PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity
Files
cde0b41cc0f2ac6bd8469411dc54be27c9783ee7
nmap/portreasons.cc
david cde0b41cc0 Merge r5744 from /nmap-exp/david/nmap-massping-migration. 
Add a handler for EACCES on initial connect.
2007-08-31 05:02:25 +00:00

387 lines
15 KiB
C++
Raw Blame History

/***************************************************************************
* portreasons.cc -- Verbose packet-level information on port states *
* *
***********************IMPORTANT NMAP LICENSE TERMS************************
* *
* The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap *
* is also a registered trademark of Insecure.Com LLC. This program is *
* free software; you may redistribute and/or modify it under the *
* terms of the GNU General Public License as published by the Free *
* Software Foundation; Version 2. This guarantees your right to use, *
* modify, and redistribute this software under certain conditions. If *
* you wish to embed Nmap technology into proprietary software, we may be *
* willing to sell alternative licenses (contact sales@insecure.com). *
* Many security scanner vendors already license Nmap technology such as *
* our remote OS fingerprinting database and code, service/version *
* detection system, and port scanning code. *
* *
* Note that the GPL places important restrictions on "derived works", yet *
* it does not provide a detailed definition of that term. To avoid *
* misunderstandings, we consider an application to constitute a *
* "derivative work" for the purpose of this license if it does any of the *
* following: *
* o Integrates source code from Nmap *
* o Reads or includes Nmap copyrighted data files, such as *
* nmap-os-fingerprints or nmap-service-probes. *
* o Executes Nmap and parses the results (as opposed to typical shell or *
* execution-menu apps, which simply display raw Nmap output and so are *
* not derivative works.) *
* o Integrates/includes/aggregates Nmap into a proprietary executable *
* installer, such as those produced by InstallShield. *
* o Links to a library or executes a program that does any of the above *
* *
* The term "Nmap" should be taken to also include any portions or derived *
* works of Nmap. This list is not exclusive, but is just meant to *
* clarify our interpretation of derived works with some common examples. *
* These restrictions only apply when you actually redistribute Nmap. For *
* example, nothing stops you from writing and selling a proprietary *
* front-end to Nmap. Just distribute it by itself, and point people to *
* http://www.insecure.org/nmap/ to download Nmap. *
* *
* We don't consider these to be added restrictions on top of the GPL, but *
* just a clarification of how we interpret "derived works" as it applies *
* to our GPL-licensed Nmap product. This is similar to the way Linus *
* Torvalds has announced his interpretation of how "derived works" *
* applies to Linux kernel modules. Our interpretation refers only to *
* Nmap - we don't speak for any other GPL products. *
* *
* If you have any questions about the GPL licensing restrictions on using *
* Nmap in non-GPL works, we would be happy to help. As mentioned above, *
* we also offer alternative license to integrate Nmap into proprietary *
* applications and appliances. These contracts have been sold to many *
* security vendors, and generally include a perpetual license as well as *
* providing for priority support and updates as well as helping to fund *
* the continued development of Nmap technology. Please email *
* sales@insecure.com for further information. *
* *
* As a special exception to the GPL terms, Insecure.Com LLC grants *
* permission to link the code of this program with any version of the *
* OpenSSL library which is distributed under a license identical to that *
* listed in the included Copying.OpenSSL file, and distribute linked *
* combinations including the two. You must obey the GNU GPL in all *
* respects for all of the code used other than OpenSSL. If you modify *
* this file, you may extend this exception to your version of the file, *
* but you are not obligated to do so. *
* *
* If you received these files with a written license agreement or *
* contract stating terms other than the terms above, then that *
* alternative license agreement takes precedence over these comments. *
* *
* Source is provided to this software because we believe users have a *
* right to know exactly what a program is going to do before they run it. *
* This also allows you to audit the software for security holes (none *
* have been found so far). *
* *
* Source code also allows you to port Nmap to new platforms, fix bugs, *
* and add new features. You are highly encouraged to send your changes *
* to fyodor@insecure.org for possible incorporation into the main *
* distribution. By sending these changes to Fyodor or one the *
* Insecure.Org development mailing lists, it is assumed that you are *
* offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right *
* to reuse, modify, and relicense the code. Nmap will always be *
* available Open Source, but this is important because the inability to *
* relicense code has caused devastating problems for other Free Software *
* projects (such as KDE and NASM). We also occasionally relicense the *
* code to third parties as discussed above. If you wish to specify *
* special license conditions of your contributions, just say so when you *
* send them. *
* *
* This program is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
* General Public License for more details at *
* http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included *
* with Nmap. *
* *
***************************************************************************/
/*
* Written by Eddie Bell <ejlbell@gmail.com> 2007
*/
#include <iostream>
#include "nmap.h"
#include "portlist.h"
#include "NmapOps.h"
#include "portreasons.h"
#include "Target.h"
#ifdef WIN32
#include "winfix.h"
#endif
extern NmapOps o;
class PortList;
/* Possible plural and singular reasons */
char *reason_text[ER_MAX+1]={
"reset", "conn-refused", "syn-ack", "syn-ack", "udp-response",
"proto-response", "perm-denied",
"net-unreach", "host-unreach", "proto-unreach",
"port-unreach", "echo-reply", "unknown", "unknown", "dest-unreach",
"source-quench", "net-prohibited", "host-prohibited", "unknown",
"unknown", "admin-prohibited", "unknown", "time-exceeded", "unknown", "unknown",
"timestamp-reply", "unknown", "unknown", "unknown", "addressmask-reply",
"no-ipid-change", "ipid-change", "arp-reponse", "tcp-response",
"no-response", "localhost-response", "unknown-response"
};
char *reason_pl_text[ER_MAX+1]={
"resets", "conn-refused", "syn-acks", "syn-acks", "udp-responses",
"proto-responses", "perm-denieds",
"net-unreaches", "host-unreaches", "proto-unreaches",
"port-unreaches", "echo-replies", "unknowns", "unknowns", "dest-unreaches",
"source-quenches", "net-prohibiteds", "host-prohibiteds", "unknowns",
"unknowns", "admin-prohibiteds", "unknowns", "time-exceededs", "unknowns",
"unknowns", "timestamp-replies", "unknowns", "unknowns", "unknowns",
"addressmask-replies", "no-ipid-changes", "ipid-changes", "arp-responses",
"tcp-responses", "no-responses", "localhost-response", "unknown-responses"
};
static void state_reason_summary_init(state_reason_summary_t *r) {
r->reason_id = ER_UNKNOWN;
r->count = 0;
r->next = NULL;
}
static void state_reason_summary_dinit(state_reason_summary_t *r) {
state_reason_summary_t *tmp;
while(r != NULL) {
tmp = r->next;
free(r);
r = tmp;
}
}
/* Counts how different valid state reasons exist */
static int state_summary_size(state_reason_summary_t *head) {
state_reason_summary_t *current = head;
int size = 0;
while(current) {
if(current->count > 0)
size++;
current = current->next;
}
return size;
}
/* Simon Tatham's linked list merge sort
*
* Merge sort works really well on linked lists
* because it does not require the O(N) extra space
* needed with arrays */
static state_reason_summary_t *reason_sort(state_reason_summary_t *list) {
state_reason_summary_t *p, *q, *e, *tail;
int insize = 1, nmerges, psize, qsize, i;
if (!list)
return NULL;
while (1) {
p = list;
list = NULL;
tail = NULL;
nmerges = 0;
while (p) {
nmerges++;
q = p;
psize = 0;
for (i = 0; i < insize; i++) {
psize++;
q = q->next;
if (!q) break;
}
qsize = insize;
while (psize > 0 || (qsize > 0 && q)) {
if (psize == 0) {
e = q; q = q->next; qsize--;
} else if (qsize == 0 || !q) {
e = p; p = p->next; psize--;
} else if (q->count<p->count) {
e = p; p = p->next; psize--;
} else {
e = q; q = q->next; qsize--;
}
if (tail) {
tail->next = e;
} else {
list = e;
}
tail = e;
}
p = q;
}
tail->next = NULL;
if (nmerges <= 1)
return list;
insize *= 2;
}
}
/* Builds and aggregates reason state summary messages */
static int update_state_summary(state_reason_summary_t *head, reason_t reason_id) {
state_reason_summary_t *tmp = head;
if(tmp == NULL)
return -1;
while(1) {
if(tmp->reason_id == reason_id) {
tmp->count++;
return 0;
}
if(tmp->next == NULL) {
if((tmp->next = (state_reason_summary_t *)malloc(sizeof(state_reason_summary_t))) == NULL) {
perror("malloc() -> Cannot allocate state reason structures");
return -1;
}
tmp = tmp->next;
break;
}
tmp = tmp->next;
}
state_reason_summary_init(tmp);
tmp->reason_id = reason_id;
tmp->count = 1;
return 0;
}
/* Converts Port objects and their corrosponsing state_reason structures into
* state_reason_summary structures using update_state_summary */
static unsigned int get_state_summary(state_reason_summary_t *head, PortList *Ports, int state) {
Port *current = NULL;
state_reason_summary_t *reason;
unsigned int total = 0;
unsigned short proto = (o.ipprotscan) ? IPPROTO_IP : TCPANDUDP;
if(head == NULL)
return 0;
reason = head;
while((current = Ports->nextPort(current, proto, state)) != NULL) {
if(Ports->isIgnoredState(current->state)) {
total++;
update_state_summary(reason, current->reason.reason_id);
}
}
return total;
}
/* parse and sort reason summary for main print_* functions */
static state_reason_summary_t *print_state_summary_internal(PortList *Ports, int state) {
state_reason_summary_t *reason_head;
if((reason_head = (state_reason_summary_t *)malloc(sizeof(state_reason_summary_t))) == NULL) {
perror("malloc() -> Cannot allocate state reason structures");
return NULL;
}
state_reason_summary_init(reason_head);
if((get_state_summary(reason_head, Ports, state) < 1)) {
state_reason_summary_dinit(reason_head);
return NULL;
}
if((reason_head = reason_sort(reason_head)) == NULL)
return NULL;
return reason_head;
}
/* looks up reason_id's and returns with the plural or singular
* string representation. If 'number' is equal to 1 then the
* singular is used, otherwise the plural */
const char *reason_str(reason_t reason_code, unsigned int number) {
if(reason_code > ER_MAX)
return "unknown";
if(number == 1)
return reason_text[reason_code];
else
return reason_pl_text[reason_code];
}
void state_reason_init(state_reason_t *reason) {
reason->reason_id = ER_UNKNOWN;
reason->ip_addr.s_addr = 0;
reason->ttl = 0;
}
/* Main external interface to converting, building, sorting and
* printing plain-text state reason summaries */
void print_state_summary(PortList *Ports, unsigned short type) {
state_reason_summary_t *reason_head, *currentr;
bool first_time = true;
char *separator = ", ";
int states;
if((reason_head = print_state_summary_internal(Ports, 0)) == NULL)
return;
if(type == STATE_REASON_EMPTY)
log_write(LOG_PLAIN, " because of");
else if(type == STATE_REASON_FULL)
log_write(LOG_PLAIN, "Reason:");
else
assert(0);
states = state_summary_size(reason_head);
currentr = reason_head;
while(currentr != NULL) {
if(states == 1 && (!first_time))
separator = " and ";
if(currentr->count > 0) {
log_write(LOG_PLAIN, "%s%d %s", (first_time) ? " " : separator,
currentr->count, reason_str(currentr->reason_id, currentr->count));
first_time = false;
}
states--;
currentr = currentr->next;
}
if(type == STATE_REASON_FULL)
log_write(LOG_PLAIN, "\n");
state_reason_summary_dinit(reason_head);
}
void print_xml_state_summary(PortList *Ports, int state) {
state_reason_summary_t *reason_head, *currentr;
if((currentr = reason_head = print_state_summary_internal(Ports, state)) == NULL)
return;
while(currentr != NULL) {
if(currentr->count > 0)
log_write(LOG_XML, "<extrareasons reason=\"%s\" count=\"%d\"/>\n",
reason_str(currentr->reason_id, currentr->count), currentr->count);
currentr = currentr->next;
}
state_reason_summary_dinit(reason_head);
}
/* converts target into reason message for ping scans. Uses a static
* buffer so new values overwrite old values */
char *target_reason_str(Target *t) {
static char reason[128];
memset(reason,'\0', 128);
assert(t->reason.reason_id != ER_NORESPONSE);
Snprintf(reason, 128, ", received %s",reason_str(t->reason.reason_id, SINGULAR));
return reason;
}
/* Build an output string based on reason and source ip address.
* uses a static return value so previous values will be over
* written by subsequent calls */
char *port_reason_str(state_reason_t r) {
static char reason[128];
memset(reason,'\0', 128);
Snprintf(reason, 128, "%s%s%s", reason_str(r.reason_id, SINGULAR),
(r.ip_addr.s_addr==0)?"":" from ",
(r.ip_addr.s_addr==0)?"":inet_ntoa(r.ip_addr));
return reason;
}
Reference in New Issue View Git Blame Copy Permalink