[Autosec-devel] sonar/plugins network_banner.c,NONE,1.1 network_banner.h,NONE,1.1 Makefile.am,1.17,1
Brought to you by:
red0x
Menu
▾
▴
[Autosec-devel] sonar/plugins network_banner.c,NONE,1.1 network_banner.h,NONE,1.1 Makefile.am,1.17,1.18 Makefile.in,1.34,1.35
|
From: red0x <re...@us...> - 2004-05-21 07:56:32
|
Update of /cvsroot/autosec/sonar/plugins In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24023/plugins Modified Files: Makefile.am Makefile.in Added Files: network_banner.c network_banner.h Log Message: Added a banner grab plugin Index: Makefile.in =================================================================== RCS file: /cvsroot/autosec/sonar/plugins/Makefile.in,v retrieving revision 1.34 retrieving revision 1.35 diff -C2 -d -r1.34 -r1.35 *** Makefile.in 19 May 2004 08:19:15 -0000 1.34 --- Makefile.in 21 May 2004 07:56:21 -0000 1.35 *************** *** 99,103 **** CPPFLAGS = -I$(top_srcdir)/src ! lib_LTLIBRARIES = libsonar_net_icmp.la libsonar_net_ack.la libsonar_inp_random.la libsonar_out_log.la libsonar_out_xml.la libsonar_net_tcp.la libsonar_net_icmp_la_SOURCES = network_icmp.c network_icmp.h libsonar_net_icmp_la_LIBADD = --- 99,103 ---- CPPFLAGS = -I$(top_srcdir)/src ! lib_LTLIBRARIES = libsonar_net_icmp.la libsonar_net_ack.la libsonar_inp_random.la libsonar_out_log.la libsonar_out_xml.la libsonar_net_tcp.la libsonar_net_banner.la libsonar_net_icmp_la_SOURCES = network_icmp.c network_icmp.h libsonar_net_icmp_la_LIBADD = *************** *** 112,115 **** --- 112,119 ---- libsonar_net_tcp_la_LDFLAGS = -module -no-undefined -avoid-version + libsonar_net_banner_la_SOURCES = network_banner.c network_banner.h + libsonar_net_banner_la_LIBADD = + libsonar_net_banner_la_LDFLAGS = -module -no-undefined -avoid-version + libsonar_inp_random_la_SOURCES = inp_rand.c inp_rand.h libsonar_inp_random_la_LIBADD = *************** *** 135,138 **** --- 139,145 ---- am_libsonar_net_ack_la_OBJECTS = rfc793.lo libsonar_net_ack_la_OBJECTS = $(am_libsonar_net_ack_la_OBJECTS) + libsonar_net_banner_la_DEPENDENCIES = + am_libsonar_net_banner_la_OBJECTS = network_banner.lo + libsonar_net_banner_la_OBJECTS = $(am_libsonar_net_banner_la_OBJECTS) libsonar_net_icmp_la_DEPENDENCIES = am_libsonar_net_icmp_la_OBJECTS = network_icmp.lo *************** *** 156,159 **** --- 163,167 ---- @AMDEP_TRUE@DEP_FILES = ./$(DEPDIR)/inp_rand.Plo \ @AMDEP_TRUE@ ./$(DEPDIR)/log_file.Plo ./$(DEPDIR)/log_xml.Plo \ + @AMDEP_TRUE@ ./$(DEPDIR)/network_banner.Plo \ @AMDEP_TRUE@ ./$(DEPDIR)/network_connect.Plo \ @AMDEP_TRUE@ ./$(DEPDIR)/network_icmp.Plo ./$(DEPDIR)/rfc793.Plo *************** *** 167,175 **** CFLAGS = @CFLAGS@ DIST_SOURCES = $(libsonar_inp_random_la_SOURCES) \ ! $(libsonar_net_ack_la_SOURCES) $(libsonar_net_icmp_la_SOURCES) \ ! $(libsonar_net_tcp_la_SOURCES) $(libsonar_out_log_la_SOURCES) \ ! $(libsonar_out_xml_la_SOURCES) DIST_COMMON = Makefile.am Makefile.in ! SOURCES = $(libsonar_inp_random_la_SOURCES) $(libsonar_net_ack_la_SOURCES) $(libsonar_net_icmp_la_SOURCES) $(libsonar_net_tcp_la_SOURCES) $(libsonar_out_log_la_SOURCES) $(libsonar_out_xml_la_SOURCES) all: all-am --- 175,184 ---- CFLAGS = @CFLAGS@ DIST_SOURCES = $(libsonar_inp_random_la_SOURCES) \ ! $(libsonar_net_ack_la_SOURCES) \ ! $(libsonar_net_banner_la_SOURCES) \ ! $(libsonar_net_icmp_la_SOURCES) $(libsonar_net_tcp_la_SOURCES) \ ! $(libsonar_out_log_la_SOURCES) $(libsonar_out_xml_la_SOURCES) DIST_COMMON = Makefile.am Makefile.in ! SOURCES = $(libsonar_inp_random_la_SOURCES) $(libsonar_net_ack_la_SOURCES) $(libsonar_net_banner_la_SOURCES) $(libsonar_net_icmp_la_SOURCES) $(libsonar_net_tcp_la_SOURCES) $(libsonar_out_log_la_SOURCES) $(libsonar_out_xml_la_SOURCES) all: all-am *************** *** 214,217 **** --- 223,228 ---- libsonar_net_ack.la: $(libsonar_net_ack_la_OBJECTS) $(libsonar_net_ack_la_DEPENDENCIES) $(LINK) -rpath $(libdir) $(libsonar_net_ack_la_LDFLAGS) $(libsonar_net_ack_la_OBJECTS) $(libsonar_net_ack_la_LIBADD) $(LIBS) + libsonar_net_banner.la: $(libsonar_net_banner_la_OBJECTS) $(libsonar_net_banner_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libsonar_net_banner_la_LDFLAGS) $(libsonar_net_banner_la_OBJECTS) $(libsonar_net_banner_la_LIBADD) $(LIBS) libsonar_net_icmp.la: $(libsonar_net_icmp_la_OBJECTS) $(libsonar_net_icmp_la_DEPENDENCIES) $(LINK) -rpath $(libdir) $(libsonar_net_icmp_la_LDFLAGS) $(libsonar_net_icmp_la_OBJECTS) $(libsonar_net_icmp_la_LIBADD) $(LIBS) *************** *** 232,235 **** --- 243,247 ---- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log_file.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log_xml.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/network_banner.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/network_connect.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/network_icmp.Plo@am__quote@ --- NEW FILE: network_banner.h --- /*************************************************************************** network_banner.h - Banner Grabbing network plugin ------------------- begin : Thu May 20 2004 copyright : (C) 2004 by red0x email : re...@us... rcsid : $Id: network_banner.h,v 1.1 2004/05/21 07:56:21 red0x Exp $ ***************************************************************************/ /* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #ifndef _NETWORK_BANNER_H #define _NETWORK_BANNER_H #include "plugin.h" #include <sys/types.h> #include <sys/socket.h> #include <netdb.h> #include <signal.h> #include <errno.h> #define MAX_BANNER_LEN 70 struct banner_opts { char *filename; FILE *fd; }; void *plugin_init(void *in_data); #endif /* _NETWORK_BANNER_H */ --- NEW FILE: network_banner.c --- /*************************************************************************** network_banner.c - Banner Grabbing network plugin ------------------- begin : Tue May 18 2004 copyright : (C) 2004 by red0x email : re...@us... rcsid : $Id: network_banner.c,v 1.1 2004/05/21 07:56:21 red0x Exp $ ***************************************************************************/ /* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /** @file network_banner.c * File contains Banner Grabbing plugin functions */ #include "network_banner.h" #include <assert.h> static const char rcsid[] = "\100$ autosec/sonar: $Id: network_banner.c,v 1.1 2004/05/21 07:56:21 red0x Exp $"; /// my last error static uint16_t my_errno; /// my socket static int my_socket; /// my local options struct banner_opts opts; /// Plugin's plugin_t structure, built by plugin_init static plugin_t plugin_ctx; /// Sonar's sonar_t structure, built by sonar, passed to this plugin static sonar_t *sonar_ctx; static int banner_destroy(void); static int banner_open(void *cmdline, int len); static int banner_close(void); static int banner_sweep(target_t * targets); static void banner_status(void); static void banner_usage(void); static int banner_last_error(void); /** @fn plugin_init(void *in_data) * Plugin Init function, part of the Plugin API * @param in_data Pointer to a sonar_t structure that will be * passed from sonar when your plugin is loaded. * @return A pointer to a filled plugin_t structure or NULL on error. */ void * plugin_init(void *in_data) { assert(in_data != NULL); sonar_ctx = (sonar_t *) in_data; if(sonar_ctx->api < 6) { sonar_ctx->err_ptrs->err_msg("Plugin API must be 6 or higher, please update\n"); return NULL; } my_errno = PLUGIN_LOADED; my_socket = -1; plugin_ctx.version = 6; /* set API version */ plugin_ctx.type = NETWORK_PLUGIN; plugin_ctx.err = (int16_t *) & my_errno; plugin_ctx.ready = false; plugin_ctx.plugin_char = 'B'; plugin_ctx.shortname = "banner grab\0"; plugin_ctx.longname = "Banner Grabbing scan\0"; plugin_ctx.plugin_init = &plugin_init; plugin_ctx.plugin_destroy = &banner_destroy; plugin_ctx.plugin_open = &banner_open; plugin_ctx.plugin_close = &banner_close; plugin_ctx.plugin_next = NULL; plugin_ctx.plugin_sweep = &banner_sweep; plugin_ctx.plugin_output = NULL; plugin_ctx.plugin_results = NULL; plugin_ctx.plugin_usage = &banner_usage; plugin_ctx.plugin_status = &banner_status; plugin_ctx.plugin_last_error = &banner_last_error; return &plugin_ctx; } /** @fn banner_destroy(void) * Plugin Unload function * @return PLUGIN_UNLOADED */ static int banner_destroy(void) { if(my_socket > 0) close(my_socket); my_errno = PLUGIN_UNLOADED; return PLUGIN_UNLOADED; } static void get_socket(void) { my_socket = socket(PF_INET, SOCK_STREAM, 0); if(my_socket == -1) { sonar_ctx->err_ptrs->err_ret("could not get a socket\n"); exit(-1); } } static void process_opts(char *cmd, int len) { //int i; char *next; /* first arg is a filename */ next = strchr(cmd, ','); if(next) *(next++) = 0x00; opts.filename = strndup(cmd, strlen(cmd)); opts.fd = fopen(opts.filename, "w+"); if(!opts.fd) free(opts.filename); /* save for later cmd = next; next = NULL; while(cmd) { next = strchr(cmd, ','); if(next) *(next++) = 0x00; cmd = next; next = NULL; }*/ } /** @fn banner_open(void *cmdline, int len) * Plugin Start function * @param cmdline Arguments passed on the command line * @param len length of arguments passed * @return PLUGIN_OK */ static int banner_open(void *cmdline, int len) { /* XXX: Take some options, like TTL, etc. */ if(cmdline && len > 0) process_opts(cmdline, len); if(sonar_ctx->opts.iPostDelay == -1) sonar_ctx->opts.iPostDelay = 0; get_socket(); plugin_ctx.ready = true; return PLUGIN_OK; } /** @fn banner_close(void) * Plugin destroy function * Call this before banner_destroy * @return PLUGIN_OK */ static int banner_close(void) { close(my_socket); my_socket = -1; plugin_ctx.ready = false; if(opts.fd) fclose(opts.fd); free(opts.filename); return PLUGIN_OK; } /** @fn banner_connect(int sock, struct addrinfo *ai, unsigned int port) * Protocol Independent wrapper for connect(2) * @param sock Socket descriptor * @param ai Address Info as returned from getaddrinfo(3) * @param port Port number to attempt connect on * @return see connect(2) */ int banner_connect(int sock, struct addrinfo *ai, unsigned int port) { struct sockaddr_in *sa; struct sockaddr_in6 *sa6; if(sock <=0 || ai == NULL) return -1; switch(ai->ai_family) { case PF_INET: sa = (struct sockaddr_in *) ai->ai_addr; sa->sin_port = ntohs(port); break; case PF_INET6: sa6 = (struct sockaddr_in6 *) ai->ai_addr; sa6->sin6_port = ntohs(port); break; default: return -1; } return connect(sock, ai->ai_addr, ai->ai_addrlen); } void sighand(int foo) { return; } /** @fn char *banner_grab(int sock, int *retlen) * Grab a banner from specified port * @param sock Socket to read from * @return Banner, retlen will be length of banner string */ static char *banner_grab(int sock, int *retlen) { char buf[MAX_BANNER_LEN]; int retval, times = 0; sighandler_t oldfunc; if(!retlen) return NULL; if(!sock) { *retlen = 0; return NULL; } if(send(sock, "foo!\r\n\r\n\0", 8, 0) < 8) if(sonar_ctx->opts.iVerbose > 2) sonar_ctx->err_ptrs->err_ret("Could not send test data\n"); memset(buf, 0, MAX_BANNER_LEN); oldfunc = signal(SIGALRM, (sighandler_t)sighand); wait: alarm(1); if((retval = recv(sock, buf, MAX_BANNER_LEN, MSG_PEEK)) <= 0) { alarm(0); /* nothing came in */ if(errno == EINTR) /* interrupted */ { times++; if(send(sock, "foo!\r\n\r\n\0", 8, 0) < 8) if(sonar_ctx->opts.iVerbose > 2) sonar_ctx->err_ptrs->err_ret("Could not send test data\n"); if(times < 2) goto wait; } *retlen = 0; return NULL; } alarm(0); signal(SIGALRM, oldfunc); /* return the banner */ buf[retval--] = 0x00; /* chop the \n */ if(buf[retval] == '\r') buf[--retval] = 0x00; *retlen = --retval; return strndup(buf, retval); } static char *str_truncate(char *buf, unsigned int len) { if(!buf) return NULL; if(strlen(buf) <= len) return buf; realloc(buf, len-4); buf[len-4] = '\0'; strcat(buf, "..."); return buf; } /** @fn banner_sweep(target_t *targets) * Plugin Sweep Function * Runs a TCP connect() scan against targets * @param targets Pointer to linked list of targets * @return PLUGIN_ERROR on error, PLUGIN_OK on ok */ static int banner_sweep(target_t * targets) { char broadcast = 0, fake = 0, *banner; unsigned int counter = 0; unsigned int open = 0, closed = 0, scanned = 0; int retval, i, bannerlen; struct servent *service; if(my_socket == -1) return PLUGIN_EOF; if(!plugin_ctx.ready) { sonar_ctx->err_ptrs->err_msg("plugin not ready\n"); return PLUGIN_ERROR; } while(targets != NULL && counter < sonar_ctx->num_targets) { if(targets->broadcast && !broadcast) { broadcast = 1; if(setsockopt(my_socket, SOL_SOCKET, SO_BROADCAST, (int *) &broadcast, sizeof(int)) < 0) { sonar_ctx->err_ptrs->err_ret("could not set broadcast mode, try being root\n"); sonar_ctx->err_ptrs->err_ret("skipping this target... :(\n"); continue; } } setservent(0); for(i = 0; i < 65536; i++) { /* stupid hax0r tr1ckz */ if(targets->ports[i] == PORT_SCAN) { targets->ports[i] = PORT_SCANNING; service = getservbyport(htons(i), NULL); if(!service) { service = (struct servent *) malloc(sizeof(struct servent)); if(!service) { sonar_ctx->err_ptrs->err_quit("Could not allocate memory\n"); return PLUGIN_ERROR; } service->s_name = strndup("unknown\0", 8); fake++; } /* scan this one port */ scanned++; retval = banner_connect(my_socket, targets->addrinfo, i); if(retval == 0) { targets->ports[i] = PORT_OPENED; open++; banner = banner_grab(my_socket, &bannerlen); if(opts.fd) { if(banner) fprintf(opts.fd, "%s[%d]: \t Open: %s\n-- \'%s\'\n", targets->entry, i, service->s_name, banner); else fprintf(opts.fd, "%s[%d]: \t Open: %s\n-- no banner\n", targets->entry, i, service->s_name); } if(sonar_ctx->opts.iVerbose > 0) { if(banner) sonar_ctx->message(" %s[%d]: \t Open: %s - %s\n", targets->entry, i, service->s_name, str_truncate(banner, 20)); else sonar_ctx->message(" %s[%d]: \t Open: %s - no banner\n", targets->entry, i, service->s_name); } } else { closed++; targets->ports[i] = PORT_CLOSED; if(sonar_ctx->opts.iVerbose > 1) sonar_ctx->message(" %s[%d]: \t closed: %s\n", targets->entry, i, service->s_name); } if(fake) { free(service->s_name); free(service); fake--; } close(my_socket); get_socket(); } counter++; } } //sonar_ctx->message("XXX: stats when done\n"); return PLUGIN_OK; } /** @fn banner_status(void) * Plugin Status hook function * Prints out status information right before the sweep begins */ static void banner_status(void) { if(plugin_ctx.ready) { sonar_ctx->output("Banner grabbing: %d targets\n", sonar_ctx->num_targets); } } /** @fn banner_usage(void) * Plugin Usage hook function * Prints out plugin usage information. */ static void banner_usage(void) { assert(sonar_ctx->output != NULL); sonar_ctx->output("\n Banner Grab plugin\n"); sonar_ctx-> output (" Usage: -sB,[output_file]\n"); sonar_ctx->output("\t output_file: Since sonar's plugin API version 6\n"); sonar_ctx->output("\t does not support banners, name a \n"); sonar_ctx->output("\t file to write banners to\n"); sonar_ctx-> output (" Example: sonar -sB,banners target.example.com\n"); /* Do not exit, so other plugins can ouput their usage too! exit(-1); */ } /** @fn banner_last_error() * Return last error code * @return Last error code */ static int banner_last_error(void) { return my_errno; } Index: Makefile.am =================================================================== RCS file: /cvsroot/autosec/sonar/plugins/Makefile.am,v retrieving revision 1.17 retrieving revision 1.18 diff -C2 -d -r1.17 -r1.18 *** Makefile.am 19 May 2004 08:19:15 -0000 1.17 --- Makefile.am 21 May 2004 07:56:21 -0000 1.18 *************** *** 5,9 **** DEBUG_CFLAGS= @DEBUG_CFLAGS@ -DHAVE_CONFIG_H -DPLUGINDIR="\\\"$(libdir)\\\"" ! lib_LTLIBRARIES = libsonar_net_icmp.la libsonar_net_ack.la libsonar_inp_random.la libsonar_out_log.la libsonar_out_xml.la libsonar_net_tcp.la libsonar_net_icmp_la_SOURCES = network_icmp.c network_icmp.h libsonar_net_icmp_la_LIBADD = --- 5,9 ---- DEBUG_CFLAGS= @DEBUG_CFLAGS@ -DHAVE_CONFIG_H -DPLUGINDIR="\\\"$(libdir)\\\"" ! lib_LTLIBRARIES = libsonar_net_icmp.la libsonar_net_ack.la libsonar_inp_random.la libsonar_out_log.la libsonar_out_xml.la libsonar_net_tcp.la libsonar_net_banner.la libsonar_net_icmp_la_SOURCES = network_icmp.c network_icmp.h libsonar_net_icmp_la_LIBADD = *************** *** 18,21 **** --- 18,25 ---- libsonar_net_tcp_la_LDFLAGS = -module -no-undefined -avoid-version + libsonar_net_banner_la_SOURCES = network_banner.c network_banner.h + libsonar_net_banner_la_LIBADD = + libsonar_net_banner_la_LDFLAGS = -module -no-undefined -avoid-version + libsonar_inp_random_la_SOURCES = inp_rand.c inp_rand.h libsonar_inp_random_la_LIBADD = |
