[Autosec-devel] sonar/plugins rfc793.c,1.44,1.45
Brought to you by:
red0x
Menu
▾
▴
[Autosec-devel] sonar/plugins rfc793.c,1.44,1.45
|
From: red0x <re...@us...> - 2004-04-08 21:21:42
|
Update of /cvsroot/autosec/sonar/plugins In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13059/plugins Modified Files: rfc793.c Log Message: ACK scan fix, timing update. Index: rfc793.c =================================================================== RCS file: /cvsroot/autosec/sonar/plugins/rfc793.c,v retrieving revision 1.44 retrieving revision 1.45 diff -C2 -d -r1.44 -r1.45 *** rfc793.c 8 Apr 2004 19:11:02 -0000 1.44 --- rfc793.c 8 Apr 2004 21:08:30 -0000 1.45 *************** *** 35,39 **** static int my_socket, err_socket; - static unsigned int num_hosts; static unsigned char done = 0; static plugin_t pthis; --- 35,38 ---- *************** *** 88,92 **** pthis.err = &my_errno; pthis.ready = true; ! pthis.version = 5; /* set API version 5 */ ready = false; --- 87,91 ---- pthis.err = &my_errno; pthis.ready = true; ! pthis.version = 6; /* set API version 5 */ ready = false; *************** *** 108,116 **** my_errno = PLUGIN_LOADED; - my_socket = -1; - num_hosts = 0; - return &pthis; } --- 107,112 ---- *************** *** 138,142 **** pthis.plugin_next = NULL; pthis.plugin_sweep = NULL; - pthis.plugin_sweep = NULL; pthis.plugin_output = NULL; pthis.plugin_results = NULL; --- 134,137 ---- *************** *** 150,156 **** } - - - static void rfc793_options_parse(void *arguments, int len) { --- 145,148 ---- *************** *** 158,161 **** --- 150,154 ---- int i,vallen; arg=(char*)arguments; + op.srcPrt = -1; while(arg) *************** *** 280,286 **** } - /*This will stay for later if(mthis->opts.bBroadcast) { l.l_onoff = 1; if(setsockopt(my_socket, SOL_SOCKET, SO_BROADCAST, --- 273,279 ---- } if(mthis->opts.bBroadcast) { + printf("setting broadcast\n"); l.l_onoff = 1; if(setsockopt(my_socket, SOL_SOCKET, SO_BROADCAST, *************** *** 293,297 **** } } - */ mthis->dropprivs(uid); --- 286,289 ---- *************** *** 301,305 **** ready = true; pthis.ready = true; - num_hosts = mthis->num_targets; return PLUGIN_OK; } --- 293,296 ---- *************** *** 318,326 **** assert(mthis->output != NULL); mthis->output("\n ACK Scan plugin: requires root priveleges\n"); ! mthis->output(" Usage: hostname:port/mask ...\n"); mthis->output(" If no port is specified, this will scan *all* ports\n"); mthis->output(" in /etc/services\n"); ! mthis->output(" Example: sonar -sA www.google.com:80/32\n"); ! exit(-1); } --- 309,319 ---- assert(mthis->output != NULL); mthis->output("\n ACK Scan plugin: requires root priveleges\n"); ! mthis->output(" Usage: -sA,[ttl=<num>,srcprt=<port>,prog=<cmdline>] hostname:port/mask\n"); ! mthis->output(" \tttl: set IP TTL\n"); ! mthis->output(" \tsrcprt: set TCP source port\n"); ! mthis->output(" \tprog: set command line to execute if host(s) is/are online\n"); mthis->output(" If no port is specified, this will scan *all* ports\n"); mthis->output(" in /etc/services\n"); ! mthis->output(" Example: sonar -sA,ttl=64,srcprt=53,prog=\"echo hi\" target.example.com:80/24\n"); } *************** *** 331,337 **** if(pthis.ready && ready) { ! mthis->output(" ACK Scan plugin ready::\n"); ! mthis->output(" TTL %d :: delay %d :: Source port %d ", op.ttl, ! mthis->opts.iPostDelay, op.srcPrt); } } --- 324,341 ---- if(pthis.ready && ready) { ! mthis->output("ACK Scan: %d host(s)::\n", mthis->num_targets); ! if(mthis->opts.iPostDelay == 0) ! mthis->output("\tno post-delay::\n"); ! else ! mthis->output("\tpost-delay %ds::\n", ! mthis->opts.iPostDelay); ! if(op.ttl != 0) ! mthis->output("\tTTL %d::\n", op.ttl); ! else ! mthis->output("\tdefault TTL::\n"); ! if(op.srcPrt != -1) ! mthis->output("\tSource port %d::\n", op.srcPrt); ! else ! mthis->output("\tRandom source port\n"); } } *************** *** 349,352 **** --- 353,357 ---- struct recv_t recd; int timeout; + unsigned int old_hosts = 0, ports = 0; assert(targets != NULL); *************** *** 361,365 **** timeout = mthis->opts.iTimeout; if(timeout <= 0) ! timeout = 5000; pthread_attr_init(&attr); --- 366,370 ---- timeout = mthis->opts.iTimeout; if(timeout <= 0) ! timeout = 5; //default timeout of 5 seconds pthread_attr_init(&attr); *************** *** 370,374 **** /* if we are broadcasting, increase the responses to collect */ /* and increase the timeout value */ ! recd.hosts = num_hosts; /* useful for later --- 375,379 ---- /* if we are broadcasting, increase the responses to collect */ /* and increase the timeout value */ ! recd.hosts = mthis->num_targets; /* useful for later *************** *** 379,390 **** recd.start = clock(); /* set the default timeout values */ ! recd.max = ! recd.start + (timeout * recd.hosts * CLOCKS_PER_SEC) / 1000; /* add time for a per host delay */ if(mthis->opts.iHostDelay > 0) ! recd.max += (mthis->opts.iHostDelay * recd.hosts * ! CLOCKS_PER_SEC) / 1000; ! /* add a default magic number to get some extra (late) responses */ ! recd.max += CLOCKS_PER_SEC / 1000; /* default is one half extra second */ /* start the receiving thread */ --- 384,391 ---- recd.start = clock(); /* set the default timeout values */ ! recd.max = timeout; /* add time for a per host delay */ if(mthis->opts.iHostDelay > 0) ! recd.max += mthis->opts.iHostDelay; /* start the receiving thread */ *************** *** 393,407 **** err_sys("could not create thread"); ! while(targets != NULL && counter < num_hosts) { ! if(targets->num_ports > 0) { ! recd.start = clock(); ! recd.max = recd.start + (timeout * targets->num_ports * ! CLOCKS_PER_SEC) / 1000; ! //recd.hosts++; // += (targets->num_ports - 1); ! recd.ports = targets->num_ports; ! targets->num_ports = 0; //--; } for(i = 0; i < 65536; i++) --- 394,410 ---- err_sys("could not create thread"); ! while(targets != NULL && counter < mthis->num_targets) { ! /* we have a broadcast target, without an ip-range */ ! if(targets->broadcast == 1 && targets->extra_hosts == 0) ! /* add to the timeout value */ ! recd.hosts += 255; ! if(targets->num_ports > 0 && ports == 0) { ! //recd.start = clock(); ! //recd.max = timeout;// * targets->num_ports; ! recd.ports = targets->num_ports; ! ports++; } for(i = 0; i < 65536; i++) *************** *** 411,424 **** { targets->ports[i] = PORT_SCANNING; ! if(targets->extra_hosts > 0) { - recd.start = clock(); - recd.max += (timeout * targets->extra_hosts * - CLOCKS_PER_SEC) / 1000; recd.hosts += targets->extra_hosts; ! targets->extra_hosts = 0; ! if(mthis->opts.iVerbose > 0) ! err_msg("Increasing timeout, netmask detected: %d", ! recd.max); } if(rfc793_send(targets) == PLUGIN_ERROR) --- 414,425 ---- { targets->ports[i] = PORT_SCANNING; ! //recd.ports++; ! if(targets->extra_hosts > 0 && old_hosts == 0) { recd.hosts += targets->extra_hosts; ! old_hosts++; ! //targets->extra_hosts = 0; ! if(mthis->opts.iVerbose > 1) ! err_msg("Increasing timeout, netmask detected\n"); } if(rfc793_send(targets) == PLUGIN_ERROR) *************** *** 429,436 **** /* sleep after this host (allows more dest unreachables to come * back) */ ! if(counter < num_hosts) usleep(mthis->opts.iHostDelay * 1000); } } targets = targets->next; } --- 430,440 ---- /* sleep after this host (allows more dest unreachables to come * back) */ ! if(counter < mthis->num_targets && mthis->opts.iHostDelay > 0) usleep(mthis->opts.iHostDelay * 1000); } } + old_hosts = 0; + ports = 0; + targets = targets->next; } *************** *** 465,468 **** --- 469,473 ---- int total_size = sizeof(struct tcphdr); int my_ports[65547]; + uint32_t addr, one=1; assert(target != NULL); *************** *** 502,506 **** nt.sport = htons(op.srcPrt); else ! nt.sport = htons(1+(int)(65535.0*rand()/(RAND_MAX+1.0))); switch (target->addrinfo->ai_family) --- 507,511 ---- nt.sport = htons(op.srcPrt); else ! nt.sport = htons(1+(int)(65535.0*rand()/(RAND_MAX+1.0))); switch (target->addrinfo->ai_family) *************** *** 509,513 **** sa = (struct sockaddr_in *) target->addrinfo->ai_addr; ia = sa->sin_addr; ! ia.s_addr = htonl(ntohl(ia.s_addr) + j); nt.dst = ia.s_addr; break; --- 514,537 ---- sa = (struct sockaddr_in *) target->addrinfo->ai_addr; ia = sa->sin_addr; ! addr = ntohl(ia.s_addr); ! if(j > 0) ! { ! addr++; ! ia.s_addr = htonl(addr); ! } ! sa->sin_addr = ia; ! /* broadcast address, set bcast mode */ ! if(((addr & 0x000000ff) == 0) || ((addr & 0x000000ff) == 255)) ! { ! if(one) ! { ! if(setsockopt(my_socket, SOL_SOCKET, SO_BROADCAST, ! (int *) &one, sizeof(int)) < 0) ! { ! err_ret("could not set broadcast mode"); ! } ! one = 0; ! } ! } nt.dst = ia.s_addr; break; *************** *** 527,531 **** } - add_tcphdr(packet, &nt, TH_ACK); // packet is ready to send --- 551,554 ---- *************** *** 548,552 **** free(packet); /* fresh copy of port list */ ! memcpy(target->ports, my_ports, 65537); } --- 571,575 ---- free(packet); /* fresh copy of port list */ ! memcpy(target->ports, my_ports, 65537 * sizeof(int)); } *************** *** 585,590 **** rec->responses = 0; ! while((done == 0 || clock() <= rec->max) ! && rec->responses < rec->hosts * rec->ports) { /* dont do anything up here, or we'll eat CPU */ --- 608,613 ---- rec->responses = 0; ! while(done == 0 || ! ((clock() <= (rec->max * CLOCKS_PER_SEC/100 * rec->hosts * rec->ports ) + rec->start) && rec->responses < rec->hosts * rec->ports)) { /* dont do anything up here, or we'll eat CPU */ *************** *** 592,596 **** tv.tv_sec = 0; my_host = NULL; ! FD_ZERO(&rfds); FD_SET(my_socket, &rfds); --- 615,619 ---- tv.tv_sec = 0; my_host = NULL; ! FD_ZERO(&rfds); FD_SET(my_socket, &rfds); *************** *** 619,623 **** tv.tv_sec = 0; tv.tv_usec = 0; - memset(buf, 0, MAX_PACKET); if(FD_ISSET(my_socket, &rfds)) --- 642,645 ---- *************** *** 703,717 **** num_res++; ! ! mthis->message ("%s[%s]:%d online & UNfiltered: range: %.2f ms " "ttl: %d size: %d\n", ! my_host->addrinfo->ai_canonname, ! inet_ntoa(from.sin_addr), ! ntohs(tcp->th_sport), triptime, ! iphdr->ip_ttl, ntohs(iphdr->ip_len)); /* print the packet if they want it */ ! if(mthis->opts.iVerbose > 1) ! print_packet(tcp); if(op.prog != NULL) --- 725,739 ---- num_res++; ! if(mthis->opts.iVerbose > 1) ! mthis->message ("%s[%s]:%d online & UNfiltered: range: %.2f ms " "ttl: %d size: %d\n", ! my_host->addrinfo->ai_canonname, ! inet_ntoa(from.sin_addr), ! ntohs(tcp->th_sport), triptime, ! iphdr->ip_ttl, ntohs(iphdr->ip_len)); /* print the packet if they want it */ ! if(mthis->opts.iVerbose > 3) ! print_packet(tcp); if(op.prog != NULL) *************** *** 829,833 **** num_res++; ! mthis->message ("%s[%s]:%d\tonline & filtered: range: " "%.2f ms ttl: %d size: %d\n", my_host->addrinfo->ai_canonname, --- 851,856 ---- num_res++; ! if(mthis->opts.iVerbose > 0) ! mthis->message ("%s[%s]:%d\tonline & filtered: range: " "%.2f ms ttl: %d size: %d\n", my_host->addrinfo->ai_canonname, *************** *** 852,856 **** default: assert(ai != NULL); ! if(mthis->opts.iVerbose > 1) mthis->message("%s[%s]: destination unreachable: %s\n", ai->ai_canonname, --- 875,879 ---- default: assert(ai != NULL); ! if(mthis->opts.iVerbose > 0) mthis->message("%s[%s]: destination unreachable: %s\n", ai->ai_canonname, *************** *** 871,875 **** if(result > 0) mthis->output("no response(s) from %d hosts\n", result); ! if(result < 0) mthis->output("subnet broadcast detected: extra response(s) from " "%d hosts\n", ~result + 1); --- 894,898 ---- if(result > 0) mthis->output("no response(s) from %d hosts\n", result); ! if(result < 0 && rec->ports == 1) mthis->output("subnet broadcast detected: extra response(s) from " "%d hosts\n", ~result + 1); *************** *** 884,887 **** --- 907,912 ---- unreach); } + if(mthis->opts.iVerbose <= 1 && unfilt && mthis->opts.iVerbose >0) + mthis->output("\tThe remaining %d ports that were in state \'unfiltered\' were\n\tnot printed, if you want to see them, use '-v2'\n", unfilt); return NULL; } |
