autosec-devel Mailing List for Automated Security Tools (Page 6)
Brought to you by:
red0x
Menu
▾
▴
autosec-devel — Developer Mailing List
You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
(30) |
Aug
(53) |
Sep
(4) |
Oct
(39) |
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
|
Feb
|
Mar
(1) |
Apr
(31) |
May
(15) |
Jun
(1) |
Jul
(1) |
Aug
(7) |
Sep
(42) |
Oct
(37) |
Nov
(39) |
Dec
(15) |
| 2004 |
Jan
(10) |
Feb
(17) |
Mar
(2) |
Apr
(56) |
May
(22) |
Jun
(17) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2005 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(10) |
| 2007 |
Jan
(2) |
Feb
(7) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <re...@us...> - 2004-01-17 03:12:35
|
Update of /cvsroot/autosec/sonar/plugins
In directory sc8-pr-cvs1:/tmp/cvs-serv14128/plugins
Modified Files:
log_file.c log_xml.c network_icmp.c rfc793.c
Log Message:
Removed results_t and placed it all in target_t
Index: log_file.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/log_file.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** log_file.c 10 Nov 2003 10:13:20 -0000 1.14
--- log_file.c 17 Jan 2004 03:12:31 -0000 1.15
***************
*** 40,44 ****
static int plugin_close(void);
static int plugin_output(char *msg, va_list * ap);
! static int plugin_results(result_t *result);
static void plugin_usage(void);
static void plugin_status(void);
--- 40,44 ----
static int plugin_close(void);
static int plugin_output(char *msg, va_list * ap);
! static int plugin_results(target_t *result, unsigned int num);
static void plugin_usage(void);
static void plugin_status(void);
***************
*** 215,219 ****
}
! static int null_result(result_t *result)
{
/* there is no way to report the hostname if we didn't get any responses :( */
--- 215,219 ----
}
! static int null_result(target_t *result)
{
/* there is no way to report the hostname if we didn't get any responses :( */
***************
*** 223,227 ****
}
! static int plugin_results(result_t *result)
{
struct sockaddr_in *sa = NULL;
--- 223,227 ----
}
! static int plugin_results(target_t *result, unsigned int num)
{
struct sockaddr_in *sa = NULL;
***************
*** 229,280 ****
char ip6sa_format[] = "%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x\0";
char buf[256];
! int i;
!
! assert(result != NULL);
! if(result->ainfo == NULL)
! return null_result(result);
! memset(buf, 0, 256);
! fprintf(my_fp, "Host %s[", result->ainfo->ai_canonname);
! switch(result->ainfo->ai_family)
! {
! case PF_INET:
! sa = (struct sockaddr_in*) result->ainfo->ai_addr;
! fprintf(my_fp, "%s] results:", inet_ntoa(sa->sin_addr));
! break;
! case PF_INET6:
! sa6 = (struct sockaddr_in6 *) result->ainfo->ai_addr;
! snprintf(buf, 255, ip6sa_format, sa6->sin6_addr.s6_addr[0], sa6->sin6_addr.s6_addr[1],
! sa6->sin6_addr.s6_addr[2], sa6->sin6_addr.s6_addr[3], sa6->sin6_addr.s6_addr[4],
! sa6->sin6_addr.s6_addr[5], sa6->sin6_addr.s6_addr[6], sa6->sin6_addr.s6_addr[7],
! sa6->sin6_addr.s6_addr[8], sa6->sin6_addr.s6_addr[9], sa6->sin6_addr.s6_addr[10],
! sa6->sin6_addr.s6_addr[11], sa6->sin6_addr.s6_addr[12], sa6->sin6_addr.s6_addr[13],
! sa6->sin6_addr.s6_addr[14], sa6->sin6_addr.s6_addr[15]);
! fprintf(my_fp, "%s] results:", buf);
! break;
! default:
! fprintf(my_fp, "unknown] results:");
! };
! fprintf(my_fp, " rtt=%0.2f ttl=%d\n", result->rtt, result->ttl);
! /* print the port info */
! for(i =0; i < 65536; i++)
{
! switch(result->ports[i])
{
! case PORT_OPENED:
! fprintf(my_fp, " port %d state: open range: %0.2f ttl: %u\n", i, result->rtt, result->ttl);
! break;
! case PORT_CLOSED:
! fprintf(my_fp, " port %d state: closed range: %0.2f ttl: %u\n", i, result->rtt, result->ttl);
! break;
! case PORT_FILTERED:
! fprintf(my_fp, " port %d state: filtered range: %0.2f ttl: %u\n", i, result->rtt, result->ttl);
break;
! case PORT_UNFILTERED:
! fprintf(my_fp, " port %d state: unfiltered range: %0.2f ttl: %u\n", i, result->rtt, result->ttl);
break;
}
}
-
return PLUGIN_OK;
}
--- 229,290 ----
char ip6sa_format[] = "%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x:%x\0";
char buf[256];
! int i, j;
! for(j = 0; j < num; j++)
{
! assert(result != NULL);
! if(result->addrinfo == NULL)
{
! null_result(result);
! continue;
! }
!
! memset(buf, 0, 256);
! fprintf(my_fp, "Host %s[", result->addrinfo->ai_canonname);
! switch(result->addrinfo->ai_family)
! {
! case PF_INET:
! sa = (struct sockaddr_in*) result->addrinfo->ai_addr;
! fprintf(my_fp, "%s] results:", inet_ntoa(sa->sin_addr));
break;
! case PF_INET6:
! sa6 = (struct sockaddr_in6 *) result->addrinfo->ai_addr;
! snprintf(buf, 255, ip6sa_format, sa6->sin6_addr.s6_addr[0], sa6->sin6_addr.s6_addr[1],
! sa6->sin6_addr.s6_addr[2], sa6->sin6_addr.s6_addr[3], sa6->sin6_addr.s6_addr[4],
! sa6->sin6_addr.s6_addr[5], sa6->sin6_addr.s6_addr[6], sa6->sin6_addr.s6_addr[7],
! sa6->sin6_addr.s6_addr[8], sa6->sin6_addr.s6_addr[9], sa6->sin6_addr.s6_addr[10],
! sa6->sin6_addr.s6_addr[11], sa6->sin6_addr.s6_addr[12], sa6->sin6_addr.s6_addr[13],
! sa6->sin6_addr.s6_addr[14], sa6->sin6_addr.s6_addr[15]);
! fprintf(my_fp, "%s] results:", buf);
break;
+ default:
+ fprintf(my_fp, "unknown] results:");
+ };
+ fprintf(my_fp, " rtt=%0.2f ttl=%d mask=%d\n", result->stats.rtt_min, result->stats.ttl, result->netmask);
+ /* print the port info */
+ for(i =0; i < 65536; i++)
+ {
+ switch(result->ports[i])
+ {
+ case PORT_OPENED:
+ fprintf(my_fp, " port %d state: open range: %0.2f ttl: %u\n", i, result->stats.rtt_avg, result->stats.ttl);
+ break;
+ case PORT_CLOSED:
+ fprintf(my_fp, " port %d state: closed range: %0.2f ttl: %u\n", i, result->stats.rtt_avg, result->stats.ttl);
+ break;
+ case PORT_FILTERED:
+ fprintf(my_fp, " port %d state: filtered range: %0.2f ttl: %u\n", i, result->stats.rtt_avg, result->stats.ttl);
+ break;
+ case PORT_UNFILTERED:
+ fprintf(my_fp, " port %d state: unfiltered range: %0.2f ttl: %u\n", i, result->stats.rtt_avg, result->stats.ttl);
+ break;
+ }
}
+ fprintf(my_fp, " stats: sent: %d, recvd: %d, dropped: %d\n", result->stats.packets_sent, result->stats.packets_recvd,
+ result->stats.packets_sent - result->stats.packets_recvd);
+ fprintf(my_fp, " rtt (min/max/avg): %.2f/%.2f/%.2f ms\n", result->stats.rtt_min, result->stats.rtt_max,
+ result->stats.rtt_avg);
+ result = result->next;
}
return PLUGIN_OK;
}
Index: log_xml.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/log_xml.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** log_xml.c 10 Nov 2003 10:13:20 -0000 1.2
--- log_xml.c 17 Jan 2004 03:12:31 -0000 1.3
***************
*** 43,47 ****
static int plugin_close(void);
static int plugin_output(char *msg, va_list * ap);
! static int plugin_results(result_t *result);
static void plugin_usage(void);
static void plugin_status(void);
--- 43,47 ----
static int plugin_close(void);
static int plugin_output(char *msg, va_list * ap);
! static int plugin_results(target_t *result, unsigned int num);
static void plugin_usage(void);
static void plugin_status(void);
***************
*** 223,227 ****
}
! static int null_result(result_t *result)
{
/* as of right now, there is no way to report dead hosts */
--- 223,227 ----
}
! static int null_result(target_t *result)
{
/* as of right now, there is no way to report dead hosts */
***************
*** 230,234 ****
}
! static int plugin_results(result_t *result)
{
struct sockaddr_in *sa = NULL;
--- 230,234 ----
}
! static int plugin_results(target_t *result, unsigned int num_hosts)
{
struct sockaddr_in *sa = NULL;
***************
*** 237,293 ****
char buf[256];
/*struct sockaddr_un *un;*/
- assert(result != NULL);
- int i;
-
- if(result->ainfo == NULL)
- return null_result(result);
! memset(buf, 0, 256);
! fprintf(my_fp, "\t<host hostname=\"%s\" rtt=\"%0.2f\" ttl=\"%d\"", result->ainfo->ai_canonname, result->rtt, result->ttl);
! switch(result->ainfo->ai_family)
! {
! case PF_INET:
! sa = (struct sockaddr_in*) result->ainfo->ai_addr;
! fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", inet_ntoa(sa->sin_addr), "ipv4");
! break;
! case PF_INET6:
! sa6 = (struct sockaddr_in6 *) result->ainfo->ai_addr;
! snprintf(buf, 255, ip6sa_format, sa6->sin6_addr.s6_addr[0], sa6->sin6_addr.s6_addr[1],
! sa6->sin6_addr.s6_addr[2], sa6->sin6_addr.s6_addr[3], sa6->sin6_addr.s6_addr[4],
! sa6->sin6_addr.s6_addr[5], sa6->sin6_addr.s6_addr[6], sa6->sin6_addr.s6_addr[7],
! sa6->sin6_addr.s6_addr[8], sa6->sin6_addr.s6_addr[9], sa6->sin6_addr.s6_addr[10],
! sa6->sin6_addr.s6_addr[11], sa6->sin6_addr.s6_addr[12], sa6->sin6_addr.s6_addr[13],
! sa6->sin6_addr.s6_addr[14], sa6->sin6_addr.s6_addr[15]);
! fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", buf, "ipv6");
! break;
! /*case PF_UNIX:
! un = (struct sockaddr_un*) result->ainfo->ai_addr;
! fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", un->sun_path, "unix");
! break;*/
! default:
! fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", "unknown-type", "unknown");
! };
! /* print the port info */
! for(i =0; i < 65536; i++)
{
! switch(result->ports[i])
{
! case PORT_OPENED:
! fprintf(my_fp, "\t\t<port number=\"%d\" state=\"open\"/>\n", i);
! break;
! case PORT_CLOSED:
! fprintf(my_fp, "\t\t<port number=\"%d\" state=\"closed\"/>\n", i);
! break;
! case PORT_FILTERED:
! fprintf(my_fp, "\t\t<port number=\"%d\" state=\"filtered\"/>\n", i);
break;
! case PORT_UNFILTERED:
! fprintf(my_fp, "\t\t<port number=\"%d\" state=\"unfiltered\"/>\n", i);
break;
}
}
- fprintf(my_fp, "\t</host>\n");
- fflush(my_fp);
return PLUGIN_OK;
}
--- 237,306 ----
char buf[256];
/*struct sockaddr_un *un;*/
! int i, j;
! for(j = 0; j< num_hosts; j++)
{
! assert(result != NULL);
! if(result->addrinfo == NULL)
{
! null_result(result);
! continue;
! }
!
! memset(buf, 0, 256);
! fprintf(my_fp, "\t<host hostname=\"%s\" rtt=\"%0.2f\" ttl=\"%d\" mask=\"%d\"", result->addrinfo->ai_canonname,
! result->stats.rtt_avg, result->stats.ttl, result->netmask);
! switch(result->addrinfo->ai_family)
! {
! case PF_INET:
! sa = (struct sockaddr_in*) result->addrinfo->ai_addr;
! fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", inet_ntoa(sa->sin_addr), "ipv4");
break;
! case PF_INET6:
! sa6 = (struct sockaddr_in6 *) result->addrinfo->ai_addr;
! snprintf(buf, 255, ip6sa_format, sa6->sin6_addr.s6_addr[0], sa6->sin6_addr.s6_addr[1],
! sa6->sin6_addr.s6_addr[2], sa6->sin6_addr.s6_addr[3], sa6->sin6_addr.s6_addr[4],
! sa6->sin6_addr.s6_addr[5], sa6->sin6_addr.s6_addr[6], sa6->sin6_addr.s6_addr[7],
! sa6->sin6_addr.s6_addr[8], sa6->sin6_addr.s6_addr[9], sa6->sin6_addr.s6_addr[10],
! sa6->sin6_addr.s6_addr[11], sa6->sin6_addr.s6_addr[12], sa6->sin6_addr.s6_addr[13],
! sa6->sin6_addr.s6_addr[14], sa6->sin6_addr.s6_addr[15]);
! fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", buf, "ipv6");
break;
+ /*case PF_UNIX:
+ un = (struct sockaddr_un*) result->ainfo->ai_addr;
+ fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", un->sun_path, "unix");
+ break;*/
+ default:
+ fprintf(my_fp, " address=\"%s\" addr-type=\"%s\">\n", "unknown-type", "unknown");
+ };
+
+ /* print the port info */
+ for(i =0; i < 65536; i++)
+ {
+ switch(result->ports[i])
+ {
+ case PORT_OPENED:
+ fprintf(my_fp, "\t\t<port number=\"%d\" state=\"open\"/>\n", i);
+ break;
+ case PORT_CLOSED:
+ fprintf(my_fp, "\t\t<port number=\"%d\" state=\"closed\"/>\n", i);
+ break;
+ case PORT_FILTERED:
+ fprintf(my_fp, "\t\t<port number=\"%d\" state=\"filtered\"/>\n", i);
+ break;
+ case PORT_UNFILTERED:
+ fprintf(my_fp, "\t\t<port number=\"%d\" state=\"unfiltered\"/>\n", i);
+ break;
+ }
}
+ fprintf(my_fp, "\t\t<stats sent=\"%d\" recvd=\"%d\" dropped=\"%d\" ", result->stats.packets_sent, result->stats.packets_recvd,
+ result->stats.packets_sent - result->stats.packets_recvd);
+ fprintf(my_fp, " rtt_min=\"%.2f\" rtt_max=\"%.2f\" rtt_avg=\"%.2f\" />\n", result->stats.rtt_min, result->stats.rtt_max,
+ result->stats.rtt_avg);
+ fprintf(my_fp, "\t</host>\n");
+ fflush(my_fp);
+ result = result->next;
}
return PLUGIN_OK;
}
Index: network_icmp.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/network_icmp.c,v
retrieving revision 1.34
retrieving revision 1.35
diff -C2 -d -r1.34 -r1.35
*** network_icmp.c 12 Jan 2004 09:20:40 -0000 1.34
--- network_icmp.c 17 Jan 2004 03:12:31 -0000 1.35
***************
*** 24,27 ****
--- 24,28 ----
#include <assert.h>
#include <pthread.h>
+ #include <errno.h>
#include "network_icmp.h"
#include "error.h"
***************
*** 94,99 ****
// this is assumed
mthis = (sonar_t *) in_data;
! if(mthis->api < 5)
! err_msg("Plugin API must be 5 or higher, update sonar");
srand(getpid() ^ (uid_t) time(NULL));
--- 95,100 ----
// this is assumed
mthis = (sonar_t *) in_data;
! if(mthis->api < 6)
! err_msg("Plugin API must be 6 or higher, update sonar");
srand(getpid() ^ (uid_t) time(NULL));
***************
*** 103,107 ****
seq_no = (int) (256.0 * rand() / (RAND_MAX + 0.0));
payload_file = NULL;
! pthis.version = 5; /* set API version 5 */
//setup my plugin stuff
--- 104,108 ----
seq_no = (int) (256.0 * rand() / (RAND_MAX + 0.0));
payload_file = NULL;
! pthis.version = 6; /* set API version 5 */
//setup my plugin stuff
***************
*** 279,283 ****
{
// load socket stuff here
- // i_data will be the TTL to set it to
uid_t uid;
struct linger l;
--- 280,283 ----
***************
*** 287,291 ****
assert(mthis->getprivs != NULL);
assert(mthis->dropprivs != NULL);
!
if(mthis->pCon.iPostDelay == -1)
mthis->pCon.iPostDelay = 0; //default Post Delay of (NONE)
--- 287,291 ----
assert(mthis->getprivs != NULL);
assert(mthis->dropprivs != NULL);
!
if(mthis->pCon.iPostDelay == -1)
mthis->pCon.iPostDelay = 0; //default Post Delay of (NONE)
***************
*** 658,662 ****
err_msg("wrote %d bytes\n", bwrote);
}
!
}
return PLUGIN_OK;
--- 658,662 ----
err_msg("wrote %d bytes\n", bwrote);
}
! target->stats.packets_sent++;
}
return PLUGIN_OK;
***************
*** 669,673 ****
* @return This thread returns NULL when its done.
*/
! static void *recv_thread(void *arg) //struct recv_t *rec)
{
fd_set rfds;
--- 669,673 ----
* @return This thread returns NULL when its done.
*/
! static void *recv_thread(void *arg)
{
fd_set rfds;
***************
*** 675,679 ****
struct icmp *icmphdr;
unsigned short iphdrlen;
! unsigned long triptime;
unsigned long num_res = 0;
struct timeval *tv, tr;
--- 675,679 ----
struct icmp *icmphdr;
unsigned short iphdrlen;
! double triptime;
unsigned long num_res = 0;
struct timeval *tv, tr;
***************
*** 684,691 ****
struct sockaddr_in from;
static struct addrinfo *ai = NULL;
- result_t *results, /* results used to pass back to sonar */
- *first_res; /* first on the list */
- static result_t res; /* temporary for *this* result */
int psuedo = false;
/* signals, baby */
--- 684,689 ----
struct sockaddr_in from;
static struct addrinfo *ai = NULL;
int psuedo = false;
+ target_t *my_host;
/* signals, baby */
***************
*** 694,705 ****
signal(SIGHUP, sig_handler);
signal(SIGSEGV, sig_handler);
! /* make us a list */
! results = (result_t *) malloc(sizeof(result_t));
! if(!results)
! err_sys("No memory for result list.\n");
! first_res = results; /* store a pointer to the top of the list */
rec->responses = 0;
- memset(&res, 0, sizeof(result_t));
- memset(results, 0, sizeof(result_t));
while((done == 0 || clock() <= rec->max) && rec->responses < rec->hosts)
--- 692,697 ----
signal(SIGHUP, sig_handler);
signal(SIGSEGV, sig_handler);
!
rec->responses = 0;
while((done == 0 || clock() <= rec->max) && rec->responses < rec->hosts)
***************
*** 707,710 ****
--- 699,703 ----
tr.tv_sec = 0;
tr.tv_usec = 0;
+ my_host = NULL;
FD_ZERO(&rfds);
***************
*** 714,718 ****
if(ret == -1)
{
! *(pthis.err) = PLUGIN_ERROR;
err_ret("could not select socket\n");
return NULL; //PLUGIN_ERROR;
--- 707,711 ----
if(ret == -1)
{
! *(pthis.err) = errno;
err_ret("could not select socket\n");
return NULL; //PLUGIN_ERROR;
***************
*** 740,745 ****
continue;
}
-
- memset(&res, 0, sizeof(result_t));
iphdr = (struct ip *) buf;
--- 733,736 ----
***************
*** 792,806 ****
// can't check based on icmp id's, cause only linux keeps these in replies
! // now we check that the sequence number is in range
! if(icmphdr->icmp_seq > seq_no2 + 1 || icmphdr->icmp_seq < low_seq)
! {
! //keep looking
! continue;
! }/*
! if(icmphdr->i_id != getpid())
{
//keep looking
continue;
}*/
gettimeofday(&tr, &tz);
--- 783,796 ----
// can't check based on icmp id's, cause only linux keeps these in replies
! // check based on if we asked to scan this host
! /*if(icmphdr->icmp_seq < low_seq || icmphdr->icmp_seq > seq_no2 + 1)
{
//keep looking
continue;
}*/
+ if((my_host = mthis->find_target(mthis, ai)) == NULL)
+ {
+ continue;
+ }
gettimeofday(&tr, &tz);
***************
*** 819,822 ****
--- 809,813 ----
icmphdr->icmp_code);
rec->responses++;
+
break;
}
***************
*** 832,862 ****
ai->ai_canonname);
- continue;
}
}
! res.next = NULL;
! len = strlen(ai->ai_canonname);
- /* i have problems here, as sometimes this b0rks when its time to get freed */
- res.hostname = (char *) malloc (len +1);
- if(!res.hostname)
- err_sys("Could not malloc!\n");
- memset(res.hostname, 0, len+1);
- strncpy(res.hostname, ai->ai_canonname, len);
- res.ainfo = ai;
- res.rtt = (double) triptime;
- res.ttl = iphdr->ip_ttl;
- res.user_data = NULL;
num_res++;
mthis->message
! ("%s[%s] online: icmp_seq = %d. range: %lu ms ttl: %d size: %d\n",
ai->ai_canonname, inet_ntoa(from.sin_addr), icmphdr->icmp_seq,
triptime, iphdr->ip_ttl, ntohs(iphdr->ip_len));
- /* put the result in the list */
- mthis->insert_results(results, &res);
- /* get rid of our address memory, we dont need it now */
- freeaddrinfo(ai);
if(mthis->pCon.prog != NULL)
--- 823,851 ----
ai->ai_canonname);
}
+ continue;
}
! if(triptime < my_host->stats.rtt_min || my_host->stats.rtt_min == 0)
! my_host->stats.rtt_min = triptime;
! if(triptime > my_host->stats.rtt_max || my_host->stats.rtt_max == 0)
! my_host->stats.rtt_max = triptime;
! if(my_host->stats.rtt_avg == 0)
! my_host->stats.rtt_avg = triptime;
! else
! my_host->stats.rtt_avg = ((((double) my_host->stats.packets_recvd - 1) * my_host->stats.rtt_avg) + triptime) /
! (double) my_host->stats.packets_recvd;
! if(my_host->stats.rtt_avg < 0)
! my_host->stats.rtt_avg *= -1;
!
! my_host->stats.ttl = iphdr->ip_ttl;
! my_host->stats.packets_recvd++;
num_res++;
mthis->message
! ("%s[%s]\tonline: icmp_seq = %d. range: %.2f ms ttl: %d size: %d\n",
ai->ai_canonname, inet_ntoa(from.sin_addr), icmphdr->icmp_seq,
triptime, iphdr->ip_ttl, ntohs(iphdr->ip_len));
if(mthis->pCon.prog != NULL)
***************
*** 871,882 ****
}
}
! rec->responses++;
continue;
}
- /* these will work even if results are zero */
- mthis->results(results, num_res);
- mthis->free_results(results);
-
result = rec->hosts - rec->responses;
if(result > 0)
--- 860,867 ----
}
}
! rec->responses++;
continue;
}
result = rec->hosts - rec->responses;
if(result > 0)
Index: rfc793.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/rfc793.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -C2 -d -r1.31 -r1.32
*** rfc793.c 6 Dec 2003 00:14:04 -0000 1.31
--- rfc793.c 17 Jan 2004 03:12:31 -0000 1.32
***************
*** 28,31 ****
--- 28,33 ----
#endif
+ #include <errno.h>
+
static const char rcsid[] =
"\100$ autosec/sonar: $Id$";
***************
*** 325,329 ****
CLOCKS_PER_SEC) / 1000;
/* add a default magic number to get some extra (late) responses */
! recd.max += CLOCKS_PER_SEC / 2000; /* default is one half extra second */
/* start the receiving thread */
--- 327,331 ----
CLOCKS_PER_SEC) / 1000;
/* add a default magic number to get some extra (late) responses */
! recd.max += CLOCKS_PER_SEC / 1000; /* default is one half extra second */
/* start the receiving thread */
***************
*** 336,344 ****
if(targets->num_ports > 0)
{
! recd.max +=
! (timeout * (targets->num_ports - 1) *
! CLOCKS_PER_SEC) / 1000;
! recd.hosts += (targets->num_ports - 1);
! targets->num_ports = 0;
}
for(i = 0; i < 65536; i++)
--- 338,346 ----
if(targets->num_ports > 0)
{
! recd.start = clock();
! recd.max += recd.start +
! (timeout * CLOCKS_PER_SEC) / 1000;
! recd.hosts++; // += (targets->num_ports - 1);
! targets->num_ports--;
}
for(i = 0; i < 65536; i++)
***************
*** 483,486 ****
--- 485,489 ----
err_msg("wrote %d bytes\n", bwrote);
}
+ target->stats.packets_sent++;
free(packet);
/* fresh copy of port list */
***************
*** 498,502 ****
struct tcphdr *tcp = NULL;
unsigned short iphdrlen;
! unsigned long triptime, unreach = 0, filt = 0, unfilt = 0;
struct timeval tv;
int bread, ret;
--- 501,506 ----
struct tcphdr *tcp = NULL;
unsigned short iphdrlen;
! double triptime;
! unsigned long unreach = 0, filt = 0, unfilt = 0;
struct timeval tv;
int bread, ret;
***************
*** 507,515 ****
struct sockaddr_in from;
static struct addrinfo *ai = NULL;
- int psuedo = false;
- result_t *results = NULL, /* results used to pass back to sonar */
- *first_res = NULL; /* first on the list */
- static result_t res; /* temporary for *this* result */
unsigned long num_res = 0; /* number of results */
assert(my_socket != -1 && my_socket != 0);
--- 511,517 ----
struct sockaddr_in from;
static struct addrinfo *ai = NULL;
unsigned long num_res = 0; /* number of results */
+ int psuedo = false;
+ target_t *my_host;
assert(my_socket != -1 && my_socket != 0);
***************
*** 522,532 ****
signal(SIGHUP, sig_handler);
signal(SIGSEGV, sig_handler);
! /* make us a list */
! results = (result_t *) malloc(sizeof(result_t));
! if(!results)
! err_sys("No memory for result list.\n");
! first_res = results; /* store a pointer to the top of the list */
! memset(results, 0, sizeof(result_t)); /* dont want to accidentally free an uninitialized value */
!
rec->responses = 0;
while((done == 0 || clock() <= rec->max)
--- 524,528 ----
signal(SIGHUP, sig_handler);
signal(SIGSEGV, sig_handler);
!
rec->responses = 0;
while((done == 0 || clock() <= rec->max)
***************
*** 536,539 ****
--- 532,537 ----
tv.tv_usec = 0;
tv.tv_sec = 0;
+ my_host = NULL;
+
FD_ZERO(&rfds);
FD_SET(my_socket, &rfds);
***************
*** 544,547 ****
--- 542,546 ----
if(ret == -1)
{
+ *(pthis.err) = errno;
err_ret("could not select socket\n");
return NULL; //PLUGIN_ERROR;
***************
*** 551,555 ****
continue; //return PLUGIN_NORESP;
}
! if(psuedo == true)
{
assert(ai != NULL);
--- 550,554 ----
continue; //return PLUGIN_NORESP;
}
! if(psuedo == true)
{
assert(ai != NULL);
***************
*** 557,563 ****
free(ai);
}
- /* XXX: breaks result returning */
- /*else
- freeaddrinfo(ai); */
memset(&from, 0, sizeof(struct sockaddr_in));
--- 556,559 ----
***************
*** 567,572 ****
memset(buf, 0, MAX_PACKET);
- /* clear the result */
- memset(&res, 0, sizeof(result_t));
if(FD_ISSET(my_socket, &rfds))
{
--- 563,566 ----
***************
*** 577,581 ****
if(bread == -1)
{
! //perror("recvfrom");
err_ret("recvfrom error");
continue; //return PLUGIN_ERROR;
--- 571,575 ----
if(bread == -1)
{
! *(pthis.err) = errno;
err_ret("recvfrom error");
continue; //return PLUGIN_ERROR;
***************
*** 635,669 ****
}
free(adr);
// we get something other than a RST, it should be filtered
if((tcp->th_flags & TH_RST))
{
int len;
! res.next = NULL;
! len = strlen(ai->ai_canonname);
!
! /*res.hostname = ai->ai_canonname; */
! res.hostname = (char *) malloc(len + 1);
! if(!res.hostname)
! err_sys("Could not malloc!\n");
! memset(res.hostname, 0, len + 1);
! strncpy(res.hostname, ai->ai_canonname, len);
! res.ports[ntohs(tcp->th_sport)] =
PORT_UNFILTERED;
! res.ainfo = ai;
! res.rtt = (double) triptime;
! res.ttl = iphdr->ip_ttl;
! res.user_data = NULL;
num_res++;
mthis->message
! ("%s[%s]:%d online & UNfiltered: range: %lu ms ttl: %d size: %d\n",
! res.hostname,
inet_ntoa(from.sin_addr),
ntohs(tcp->th_sport), triptime,
iphdr->ip_ttl, ntohs(iphdr->ip_len));
! /* put the result in the list */
! mthis->insert_results(results, &res);
! /* get rid of our address memory, we dont need it now */
! freeaddrinfo(ai);
/* print the packet if they want it */
if(mthis->sCon.iVerbose > 1)
--- 629,667 ----
}
free(adr);
+
+ if((my_host = mthis->find_target(mthis, ai)) == NULL)
+ {
+ continue;
+ }
// we get something other than a RST, it should be filtered
if((tcp->th_flags & TH_RST))
{
int len;
!
! my_host->ports[ntohs(tcp->th_sport)] =
PORT_UNFILTERED;
! if(triptime < my_host->stats.rtt_min || my_host->stats.rtt_min == 0)
! my_host->stats.rtt_min = triptime;
! if(triptime > my_host->stats.rtt_max || my_host->stats.rtt_max == 0)
! my_host->stats.rtt_max = triptime;
! if(my_host->stats.rtt_avg == 0)
! my_host->stats.rtt_avg = triptime;
! else
! my_host->stats.rtt_avg = ((((double) my_host->stats.packets_recvd - 1) * my_host->stats.rtt_avg) + triptime) /
! (double) my_host->stats.packets_recvd;
! if(my_host->stats.rtt_avg < 0)
! my_host->stats.rtt_avg *= -1;
! my_host->stats.ttl = iphdr->ip_ttl;
! my_host->stats.packets_recvd++;
!
num_res++;
mthis->message
! ("%s[%s]:%d online & UNfiltered: range: %.2f ms ttl: %d size: %d\n",
! my_host->addrinfo->ai_canonname,
inet_ntoa(from.sin_addr),
ntohs(tcp->th_sport), triptime,
iphdr->ip_ttl, ntohs(iphdr->ip_len));
!
/* print the packet if they want it */
if(mthis->sCon.iVerbose > 1)
***************
*** 760,763 ****
--- 758,767 ----
}
free(adr);
+
+ if((my_host = mthis->find_target(mthis, ai)) == NULL)
+ {
+ continue;
+ }
+
rec->responses++;
switch (icmphdr->icmp_code)
***************
*** 765,789 ****
case ICMP_UNREACH_PORT:
assert(ai != NULL);
! res.next = NULL;
! /*res.hostname = ai->ai_canonname; */
! len = strlen(ai->ai_canonname);
! res.hostname =
! (char *) malloc(len + 1);
! if(!res.hostname)
! err_sys("Could not malloc!\n");
! memset(res.hostname, 0, len + 1);
! strncpy(res.hostname,
! ai->ai_canonname, len);
! res.ports[ntohs(tcp->th_dport)] =
PORT_FILTERED;
! res.ainfo = ai;
! res.rtt = (double) triptime;
! res.ttl = iphdr->ip_ttl;
! res.user_data = NULL;
num_res++;
- mthis->insert_results(results, &res);
mthis->message
! ("%s[%s]:%d online & filtered: range: %lu ms ttl: %d size: %d\n",
! ai->ai_canonname,
inet_ntoa(from.sin_addr),
ntohs(tcp->th_dport),
--- 769,793 ----
case ICMP_UNREACH_PORT:
assert(ai != NULL);
! my_host->ports[ntohs(tcp->th_dport)] =
PORT_FILTERED;
!
! if(triptime < my_host->stats.rtt_min || my_host->stats.rtt_min == 0)
! my_host->stats.rtt_min = triptime;
! if(triptime > my_host->stats.rtt_max || my_host->stats.rtt_max == 0)
! my_host->stats.rtt_max = triptime;
! if(my_host->stats.rtt_avg == 0)
! my_host->stats.rtt_avg = triptime;
! else
! my_host->stats.rtt_avg = ((((double) my_host->stats.packets_recvd - 1) * my_host->stats.rtt_avg) + triptime) /
! (double) my_host->stats.packets_recvd;
! if(my_host->stats.rtt_avg < 0)
! my_host->stats.rtt_avg *= -1;
! my_host->stats.ttl = iphdr->ip_ttl;
! my_host->stats.packets_recvd++;
!
num_res++;
mthis->message
! ("%s[%s]:%d\tonline & filtered: range: %.2f ms ttl: %d size: %d\n",
! my_host->addrinfo->ai_canonname,
inet_ntoa(from.sin_addr),
ntohs(tcp->th_dport),
***************
*** 822,827 ****
break;
}
! /* get rid of our address memory, we dont need it now */
! freeaddrinfo(ai);
continue;
}
--- 826,830 ----
break;
}
!
continue;
}
***************
*** 844,849 ****
unreach);
}
- mthis->results(results, num_res);
- mthis->free_results(results);
return NULL;
}
--- 847,850 ----
|
|
From: <re...@us...> - 2004-01-17 03:05:19
|
Update of /cvsroot/autosec/sonar/src In directory sc8-pr-cvs1:/tmp/cvs-serv13141/src Modified Files: error.h Log Message: Removed some lint Index: error.h =================================================================== RCS file: /cvsroot/autosec/sonar/src/error.h,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** error.h 4 Nov 2003 23:40:46 -0000 1.5 --- error.h 17 Jan 2004 03:05:14 -0000 1.6 *************** *** 22,27 **** #define _ERROR_H_ - /*#include "plugin.h"*/ - #define MAXLINE 4096 /* max text line length */ --- 22,25 ---- |
|
From: <re...@us...> - 2004-01-17 03:04:38
|
Update of /cvsroot/autosec/sonar In directory sc8-pr-cvs1:/tmp/cvs-serv13008 Modified Files: config.h.in Log Message: Trivial autoconf changes Index: config.h.in =================================================================== RCS file: /cvsroot/autosec/sonar/config.h.in,v retrieving revision 1.19 retrieving revision 1.20 diff -C2 -d -r1.19 -r1.20 *** config.h.in 14 Oct 2003 23:38:59 -0000 1.19 --- config.h.in 17 Jan 2004 03:04:36 -0000 1.20 *************** *** 212,218 **** #undef gid_t ! /* Define as `__inline' if that's what the C compiler calls it, or to nothing ! if it is not supported. */ #undef inline /* Define to rpl_malloc if the replacement function should be used. */ --- 212,220 ---- #undef gid_t ! /* Define to `__inline__' or `__inline' if that's what the C compiler ! calls it, or to nothing if 'inline' is not supported under any name. */ ! #ifndef __cplusplus #undef inline + #endif /* Define to rpl_malloc if the replacement function should be used. */ |
|
From: <re...@us...> - 2004-01-12 09:26:13
|
Update of /cvsroot/autosec/sonar In directory sc8-pr-cvs1:/tmp/cvs-serv29805 Modified Files: configure configure.in Log Message: Version number bump Index: configure =================================================================== RCS file: /cvsroot/autosec/sonar/configure,v retrieving revision 1.31 retrieving revision 1.32 diff -C2 -d -r1.31 -r1.32 *** configure 10 Nov 2003 10:40:40 -0000 1.31 --- configure 12 Jan 2004 09:26:10 -0000 1.32 *************** *** 1,10 **** #! /bin/sh # Guess values for system-dependent variables and create Makefiles. ! # Generated by GNU Autoconf 2.57 for sonar 1.2.1. # # Report bugs to <http://autosec.sourceforge.net/helpDesk>. # ! # Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, 2002 ! # Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. [...5863 lines suppressed...] [\\/]* | ?:[\\/]* ) ac_sub_cache_file=$cache_file ;; *) # Relative path. ! ac_sub_cache_file=$ac_top_builddir$cache_file ;; esac *************** *** 13012,13017 **** # The eval makes quoting arguments work. eval $ac_sub_configure $ac_sub_configure_args \ ! --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir || ! { { echo "$as_me:$LINENO: error: $ac_sub_configure failed for $ac_dir" >&5 echo "$as_me: error: $ac_sub_configure failed for $ac_dir" >&2;} { (exit 1); exit 1; }; } --- 13783,13788 ---- # The eval makes quoting arguments work. eval $ac_sub_configure $ac_sub_configure_args \ ! --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir || ! { { echo "$as_me:$LINENO: error: $ac_sub_configure failed for $ac_dir" >&5 echo "$as_me: error: $ac_sub_configure failed for $ac_dir" >&2;} { (exit 1); exit 1; }; } Index: configure.in =================================================================== RCS file: /cvsroot/autosec/sonar/configure.in,v retrieving revision 1.28 retrieving revision 1.29 diff -C2 -d -r1.28 -r1.29 *** configure.in 10 Nov 2003 10:40:40 -0000 1.28 --- configure.in 12 Jan 2004 09:26:10 -0000 1.29 *************** *** 1,5 **** # Process this file with autoconf to produce a configure script. AC_PREREQ(2.57) ! AC_INIT([sonar], [1.2.1], [http://autosec.sourceforge.net/helpDesk]) AC_CONFIG_SRCDIR([src/sonar.c]) --- 1,5 ---- # Process this file with autoconf to produce a configure script. AC_PREREQ(2.57) ! AC_INIT([sonar], [1.2.2], [http://autosec.sourceforge.net/helpDesk]) AC_CONFIG_SRCDIR([src/sonar.c]) |
|
From: <re...@us...> - 2004-01-12 09:20:43
|
Update of /cvsroot/autosec/sonar/plugins
In directory sc8-pr-cvs1:/tmp/cvs-serv29153/plugins
Modified Files:
network_icmp.c
Log Message:
Add per packet ping statistics back into the ICMP scan
Index: network_icmp.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/network_icmp.c,v
retrieving revision 1.33
retrieving revision 1.34
diff -C2 -d -r1.33 -r1.34
*** network_icmp.c 6 Dec 2003 00:14:04 -0000 1.33
--- network_icmp.c 12 Jan 2004 09:20:40 -0000 1.34
***************
*** 54,59 ****
/// Timestamp Time zone
static struct timezone tz;
- /// Timestamp timeval
- static struct timeval tp;
static unsigned int num_hosts;
--- 54,57 ----
***************
*** 79,82 ****
--- 77,81 ----
static const char *unreach_codes(int code);
static RETSIGTYPE sig_handler(int i);
+ static void tvsub(struct timeval *out, struct timeval *in);
/** @fn plugin_init(void *in_data)
***************
*** 518,521 ****
--- 517,521 ----
struct sockaddr_in *sa;
struct in_addr ia;
+ struct timeval *tv;
assert(target != NULL);
***************
*** 533,536 ****
--- 533,538 ----
else
total_size += 64 + (int) (290.0 * rand() / (RAND_MAX + 64.0));
+ /* adding timeval structure to end of packet */
+ total_size += sizeof(struct timeval);
for(j = 0; j <= target->extra_hosts; j++)
***************
*** 550,554 ****
}
/* how much of the packet is data? */
! dlen = total_size - sizeof(struct icmp);
buf = (char *) malloc(total_size);
if(!buf)
--- 552,556 ----
}
/* how much of the packet is data? */
! dlen = total_size - sizeof(struct icmp) - sizeof(struct timeval);
buf = (char *) malloc(total_size);
if(!buf)
***************
*** 565,573 ****
icmp_hdr->icmp_cksum = 0;
/* random sequence number, to make fingerprinting this tool harder */
! /* clock works well, that way we can count round trip time as well */
! /* however, the down side is that they always increase... */
! icmp_hdr->icmp_seq = seq_no2 = clock();/*seq_no2 = low_seq + (int) (25.0 * rand() / (RAND_MAX + 1.0));*/
!
! datapart = buf + sizeof(struct icmp);
/* no payload */
if(!payload_file)
--- 567,576 ----
icmp_hdr->icmp_cksum = 0;
/* random sequence number, to make fingerprinting this tool harder */
! low_seq = 1 + (int) (25.0 * rand() / (RAND_MAX + 1.0));
! icmp_hdr->icmp_seq = seq_no2 = low_seq + (int) (25.0 * rand() / (RAND_MAX + 1.0));
! /* time value included in packet */
! tv = (struct timeval *) (buf + sizeof(struct icmp));
!
! datapart = buf + sizeof(struct icmp) + sizeof(struct timeval);
/* no payload */
if(!payload_file)
***************
*** 636,641 ****
}
}
!
! gettimeofday(&tp, &(tz));
((struct icmp *) buf)->icmp_cksum =
--- 639,645 ----
}
}
!
! /* Changed to per-packet based timestamp */
! gettimeofday(tv, &(tz));
((struct icmp *) buf)->icmp_cksum =
***************
*** 673,677 ****
unsigned long triptime;
unsigned long num_res = 0;
! struct timeval tv;
int bread, ret, len;
char buf[MAX_PACKET], *adr = NULL;
--- 677,681 ----
unsigned long triptime;
unsigned long num_res = 0;
! struct timeval *tv, tr;
int bread, ret, len;
char buf[MAX_PACKET], *adr = NULL;
***************
*** 701,711 ****
while((done == 0 || clock() <= rec->max) && rec->responses < rec->hosts)
{
! tv.tv_usec = 0;
! tv.tv_sec = 0;
!
FD_ZERO(&rfds);
FD_SET(my_socket, &rfds);
! ret = select(my_socket + 1, &rfds, NULL, NULL, &tv);
if(ret == -1)
{
--- 705,715 ----
while((done == 0 || clock() <= rec->max) && rec->responses < rec->hosts)
{
! tr.tv_sec = 0;
! tr.tv_usec = 0;
!
FD_ZERO(&rfds);
FD_SET(my_socket, &rfds);
! ret = select(my_socket + 1, &rfds, NULL, NULL, &tr);
if(ret == -1)
{
***************
*** 747,756 ****
iphdr->ip_src.s_addr;
! if(bread < iphdrlen + ICMP_MIN)
mthis->message("Too few bytes from %s\n",
inet_ntoa(from.sin_addr));
icmphdr = (struct icmp *) (buf + iphdrlen);
!
adr = malloc(25);
if(!adr)
--- 751,762 ----
iphdr->ip_src.s_addr;
! if(bread < iphdrlen + ICMP_MIN + sizeof(struct timeval))
mthis->message("Too few bytes from %s\n",
inet_ntoa(from.sin_addr));
icmphdr = (struct icmp *) (buf + iphdrlen);
! /* timestamp of time this packet was sent */
! tv = (struct timeval *) (buf + iphdrlen + sizeof(struct icmp));
!
adr = malloc(25);
if(!adr)
***************
*** 797,805 ****
continue;
}*/
! /* clock ticks since this packet has been gone */
! triptime = (clock() - icmphdr->icmp_seq);
! triptime = (triptime * 1000) / CLOCKS_PER_SEC; /* ms */
! /* calculating the trip time this way seems to only have
! a resolution of 10 ms */
if(icmphdr->icmp_type != resptype(my_type))
{
--- 803,813 ----
continue;
}*/
!
! gettimeofday(&tr, &tz);
!
! /* how long since this packet has been gone */
! tvsub(&tr, tv);
! triptime = tr.tv_sec*1000.0 + tr.tv_usec/1000.0;
!
if(icmphdr->icmp_type != resptype(my_type))
{
***************
*** 1058,1060 ****
--- 1066,1079 ----
/* just close the thread and be done with it */
pthread_exit(NULL);
+ }
+
+ /* out = out - in */
+ static void tvsub(struct timeval *out, struct timeval *in)
+ {
+ if((out->tv_usec -= in->tv_usec) < 0)
+ {
+ out->tv_sec--;
+ out->tv_usec += 1000000;
+ }
+ out->tv_sec -= in->tv_sec;
}
|
|
From: <re...@us...> - 2003-12-06 22:17:06
|
Update of /cvsroot/autosec/sonar/libltdl
In directory sc8-pr-cvs1:/tmp/cvs-serv21441/libltdl
Modified Files:
configure
Log Message:
Stupid configure script dies with extra CFLAGS and such, so I patched it
Index: configure
===================================================================
RCS file: /cvsroot/autosec/sonar/libltdl/configure,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** configure 14 Oct 2003 23:32:09 -0000 1.1
--- configure 6 Dec 2003 22:17:02 -0000 1.2
***************
*** 198,201 ****
--- 198,202 ----
exec_prefix=NONE
host=NONE
+ host_alias=NONE
no_create=
nonopt=NONE
***************
*** 369,373 ****
-host=* | --host=* | --hos=* | --ho=*)
host="$ac_optarg" ;;
!
-includedir | --includedir | --includedi | --included | --include \
| --includ | --inclu | --incl | --inc)
--- 370,375 ----
-host=* | --host=* | --hos=* | --ho=*)
host="$ac_optarg" ;;
! -host_alias=* | --host_alias=* )
! host_alias="$ac_optarg" ;;
-includedir | --includedir | --includedi | --included | --include \
| --includ | --inclu | --incl | --inc)
***************
*** 557,561 ****
-*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
;;
!
*)
if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
--- 559,564 ----
-*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
;;
! CC* | CFLAGS* | CXXFLAGS*)
! ;;
*)
if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
|
|
From: <re...@us...> - 2003-12-06 00:49:07
|
Update of /cvsroot/autosec/sonar In directory sc8-pr-cvs1:/tmp/cvs-serv9212 Modified Files: ChangeLog Log Message: Index: ChangeLog =================================================================== RCS file: /cvsroot/autosec/sonar/ChangeLog,v retrieving revision 1.41 retrieving revision 1.42 diff -C2 -d -r1.41 -r1.42 *** ChangeLog 25 Sep 2003 01:37:36 -0000 1.41 --- ChangeLog 6 Dec 2003 00:49:04 -0000 1.42 *************** *** 1,2 **** --- 1,232 ---- + 2003-12-06 re...@us... <red0x@xpider> + + * src/plugin.h: Updated documentation + + * plugins/network_icmp.c, plugins/rfc793.c: + Signals update, inorder to avoid segfaults on ctrl-C's + + * doc/Makefile.in, doc/Makefile.am: + Distcheck reported some uncleaned files.. boom\! + + 2003-12-05 re...@us... <red0x@xpider> + + * src/target.c: Formalized the initialization of the port list + + * src/sonar.h: Documentation link update + + * src/log.c: Added support for quiet mode + + * plugins/rfc793.c: + Fixed some timing errors, indentation update, better support for netmasks + + * plugins/network_icmp.c: + Added support for hostmasks, hostunreachable addresses are correct now, indentation update + + * plugins/inp_rand.h: Removed non-needed include line + + * plugins/Makefile.am, plugins/Makefile.in: + Changed the debug rules for the plugins + + * doc/Makefile.am, doc/Makefile.in: + Changed the cleaning rules for the docs + + 2003-11-10 re...@us... <red0x@xpider> + + * doc/Makefile.in, configure, configure.in: Updated makefiles + + * doc/sonar.1, doc/sonar.1.in: autogenerated version number in docs + + * doc/sonar.1: Doc changes + + * src/util.h: + Changed MAXFD to 3 from 64 so we would not close sockets and files and such when going daemon mode, only stdout, and stderr + + * src/util.c: + Added a zombie killer, and stopped copying the hostname to the canonnical name (getaddrinfo already gets the canon name in Host_serv (or mthis->resolve) + + * src/sonar.h: Why would we want a negative number of records\? + + * src/sonar.c: + log_write would hang when reporting scan time if sent to syslog, so I removed it. Also, hacked around with other things. Changed it so it will *always* send results to output plugins, even if they are NULL, so be ready for that + + * src/plugin.h: Why would we want a negative number of records\? + + * src/log.c: + Changed it so it would not open syslog each time, and reclose it (let our daemon_proc() func handle that + + * plugins/rfc793.c: + Changed how i find my hostname in rfc793_send, and added a check that should have been there along time ago (for a malloc) + + * plugins/network_icmp.c, plugins/network_icmp.h: + ported this plugin to the newer result reporting, started (as i should have from the beginning) using the BSD headers for sockets and such, and changed around how i resolve names + + * plugins/log_file.c, plugins/log_xml.c: + Changed result reporting around for null results and things of that nature that should be cleaned up in future releases + + * plugins/bare.c, plugins/bare.h: + Removed the old bare plugin. Will replace it with a separated bare plugin, for separate distribution (like an SDK ;) + + 2003-11-07 re...@us... <red0x@xpider> + + * src/sonar.c: + Added randomization of host order (port order will be soon to follow) + + * src/plugin.c, src/plugin.h: + Plugin API now makes sure it can handle what version the plugin's request (for future backwards compatability) + updated a few things in the plugin structures + + * src/log.c: + Added a todo message, and fixed output plugin readiness checking + + * src/error.c: Removed a lame include + + * src/util.h, src/util.c: + Moved some stuff to the main sonar engine for the new results handling + + * plugins/inp_rand.c, plugins/log_file.c, plugins/log_xml.c, plugins/log_xml.h, plugins/network_icmp.c, plugins/rfc793.c: + Updated plugins to request which version of the API they want, also, added xml output plugin. Did lots of work in the ACK scan plugin (which will be followed by the icmp plugin later) + + * doc/Makefile.am, doc/Makefile.in, doc/sonar.1: + Updated the man page and (hopefully) fixed the Makefile to work if you dont have doxygen + + * CONTRIB: + Added a shoutout to svrmarty, for helping with the gcc 2.95 bug + + 2003-11-06 re...@us... <red0x@xpider> + + * plugins/log_file.c: + Added some output information, included ipv6 support (for the future), and updated the usage + + * src/sonar.c, src/plugin.h: + Added a pointer to a protocol independent host resolving function so your plugins wont have to do it by themselves + + * src/Makefile.am, src/Makefile.in: + Added ability for new plugins to be made from outside the source tree (needed to install one more header) + + 2003-11-05 re...@us... <red0x@xpider> + + * plugins/rfc793.c: + Plugin now uses the general method for reporting results. Soon, it wont output at all, as output will be moved to sonar + + 2003-11-04 re...@us... <red0x@xpider> + + * Makefile.am, Makefile.in: libltdl make debug fix + + * src/mutex.c, src/plugin.h, src/service.h, src/target.h: + Documentation update, and dependency fixes + + * plugins/log_file.h: Fixed some crappy header writing on my part + + * plugins/Makefile.am, plugins/Makefile.in: + Added XML plugin in makefile + + * src/error.c, src/error.h, src/log.c, src/log.h: + Documentation plus fixing dependency graphs + + * src/plugin.c, plugins/log_file.c, src/target.c: gcc 2.95 fixes + + * src/util.c: careless mistake + + * src/util.c: GCC 2.95 fix + + 2003-10-31 re...@us... <red0x@xpider> + + * plugins/passive.c, plugins/passive.h: Removed old, unsupported plugin + + * src/sonar.c: Fixing various documentation and logging functions + + 2003-10-24 re...@us... <red0x@xpider> + + * plugins/inp_rand.c, plugins/inp_rand.h, plugins/log_file.c, plugins/network_icmp.c, plugins/network_icmp.h, plugins/rfc793.c, src/plugin.c, configure, configure.in: + Blanket commit of some updates towards 1.2.1 + + 2003-10-14 re...@us... <red0x@xpider> + + * README: Version number update + + * plugins/network_icmp.c, plugins/network_icmp.h: + Removed useless bloat from icmp plugin + + * src/sonar.c, src/sonar.h: + Added support function for parsing results in a general way + + * plugins/log_file.c, plugins/log_file.h: + Interim work on updating output plugins + + * src/plugin.h: Added result structure for general output parsing + + * src/plugin.c: Updated to libtools library loading + + * src/Makefile.am, src/Makefile.in, plugins/Makefile.in, Makefile.am, Makefile.in, doc/Makefile.in: + Makefile updates + + * bootstrap, config.guess, config.h.in, config.sub, configure, configure.in, depcomp, install-sh, ltmain.sh, missing, mkinstalldirs: + Updated the bootstrap and configuring mechs + + * libltdl/COPYING.LIB, libltdl/Makefile.am, libltdl/Makefile.in, libltdl/README, libltdl/acinclude.m4, libltdl/aclocal.m4, libltdl/config-h.in, libltdl/configure, libltdl/configure.in, libltdl/ltdl.c, libltdl/ltdl.h, libltdl/stamp-h.in: + Added support to libltdl, libtools library loading wrapper + + 2003-10-01 re...@us... <red0x@xpider> + + * src/service.c: debug code... + + * plugins/rfc793.c, src/plugin.h, src/sonar.c, src/target.c, src/util.c: + Fixed more timing stuff + + * src/util.h: Added escape shell function + + * src/util.c: + Updated sonar_msg to use the log_write function (supporting output plugins), fixed a memory leak + + * src/target.c: + Updated hostmask/broadcast host support, update debug code + + * src/sonar.c, src/sonar.h: + Fixed some inconsistencies, memory leaks, (yes, updated debugging code), linked the targets into a circular list, unified the status report, reconfigured some commandline options + + * src/plugin.c, src/plugin.h: + Updated a whole bunch of debugging code + added some options + + * src/mutex.c: Fixed debugging code + + * src/Makefile.am, src/Makefile.in: Added log.c into makefiles + + * plugins/rfc793.c, plugins/rfc793.h: + Updated usage, fixed timing, fixed random source port, added program execution again (for automation of probes/pen-testing), fixed dest unreachable parsing, etc. + + * plugins/network_icmp.c: + Fixed possible infinite loop when running scans in parallel (-sA -sI at the same time) + + * plugins/inp_rand.c: removed a line of debug code + + * plugins/Makefile.am, plugins/Makefile.in: + Added the logfile output plugin (work in progress + + * src/log.h, src/log.c: Added a better logging facility + + 2003-09-28 re...@us... <red0x@xpider> + + * src/error.c, src/error.h, plugins/rfc793.h, plugins/rfc793.c, plugins/network_icmp.c, plugins/error.h, src/plugin.c, src/sonar.c, plugins/error.c, doc/docConf.in, src/plugin.h, src/sonar.h: + Documentation update + + * plugins/inp_rand.c, plugins/inp_rand.h: Added random input plugin + + * src/sonar.c, src/sonar.h: + Removed the plugin resolver, added support for input plugins, added dynamic version number code, updated documentation + + * src/plugin.c, src/plugin.h: Documentation + minor updates + + * src/error.c, src/error.h: Minor verbosity fix + + * src/target.c, src/target.h, plugins/rfc793.h, plugins/rfc793.c: + Fixed hostmask bug #33 + + * plugins/Makefile.am, plugins/Makefile.in: Added random input plugin + + * configure.in, configure: Fixed a few lame bugs + + 2003-09-25 uid40534 <uid40534@xpider> + + * configure, configure.in: Fixed build error + 2003-09-25 re...@us... <red0x@xpider> |
|
From: <re...@us...> - 2003-12-06 00:14:44
|
Update of /cvsroot/autosec/sonar/src
In directory sc8-pr-cvs1:/tmp/cvs-serv4200/src
Modified Files:
plugin.h
Log Message:
Updated documentation
Index: plugin.h
===================================================================
RCS file: /cvsroot/autosec/sonar/src/plugin.h,v
retrieving revision 1.31
retrieving revision 1.32
diff -C2 -d -r1.31 -r1.32
*** plugin.h 10 Nov 2003 10:20:50 -0000 1.31
--- plugin.h 6 Dec 2003 00:14:41 -0000 1.32
***************
*** 437,444 ****
\subsection pother Other Questions
If you have any questions about how to do anything else with plugins, see
! \link bare.c bare.c \endlink , \link bare.h bare.h \endlink , and
\link plugin.h plugin.h \endlink . If you want to make a very bare plugin that
only does a few things, just provide all the functions and have each return
! either PLUGIN_OK or PLUGIN_ERROR (See \link bare.c bare.c \endlink).
Also, feel free to shoot me an email at
\c re...@us... or see me on IRC at \c irc.freenode.org:#autosec.
--- 437,444 ----
\subsection pother Other Questions
If you have any questions about how to do anything else with plugins, see
! \link bare.c bare.c \endlink , \link log_file.h log_file.h \endlink , and
\link plugin.h plugin.h \endlink . If you want to make a very bare plugin that
only does a few things, just provide all the functions and have each return
! either PLUGIN_OK or PLUGIN_ERROR (See \link log_file.c log_file.c \endlink).
Also, feel free to shoot me an email at
\c re...@us... or see me on IRC at \c irc.freenode.org:#autosec.
|
|
From: <re...@us...> - 2003-12-06 00:14:07
|
Update of /cvsroot/autosec/sonar/plugins
In directory sc8-pr-cvs1:/tmp/cvs-serv4090/plugins
Modified Files:
rfc793.c network_icmp.c
Log Message:
Signals update, inorder to avoid segfaults on ctrl-C's
Index: rfc793.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/rfc793.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -C2 -d -r1.30 -r1.31
*** rfc793.c 5 Dec 2003 22:42:17 -0000 1.30
--- rfc793.c 6 Dec 2003 00:14:04 -0000 1.31
***************
*** 24,27 ****
--- 24,30 ----
#include "rfc793.h"
#include "error.h"
+ #ifdef HAVE_CONFIG_H
+ # include "config.h"
+ #endif
static const char rcsid[] =
***************
*** 61,64 ****
--- 64,68 ----
static int send_ipv4(int sox, u_char * pkt, size_t len, struct net_tuple *nt);
static const char *unreach_codes(int code);
+ static RETSIGTYPE sig_handler(int i);
/** @fn plugin_init(void *in_data)
***************
*** 513,516 ****
--- 517,525 ----
assert(mthis->resolve != NULL);
+ /* signals, baby */
+ signal(SIGTERM, sig_handler);
+ signal(SIGINT, sig_handler);
+ signal(SIGHUP, sig_handler);
+ signal(SIGSEGV, sig_handler);
/* make us a list */
results = (result_t *) malloc(sizeof(result_t));
***************
*** 525,529 ****
{
/* dont do anything up here, or we'll eat CPU */
! tv.tv_usec = 0;
tv.tv_sec = 0;
FD_ZERO(&rfds);
--- 534,538 ----
{
/* dont do anything up here, or we'll eat CPU */
! tv.tv_usec = 0;
tv.tv_sec = 0;
FD_ZERO(&rfds);
***************
*** 646,650 ****
res.user_data = NULL;
num_res++;
! /* XXX: we don't always output, do the log function maybe? */
mthis->message
("%s[%s]:%d online & UNfiltered: range: %lu ms ttl: %d size: %d\n",
--- 655,659 ----
res.user_data = NULL;
num_res++;
!
mthis->message
("%s[%s]:%d online & UNfiltered: range: %lu ms ttl: %d size: %d\n",
***************
*** 1007,1009 ****
--- 1016,1031 ----
}
return "unknown";
+ }
+
+ static RETSIGTYPE sig_handler(int i)
+ {
+ switch(i)
+ {
+ case SIGSEGV:
+ err_msg("oops! ACK scan seg faulted.\n");
+ abort();
+ break;
+ }
+ /* just close the thread and be done with it */
+ pthread_exit(NULL);
}
Index: network_icmp.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/network_icmp.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -C2 -d -r1.32 -r1.33
*** network_icmp.c 5 Dec 2003 22:39:30 -0000 1.32
--- network_icmp.c 6 Dec 2003 00:14:04 -0000 1.33
***************
*** 26,29 ****
--- 26,32 ----
#include "network_icmp.h"
#include "error.h"
+ #ifdef HAVE_CONFIG_H
+ # include "config.h"
+ #endif
static const char rcsid[] =
***************
*** 75,78 ****
--- 78,82 ----
static const char *respstr(int type);
static const char *unreach_codes(int code);
+ static RETSIGTYPE sig_handler(int i);
/** @fn plugin_init(void *in_data)
***************
*** 681,684 ****
--- 685,693 ----
int psuedo = false;
+ /* signals, baby */
+ signal(SIGTERM, sig_handler);
+ signal(SIGINT, sig_handler);
+ signal(SIGHUP, sig_handler);
+ signal(SIGSEGV, sig_handler);
/* make us a list */
results = (result_t *) malloc(sizeof(result_t));
***************
*** 1038,1039 ****
--- 1047,1060 ----
}
+ static RETSIGTYPE sig_handler(int i)
+ {
+ switch(i)
+ {
+ case SIGSEGV:
+ err_msg("oops! ACK scan seg faulted.\n");
+ abort();
+ break;
+ }
+ /* just close the thread and be done with it */
+ pthread_exit(NULL);
+ }
|
|
From: <re...@us...> - 2003-12-06 00:13:28
|
Update of /cvsroot/autosec/sonar/doc In directory sc8-pr-cvs1:/tmp/cvs-serv4034/doc Modified Files: Makefile.in Log Message: Distcheck reported some uncleaned files.. boom\! Index: Makefile.in =================================================================== RCS file: /cvsroot/autosec/sonar/doc/Makefile.in,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** Makefile.in 5 Dec 2003 22:36:42 -0000 1.15 --- Makefile.in 6 Dec 2003 00:13:25 -0000 1.16 *************** *** 277,280 **** --- 277,281 ---- -rm -f *~ \#* .*~ .\#* -rm -rf html latex + -rm docConf Makefile sonar.1 clean-generic: |
|
From: <re...@us...> - 2003-12-06 00:13:22
|
Update of /cvsroot/autosec/sonar/doc In directory sc8-pr-cvs1:/tmp/cvs-serv4000/doc Modified Files: Makefile.am Log Message: Distcheck reported some uncleaned files.. boom\! Index: Makefile.am =================================================================== RCS file: /cvsroot/autosec/sonar/doc/Makefile.am,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** Makefile.am 5 Dec 2003 22:36:42 -0000 1.4 --- Makefile.am 6 Dec 2003 00:13:19 -0000 1.5 *************** *** 11,14 **** --- 11,15 ---- -rm -f *~ \#* .*~ .\#* -rm -rf html latex + -rm docConf Makefile sonar.1 clean-generic: |
|
From: <re...@us...> - 2003-12-05 22:47:55
|
Update of /cvsroot/autosec/sonar/src
In directory sc8-pr-cvs1:/tmp/cvs-serv22852/src
Modified Files:
target.c
Log Message:
Formalized the initialization of the port list
Index: target.c
===================================================================
RCS file: /cvsroot/autosec/sonar/src/target.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** target.c 4 Nov 2003 23:35:01 -0000 1.7
--- target.c 5 Dec 2003 22:47:52 -0000 1.8
***************
*** 178,182 ****
err_sys("parse_target_ports: malloc error");
}
!
/* get default ports from /etc/services */
if(!ports)
--- 178,182 ----
err_sys("parse_target_ports: malloc error");
}
! memset((*target)->ports, PORT_DONTSCAN, 65537);
/* get default ports from /etc/services */
if(!ports)
***************
*** 186,190 ****
len = strlen(ports);
!
// all ports
if(strchr(ports, '*') != NULL)
--- 186,190 ----
len = strlen(ports);
!
// all ports
if(strchr(ports, '*') != NULL)
***************
*** 193,197 ****
for( i = 0; i < 65536; i++)
{
! (*target)->ports[i] = 1;
ret++;
}
--- 193,197 ----
for( i = 0; i < 65536; i++)
{
! (*target)->ports[i] = PORT_SCAN;
ret++;
}
|
|
From: <re...@us...> - 2003-12-05 22:47:24
|
Update of /cvsroot/autosec/sonar/src In directory sc8-pr-cvs1:/tmp/cvs-serv22714/src Modified Files: sonar.h Log Message: Documentation link update Index: sonar.h =================================================================== RCS file: /cvsroot/autosec/sonar/src/sonar.h,v retrieving revision 1.25 retrieving revision 1.26 diff -C2 -d -r1.25 -r1.26 *** sonar.h 10 Nov 2003 10:22:55 -0000 1.25 --- sonar.h 5 Dec 2003 22:47:21 -0000 1.26 *************** *** 117,124 **** * * \subsection step1 Step 1: Getting sources ! * Sources are available at http://autosec.sourceforge.net. * For those bleeding edgers out there, * current work is available via anonymous CVS with the tag "HEAD". ! * Instructions are at http://autosec.sourceforge.net . * \subsection step2 Step 2: Extraction and setup * \c tar \c xzvf \c sonar-P-Q.tar.gz \n --- 117,124 ---- * * \subsection step1 Step 1: Getting sources ! * Sources are available at http://autosec.sourceforge.net . * For those bleeding edgers out there, * current work is available via anonymous CVS with the tag "HEAD". ! * Instructions are at http://sourceforge.net/cvs/?group_id=51027 . * \subsection step2 Step 2: Extraction and setup * \c tar \c xzvf \c sonar-P-Q.tar.gz \n |
|
From: <re...@us...> - 2003-12-05 22:44:41
|
Update of /cvsroot/autosec/sonar/src
In directory sc8-pr-cvs1:/tmp/cvs-serv22155/src
Modified Files:
log.c
Log Message:
Added support for quiet mode
Index: log.c
===================================================================
RCS file: /cvsroot/autosec/sonar/src/log.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** log.c 10 Nov 2003 10:20:13 -0000 1.4
--- log.c 5 Dec 2003 22:44:38 -0000 1.5
***************
*** 48,53 ****
if(flags & LOG_CONSOLE)
{
! /* if we are forked, dont do this */
! if(!mthis.sCon.bFork)
{
/*fprintf(stderr, " "); */
--- 48,53 ----
if(flags & LOG_CONSOLE)
{
! /* if we are forked, or quiet, dont do this */
! if(!mthis.sCon.bFork && mthis.sCon.iVerbose >= 0)
{
/*fprintf(stderr, " "); */
|
|
From: <re...@us...> - 2003-12-05 22:42:20
|
Update of /cvsroot/autosec/sonar/plugins
In directory sc8-pr-cvs1:/tmp/cvs-serv21802/plugins
Modified Files:
rfc793.c
Log Message:
Fixed some timing errors, indentation update, better support for netmasks
Index: rfc793.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/rfc793.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** rfc793.c 10 Nov 2003 10:18:07 -0000 1.29
--- rfc793.c 5 Dec 2003 22:42:17 -0000 1.30
***************
*** 46,52 ****
static void plugin_status(void);
static int plugin_last_error(void);
! static int rfc793_sweep(target_t *targets);
static void tvsub(struct timeval *out, struct timeval *in);
! static int rfc793_send(target_t *target);
//static int rfc793_recv(host_list_t * hosts);
static void *recv_thread(void *arg);
--- 46,52 ----
static void plugin_status(void);
static int plugin_last_error(void);
[...961 lines suppressed...]
*** 795,800 ****
unreach);
}
! mthis->results(results, num_res);
! mthis->free_results(results);
return NULL;
}
--- 835,840 ----
unreach);
}
! mthis->results(results, num_res);
! mthis->free_results(results);
return NULL;
}
***************
*** 968,970 ****
return "unknown";
}
-
--- 1008,1009 ----
|
|
From: <re...@us...> - 2003-12-05 22:39:33
|
Update of /cvsroot/autosec/sonar/plugins
In directory sc8-pr-cvs1:/tmp/cvs-serv21359/plugins
Modified Files:
network_icmp.c
Log Message:
Added support for hostmasks, hostunreachable addresses are correct now, indentation update
Index: network_icmp.c
===================================================================
RCS file: /cvsroot/autosec/sonar/plugins/network_icmp.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -C2 -d -r1.31 -r1.32
*** network_icmp.c 10 Nov 2003 10:15:06 -0000 1.31
--- network_icmp.c 5 Dec 2003 22:39:30 -0000 1.32
***************
*** 396,400 ****
if(mthis->pCon.bBroadcast > 0 && targets->extra_hosts == 0)
recd.hosts += (unsigned int) mthis->pCon.bBroadcast * 255;
! low_seq = clock(); /*seq_no;*/
/* set the default timeout values */
--- 396,400 ----
if(mthis->pCon.bBroadcast > 0 && targets->extra_hosts == 0)
recd.hosts += (unsigned int) mthis->pCon.bBroadcast * 255;
! low_seq = recd.start = clock(); /*seq_no;*/
/* set the default timeout values */
***************
*** 409,416 ****
if(pthread_create(&tid, &attr, recv_thread, &recd) != 0)
err_sys("could not create thread");
!
! while(targets != NULL && counter <= num_hosts)
{
!
if(icmp_ping(targets) == PLUGIN_ERROR)
{
--- 409,427 ----
if(pthread_create(&tid, &attr, recv_thread, &recd) != 0)
err_sys("could not create thread");
!
! while(targets != NULL && counter < num_hosts)
{
! /* we have an ip-range here */
! if(targets->extra_hosts > 0)
! {
! /* increas the timeout */
! recd.max += (timeout * targets->extra_hosts * CLOCKS_PER_SEC) / 1000;
! #ifdef DEBUG
! fprintf(stderr, "%s: increasing recd.hosts by %d\n", targets->entry, targets->extra_hosts);
! #endif
! recd.hosts += targets->extra_hosts;
! if(mthis->sCon.iVerbose > 0)
! err_msg("Increasing timeout, netmask detected: %d", recd.max);
! }
if(icmp_ping(targets) == PLUGIN_ERROR)
{
***************
*** 497,503 ****
--- 508,517 ----
int total_size = sizeof(struct icmp), dlen = 0;
int bwrote;
+ unsigned int j;
//struct timezone tz;
//register struct timeval *tp;
char *buf, *datapart;
+ struct sockaddr_in *sa;
+ struct in_addr ia;
assert(target != NULL);
***************
*** 508,598 ****
assert(my_socket != -1);
/* set the packet size to specified */
if(mthis->pCon.iSize != 0)
total_size += mthis->pCon.iSize;
! /* or pick a random size */
else
total_size += 64 + (int) (290.0 * rand() / (RAND_MAX + 64.0));
-
- /* how much of the packet is data? */
- dlen = total_size - sizeof(struct icmp);
- buf = (char *) malloc(total_size);
- if(!buf)
- {
- err_ret("failed to malloc");
- return PLUGIN_ERROR;
- }
- memset(buf, 0, total_size);
! icmp_hdr = (struct icmp *) buf;
! icmp_hdr->icmp_type = my_type;
! icmp_hdr->icmp_code = my_code;
! icmp_hdr->icmp_id = (unsigned short) getpid();
! icmp_hdr->icmp_cksum = 0;
! /* random sequence number, to make fingerprinting this tool harder */
! /* clock works well, that way we can count round trip time as well */
! icmp_hdr->icmp_seq = seq_no2 = clock();/*seq_no2 = low_seq + (int) (25.0 * rand() / (RAND_MAX + 1.0));*/
! datapart = buf + sizeof(struct icmp);
! /* no payload */
! if(!payload_file)
! {
! /* do we want a pattern? */
! if(mthis->pCon.sPattern)
! {
! int i, len = strlen(mthis->pCon.sPattern);
! int num = dlen / len;
! for(i = 0; i < num; i++)
! {
! strncpy(datapart, mthis->pCon.sPattern, len);
! datapart += len;
! }
! }
! /* or random garbage */
! else
! memset(datapart,
! (int) (256.0 * rand() / (RAND_MAX + 0.0)),
! dlen);
! }
! /* we've got a payload */
! else
! {
! unsigned int len = 0, cur = 0;
! FILE *payload;
! payload = fopen(payload_file, "r");
! if(!payload)
! {
! *(pthis.err) = PLUGIN_NOFILE;
! err_ret("could not open payload file");
! return PLUGIN_ERROR;
! }
! fseek(payload, 0, SEEK_END);
! len = (unsigned int) ((ftell(payload) > dlen) ? dlen :
! ftell(payload));
! fseek(payload, 0, SEEK_SET);
! while(!feof(payload) && cur < len)
! {
! int c = fgetc(payload);
! datapart[cur++] = c;
! }
! }
! gettimeofday(&tp, &(tz));
! ((struct icmp *) buf)->icmp_cksum =
! checksum((unsigned short *) buf, total_size);
! bwrote = sendto(my_socket, buf, total_size, 0,
! target->addrinfo->ai_addr, sizeof(struct sockaddr));
! if(bwrote == -1)
! {
! err_ret("sendto failed");
! //perror("sendto");
! return PLUGIN_ERROR;
! }
! if(bwrote < (int) total_size)
! {
! err_msg("wrote %d bytes\n", bwrote);
! }
! free(buf);
return PLUGIN_OK;
}
--- 522,655 ----
assert(my_socket != -1);
+ srand(getpid() ^ (uid_t) time(NULL));
/* set the packet size to specified */
if(mthis->pCon.iSize != 0)
total_size += mthis->pCon.iSize;
! /* or pick a random size 64 to 290*/
else
total_size += 64 + (int) (290.0 * rand() / (RAND_MAX + 64.0));
! for(j = 0; j <= target->extra_hosts; j++)
! {
! /* get the right address */
! switch(target->addrinfo->ai_family)
! {
! case PF_INET:
! sa = (struct sockaddr_in *) target->addrinfo->ai_addr;
! ia = sa->sin_addr;
! if(j > 0)
! ia.s_addr = htonl(ntohl(ia.s_addr)+1);
! sa->sin_addr = ia;
! break;
! default:
! err_quit("address family not supported yet\n");
! }
! /* how much of the packet is data? */
! dlen = total_size - sizeof(struct icmp);
! buf = (char *) malloc(total_size);
! if(!buf)
! {
! err_ret("failed to malloc");
! return PLUGIN_ERROR;
! }
! memset(buf, 0, total_size);
! icmp_hdr = (struct icmp *) buf;
! icmp_hdr->icmp_type = my_type;
! icmp_hdr->icmp_code = my_code;
! icmp_hdr->icmp_id = (unsigned short) getpid();
! icmp_hdr->icmp_cksum = 0;
! /* random sequence number, to make fingerprinting this tool harder */
! /* clock works well, that way we can count round trip time as well */
! /* however, the down side is that they always increase... */
! icmp_hdr->icmp_seq = seq_no2 = clock();/*seq_no2 = low_seq + (int) (25.0 * rand() / (RAND_MAX + 1.0));*/
! datapart = buf + sizeof(struct icmp);
! /* no payload */
! if(!payload_file)
! {
! /* do we want a pattern? */
! if(mthis->pCon.sPattern)
! {
! int i, len = strlen(mthis->pCon.sPattern);
! int num = dlen / len;
! for(i = 0; i < num; i++)
! {
! strncpy(datapart, mthis->pCon.sPattern, len);
! datapart += len;
! }
! }
! /* or random garbage */
! else
! {
! FILE *rp;
! rp = fopen("/dev/urandom", "r");
! if(!rp)
! {
! #ifdef DEBUG
! fprintf(stderr, "network_icmp.c: could not open /dev/urandom\n");
! #endif
! rp = fopen("/dev/random", "r");
! if(!rp)
! {
! #ifdef DEBUG
! fprintf(stderr, "network_icmp.c: could not open /dev/random\n");
! #endif
! memset(datapart,
! (int) (256.0 * rand() / (RAND_MAX + 0.0)),
! dlen);
! }
! }
! /* if we didn't set it already */
! if(*datapart == 0)
! {
! fread(datapart, dlen, 1, rp);
! fclose(rp);
! }
! }
! }
! /* we've got a payload */
! else
! {
! unsigned int len = 0, cur = 0;
! FILE *payload;
! payload = fopen(payload_file, "r");
! if(!payload)
! {
! *(pthis.err) = PLUGIN_NOFILE;
! err_ret("could not open payload file");
! free(buf);
! return PLUGIN_ERROR;
! }
! fseek(payload, 0, SEEK_END);
! len = (unsigned int) ((ftell(payload) > dlen) ? dlen :
! ftell(payload));
! fseek(payload, 0, SEEK_SET);
! while(!feof(payload) && cur < len)
! {
! int c = fgetc(payload);
! datapart[cur++] = c;
! }
! }
! gettimeofday(&tp, &(tz));
!
! ((struct icmp *) buf)->icmp_cksum =
! checksum((unsigned short *) buf, total_size);
! bwrote = sendto(my_socket, buf, total_size, 0,
! target->addrinfo->ai_addr, sizeof(struct sockaddr));
! free(buf);
! if(bwrote == -1)
! {
! err_ret("sendto failed");
! //perror("sendto");
! return PLUGIN_ERROR;
! }
! if(bwrote < (int) total_size)
! {
! err_msg("wrote %d bytes\n", bwrote);
! }
!
! }
return PLUGIN_OK;
}
***************
*** 635,640 ****
while((done == 0 || clock() <= rec->max) && rec->responses < rec->hosts)
{
- tv.tv_sec = 0;
tv.tv_usec = 0;
FD_ZERO(&rfds);
--- 692,697 ----
while((done == 0 || clock() <= rec->max) && rec->responses < rec->hosts)
{
tv.tv_usec = 0;
+ tv.tv_sec = 0;
FD_ZERO(&rfds);
***************
*** 738,748 ****
if(icmphdr->icmp_type != resptype(my_type))
{
! if(icmphdr->icmp_type == ICMP_UNREACH)
{
! mthis->output("%s: %s(%d) ",
! inet_ntoa(from.sin_addr),
unreach_codes(icmphdr->icmp_code),
icmphdr->icmp_code);
rec->responses++;
}
else if(mthis->sCon.iVerbose > 0)
--- 795,806 ----
if(icmphdr->icmp_type != resptype(my_type))
{
! if(icmphdr->icmp_type == ICMP_DEST_UNREACH)
{
! mthis->message("%s: %s(%d) \n",
! inet_ntoa(icmphdr->icmp_ip.ip_dst),
unreach_codes(icmphdr->icmp_code),
icmphdr->icmp_code);
rec->responses++;
+ break;
}
else if(mthis->sCon.iVerbose > 0)
|
|
From: <re...@us...> - 2003-12-05 22:37:49
|
Update of /cvsroot/autosec/sonar/plugins In directory sc8-pr-cvs1:/tmp/cvs-serv21117/plugins Modified Files: inp_rand.h Log Message: Removed non-needed include line Index: inp_rand.h =================================================================== RCS file: /cvsroot/autosec/sonar/plugins/inp_rand.h,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** inp_rand.h 24 Oct 2003 09:57:06 -0000 1.2 --- inp_rand.h 5 Dec 2003 22:37:45 -0000 1.3 *************** *** 27,31 **** // include my types #include "types.h" - #include <sys/types.h> #include <unistd.h> #include <sys/time.h> --- 27,30 ---- |
|
From: <re...@us...> - 2003-12-05 22:37:12
|
Update of /cvsroot/autosec/sonar/plugins In directory sc8-pr-cvs1:/tmp/cvs-serv20987/plugins Modified Files: Makefile.am Makefile.in Log Message: Changed the debug rules for the plugins Index: Makefile.am =================================================================== RCS file: /cvsroot/autosec/sonar/plugins/Makefile.am,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** Makefile.am 4 Nov 2003 23:43:00 -0000 1.14 --- Makefile.am 5 Dec 2003 22:37:09 -0000 1.15 *************** *** 3,6 **** --- 3,7 ---- CPPFLAGS = -I$(top_srcdir)/src + DEBUG_CFLAGS= @DEBUG_CFLAGS@ -DHAVE_CONFIG_H -DPLUGINDIR="\\\"$(libdir)\\\"" lib_LTLIBRARIES = libsonar_net_icmp.la libsonar_net_ack.la libsonar_inp_random.la libsonar_out_log.la libsonar_out_xml.la *************** *** 23,27 **** -rm -f *.o *.la *.a ! debug: all --- 24,29 ---- -rm -f *.o *.la *.a ! debug: ! @$(MAKE) CFLAGS="$(DEBUG_CFLAGS)" Index: Makefile.in =================================================================== RCS file: /cvsroot/autosec/sonar/plugins/Makefile.in,v retrieving revision 1.31 retrieving revision 1.32 diff -C2 -d -r1.31 -r1.32 *** Makefile.in 4 Nov 2003 23:43:00 -0000 1.31 --- Makefile.in 5 Dec 2003 22:37:09 -0000 1.32 *************** *** 74,78 **** AWK = @AWK@ CC = @CC@ ! DEBUG_CFLAGS = @DEBUG_CFLAGS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ --- 74,78 ---- AWK = @AWK@ CC = @CC@ ! DEBUG_CFLAGS = @DEBUG_CFLAGS@ -DHAVE_CONFIG_H -DPLUGINDIR="\\\"$(libdir)\\\"" DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ *************** *** 402,406 **** -rm -f *.o *.la *.a ! debug: all install-debug: install --- 402,407 ---- -rm -f *.o *.la *.a ! debug: ! @$(MAKE) CFLAGS="$(DEBUG_CFLAGS)" install-debug: install |
|
From: <re...@us...> - 2003-12-05 22:36:45
|
Update of /cvsroot/autosec/sonar/doc In directory sc8-pr-cvs1:/tmp/cvs-serv20864/doc Modified Files: Makefile.am Makefile.in Log Message: Changed the cleaning rules for the docs Index: Makefile.am =================================================================== RCS file: /cvsroot/autosec/sonar/doc/Makefile.am,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** Makefile.am 7 Nov 2003 08:39:57 -0000 1.3 --- Makefile.am 5 Dec 2003 22:36:42 -0000 1.4 *************** *** 8,12 **** ! mostlyclean-generic: -rm -f *~ \#* .*~ .\#* -rm -rf html latex --- 8,12 ---- ! distclean-generic: -rm -f *~ \#* .*~ .\#* -rm -rf html latex Index: Makefile.in =================================================================== RCS file: /cvsroot/autosec/sonar/doc/Makefile.in,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** Makefile.in 10 Nov 2003 10:40:41 -0000 1.14 --- Makefile.in 5 Dec 2003 22:36:42 -0000 1.15 *************** *** 220,226 **** `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install ! ! distclean-generic: ! -rm -f Makefile $(CONFIG_CLEAN_FILES) clean: clean-am --- 220,224 ---- `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install ! mostlyclean-generic: clean: clean-am *************** *** 276,280 **** install-debug: install ! mostlyclean-generic: -rm -f *~ \#* .*~ .\#* -rm -rf html latex --- 274,278 ---- install-debug: install ! distclean-generic: -rm -f *~ \#* .*~ .\#* -rm -rf html latex |
|
From: <no...@so...> - 2003-12-05 22:26:49
|
The following NEW bug has been ADDED. ======================================================================= http://autosec.sourceforge.net/helpDesk/mantis/view_bug_page.php?f_id=43 ======================================================================= Reporter: red0x Handler: ======================================================================= Project: sonar Bug ID: 0000043 Category: Bugs Reproducibility: always Severity: feature Priority: normal Status: new ======================================================================= Date Submitted: 12-05-03 14:26 PST Last Modified: 12-05-03 14:26 PST ======================================================================= Summary: Parallel scanning broken Description: Scanning with two different types in parallel is broken. ======================================================================= |
|
From: <re...@us...> - 2003-11-18 03:22:01
|
Update of /cvsroot/autosec/pmids In directory sc8-pr-cvs1:/tmp/cvs-serv13369 Modified Files: README Log Message: Updated some documentation Index: README =================================================================== RCS file: /cvsroot/autosec/pmids/README,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** README 29 Sep 2002 18:59:19 -0000 1.3 --- README 18 Nov 2003 03:21:55 -0000 1.4 *************** *** 61,63 **** --- 61,67 ---- dont like that, send me a patch to fix it. + As of 1.7, reports can be stored in HTML in a local folder. Check + the "include" file. + + 1.7 also reports iptables statistics using the "-v" flag. --red0x |
|
From: <re...@us...> - 2003-11-18 03:21:42
|
Update of /cvsroot/autosec/pmids In directory sc8-pr-cvs1:/tmp/cvs-serv13301 Modified Files: check Log Message: Added uptime, who's logged in, and iptables statistics Index: check =================================================================== RCS file: /cvsroot/autosec/pmids/check,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** check 29 Sep 2002 18:57:37 -0000 1.5 --- check 18 Nov 2003 03:21:23 -0000 1.6 *************** *** 1,5 **** #!/bin/bash ! #Poor Man's IDS v1.6 by red0x # # User changeable options --- 1,5 ---- #!/bin/bash ! #Poor Man's IDS v1.7 by red0x # # User changeable options *************** *** 23,27 **** rm -f $outfile echo "Subject: Security Audit for $me.$dom" > $outfile ! echo "## PMIDS-1.6 CHECK invoked as $0" >> $outfile echo "## Sanity: working dir: $prefix" >> $outfile echo "## Checking scripts: " >> $outfile --- 23,27 ---- rm -f $outfile echo "Subject: Security Audit for $me.$dom" > $outfile ! echo "## PMIDS-1.7 CHECK invoked as $0" >> $outfile echo "## Sanity: working dir: $prefix" >> $outfile echo "## Checking scripts: " >> $outfile *************** *** 35,38 **** --- 35,54 ---- echo "" >> $outfile echo "Security Audit at: $dtime" >> $outfile + echo >> $outfile + + echo "Database dates: " >> $outfile + echo -n " db.bz2: " >> $outfile + echo `ls -lt db.bz2 | cut -f 20-23 -d ' '` >> $outfile + echo -n " dir.db.bz2: " >> $outfile + echo `ls -lt dir.db.bz2 | cut -f 20-23 -d ' '` >> $outfile + echo >> $outfile + + echo "#############################" >> $outfile + echo -n " Uptime: " >> $outfile + `which uptime` >> $outfile + `which who` >> $outfile + echo "#############################" >> $outfile + echo >> $outfile + echo "#############################" >> $outfile *************** *** 58,62 **** echo "#############################" >> $outfile ! /usr/bin/last -a > tmp.file grep "crash" < tmp.file >> $outfile rm -f tmp.file --- 74,78 ---- echo "#############################" >> $outfile ! /bin/last -a > tmp.file grep "crash" < tmp.file >> $outfile rm -f tmp.file *************** *** 69,73 **** echo "#############################" >> $outfile ! /usr/bin/last -a | grep root > tmp.file grep [.] < tmp.file >> $outfile # we are checking for .'s in a host name or ip address rm -f tmp.file --- 85,89 ---- echo "#############################" >> $outfile ! /bin/last -a | grep root > tmp.file grep [.] < tmp.file >> $outfile # we are checking for .'s in a host name or ip address rm -f tmp.file *************** *** 81,87 **** #kernel version number, not an ip address or hostname # and don't match X logins ! /usr/bin/last -a | grep [.] | grep -v "reboot" | grep -v ":0.0" >> $outfile echo "Done!" >> $outfile echo >> $outfile echo "#############################" >> $outfile --- 97,108 ---- #kernel version number, not an ip address or hostname # and don't match X logins ! /bin/last -a | grep [.] | grep -v "reboot" | grep -v ":0.0" >> $outfile echo "Done!" >> $outfile echo >> $outfile + echo "#############################" >> $outfile + echo "Listing iptables hits " >> $outfile + echo "#############################" >> $outfile + /sbin/iptables -vnL >> $outfile + echo "Dont!" >> $outfile echo "#############################" >> $outfile *************** *** 104,108 **** echo "#############################" >> $outfile ! for dir in $suidckdirs do $fd $dir -perm +4000 >> $outfile --- 125,129 ---- echo "#############################" >> $outfile ! for dir in $suidckdirs; do $fd $dir -perm +4000 >> $outfile *************** *** 122,126 **** $uarchive $prefix/dir.db.bz2 ! for dir2 in $dirsck do $lsp $lso $dir2 >> $dckfile --- 143,147 ---- $uarchive $prefix/dir.db.bz2 ! for dir2 in $dirsck; do $lsp $lso $dir2 >> $dckfile *************** *** 137,145 **** echo "Done!" >> $outfile echo >> $outfile ! echo "Poor Man's IDS 1.6 -- Copyright (c) 2001-2003 red0x <red0x [at] users [dot] sourceforge [dot] net>" >> $outfile echo "\$Id$" >> $outfile echo >> $outfile $mail $reporter < $outfile rm $outfile #mv $outfile $outfile.`date +%d-%m-%Y` # Save the old report --- 158,174 ---- echo "Done!" >> $outfile echo >> $outfile ! echo "Poor Man's IDS 1.7 -- Copyright (c) 2001-2003 red0x <red0x [at] users [dot] sourceforge [dot] net>" >> $outfile echo "\$Id$" >> $outfile echo >> $outfile + tstamp=`date +%d-%m-%Y` + $mail $reporter < $outfile + cat $prefix/header.html > $publish/$tstamp.html.pre + cat $outfile >> $publish/$tstamp.html.pre + cat $prefix/footer.html >> $publish/$tstamp.html.pre + sed "s/$/\<br\>/g" $publish/$tstamp.html.pre > $publish/$tstamp.html + chown apache:apache $publish/$tstamp.html + rm $publish/$tstamp.html.pre rm $outfile #mv $outfile $outfile.`date +%d-%m-%Y` # Save the old report |
|
From: <no...@so...> - 2003-11-17 22:48:00
|
A BUGNOTE has been added to this bug. ======================================================================= http://autosec.sourceforge.net/helpDesk/mantis/view_bug_page.php?f_id=0000041 ======================================================================= Reporter: red0x Handler: ======================================================================= Project: sonar Bug ID: 0000041 Category: Feature Requests Reproducibility: N/A Severity: feature Priority: normal Status: new ======================================================================= Date Submitted: 10-01-03 23:54 PDT Last Modified: 11-17-03 14:48 PST ======================================================================= Summary: Mac OS X Support Description: Need to wrap the calls to dlopen to support Mac OS X's native library loading techniques. ======================================================================= ----------------------------------------------------------------------- red0x - 11-17-03 14:48 PST ----------------------------------------------------------------------- I changed the way I load libraries to use libtool's wrapper (libltdl -- lt_dlopen) which should be portable to OS X. However, I have no box to test it. Anyone have one handy? |
|
From: <no...@so...> - 2003-11-17 22:27:19
|
The following bug has been RESOLVED. ======================================================================= http://autosec.sourceforge.net/helpDesk/mantis/view_bug_page.php?f_id=0000042 ======================================================================= Reporter: red0x Handler: red0x ======================================================================= Project: sonar Bug ID: 0000042 Category: Feature Requests Reproducibility: N/A Severity: feature Priority: normal Status: resolved Resolution: fixed ======================================================================= Date Submitted: 10-14-03 14:09 PDT Last Modified: 11-17-03 14:27 PST ======================================================================= Summary: XML output plugin Description: Ability to output scan results in standard XML ======================================================================= ----------------------------------------------------------------------- red0x - 11-17-03 14:27 PST ----------------------------------------------------------------------- XML output added in 1.2.1 |
|
From: <re...@us...> - 2003-11-10 10:40:44
|
Update of /cvsroot/autosec/sonar
In directory sc8-pr-cvs1:/tmp/cvs-serv18343
Modified Files:
configure configure.in
Log Message:
Updated makefiles
Index: configure
===================================================================
RCS file: /cvsroot/autosec/sonar/configure,v
retrieving revision 1.30
retrieving revision 1.31
diff -C2 -d -r1.30 -r1.31
*** configure 24 Oct 2003 09:57:05 -0000 1.30
--- configure 10 Nov 2003 10:40:40 -0000 1.31
***************
*** 11561,11565 ****
! ac_config_files="$ac_config_files Makefile doc/Makefile plugins/Makefile src/Makefile doc/docConf"
cat >confcache <<\_ACEOF
--- 11561,11565 ----
! ac_config_files="$ac_config_files Makefile doc/Makefile plugins/Makefile src/Makefile doc/docConf doc/sonar.1"
cat >confcache <<\_ACEOF
***************
*** 12116,12119 ****
--- 12116,12120 ----
"src/Makefile" ) CONFIG_FILES="$CONFIG_FILES src/Makefile" ;;
"doc/docConf" ) CONFIG_FILES="$CONFIG_FILES doc/docConf" ;;
+ "doc/sonar.1" ) CONFIG_FILES="$CONFIG_FILES doc/sonar.1" ;;
"depfiles" ) CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
"config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
Index: configure.in
===================================================================
RCS file: /cvsroot/autosec/sonar/configure.in,v
retrieving revision 1.27
retrieving revision 1.28
diff -C2 -d -r1.27 -r1.28
*** configure.in 24 Oct 2003 09:57:05 -0000 1.27
--- configure.in 10 Nov 2003 10:40:40 -0000 1.28
***************
*** 120,123 ****
plugins/Makefile
src/Makefile
! doc/docConf])
AC_OUTPUT
--- 120,124 ----
plugins/Makefile
src/Makefile
! doc/docConf
! doc/sonar.1])
AC_OUTPUT
|
16 messages has been excluded from this view by a project administrator.
