PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-24 00:19:01 +00:00
Code Issues Projects Releases Wiki Activity

Whitespace in ippackethdrinfo.

Browse Source
This commit is contained in:
david
2011-06-15 00:22:59 +00:00
parent 8737c0ab72
commit d1aae42962
1 changed files with 518 additions and 511 deletions
Download Patch File Download Diff File Expand all files Collapse all files

131
libnetutil/netutil.cc
View File

@@ -2107,7 +2107,6 @@ if (hdr.version == 4) { /* IPv4 */
ip->ip_hl==5?"":format_ip_options((u8*) ip + sizeof(struct ip), MIN((unsigned)(ip->ip_hl-5)*4,len-sizeof(struct ip))),
ip->ip_hl==5?"":"}");
}
} else { /* IPv6 */
const struct ip6_hdr *ip6;
const struct sockaddr_in6 *sin6;
@@ -2128,19 +2127,15 @@ if (hdr.version == 4) { /* IPv4 */
/* Create a string with information relevant to the specified level of detail */
if (detail == LOW_DETAIL) {
Snprintf(ipinfo, sizeof(ipinfo), "hopl=%d flow=%x payloadlen=%d",
ip6->ip6_hlim, ip6_fl, ntohs(ip6->ip6_plen)
);
ip6->ip6_hlim, ip6_fl, ntohs(ip6->ip6_plen));
} else if (detail == MEDIUM_DETAIL) {
Snprintf(ipinfo, sizeof(ipinfo), "hopl=%d tclass=%d flow=%x payloadlen=%d",
ip6->ip6_hlim, ip6_tc, ip6_fl, ntohs(ip6->ip6_plen)
);
ip6->ip6_hlim, ip6_tc, ip6_fl, ntohs(ip6->ip6_plen));
} else if (detail==HIGH_DETAIL) {
Snprintf(ipinfo, sizeof(ipinfo), "ver=6, tclass=%x flow=%x payloadlen=%d nh=%s hopl=%d ",
ip6_tc, ip6_fl, ntohs(ip6->ip6_plen),
nexthdrtoa(ip6->ip6_nxt, 1), ip6->ip6_hlim
);
nexthdrtoa(ip6->ip6_nxt, 1), ip6->ip6_hlim);
}
}
@@ -2152,7 +2147,6 @@ if (hdr.version == 4) { /* IPv4 */
char tcpoptinfo[256] = "";
tcp = (struct tcp_hdr *) data;
/* Let's parse the TCP header. The following code is very ugly because we
* have to deal with a lot of different situations. We don't want to
* segfault so we have to check every length and every bound to ensure we
@@ -2174,7 +2168,6 @@ if (hdr.version == 4) { /* IPv4 */
* byte TCP header.
*/
/* CASE 1: where we don't have the first 8 bytes of the TCP header because
* either the fragment belongs to somewhere past that or the IP contains
* less than 8 bytes. This also includes empty IP packets that say they
@@ -2188,23 +2181,30 @@ if (hdr.version == 4) { /* IPv4 */
* have, at least, the next 8 bytes so we can see the ACK number, the
* flags and window size. */
else if (frag_off == 8 && datalen >= 8) {
tcp = (struct tcp_hdr *)((u8 *) tcp - frag_off); // ugly?
/* TCP Flags */
p = tflags;
/* These are basically in tcpdump order */
if (tcp->th_flags & TH_SYN) *p++ = 'S';
if (tcp->th_flags & TH_FIN) *p++ = 'F';
if (tcp->th_flags & TH_RST) *p++ = 'R';
if (tcp->th_flags & TH_PUSH) *p++ = 'P';
if (tcp->th_flags & TH_ACK){ *p++ = 'A';
if (tcp->th_flags & TH_SYN)
*p++ = 'S';
if (tcp->th_flags & TH_FIN)
*p++ = 'F';
if (tcp->th_flags & TH_RST)
*p++ = 'R';
if (tcp->th_flags & TH_PUSH)
*p++ = 'P';
if (tcp->th_flags & TH_ACK) {
*p++ = 'A';
Snprintf(tcpinfo, sizeof(tcpinfo), " ack=%lu",
(unsigned long) ntohl(tcp->th_ack));
}
if (tcp->th_flags & TH_URG) *p++ = 'U';
if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR) *p++ = 'C'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_URG)
*p++ = 'U';
if (tcp->th_flags & TH_ECE)
*p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR)
*p++ = 'C'; /* rfc 2481/3168 */
*p++ = '\0';
/* TCP Options */
@@ -2244,13 +2244,11 @@ if (hdr.version == 4) { /* IPv4 */
tcpoptinfo, ipinfo);
}
}
}
/* CASE 3: where the IP packet is not a fragment but for some reason, we
* don't have the entire TCP header, just part of it.*/
else if (datalen > 0 && datalen < 20) {
/* We only have the first 32 bits: source and dst port */
if (datalen >= 4 && datalen < 8) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:%d > %s:%d ?? (incomplete) %s",
@@ -2282,18 +2280,26 @@ if (hdr.version == 4) { /* IPv4 */
if (datalen >= 16 && datalen < 20) {
p = tflags;
/* These are basically in tcpdump order */
if (tcp->th_flags & TH_SYN) *p++ = 'S';
if (tcp->th_flags & TH_FIN) *p++ = 'F';
if (tcp->th_flags & TH_RST) *p++ = 'R';
if (tcp->th_flags & TH_PUSH) *p++ = 'P';
if (tcp->th_flags & TH_ACK){ *p++ = 'A';
if (tcp->th_flags & TH_SYN)
*p++ = 'S';
if (tcp->th_flags & TH_FIN)
*p++ = 'F';
if (tcp->th_flags & TH_RST)
*p++ = 'R';
if (tcp->th_flags & TH_PUSH)
*p++ = 'P';
if (tcp->th_flags & TH_ACK) {
*p++ = 'A';
Snprintf(buf, sizeof(buf), " ack=%lu",
(unsigned long) ntohl(tcp->th_ack));
strncat(tcpinfo, buf, sizeof(tcpinfo) - strlen(tcpinfo) - 1);
}
if (tcp->th_flags & TH_URG) *p++ = 'U';
if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR) *p++ = 'C'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_URG)
*p++ = 'U';
if (tcp->th_flags & TH_ECE)
*p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR)
*p++ = 'C'; /* rfc 2481/3168 */
*p++ = '\0';
@@ -2318,7 +2324,6 @@ if (hdr.version == 4) { /* IPv4 */
(u8)tcp->th_off, (u8)tcp->th_x2, ntohs(tcp->th_win),
ipinfo);
}
}
}
@@ -2329,26 +2334,32 @@ if (hdr.version == 4) { /* IPv4 */
/* TCP Flags */
p = tflags;
/* These are basically in tcpdump order */
if (tcp->th_flags & TH_SYN) *p++ = 'S';
if (tcp->th_flags & TH_FIN) *p++ = 'F';
if (tcp->th_flags & TH_RST) *p++ = 'R';
if (tcp->th_flags & TH_PUSH) *p++ = 'P';
if (tcp->th_flags & TH_ACK){ *p++ = 'A';
if (tcp->th_flags & TH_SYN)
*p++ = 'S';
if (tcp->th_flags & TH_FIN)
*p++ = 'F';
if (tcp->th_flags & TH_RST)
*p++ = 'R';
if (tcp->th_flags & TH_PUSH)
*p++ = 'P';
if (tcp->th_flags & TH_ACK) {
*p++ = 'A';
Snprintf(buf, sizeof(buf), " ack=%lu",
(unsigned long) ntohl(tcp->th_ack));
strncat(tcpinfo, buf, sizeof(tcpinfo) - strlen(tcpinfo) - 1);
}
if (tcp->th_flags & TH_URG) *p++ = 'U';
if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR) *p++ = 'C'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_URG)
*p++ = 'U';
if (tcp->th_flags & TH_ECE)
*p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR)
*p++ = 'C'; /* rfc 2481/3168 */
*p++ = '\0';
/* TCP Options */
if ((u32) tcp->th_off * 4 > sizeof(struct tcp_hdr)) {
if (datalen < (unsigned int) tcp->th_off * 4) {
Snprintf(tcpoptinfo, sizeof(tcpoptinfo), "option incomplete");
} else {
tcppacketoptinfo((u8*) tcp + sizeof(struct tcp_hdr),
tcp->th_off*4 - sizeof(struct tcp_hdr),
@@ -2380,23 +2391,21 @@ if (hdr.version == 4) { /* IPv4 */
(tcpoptinfo[0]!='\0') ? " " : "",
tcpoptinfo, ipinfo);
}
}
else{
} else{
/* If the packet does not fall into any other category, then we have a
* really screwed up packet. */
really screwed-up packet. */
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? ?? %s (invalid TCP)",
srchost, dsthost, ipinfo);
}
/* UDP INFORMATION ***********************************************************/
} else if (hdr.proto == IPPROTO_UDP && frag_off) {
Snprintf(protoinfo, sizeof(protoinfo), "UDP %s:?? > %s:?? fragment %s (incomplete)", srchost, dsthost, ipinfo);
Snprintf(protoinfo, sizeof(protoinfo), "UDP %s:?? > %s:?? fragment %s (incomplete)",
srchost, dsthost, ipinfo);
} else if (hdr.proto == IPPROTO_UDP) {
udp = (struct udp_hdr *) data;
/* TODO: See if we can segfault if we receive a fragmented packet whose IP packet does not say a thing about fragmentation */
if (detail == LOW_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "UDP %s:%d > %s:%d %s",
srchost, ntohs(udp->uh_sport), dsthost, ntohs(udp->uh_dport),
@@ -2412,10 +2421,10 @@ if (hdr.version == 4) { /* IPv4 */
ipinfo);
}
/* SCTP INFORMATION **********************************************************/
} else if (hdr.proto == IPPROTO_SCTP && frag_off) {
Snprintf(protoinfo, sizeof(protoinfo), "SCTP %s:?? > %s:?? fragment %s (incomplete)", srchost, dsthost, ipinfo);
Snprintf(protoinfo, sizeof(protoinfo), "SCTP %s:?? > %s:?? fragment %s (incomplete)",
srchost, dsthost, ipinfo);
} else if (hdr.proto == IPPROTO_SCTP) {
sctp = (struct sctp_hdr *) data;
@@ -2434,12 +2443,11 @@ if (hdr.version == 4) { /* IPv4 */
ipinfo);
}
/* ICMP INFORMATION **********************************************************/
} else if (hdr.proto == IPPROTO_ICMP && frag_off) {
Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s fragment %s (incomplete)", srchost, dsthost, ipinfo);
Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s fragment %s (incomplete)",
srchost, dsthost, ipinfo);
} else if (hdr.proto == IPPROTO_ICMP) {
struct ip *ip2; /* Points to the IP datagram carried by some ICMP messages */
char *ip2dst; /* Dest IP in caried IP datagram */
u16 *nextmtu = NULL; /* Store next hop MTU when ICMP==Frag required */
@@ -2509,7 +2517,6 @@ if (hdr.version == 4) { /* IPv4 */
icmppkt = (struct icmp_packet *) data;
switch(icmppkt->type) {
/* Echo Reply **************************/
case 0:
strcpy(icmptype, "Echo reply");
@@ -2524,12 +2531,13 @@ if (hdr.version == 4) { /* IPv4 */
/* Check we have a full IP datagram included in the ICMP message */
pktlen += MAX( (ip2->ip_hl * 4), 20);
if (pktlen > datalen) {
if(datalen == 8)
if (datalen == 8) {
Snprintf(icmptype, sizeof icmptype, "Destination unreachable%s",
(detail!=LOW_DETAIL)? " (original datagram missing)" : "");
else
} else {
Snprintf(icmptype, sizeof icmptype, "Destination unreachable%s",
(detail!=LOW_DETAIL)? " (part of original datagram missing)" : "");
}
goto icmpbad;
}
@@ -2538,11 +2546,10 @@ if (hdr.version == 4) { /* IPv4 */
* see if it validates becuase just checking the version number
* is not enough. On average, if we get random data 1 out of
* 16 (2^4bits) times we will have value 4. */
if( (ip2->ip_v != (u8)4) || ((ip2->ip_hl * 4)<20) || ((ip2->ip_hl * 4)>60) ){
if ((ip2->ip_v != 4) || ((ip2->ip_hl * 4) < 20) || ((ip2->ip_hl * 4) > 60)) {
Snprintf(icmptype, sizeof icmptype, "Destination unreachable (bogus original datagram)");
goto icmpbad;
}else
} else {
/* We have the original datagram + the first 8 bytes of the
* transport layer header */
if (pktlen + 8 < datalen) {
@@ -2550,6 +2557,7 @@ if (hdr.version == 4) { /* IPv4 */
udp = (struct udp_hdr *) ((char *) ip2 + (ip2->ip_hl * 4));
sctp = (struct sctp_hdr *) ((char *) ip2 + (ip2->ip_hl * 4));
}
}
/* Determine the IP the original datagram was sent to */
ip2dst = inet_ntoa(ip2->ip_dst);
@@ -2651,7 +2659,8 @@ if (hdr.version == 4) { /* IPv4 */
strcpy(icmptype, "Network redirect");
else if (ping->code == 1)
strcpy(icmptype, "Host redirect");
else strcpy(icmptype, "Redirect (unknown code)");
else
strcpy(icmptype, "Redirect (unknown code)");
icmpredir = (struct icmp_redir *) icmppkt;
inet_ntop(AF_INET, &icmpredir->addr, auxbuff, sizeof(auxbuff));
Snprintf(icmpfields, sizeof(icmpfields), "addr=%s", auxbuff);
@@ -2687,7 +2696,8 @@ if (hdr.version == 4) { /* IPv4 */
strcpy(icmptype, "TTL=0 during transit");
else if (icmppkt->code == 1)
strcpy(icmptype, "TTL=0 during reassembly");
else strcpy(icmptype, "TTL exceeded (unknown code)");
else
strcpy(icmptype, "TTL exceeded (unknown code)");
break;
/* Parameter Problem *******************/
@@ -2763,7 +2773,6 @@ if (hdr.version == 4) { /* IPv4 */
break;
} /* End of ICMP Type switch */
if (pktlen > datalen) {
icmpbad:
if (ping) {
@@ -2787,7 +2796,6 @@ if (hdr.version == 4) { /* IPv4 */
Snprintf(protoinfo, sizeof(protoinfo), "ICMP [%s > %s %s (%s) %s] IP [%s]",
srchost, dsthost, icmptype, icmpinfo, icmpfields, ipinfo);
}
}
/* UNKNOWN PROTOCOL **********************************************************/
@@ -2799,7 +2807,6 @@ if (hdr.version == 4) { /* IPv4 */
hdr.proto, srchost, dsthost,
icmpv6->icmpv6_type, icmpv6->icmpv6_code, ipinfo);
} else {
if (nexthdrtoa(hdr.proto, 1) == NULL) {
Snprintf(protoinfo, sizeof(protoinfo), "Unknown protocol (%d) %s > %s: %s",
hdr.proto, srchost, dsthost, ipinfo);