mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 04:31:29 +00:00
250 lines
10 KiB
C++
250 lines
10 KiB
C++
|
|
/***************************************************************************
|
|
* output.h -- Handles the Nmap output system. This currently involves *
|
|
* console-style human readable output, XML output, Script |<iddi3 *
|
|
* output, and the legacy grepable output (used to be called "machine *
|
|
* readable"). I expect that future output forms (such as HTML) may be *
|
|
* created by a different program, library, or script using the XML *
|
|
* output. *
|
|
* *
|
|
***********************IMPORTANT NMAP LICENSE TERMS************************
|
|
*
|
|
* The Nmap Security Scanner is (C) 1996-2024 Nmap Software LLC ("The Nmap
|
|
* Project"). Nmap is also a registered trademark of the Nmap Project.
|
|
*
|
|
* This program is distributed under the terms of the Nmap Public Source
|
|
* License (NPSL). The exact license text applying to a particular Nmap
|
|
* release or source code control revision is contained in the LICENSE
|
|
* file distributed with that version of Nmap or source code control
|
|
* revision. More Nmap copyright/legal information is available from
|
|
* https://nmap.org/book/man-legal.html, and further information on the
|
|
* NPSL license itself can be found at https://nmap.org/npsl/ . This
|
|
* header summarizes some key points from the Nmap license, but is no
|
|
* substitute for the actual license text.
|
|
*
|
|
* Nmap is generally free for end users to download and use themselves,
|
|
* including commercial use. It is available from https://nmap.org.
|
|
*
|
|
* The Nmap license generally prohibits companies from using and
|
|
* redistributing Nmap in commercial products, but we sell a special Nmap
|
|
* OEM Edition with a more permissive license and special features for
|
|
* this purpose. See https://nmap.org/oem/
|
|
*
|
|
* If you have received a written Nmap license agreement or contract
|
|
* stating terms other than these (such as an Nmap OEM license), you may
|
|
* choose to use and redistribute Nmap under those terms instead.
|
|
*
|
|
* The official Nmap Windows builds include the Npcap software
|
|
* (https://npcap.com) for packet capture and transmission. It is under
|
|
* separate license terms which forbid redistribution without special
|
|
* permission. So the official Nmap Windows builds may not be redistributed
|
|
* without special permission (such as an Nmap OEM license).
|
|
*
|
|
* Source is provided to this software because we believe users have a
|
|
* right to know exactly what a program is going to do before they run it.
|
|
* This also allows you to audit the software for security holes.
|
|
*
|
|
* Source code also allows you to port Nmap to new platforms, fix bugs, and
|
|
* add new features. You are highly encouraged to submit your changes as a
|
|
* Github PR or by email to the dev@nmap.org mailing list for possible
|
|
* incorporation into the main distribution. Unless you specify otherwise, it
|
|
* is understood that you are offering us very broad rights to use your
|
|
* submissions as described in the Nmap Public Source License Contributor
|
|
* Agreement. This is important because we fund the project by selling licenses
|
|
* with various terms, and also because the inability to relicense code has
|
|
* caused devastating problems for other Free Software projects (such as KDE
|
|
* and NASM).
|
|
*
|
|
* The free version of Nmap is distributed in the hope that it will be
|
|
* useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Warranties,
|
|
* indemnification and commercial support are all available through the
|
|
* Npcap OEM program--see https://nmap.org/oem/
|
|
*
|
|
***************************************************************************/
|
|
|
|
/* $Id$ */
|
|
|
|
#ifndef OUTPUT_H
|
|
#define OUTPUT_H
|
|
|
|
#include <nbase.h> // __attribute__
|
|
|
|
#define LOG_NUM_FILES 4 /* # of values that actual files (they must come first */
|
|
#define LOG_FILE_MASK 15 /* The mask for log types in the file array */
|
|
#define LOG_NORMAL 1
|
|
#define LOG_MACHINE 2
|
|
#define LOG_SKID 4
|
|
#define LOG_XML 8
|
|
#define LOG_STDOUT 1024
|
|
#define LOG_STDERR 2048
|
|
#define LOG_SKID_NOXLT 4096
|
|
#define LOG_MAX LOG_SKID_NOXLT /* The maximum log type value */
|
|
|
|
#define LOG_PLAIN LOG_NORMAL|LOG_SKID|LOG_STDOUT
|
|
|
|
#define LOG_NAMES {"normal", "machine", "$Cr!pT |<!dd!3", "XML"}
|
|
|
|
#define PCAP_OPEN_ERRMSG "Call to pcap_open_live() failed three times. "\
|
|
"There are several possible reasons for this, depending on your operating "\
|
|
"system:\nLINUX: If you are getting Socket type not supported, try "\
|
|
"modprobe af_packet or recompile your kernel with PACKET enabled.\n "\
|
|
"*BSD: If you are getting device not configured, you need to recompile "\
|
|
"your kernel with Berkeley Packet Filter support. If you are getting "\
|
|
"No such file or directory, try creating the device (eg cd /dev; "\
|
|
"MAKEDEV <device>; or use mknod).\n*WINDOWS: Nmap only supports "\
|
|
"ethernet interfaces on Windows for most operations because Microsoft "\
|
|
"disabled raw sockets as of Windows XP SP2. Depending on the reason for "\
|
|
"this error, it is possible that the --unprivileged command-line argument "\
|
|
"will help.\nSOLARIS: If you are trying to scan localhost or the "\
|
|
"address of an interface and are getting '/dev/lo0: No such file or "\
|
|
"directory' or 'lo0: No DLPI device found', complain to Sun. I don't "\
|
|
"think Solaris can support advanced localhost scans. You can probably "\
|
|
"use \"-Pn -sT localhost\" though.\n\n"
|
|
|
|
#include "scan_lists.h"
|
|
#ifndef NOLUA
|
|
#include "nse_main.h"
|
|
#endif
|
|
class PortList;
|
|
class Target;
|
|
|
|
#include <stdarg.h>
|
|
#include <string>
|
|
|
|
#if TIME_WITH_SYS_TIME
|
|
# include <sys/time.h>
|
|
# include <time.h>
|
|
#else
|
|
# if HAVE_SYS_TIME_H
|
|
# include <sys/time.h>
|
|
# else
|
|
# include <time.h>
|
|
# endif
|
|
#endif
|
|
|
|
#ifdef WIN32
|
|
/* Show a fatal error explaining that an interface is not Ethernet and won't
|
|
work on Windows. Do nothing if --send-ip (PACKET_SEND_IP_STRONG) was used. */
|
|
void win32_fatal_raw_sockets(const char *devname);
|
|
#endif
|
|
|
|
/* Prints the familiar Nmap tabular output showing the "interesting"
|
|
ports found on the machine. It also handles the Machine/Grepable
|
|
output and the XML output. It is pretty ugly -- in particular I
|
|
should write helper functions to handle the table creation */
|
|
void printportoutput(const Target *currenths, const PortList *plist);
|
|
|
|
/* Prints the MAC address if one was found for the target (generally
|
|
this means that the target is directly connected on an ethernet
|
|
network. This only prints to human output -- XML is handled by a
|
|
separate call ( print_MAC_XML_Info ) because it needs to be printed
|
|
in a certain place to conform to DTD. */
|
|
void printmacinfo(const Target *currenths);
|
|
|
|
char *logfilename(const char *str, struct tm *tm);
|
|
|
|
/* Write some information (printf style args) to the given log stream(s).
|
|
Remember to watch out for format string bugs. */
|
|
void log_write(int logt, const char *fmt, ...)
|
|
__attribute__ ((format (printf, 2, 3)));
|
|
|
|
/* This is the workhorse of the logging functions. Usually it is
|
|
called through log_write(), but it can be called directly if you
|
|
are dealing with a vfprintf-style va_list. Unlike log_write, YOU
|
|
CAN ONLY CALL THIS WITH ONE LOG TYPE (not a bitmask full of them).
|
|
In addition, YOU MUST SANDWICH EACH EXECUTION OF THIS CALL BETWEEN
|
|
va_start() AND va_end() calls. */
|
|
void log_vwrite(int logt, const char *fmt, va_list ap);
|
|
|
|
/* Close the given log stream(s) */
|
|
void log_close(int logt);
|
|
|
|
/* Flush the given log stream(s). In other words, all buffered output
|
|
is written to the log immediately */
|
|
void log_flush(int logt);
|
|
|
|
/* Flush every single log stream -- all buffered output is written to the
|
|
corresponding logs immediately */
|
|
void log_flush_all();
|
|
|
|
/* Open a log descriptor of the type given to the filename given. If
|
|
append is nonzero, the file will be appended instead of clobbered if
|
|
it already exists. If the file does not exist, it will be created */
|
|
int log_open(int logt, bool append, const char *filename);
|
|
|
|
/* Output the list of ports scanned to the top of machine parseable
|
|
logs (in a comment, unfortunately). The items in ports should be
|
|
in sequential order for space savings and easier to read output */
|
|
void output_ports_to_machine_parseable_output(const struct scan_lists *ports);
|
|
|
|
/* Return a std::string containing all n strings separated by whitespace, and
|
|
individually quoted if needed. */
|
|
std::string join_quoted(const char * const strings[], unsigned int n);
|
|
|
|
/* Similar to output_ports_to_machine_parseable_output, this function
|
|
outputs the XML version, which is scaninfo records of each scan
|
|
requested and the ports which it will scan for */
|
|
void output_xml_scaninfo_records(const struct scan_lists *ports);
|
|
|
|
/* Writes a heading for a full scan report ("Nmap scan report for..."),
|
|
including host status and DNS records. */
|
|
void write_host_header(const Target *currenths);
|
|
|
|
/* Writes host status info to the log streams (including STDOUT). An
|
|
example is "Host: 10.11.12.13 (foo.bar.example.com)\tStatus: Up\n" to
|
|
machine log. */
|
|
void write_host_status(const Target *currenths);
|
|
|
|
/* Writes host status info to the XML stream wrapped in a <hosthint> tag */
|
|
void write_xml_hosthint(const Target *currenths);
|
|
|
|
/* Prints the formatted OS Scan output to stdout, logfiles, etc (but only
|
|
if an OS Scan was performed */
|
|
void printosscanoutput(const Target *currenths);
|
|
|
|
/* Prints the alternate hostname/OS/device information we got from the
|
|
service scan (if it was performed) */
|
|
void printserviceinfooutput(const Target *currenths);
|
|
|
|
#ifndef NOLUA
|
|
std::string protect_xml(const std::string s);
|
|
|
|
/* Use this function to report NSE_PRE_SCAN and NSE_POST_SCAN results */
|
|
void printscriptresults(const ScriptResults *scriptResults, stype scantype);
|
|
|
|
void printhostscriptresults(const Target *currenths);
|
|
#endif
|
|
|
|
/* Print a table with traceroute hops. */
|
|
void printtraceroute(const Target *currenths);
|
|
|
|
/* Print "times for host" output with latency. */
|
|
void printtimes(const Target *currenths);
|
|
|
|
/* Print a detailed list of Nmap interfaces and routes to
|
|
normal/skiddy/stdout output */
|
|
int print_iflist(void);
|
|
|
|
/* Prints a status message while the program is running */
|
|
void printStatusMessage();
|
|
|
|
void print_xml_finished_open(time_t timep, const struct timeval *tv);
|
|
|
|
void print_xml_hosts();
|
|
|
|
/* Prints the statistics and other information that goes at the very end
|
|
of an Nmap run */
|
|
void printfinaloutput();
|
|
|
|
/* Prints the names of data files that were loaded and the paths at which they
|
|
were found. */
|
|
void printdatafilepaths();
|
|
|
|
/* nsock logging interface */
|
|
void nmap_adjust_loglevel(bool trace);
|
|
void nmap_set_nsock_logger();
|
|
|
|
#endif /* OUTPUT_H */
|
|
|