version");
lua_newtable(L);
set_version(L, sd);
lua_setfield(L, -2, "version");
lua_pushstring(l, statenum2str(port->state));
lua_setfield(l, -2, "state");
lua_pushstring(L, statenum2str(port->state));
lua_setfield(L, -2, "state");
lua_pushstring(l, reason_str(port->reason.reason_id, 1));
lua_setfield(l, -2, "reason");
lua_pushstring(L, reason_str(port->reason.reason_id, 1));
lua_setfield(L, -2, "reason");
}
void set_version(lua_State* l, struct serviceDeductions sd) {
void set_version(lua_State *L, struct serviceDeductions sd) {
SCRIPT_ENGINE_PUSHSTRING_NOTNULL(sd.name, "name");
lua_pushnumber(l, sd.name_confidence);
lua_setfield(l, -2, "name_confidence");
lua_pushnumber(L, sd.name_confidence);
lua_setfield(L, -2, "name_confidence");
SCRIPT_ENGINE_PUSHSTRING_NOTNULL(sd.product, "product");
SCRIPT_ENGINE_PUSHSTRING_NOTNULL(sd.version, "version");
@@ -169,14 +200,14 @@ void set_version(lua_State* l, struct serviceDeductions sd) {
}
if(sd.rpc_status == RPC_STATUS_GOOD_PROG) {
lua_pushnumber(l, sd.rpc_program);
lua_setfield(l, -2, "rpc_program");
lua_pushnumber(L, sd.rpc_program);
lua_setfield(L, -2, "rpc_program");
lua_pushnumber(l, sd.rpc_lowver);
lua_setfield(l, -2, "rpc_lowver");
lua_pushnumber(L, sd.rpc_lowver);
lua_setfield(L, -2, "rpc_lowver");
lua_pushnumber(l, sd.rpc_highver);
lua_setfield(l, -2, "rpc_highver");
lua_pushnumber(L, sd.rpc_highver);
lua_setfield(L, -2, "rpc_highver");
}
}
@@ -189,47 +220,47 @@ void set_version(lua_State* l, struct serviceDeductions sd) {
* if an os scan wasn't performed, the array
* points to nil!
* */
void set_hostinfo(lua_State* l, Target *currenths) {
void set_hostinfo(lua_State *L, Target *currenths) {
unsigned int i;
char hostname[1024];
lua_pushstring(l, strncpy(hostname, currenths->targetipstr(), 1024));
lua_setfield(l, -2, "ip");
lua_pushstring(L, strncpy(hostname, currenths->targetipstr(), 1024));
lua_setfield(L, -2, "ip");
lua_pushstring(l, strncpy(hostname, currenths->HostName(), 1024));
lua_setfield(l, -2, "name");
lua_pushstring(L, strncpy(hostname, currenths->HostName(), 1024));
lua_setfield(L, -2, "name");
if ( currenths->TargetName() ) { // else nil
lua_pushstring(l, strncpy(hostname, currenths->TargetName(), 1024));
lua_setfield(l, -2, "targetname");
lua_pushstring(L, strncpy(hostname, currenths->TargetName(), 1024));
lua_setfield(L, -2, "targetname");
}
if(currenths->directlyConnectedOrUnset() != -1){
lua_pushboolean(l, currenths->directlyConnected());
lua_setfield(l, -2, "directly_connected");
lua_pushboolean(L, currenths->directlyConnected());
lua_setfield(L, -2, "directly_connected");
}
if(currenths->MACAddress()){ // else nil
lua_pushlstring (l, (const char*)currenths->MACAddress() , 6);
lua_setfield(l, -2, "mac_addr");
lua_pushlstring (L, (const char*)currenths->MACAddress() , 6);
lua_setfield(L, -2, "mac_addr");
}
if(currenths->SrcMACAddress()){ // else nil
lua_pushlstring(l, (const char*)currenths->SrcMACAddress(), 6);
lua_setfield(l, -2, "mac_addr_src");
lua_pushlstring(L, (const char*)currenths->SrcMACAddress(), 6);
lua_setfield(L, -2, "mac_addr_src");
}
if(currenths->deviceName()){
lua_pushstring(l, strncpy(hostname, currenths->deviceName(), 1024));
lua_setfield(l, -2, "interface");
lua_pushstring(L, strncpy(hostname, currenths->deviceName(), 1024));
lua_setfield(L, -2, "interface");
}
if( (u32)(currenths->v4host().s_addr) ){
struct in_addr adr = currenths->v4host();
lua_pushlstring(l, (char*)&adr, 4);
lua_setfield(l, -2, "bin_ip");
lua_pushlstring(L, (char*)&adr, 4);
lua_setfield(L, -2, "bin_ip");
}
if( (u32)(currenths->v4source().s_addr) ){
struct in_addr adr = currenths->v4source();
lua_pushlstring(l, (char*)&adr, 4);
lua_setfield(l, -2, "bin_ip_src");
lua_pushlstring(L, (char*)&adr, 4);
lua_setfield(L, -2, "bin_ip_src");
}
FingerPrintResults *FPR = NULL;
@@ -246,22 +277,22 @@ void set_hostinfo(lua_State* l, Target *currenths) {
FPR->num_perfect_matches > 0 &&
FPR->num_perfect_matches <= 8 ) {
lua_newtable(l);
lua_newtable(L);
// this will run at least one time and at most 8 times, see if condition
for(i = 0; FPR->accuracy[i] == 1; i++) {
lua_pushstring(l, FPR->prints[i]->OS_name);
lua_rawseti(l, -2, i);
lua_pushstring(L, FPR->prints[i]->OS_name);
lua_rawseti(L, -2, i);
}
lua_setfield(l, -2, "os");
lua_setfield(L, -2, "os");
}
}
static int l_port_accessor(lua_State* l) {
static int l_port_accessor(lua_State *L) {
int retvalues = 0;
char* function_name;
char* target_ip;
const char *target_ip;
int portno;
int proto;
@@ -270,36 +301,38 @@ static int l_port_accessor(lua_State* l) {
Port* port;
lua_Debug ldebug;
lua_getstack(l, 0, &ldebug);
lua_getinfo(l, "n", &ldebug);
lua_getstack(L, 0, &ldebug);
lua_getinfo(L, "n", &ldebug);
function_name = strdup(ldebug.name);
luaL_checktype(l, 1, LUA_TTABLE);
luaL_checktype(l, 2, LUA_TTABLE);
luaL_checktype(L, 1, LUA_TTABLE);
luaL_checktype(L, 2, LUA_TTABLE);
lua_getfield(l, 1, "ip");
luaL_checktype(l, -1, LUA_TSTRING);
target_ip = strdup(lua_tostring(l, -1));
lua_pop(l, 1);
lua_getfield(L, 1, "ip");
luaL_checktype(L, -1, LUA_TSTRING);
target_ip = lua_tostring(L, -1);
lua_pop(L, 1);
lua_getfield(l, 2, "number");
luaL_checktype(l, -1, LUA_TNUMBER);
portno = lua_tointeger(l, -1);
lua_pop(l, 1);
lua_getfield(L, 2, "number");
luaL_checktype(L, -1, LUA_TNUMBER);
portno = lua_tointeger(L, -1);
lua_pop(L, 1);
lua_getfield(l, 2, "protocol");
luaL_checktype(l, -1, LUA_TSTRING);
proto = (strcmp(lua_tostring(l, -1), "tcp") == 0)? IPPROTO_TCP : IPPROTO_UDP;
lua_pop(l, 1);
lua_getfield(L, 2, "protocol");
luaL_checktype(L, -1, LUA_TSTRING);
proto = (strcmp(lua_tostring(L, -1), "tcp") == 0)? IPPROTO_TCP : IPPROTO_UDP;
lua_pop(L, 1);
std::string key = std::string(target_ip);
std::map<std::string, Target*>::iterator iter = current_hosts.find(key);
if(iter == current_hosts.end()) {
luaL_argerror (l, 1, "Host isn't being processed right now.");
return 0;
} else {
target = (Target*) iter->second;
}
lua_rawgeti(L, LUA_REGISTRYINDEX, current_hosts);
lua_pushstring(L, target_ip);
lua_gettable(L, -2);
if (lua_isnil(L, -1))
return luaL_argerror(L, 1, "Host isn't being processed right now.");
else
{
target = (Target *) lua_touserdata(L, -1);
lua_pop(L, 2);
}
plist = &(target->ports);
port = NULL;
@@ -311,22 +344,20 @@ static int l_port_accessor(lua_State* l) {
// if the port wasn't scanned we return nil
if(port == NULL) {
free(target_ip);
free(function_name);
return 0;
}
if(strcmp(function_name, "set_port_state") == MATCH)
retvalues = l_set_port_state(l, target, port);
else if(strcmp(function_name, "set_port_version") == MATCH)
retvalues = l_set_port_version(l, target, port);
else if(strcmp(function_name, "get_port_state") == MATCH)
retvalues = l_get_port_state(l, target, port);
if(strcmp(function_name, "set_port_state") == 0)
retvalues = l_set_port_state(L, target, port);
else if(strcmp(function_name, "set_port_version") == 0)
retvalues = l_set_port_version(L, target, port);
else if(strcmp(function_name, "get_port_state") == 0)
retvalues = l_get_port_state(L, target, port);
// remove host and port argument from the stack
lua_remove(l, 2);
lua_remove(l, 1);
free(target_ip);
lua_remove(L, 2);
lua_remove(L, 1);
free(function_name);
return retvalues;
}
@@ -341,9 +372,9 @@ static int l_port_accessor(lua_State* l) {
* this function is useful if we want rules which want to know
* the state of more than one port
* */
static int l_get_port_state(lua_State* l, Target* target, Port* port) {
lua_newtable(l);
set_portinfo(l, port);
static int l_get_port_state(lua_State *L, Target* target, Port* port) {
lua_newtable(L);
set_portinfo(L, port);
return 1;
}
@@ -352,18 +383,18 @@ static int l_get_port_state(lua_State* l, Target* target, Port* port) {
* if for example a udp port was seen by the script as open instead of
* filtered, the script is free to say so.
* */
static int l_set_port_state(lua_State* l, Target* target, Port* port) {
static int l_set_port_state(lua_State *L, Target* target, Port* port) {
char* state;
PortList* plist = &(target->ports);
luaL_checktype(l, -1, LUA_TSTRING);
state = strdup(lua_tostring(l, -1));
lua_pop(l, 1);
luaL_checktype(L, -1, LUA_TSTRING);
state = strdup(lua_tostring(L, -1));
lua_pop(L, 1);
switch(state[0]) {
case 'o':
if (strcmp(state, "open"))
luaL_argerror (l, 4, "Invalid port state.");
luaL_argerror (L, 4, "Invalid port state.");
if (port->state == PORT_OPEN)
goto noset;
plist->addPort(port->portno, port->proto, NULL, PORT_OPEN);
@@ -371,14 +402,14 @@ static int l_set_port_state(lua_State* l, Target* target, Port* port) {
break;
case 'c':
if (strcmp(state, "closed"))
luaL_argerror (l, 4, "Invalid port state.");
luaL_argerror (L, 4, "Invalid port state.");
if (port->state == PORT_CLOSED)
goto noset;
plist->addPort(port->portno, port->proto, NULL, PORT_CLOSED);
port->state = PORT_CLOSED;
break;
default:
luaL_argerror (l, 4, "Invalid port state.");
luaL_argerror (L, 4, "Invalid port state.");
}
port->reason.reason_id = ER_SCRIPT;
@@ -388,15 +419,15 @@ noset:
return 0;
}
static int l_set_port_version(lua_State* l, Target* target, Port* port) {
luaL_checktype(l, 3, LUA_TSTRING);
char* c_probestate = strdup(lua_tostring(l, -1));
lua_pop(l, 1);
static int l_set_port_version(lua_State *L, Target* target, Port* port) {
luaL_checktype(L, 3, LUA_TSTRING);
char* c_probestate = strdup(lua_tostring(L, -1));
lua_pop(L, 1);
enum service_tunnel_type tunnel = SERVICE_TUNNEL_NONE;
enum serviceprobestate probestate = PROBESTATE_INITIAL;
lua_getfield(l, -1, "version");
lua_getfield(L, -1, "version");
SCRIPT_ENGINE_GETSTRING(name);
SCRIPT_ENGINE_GETSTRING(product);
SCRIPT_ENGINE_GETSTRING(version);
@@ -414,8 +445,8 @@ static int l_set_port_version(lua_State* l, Target* target, Port* port) {
else if(strcmp(service_tunnel, "ssl") == 0)
tunnel = SERVICE_TUNNEL_SSL;
else
luaL_argerror(l, 2, "Invalid value for port.version.service_tunnel");
lua_pop(l, 1);
luaL_argerror(L, 2, "Invalid value for port.version.service_tunnel");
lua_pop(L, 1);
if(c_probestate == NULL)
probestate = PROBESTATE_INITIAL;
@@ -430,7 +461,7 @@ static int l_set_port_version(lua_State* l, Target* target, Port* port) {
else if(strcmp(c_probestate, "incomplete") == 0)
probestate = PROBESTATE_INCOMPLETE;
else
luaL_argerror(l, 3, "Invalid value for probestate.");
luaL_argerror(L, 3, "Invalid value for probestate.");
// port->setServiceProbeResults(probestate, name,
// tunnel, product, version,
@@ -464,33 +495,33 @@ static int l_set_port_version(lua_State* l, Target* target, Port* port) {
return 0;
}
static int l_print_debug_unformatted(lua_State *l) {
static int l_print_debug_unformatted(lua_State *L) {
int verbosity=1;
const char *out;
if (lua_gettop(l) != 2) return luaL_error(l, "Incorrect number of arguments\n");
if (lua_gettop(L) != 2) return luaL_error(L, "Incorrect number of arguments\n");
verbosity = luaL_checkinteger(l, 1);
verbosity = luaL_checkinteger(L, 1);
if (verbosity > o.verbose) return 0;
out = luaL_checkstring(l, 2);
out = luaL_checkstring(L, 2);
log_write(LOG_STDOUT, "%s DEBUG: %s\n", SCRIPT_ENGINE, out);
return 0;
}
static int l_exc_finalize(lua_State *l) {
if (!lua_toboolean(l, 1)) {
static int l_exc_finalize(lua_State *L) {
if (!lua_toboolean(L, 1)) {
/* false or nil. */
lua_pushvalue(l, lua_upvalueindex(1));
lua_call(l, 0, 0);
lua_settop(l, 2);
lua_error(l);
lua_pushvalue(L, lua_upvalueindex(1));
lua_call(L, 0, 0);
lua_settop(L, 2);
lua_error(L);
return 0;
} else if(lua_isboolean(l, 1) && lua_toboolean(l, 1)) {
} else if(lua_isboolean(L, 1) && lua_toboolean(L, 1)) {
/* true. */
lua_remove(l, 1);
return lua_gettop(l);
lua_remove(L, 1);
return lua_gettop(L);
} else {
fatal("%s: In: %s:%i Trying to finalize a non conforming function. Are you sure you return true on success followed by the remaining return values and nil on failure followed by an error string?",
SCRIPT_ENGINE, __FILE__, __LINE__);
@@ -499,44 +530,44 @@ static int l_exc_finalize(lua_State *l) {
}
}
static int l_exc_do_nothing(lua_State *l) {
(void) l;
static int l_exc_do_nothing(lua_State *L) {
(void) L;
return 0;
}
static int l_exc_newtry(lua_State *l) {
lua_settop(l, 1);
if (lua_isnil(l, 1))
lua_pushcfunction(l, l_exc_do_nothing);
lua_pushcclosure(l, l_exc_finalize, 1);
static int l_exc_newtry(lua_State *L) {
lua_settop(L, 1);
if (lua_isnil(L, 1))
lua_pushcfunction(L, l_exc_do_nothing);
lua_pushcclosure(L, l_exc_finalize, 1);
return 1;
}
static int l_get_verbosity(lua_State *l)
static int l_get_verbosity(lua_State *L)
{
lua_pushnumber(l, o.verbose);
lua_pushnumber(L, o.verbose);
return 1;
}
static int l_get_debugging(lua_State *l)
static int l_get_debugging(lua_State *L)
{
lua_pushnumber(l, o.debugging);
lua_pushnumber(L, o.debugging);
return 1;
}
static int l_get_have_ssl(lua_State *l) {
static int l_get_have_ssl(lua_State *L) {
#if HAVE_OPENSSL
lua_pushboolean(l, true);
lua_pushboolean(L, true);
#else
lua_pushboolean(l, false);
lua_pushboolean(L, false);
#endif
return 1;
}
static int l_fetchfile(lua_State *l)
static int l_fetchfile(lua_State *L)
{
char buf[FILENAME_MAX];
const char *req = lua_tostring(l, -1);
const char *req = lua_tostring(L, -1);
if (!req)
goto err;
@@ -544,12 +575,12 @@ static int l_fetchfile(lua_State *l)
if (nmap_fetchfile(buf, sizeof buf, (char *) req) != 1)
goto err;
lua_pop(l, 1);
lua_pushstring(l, buf);
lua_pop(L, 1);
lua_pushstring(L, buf);
return 1;
err:
lua_pop(l, 1);
lua_pushnil(l);
lua_pop(L, 1);
lua_pushnil(L);
return 0;
}

2
nse_nmaplib.h
View File

@@ -10,7 +10,7 @@ extern "C" {
class Target;
class Port;
int set_nmaplib(lua_State* l);
int luaopen_nmap(lua_State* l);
void set_hostinfo(lua_State* l, Target* currenths);
void set_portinfo(lua_State* l, Port* port);

568
nse_nsock.cc
View File

File diff suppressed because it is too large Load Diff