[Icescan-cvs] IceScan TODO, 1.51, 1.52 csubtarget.h, 1.29, 1.30 iceoutput.h, 1.13, 1.14 nbt_wrapper
Status: Alpha
Brought to you by:
darkkey
Menu
▾
▴
[Icescan-cvs] IceScan TODO, 1.51, 1.52 csubtarget.h, 1.29, 1.30 iceoutput.h, 1.13, 1.14 nbt_wrapper.h, 1.8, 1.9 caengine.cc, 1.18, 1.19
|
From: Alexander B. <da...@us...> - 2007-01-25 14:13:22
|
Update of /cvsroot/icescan/IceScan In directory sc8-pr-cvs2.sourceforge.net:/tmp/cvs-serv29302 Modified Files: TODO csubtarget.h iceoutput.h nbt_wrapper.h caengine.cc Log Message: Yet another code cleaning and bug fixing in active engine. Index: csubtarget.h =================================================================== RCS file: /cvsroot/icescan/IceScan/csubtarget.h,v retrieving revision 1.29 retrieving revision 1.30 diff -C2 -d -r1.29 -r1.30 *** csubtarget.h 25 Jan 2007 13:08:31 -0000 1.29 --- csubtarget.h 25 Jan 2007 14:13:15 -0000 1.30 *************** *** 193,197 **** scans_to_be_done = scans_done = 0; ! if(par->scan_type != NO_SCAN) scans_to_be_done += TCP_SCAN; --- 193,197 ---- scans_to_be_done = scans_done = 0; ! if(par->scan_type != NO_SCAN && par->scan_type != UNKNOWN_SCAN) scans_to_be_done += TCP_SCAN; Index: nbt_wrapper.h =================================================================== RCS file: /cvsroot/icescan/IceScan/nbt_wrapper.h,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** nbt_wrapper.h 25 Jan 2007 13:08:31 -0000 1.8 --- nbt_wrapper.h 25 Jan 2007 14:13:16 -0000 1.9 *************** *** 106,111 **** u16 iframe_transmit_errors; u16 no_receive_buffer; ! u16 tl_timeouts; ! u16 ti_timeouts; u16 free_ncbs; u16 ncbs; --- 106,111 ---- u16 iframe_transmit_errors; u16 no_receive_buffer; ! u16 tl_timeout_text; ! u16 ti_timeout_text; u16 free_ncbs; u16 ncbs; *************** *** 203,207 **** int v_print_hostinfo(const char *hostname, const struct nb_host_info* hostinfo, ! int v, icestring &nb1, icestring &nb2) { int i, unique; u8 service; --- 203,207 ---- int v_print_hostinfo(const char *hostname, const struct nb_host_info* hostinfo, ! int v, icestring *nb1, icestring *nb2) { int i, unique; u8 service; *************** *** 209,227 **** char* sname; char buffer[256]; ! std::ostringstream outs; ! std::ostringstream outssec; ! Bzero(buffer, 256); //printf("NetBIOS Name Table for %s:\n", hostname); ! outs << "NetBIOS Name Table for "<< hostname <<":\n"; ! if (outssec) ! outssec << "Host:"<< hostname; if(hostinfo->is_broken && !v){ ! outs << " Incomplete packet, "<< hostinfo->is_broken <<" bytes long.\n"; ! if (outssec) ! outssec << " Incomplete packet, "<< hostinfo->is_broken <<" bytes long. "; } //printf("Incomplete packet, %d bytes long.\n", hostinfo->is_broken); --- 209,230 ---- char* sname; char buffer[256]; ! std::ostringstream out_text; ! std::ostringstream out_grep; ! ! if(nb2) ! out_grep.str().assign(*nb2); ! Bzero(buffer, 256); //printf("NetBIOS Name Table for %s:\n", hostname); ! out_text << "NetBIOS Name Table for "<< hostname <<":\n"; ! if (nb2) ! out_grep << "Host:"<< hostname; if(hostinfo->is_broken && !v){ ! out_text << " Incomplete packet, "<< hostinfo->is_broken <<" bytes long.\n"; ! if (nb2) ! out_grep << " Incomplete packet, "<< hostinfo->is_broken <<" bytes long. "; } //printf("Incomplete packet, %d bytes long.\n", hostinfo->is_broken); *************** *** 231,238 **** else sprintf(buffer,"%-17s%-17s\n", "Name", "Service"); ! outs << buffer; ! if (outssec) ! outssec << " NetBios Services:"; if(hostinfo->header && hostinfo->names) { --- 234,241 ---- else sprintf(buffer,"%-17s%-17s\n", "Name", "Service"); ! out_text << buffer; ! if(nb2) ! out_grep << " NetBios Services:"; if(hostinfo->header && hostinfo->names) { *************** *** 248,267 **** sprintf(buffer,"%-17s", name); ! outs << buffer; ! if (outssec) ! outssec << name << "/"; if(v){ ! sprintf(buffer,"%s\n", (char*)getnbservicename(service, unique, name)); ! if (outssec) ! outssec << getnbservicename(service, unique, name)<< ","; //printf("%s\n", (char*)getnbservicename(service, unique, name)); }else{ sprintf(buffer,"<%02x>", service); ! outs << buffer; ! if (outssec) ! outssec << buffer<< "//"; //printf("<%02x>", service); if(unique) --- 251,270 ---- sprintf(buffer,"%-17s", name); ! out_text << buffer; ! if(nb2) ! out_grep << name << "/"; if(v){ ! sprintf(buffer,"%s\n", (char*)getnbservicename(service, unique, name)); ! if(nb2) ! out_grep << getnbservicename(service, unique, name)<< ","; //printf("%s\n", (char*)getnbservicename(service, unique, name)); }else{ sprintf(buffer,"<%02x>", service); ! out_text << buffer; ! if(nb2) ! out_grep << buffer<< "//"; //printf("<%02x>", service); if(unique) *************** *** 271,289 **** sprintf(buffer," GROUP\n"); //printf(" GROUP\n"); ! if (outssec) ! outssec << buffer<< ","; } ! outs << buffer; } } ! outs << "\n"; ! if (outssec) ! outssec << "\n"; - nb1 = outs.str(); - nb2 = outssec.str(); - return 1; } --- 274,294 ---- sprintf(buffer," GROUP\n"); //printf(" GROUP\n"); ! if(nb2) ! out_grep << buffer<< ","; } ! out_text << buffer; } } ! out_text << "\n"; ! if(nb2) ! out_grep << "\n"; ! ! nb1->assign(out_text.str()); ! ! if(nb2) ! nb2->assign(out_grep.str()); return 1; } *************** *** 463,473 **** offset+=sizeof(response_footer->no_receive_buffer); ! if( offset+sizeof(response_footer->tl_timeouts) >= buffsize) { hostinfo->is_broken = offset; return hostinfo; } ! response_footer->tl_timeouts = get16(buff+offset); ! offset+=sizeof(response_footer->tl_timeouts); ! if( offset+sizeof(response_footer->ti_timeouts) >= buffsize) { hostinfo->is_broken = offset; return hostinfo; } ! response_footer->ti_timeouts = get16(buff+offset); ! offset+=sizeof(response_footer->ti_timeouts); if( offset+sizeof(response_footer->free_ncbs) >= buffsize) { hostinfo->is_broken = offset; return hostinfo; } --- 468,478 ---- offset+=sizeof(response_footer->no_receive_buffer); ! if( offset+sizeof(response_footer->tl_timeout_text) >= buffsize) { hostinfo->is_broken = offset; return hostinfo; } ! response_footer->tl_timeout_text = get16(buff+offset); ! offset+=sizeof(response_footer->tl_timeout_text); ! if( offset+sizeof(response_footer->ti_timeout_text) >= buffsize) { hostinfo->is_broken = offset; return hostinfo; } ! response_footer->ti_timeout_text = get16(buff+offset); ! offset+=sizeof(response_footer->ti_timeout_text); if( offset+sizeof(response_footer->free_ncbs) >= buffsize) { hostinfo->is_broken = offset; return hostinfo; } Index: TODO =================================================================== RCS file: /cvsroot/icescan/IceScan/TODO,v retrieving revision 1.51 retrieving revision 1.52 diff -C2 -d -r1.51 -r1.52 *** TODO 25 Jan 2007 14:04:36 -0000 1.51 --- TODO 25 Jan 2007 14:13:15 -0000 1.52 *************** *** 3,12 **** CRITICAL BUGS ############# ! 1) broken tcp raw scan (too-fast rtts and timeout expiring) ! 2) Non-working connect() + ip protocol/netbios scans ! 3) Non-working grepable output for protocol scan. ! 4) Fix netBIOS scan architecture (meanwhile, output). ! 5) discovery attempts sending too fast. ! 6) rtt engine, rtt engine, rtt engine... ############################################################# --- 3,9 ---- CRITICAL BUGS ############# ! 1) broken tcp raw scan (too-fast rtts and timeout expiring); ! discovery attempts sending too fast; rtt engine, rtt engine, rtt engine... ! 2) Non-working connect() + ip protocol scan ############################################################# *************** *** 79,84 **** I33 + Decoys (-D) I67 + IP options (R, T, U, S, L) ! I74 * Non-working connect() + protocols scan ! I75 * fix output in NetBIOS scan -- Exploiting -- --- 76,81 ---- I33 + Decoys (-D) I67 + IP options (R, T, U, S, L) ! I74 * Non-working connect() + protocol scan ! I75 * fix output in NetBIOS scan: strange " none detected" message. -- Exploiting -- *************** *** 124,128 **** I53 + -oT [filename] - troff output I68 + --open - after scanning, forces IceScan to show only open ports - I76 * fix grepable output with protocol scan I77 + add grepable output for NetBIOS scan --- 121,124 ---- Index: caengine.cc =================================================================== RCS file: /cvsroot/icescan/IceScan/caengine.cc,v retrieving revision 1.18 retrieving revision 1.19 diff -C2 -d -r1.18 -r1.19 *** caengine.cc 25 Jan 2007 13:08:31 -0000 1.18 --- caengine.cc 25 Jan 2007 14:13:16 -0000 1.19 *************** *** 936,942 **** if(subtargets.find(addr) != subtargets.end()){ hostinfo = (struct nb_host_info *)cnbt.parse_response(message, size); cnbt.v_print_hostinfo(subtargets[addr]->hostname.c_str(), hostinfo, ! !par.verbose, subtargets[addr]->text_output, ! subtargets[addr]->grep_output); subtargets[addr]->scans_done |= NBT_SCAN; --- 936,943 ---- if(subtargets.find(addr) != subtargets.end()){ hostinfo = (struct nb_host_info *)cnbt.parse_response(message, size); + icestring text_output; cnbt.v_print_hostinfo(subtargets[addr]->hostname.c_str(), hostinfo, ! !par.verbose, &(text_output), ! &(subtargets[addr]->grep_output)); subtargets[addr]->scans_done |= NBT_SCAN; *************** *** 946,950 **** subtargets[addr]->mac = get_arp_from_cache(subtargets[addr]->hostname); #endif ! out.show_results(subtargets[addr],iceoutput::RESULT_NETBIOS); --- 947,951 ---- subtargets[addr]->mac = get_arp_from_cache(subtargets[addr]->hostname); #endif ! out << text_output; out.show_results(subtargets[addr],iceoutput::RESULT_NETBIOS); Index: iceoutput.h =================================================================== RCS file: /cvsroot/icescan/IceScan/iceoutput.h,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -d -r1.13 -r1.14 *** iceoutput.h 25 Jan 2007 13:08:31 -0000 1.13 --- iceoutput.h 25 Jan 2007 14:13:15 -0000 1.14 *************** *** 277,281 **** out_grep << "Host: " << " "<< str_type_scan <<": "; } ! } /// end if (res_type != RESULT_NETBIOS) if((c->scan_probes.size() || c->scan_protocols.size()) && (res_type == RESULT_PORTS || res_type == RESULT_PROTOCOLS)){ --- 277,281 ---- out_grep << "Host: " << " "<< str_type_scan <<": "; } ! } if((c->scan_probes.size() || c->scan_protocols.size()) && (res_type == RESULT_PORTS || res_type == RESULT_PROTOCOLS)){ *************** *** 353,359 **** if(outs[GREP].exists){ icestring gs = grep.str(); ! ! DBGOUTPUT(gs); ! trim(gs, ','); --- 353,357 ---- if(outs[GREP].exists){ icestring gs = grep.str(); ! trim(gs, ','); *************** *** 361,372 **** } - }else if (res_type == RESULT_NETBIOS){ - /// out the netbios results - //std::string strc = c->output_buffer_netbios.str(); - //out << c->output_buffer_netbios.str(); - - //if(outs[GREP].exists) - // out_grep << c->output_buffer_netbios_secondary.str(); - }else{ /// no results --- 359,362 ---- |