[Icescan-cvs] IceScan/icesockets cdnsresolve.cc, 1.2, 1.3 cdnsresolve.h, 1.1, 1.2 packet_tracer.h, 1.13, 1.14 sock_name.cc, 1.13, 1.14 sock_name.h, 1.10, 1.11 sock_types.h, 1.20, 1.21

[Alexander B. <da...@us...>]

Update of /cvsroot/icescan/IceScan/icesockets
In directory 23jxhf1.ch3.sourceforge.com:/tmp/cvs-serv18086/icesockets

Modified Files:
	cdnsresolve.cc cdnsresolve.h packet_tracer.h sock_name.cc 
	sock_name.h sock_types.h 
Log Message:


 * fixed INSTALL && INSTALL.win32 files.
 + add PacketTracing for DNS queries
 * fixed rawsockets recieve conflict with pcap recieve (now either/either)
 * fixed udp scan window
 * fixed icmp processing thet recieved through pcap.


Index: cdnsresolve.h
===================================================================
RCS file: /cvsroot/icescan/IceScan/icesockets/cdnsresolve.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** cdnsresolve.h	9 Mar 2009 15:02:54 -0000	1.1
--- cdnsresolve.h	15 Apr 2009 12:18:59 -0000	1.2
***************
*** 5,11 ****
  #include "csocket.h"
  
! bool send_dns_req(csocket*, u16, u16, icestring, std::vector<dns_server>&);
  
! u16 recv_dns_rpl(csocket*, u32, std::vector<icestring>&);
  
  #endif
--- 5,11 ----
  #include "csocket.h"
  
! bool send_dns_req(csocket*, u16, u16, icestring, std::vector<dns_server>&, bool);
  
! u16 recv_dns_rpl(csocket*, u32, std::vector<icestring>&, bool);
  
  #endif

Index: sock_types.h
===================================================================
RCS file: /cvsroot/icescan/IceScan/icesockets/sock_types.h,v
retrieving revision 1.20
retrieving revision 1.21
diff -C2 -d -r1.20 -r1.21
*** sock_types.h	14 Apr 2009 15:43:35 -0000	1.20
--- sock_types.h	15 Apr 2009 12:18:59 -0000	1.21
***************
*** 493,496 ****
--- 493,517 ----
          struct	udphdr ui_u;		/* udp header */
  }; 
+ 
+ // DNS Header and flags
+ //
+ 
+ typedef struct {
+   u16 id;
+   u16 flags;
+   u16 qrcnt;
+   u16 rrcnt;
+   u16 nscnt;
+   u16 arcnt;
+ } dnshdr;
+ 
+ #define DNS_A      1
+ #define DNS_PTR   12
+ #define DNS_INIP   1
+ 
+ typedef struct{
+   u16 qtype;
+   u16 qclass;
+ } dnsq;
         
  #endif

Index: packet_tracer.h
===================================================================
RCS file: /cvsroot/icescan/IceScan/icesockets/packet_tracer.h,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** packet_tracer.h	17 Mar 2009 16:09:13 -0000	1.13
--- packet_tracer.h	15 Apr 2009 12:18:59 -0000	1.14
***************
*** 893,897 ****
--- 893,998 ----
      }    
  
+     static void TraceDNSPacket(icestring action, char *buffer, u32 len, struct timeval& tv_f){
+         std::ostringstream os;
+ 
+         dnshdr *dhdr = (dnshdr*) buffer;
+         int cur = len;
+ 
+         u16 id = htons(dhdr->id);
      
+         u16 flags = htons(dhdr->flags);
+         u16 qcnt = htons(dhdr->qrcnt);
+         u16 acnt = htons(dhdr->rrcnt);
+ 
+         os << action << " DNS" << " with id=" << id << " flags=" << flags << " q=" << qcnt << " a=" << acnt;
+ 
+         // check if this is answer;
+         /*if(!(flags & 0x8000))
+             return -1;
+ 
+         u8 rcode = flags & 0x000F;
+ 
+         if(rcode)
+             return rcode;
+ 
+         buffer += sizeof(dnshdr); 
+         cur -= sizeof(dnshdr);
+ 
+         //print_buffer(buffer, len - sizeof(dnshdr));
+ 
+         // skip buffer
+         for(int i = 0; i < qcnt && cur > 0; i++){
+             int j = 0;
+             while(buffer[j] != '\0'){
+                 buffer++;
+                 cur--;
+             }
+             buffer += 1; cur -= 1;
+ 
+             u16 qtype = GET16(buffer);
+             buffer += 4;
+             cur -= 4;
+         }
+ 
+         //print_buffer(buffer, cur);
+ 
+         for(int i = 0; i < acnt && cur > 0; i++){
+             // ref
+             buffer += 2; cur -= 2;
+ 
+             // type
+             u16 qtype = GET16(buffer);
+             buffer += 2; cur -= 2;
+         
+             // class
+             u16 qclass = GET16(buffer);
+             buffer += 2; cur -= 2;
+         
+             buffer += 4; cur -= 4;
+         
+             // len
+             int ln = GET16(buffer);
+             buffer += 2; cur -= 2;
+             
+             if(qtype == 12){
+ 
+                 char *ans = new char[ln];
+ 
+                 memcpy(ans, buffer, ln);
+                 buffer += ln;
+                 cur -= ln;
+ 
+                 int tmp = 0;
+                 for(int j = 0; j < ln; j++){
+                     tmp = ans[j];
+                     if(ans[j] != '\0' && j != 0)
+                         ans[j] = '.';
+                     if(tmp)
+                         j += tmp;
+                 }
+ 
+                 icestring s_ans(ans);
+     
+                 answers.push_back(s_ans.substr(1, s_ans.size()));
+                 
+                 delete[] ans;
+ 
+                 // we need only first PTR, no more
+                 break;
+             
+             }else if(qtype == 1){
+                 u32 addr = 0;
+             
+                 memcpy((void*) &addr, buffer, 4);
+                 buffer += 4;
+                 cur -= 4;
+     
+                 answers.push_back(ip_to_str(ntohl(addr)));
+ 
+             }else{
+                 CERR(1, "Hmm, strange dns reply code: " << qtype << ".");
+             }*/
+             std::cout << os.str() << std::endl;
+     }
  
  };

Index: cdnsresolve.cc
===================================================================
RCS file: /cvsroot/icescan/IceScan/icesockets/cdnsresolve.cc,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** cdnsresolve.cc	15 Mar 2009 18:59:19 -0000	1.2
--- cdnsresolve.cc	15 Apr 2009 12:18:59 -0000	1.3
***************
*** 4,8 ****
  //
  
! bool send_dns_req(csocket *cudp, u16 id, u16 qtype, icestring name, std::vector<dns_server>& servers){
      int ds = get_dns_server(servers);
  
--- 4,8 ----
  //
  
! bool send_dns_req(csocket *cudp, u16 id, u16 qtype, icestring name, std::vector<dns_server>& servers, bool packet_trace){
      int ds = get_dns_server(servers);
  
***************
*** 15,19 ****
      names.push_back(name);
  
!     buf = form_dns_query(id, qtype, names, len);
      cudp->sendto(servers[ds].host.c_str(), 53, buf, len, 0);
  
--- 15,19 ----
      names.push_back(name);
  
!     buf = form_dns_query(id, qtype, names, len, packet_trace);
      cudp->sendto(servers[ds].host.c_str(), 53, buf, len, 0);
  
***************
*** 23,27 ****
  }
  
! u16 recv_dns_rpl(csocket* cudp, u32 timeout, std::vector<icestring>& answers){
      struct timeval tv1, tv2;
      gettimeofday(&tv1, NULL);
--- 23,27 ----
  }
  
! u16 recv_dns_rpl(csocket* cudp, u32 timeout, std::vector<icestring>& answers, bool packet_trace){
      struct timeval tv1, tv2;
      gettimeofday(&tv1, NULL);
***************
*** 44,48 ****
          }
  
!         parse_dns_query(buf, len, answers, id);
          
          return id;
--- 44,48 ----
          }
  
!         parse_dns_query(buf, len, answers, id, packet_trace, tv2);
          
          return id;

Index: sock_name.h
===================================================================
RCS file: /cvsroot/icescan/IceScan/icesockets/sock_name.h,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -d -r1.10 -r1.11
*** sock_name.h	9 Mar 2009 15:02:54 -0000	1.10
--- sock_name.h	15 Apr 2009 12:18:59 -0000	1.11
***************
*** 19,40 ****
  #endif
  
- typedef struct {
-   u16 id;
-   u16 flags;
-   u16 qrcnt;
-   u16 rrcnt;
-   u16 nscnt;
-   u16 arcnt;
- } dnshdr;
- 
- #define DNS_A      1
- #define DNS_PTR   12
- #define DNS_INIP   1
- 
- typedef struct{
-   u16 qtype;
-   u16 qclass;
- } dnsq;
- 
  class dns_server{
      public:
--- 19,22 ----
***************
*** 89,95 ****
  icestring ip_to_str(u32);
  
! char* form_dns_query(u16, u16, std::vector<icestring>&, int&);
  
! int parse_dns_query(char*, int, std::vector<icestring>&, u16&);
  
  int get_system_dns_server(std::vector<icestring>&);
--- 71,77 ----
  icestring ip_to_str(u32);
  
! char* form_dns_query(u16, u16, std::vector<icestring>&, int&, bool);
  
! int parse_dns_query(char*, int, std::vector<icestring>&, u16&, bool, struct timeval&);
  
  int get_system_dns_server(std::vector<icestring>&);

Index: sock_name.cc
===================================================================
RCS file: /cvsroot/icescan/IceScan/icesockets/sock_name.cc,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** sock_name.cc	17 Mar 2009 16:09:14 -0000	1.13
--- sock_name.cc	15 Apr 2009 12:18:59 -0000	1.14
***************
*** 343,351 ****
  }
  
! char* form_dns_query(u16 id, u16 qtype, std::vector<icestring>& objects, int& len){
      char hdr[512];
      Bzero(hdr, 512);
      len = 0;
      u16 flags = 0;
      
      dnshdr *dhdr = (dnshdr*) hdr;
--- 343,353 ----
  }
  
! char* form_dns_query(u16 id, u16 qtype, std::vector<icestring>& objects, int& len, bool packet_trace){
      char hdr[512];
      Bzero(hdr, 512);
      len = 0;
      u16 flags = 0;
+ 
+     struct timeval tv;    
      
      dnshdr *dhdr = (dnshdr*) hdr;
***************
*** 408,415 ****
      memcpy(response, hdr, len);
  
      return response;
  }
  
! int parse_dns_query(char *buffer, int len, std::vector<icestring>& answers, u16& id){
      dnshdr *dhdr = (dnshdr*) buffer;
      int cur = len;
--- 410,425 ----
      memcpy(response, hdr, len);
  
+     gettimeofday(&tv, NULL);
+     
+     if(packet_trace) 
+         PacketTracer::TraceDNSPacket("SENT", response, len, tv);
+ 
      return response;
  }
  
! int parse_dns_query(char *buffer, int len, std::vector<icestring>& answers, u16& id, bool packet_trace, struct timeval &tv){
!     if(packet_trace) 
!         PacketTracer::TraceDNSPacket("RCVD", buffer, len, tv);
! 
      dnshdr *dhdr = (dnshdr*) buffer;
      int cur = len;