parse_nmap_service_probe_file may not be static, some changes to osscan.cc for more verbose scripts/fingerdiff support

nmap-service-probes

@@ -1550,9 +1550,9 @@ match ssh m|^SSH-(\d[\d.]+)-lshd_(\d[-.\w]+) lsh - a free ssh\r\n\0\0| p/lshd se
 match ssh m/^SSH-([.\d]+)-Sun_SSH_(\S+)/ p/SunSSH/ v/$2/ i/protocol $1/
 match ssh m/^SSH-([.\d]+)-meow roototkt by rebel/ p/meow SSH ROOTKIT/ i/protocol $1/
 # Akamai hosted systems tend to run this - found on www.microsoft.com
-match ssh m|^SSH-(\d[.\d]*)-AKAMAI-I\n$| p/Akamai-I SSH/ i/protocol $1/
-match ssh m|^SSH-(\d[.\d]*)-Server-V\n$| p/Akamai-I SSH/ i/protocol $1/
-match ssh m|^SSH-(\d[.\d]*)-Server-VI\n$| p/Akamai-I SSH/ i/protocol $1/
+match ssh m|^SSH-(\d[.\d]*)-(AKAMAI-I*)\n$| p/Akamai SSH/ v/$2/ i/protocol $1/
+match ssh m|^SSH-(\d[.\d]*)-(Server-V)\n$| p/Akamai SSH/ v/$2/ i/protocol $1/
+match ssh m|^SSH-(\d[.\d]*)-(Server-VI)\n$| p/Akamai SSH/ v/$2/ i/protocol $1/
 match ssh m|^SSH-(\d[.\d]+)-Cisco-(\d[.\d]+)\n$| p/Cisco SSH/ v/$2/ i/protocol $1/ o/IOS/
 match ssh m|^SSH-(\d[.\d]+)-CiscoIOS_([\d.]+)XA\n| p/Cisco SSH/ v/$2/ i/protocol $1; Chinese IOS XA/ o/IOS/
 match ssh m|^\r\nDestination server does not have Ssh activated\.\r\nContact Cisco Systems, Inc to purchase a\r\nlicense key to activate Ssh\.\r\n| p/Cisco CSS SSH/ i/Unlicensed/

osscan.cc

@@ -1175,8 +1175,15 @@ static struct AVal *gettestbyname(FingerPrint *FP, const char *name) {
    is already there.  So initialize them to zero first if you only
    want to see the results from this match.  if shortcircuit is zero,
    it does all the tests, otherwise it returns when the first one
-   fails. */
-static int AVal_match(struct AVal *reference, struct AVal *fprint, unsigned long *num_subtests, unsigned long *num_subtests_succeeded, int shortcut) {
+   fails.  If you want details of the match process printed, pass n
+   onzero for 'verbose'.  In that case, you may also pass in the group
+   name (SEQ, T1, etc) to have that extra info printed.  If you pass 0
+   for verbose, you might as well pass NULL for testGroupName as it
+   won't be used. */
+static int AVal_match(struct AVal *reference, struct AVal *fprint, 
+		      unsigned long *num_subtests, 
+		      unsigned long *num_subtests_succeeded, int shortcut,
+		      int verbose, const char *testGroupName) {
   struct AVal *current_ref;
   struct AVal *current_fp;
   unsigned int number, number1;
@@ -1249,6 +1256,10 @@ static int AVal_match(struct AVal *reference, struct AVal *fprint, unsigned long
 	  if (num_subtests) *num_subtests += subtests;
 	  return 0;
 	}
+	if (verbose) 
+	  printf("%s.%s: \"%s\" NOMATCH \"%s\"\n", testGroupName, 
+		 current_ref->attribute, current_fp->value, 
+		 current_ref->value);
       } else subtests_succeeded++;
       /* Whew, we made it past one Attribute alive , on to the next! */
   }
@@ -1278,11 +1289,7 @@ double compare_fingerprints(FingerPrint *referenceFP, FingerPrint *observedFP,
     if (currentObservedTest) {
       new_subtests = new_subtests_succeeded = 0;
       AVal_match(currentReferenceTest->results, currentObservedTest, 
-		 &new_subtests, &new_subtests_succeeded, 0);
-      if (verbose && new_subtests_succeeded < new_subtests) 
-	printf("Test %s differs in %li attributes\n", 
-	       currentReferenceTest->name, 
-	       new_subtests - new_subtests_succeeded);      
+		 &new_subtests, &new_subtests_succeeded, 0, verbose, currentReferenceTest->name);
       num_subtests += new_subtests;
       num_subtests_succeeded += new_subtests_succeeded;
     }
@@ -1609,7 +1616,7 @@ do {
       if (i == numFPs - 1 || !currentFPs[i+1] ||
 	  strcmp(currentFPs[i]->name, currentFPs[i+1]->name) != 0 ||
 	  AVal_match(currentFPs[i]->results,currentFPs[i+1]->results, NULL,
-		     NULL, 1) ==0)
+		     NULL, 1, 0, NULL) ==0)
 	{
 	  changed = 1;
 	  Strncpy(p, currentFPs[i]->name, end - p);

service_scan.cc

@@ -1052,9 +1052,9 @@ void ServiceProbe::addMatch(const char *match, int lineno) {
   matches.push_back(newmatch);
 }
 
-// Parses the given nmap-service-probes file into the AP class
-/* Must NOT be static because I have external maintenance tools (servicematch)
-  which use this */
+/* Parses the given nmap-service-probes file into the AP class Must
+   NOT be made static because I have external maintenance tools
+   (servicematch) which use this */
 void parse_nmap_service_probe_file(AllProbes *AP, char *filename) {
   ServiceProbe *newProbe;
   char line[2048];

service_scan.h

@@ -341,6 +341,11 @@ protected:
 
 /**********************  PROTOTYPES  ***********************************/
 
+/* Parses the given nmap-service-probes file into the AP class Must
+   NOT be made static because I have external maintenance tools
+   (servicematch) which use this */
+void parse_nmap_service_probe_file(AllProbes *AP, char *filename);
+
 /* Execute a service fingerprinting scan against all open ports of the
    Targets specified. */
 int service_scan(std::vector<Target *> &Targets);

utils.cc

@@ -725,9 +725,11 @@ static inline char* STRAPP(char *fmt, ...) {
     bp = 0;
     return(buf);
   }
+  if (left <= 0)
+    return buf;
   va_list ap;
   va_start(ap, fmt);
-  bp += vsnprintf (buf+bp, (left>0 ? left : 0), fmt, ap);
+  bp += vsnprintf (buf+bp, left, fmt, ap);
   va_end(ap);
 
   return(buf);