[Javanetsim-cvs] IceScan portdef.h, 1.1, 1.2 icediscover.h, 1.22, 1.23 csubtarget.h, 1.34, 1.35
Status: Beta
Brought to you by:
darkkey
Menu
▾
▴
[Javanetsim-cvs] IceScan portdef.h, 1.1, 1.2 icediscover.h, 1.22, 1.23 csubtarget.h, 1.34, 1.35
|
From: Alexander B. <da...@us...> - 2006-12-16 17:18:33
|
Update of /cvsroot/javanetsim/IceScan In directory sc8-pr-cvs6.sourceforge.net:/tmp/cvs-serv30073 Modified Files: portdef.h icediscover.h csubtarget.h Log Message: no message Index: csubtarget.h =================================================================== RCS file: /cvsroot/javanetsim/IceScan/csubtarget.h,v retrieving revision 1.34 retrieving revision 1.35 diff -C2 -d -r1.34 -r1.35 *** csubtarget.h 16 Dec 2006 14:44:56 -0000 1.34 --- csubtarget.h 16 Dec 2006 17:18:28 -0000 1.35 *************** *** 12,19 **** #include "nbt_wrapper.h" #include "iceprotocol.h" #define CONNECT_TIMEOUT 14 ! #define MAX_PACKETS 512 #ifdef __CYGWIN__ --- 12,21 ---- #include "nbt_wrapper.h" #include "iceprotocol.h" + #include "icesockets/sock_pcap.h" #define CONNECT_TIMEOUT 14 ! #define MAX_PACKETS 2048 ! #define MAX_RAW_WAIT 1000000 #ifdef __CYGWIN__ *************** *** 358,365 **** if(getuid() || par->forceuid){ #endif ! out->line("UID isn't 0, so can't create raw socket => no RAW tcp scan..."); return; } raw = true; --- 360,373 ---- if(getuid() || par->forceuid){ #endif ! out->line("UID isn't 0, so can't create raw socket/load pcap => no RAW tcp scan..."); return; } + pcap_t* p = init_pcap(); //check for NULL + + if(p == NULL){ + out->line("Can't open pcap: no raw tcp scan. Exitting."); + return; + } raw = true; *************** *** 384,447 **** perror("Setsockopt HDRINCL:"); - - int l = scanning_ports.size()/MAX_PACKETS; if(scanning_ports.size() % MAX_PACKETS != 0) l++; ! int j = 0; ! while(j < l){ ! int attempts = 0; ! while(attempts++ < 10){ ! std::map <int, scanning_port>::iterator i = scanning_ports.begin(); ! ! DBGOUTPUT(attempts); ! ! for(int k=0; k < MAX_PACKETS*j; k++) i++; ! j++; ! ! for(int k = j*MAX_PACKETS; (k < (j+1)*MAX_PACKETS) && i!= scanning_ports.end(); ++i, k++){ ! if(! (*i).second.done ){ ! switch(par->scan_type){ ! case FIN_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_FIN | par->tcpflags, 0, 0, 0); ! break; ! ! case NULL_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, par->tcpflags, 0, 0, 0); ! break; ! ! case XMAS_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_FIN | TH_URG | TH_PUSH | par->tcpflags, 0, 0, 0); ! break; ! ! case WINDOW_SCAN: ! case ACK_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_ACK, 0, 0, 0); ! break; ! case SYN_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_SYN, 0, 0, 0); ! break; } ! ! ! (*i).second.time = time(0); ! ! (*i).second.attempt++; ! recieve_tcp_raw(rawrecv, rawsend, source, saddress, scanning_ports, MAGIC_PORT); ! } ! } ! ! usleep(1000000); ! int at = 0; ! ! while(at++<100){ ! recieve_tcp_raw(rawrecv, rawsend, source, saddress, scanning_ports, MAGIC_PORT); ! iceusleep(1000); } - } } --- 392,465 ---- perror("Setsockopt HDRINCL:"); int l = scanning_ports.size()/MAX_PACKETS; if(scanning_ports.size() % MAX_PACKETS != 0) l++; + char filter_exp[256]; ! sprintf(filter_exp, "port %d host %s tcp", MAGIC_PORT, hostname.c_str()); ! ! pcap_filter(p, filter_exp); ! ! int maxat; ! ! int covar = 10000; ! ! int attempts = 0; ! while(attempts++ < 5){ ! int j = 0; ! while(j < l){ ! std::map <int, scanning_port>::iterator i = scanning_ports.begin(); ! ! //DBGOUTPUT(attempts); ! maxat = 0; ! ! for(int k=0; k < MAX_PACKETS*j; k++) i++; ! ! for(int k = j*MAX_PACKETS; (k < (j+1)*MAX_PACKETS) && i!= scanning_ports.end(); ++i, k++){ ! if(! (*i).second.done ){ ! switch(par->scan_type){ ! case FIN_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_FIN | par->tcpflags, 0, 0, 0); ! break; ! ! case NULL_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, par->tcpflags, 0, 0, 0); ! break; ! ! case XMAS_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_FIN | TH_URG | TH_PUSH | par->tcpflags, 0, 0, 0); ! break; ! ! case WINDOW_SCAN: ! case ACK_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_ACK, 0, 0, 0); ! break; ! ! case SYN_SCAN: ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, (*i).first, 0, 0, TH_SYN, 0, 0, 0); ! break; ! } ! ! ! gettimeofday(&((*i).second.tv), 0); ! ! //DBGOUTPUT("Sending:" << (*i).second.attempt); ! ! (*i).second.attempt++; ! maxat++; ! ! recieve_tcp_raw(p, rawsend, source, saddress, scanning_ports, MAGIC_PORT, 10, 0); } ! } ! j++; ! ! //iceusleep(1000); ! recieve_tcp_raw(p, rawsend, source, saddress, scanning_ports, MAGIC_PORT, (maxat) * covar + 10000, maxat); ! ! //DBGOUTPUT(covar); } } *************** *** 458,535 **** if(par->verbose>0) ! *out << "TCP " << scan_type << "scan finished.\n"; } ! void recieve_tcp_raw(crawsocket &rawrecv, crawsocket &rawsend, icestring &source, struct sockaddr_in &saddress, std::map <int, scanning_port> &scanning_ports, int MAGIC_PORT){ int bytes; ! char response[65535]; ! struct iphdr *ip = (struct iphdr *) response; struct tcphdr *tcp; ! while( bytes = rawrecv.recvfrom(response, 65535, 0, NULL) > 0){ ! if(ip->saddr = saddress.sin_addr.s_addr){ ! tcp = (struct tcphdr *) (response + 4 * ip->ihl); ! ! if ((tcp->th_flags & TH_RST) && (par->scan_type == FIN_SCAN || par->scan_type == NULL_SCAN || par->scan_type == XMAS_SCAN)) { ! int closed_port = ntohs(tcp->th_sport); ! ! if(scanning_ports.find(closed_port) != scanning_ports.end()){ ! if(!scanning_ports[closed_port].done){ ! set_port_status(closed_port, PORT_CLOSED, "tcp"); ! scanning_ports[closed_port].done = true; ! } ! } ! }else if ((tcp->th_flags & TH_RST) && (par->scan_type == WINDOW_SCAN)) { ! int port = ntohs(tcp->th_sport); ! ! if(scanning_ports.find(port) != scanning_ports.end()){ ! if(!scanning_ports[port].done){ ! scanning_ports[port].done = true; ! if(tcp->th_win == 0){ ! set_port_status(port, PORT_CLOSED, "tcp"); ! }else{ ! set_port_status(port, PORT_OPEN, "tcp"); ! } ! } ! } ! }else if ((tcp->th_flags & TH_RST) && (par->scan_type == ACK_SCAN)) { ! int port = ntohs(tcp->th_sport); ! if(scanning_ports.find(port) != scanning_ports.end()){ ! if(!scanning_ports[port].done){ ! set_port_status(port, PORT_UNFILTERED, "tcp"); ! scanning_ports[port].done = true; ! } ! } ! }else if ((tcp->th_flags & TH_RST) && (par->scan_type == SYN_SCAN)) { ! int port = ntohs(tcp->th_sport); ! if(port != MAGIC_PORT){ if(scanning_ports.find(port) != scanning_ports.end()){ if(!scanning_ports[port].done){ scanning_ports[port].done = true; ! set_port_status(port, PORT_CLOSED, "tcp"); } ! } ! } ! }else if ((tcp->th_flags & (TH_ACK|TH_SYN)) && (par->scan_type == SYN_SCAN)) { ! int port = ntohs(tcp->th_sport); - if(port != MAGIC_PORT){ if(scanning_ports.find(port) != scanning_ports.end()){ if(!scanning_ports[port].done){ ! set_port_status(port, PORT_OPEN, "tcp"); ! rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, port, 0, 0, TH_RST, 0, 0, 0); scanning_ports[port].done = true; } } } ! } ! bzero(response, 65534); ! } } } --- 476,580 ---- if(par->verbose>0) ! *out << "TCP " << scan_type << " scan finished.\n"; ! ! close_pcap(p); } ! int recieve_tcp_raw(pcap_t* p, crawsocket &rawsend, icestring &source, struct sockaddr_in &saddress, std::map <int, scanning_port> &scanning_ports, int MAGIC_PORT, int timeout, int packets){ int bytes; ! char *response; ! struct iphdr *ip; struct tcphdr *tcp; + unsigned int len; + int maxtimeval = 0; + struct timeval tv1, tv2, tv3; + gettimeofday(&tv1, 0); + bool stop = false; + int port; ! //DBGOUTPUT("!!!!!"); ! //while( bytes = rawrecv.recvfrom(response, 65535, 0, NULL) > 0){ ! while(!stop){ ! response = readip_pcap(p, &len, NULL); ! port = 0; + if(response){ + ip = (struct iphdr *) response; + if(ip->saddr = saddress.sin_addr.s_addr && ip->protocol == IPPROTO_TCP){ + tcp = (struct tcphdr *) (response + 4 * ip->ihl); ! if ((tcp->th_flags & TH_RST) && (par->scan_type == FIN_SCAN || par->scan_type == NULL_SCAN || par->scan_type == XMAS_SCAN)) { ! port = ntohs(tcp->th_sport); ! if(scanning_ports.find(port) != scanning_ports.end()){ ! if(!scanning_ports[port].done){ ! set_port_status(port, PORT_CLOSED, "tcp"); ! scanning_ports[port].done = true; ! } ! } ! }else if ((tcp->th_flags & TH_RST) && (par->scan_type == WINDOW_SCAN)) { ! int port = ntohs(tcp->th_sport); if(scanning_ports.find(port) != scanning_ports.end()){ if(!scanning_ports[port].done){ scanning_ports[port].done = true; ! if(tcp->th_win == 0){ ! set_port_status(port, PORT_CLOSED, "tcp"); ! }else{ ! set_port_status(port, PORT_OPEN, "tcp"); ! } } ! } ! }else if ((tcp->th_flags & TH_RST) && (par->scan_type == ACK_SCAN)) { ! int port = ntohs(tcp->th_sport); if(scanning_ports.find(port) != scanning_ports.end()){ if(!scanning_ports[port].done){ ! set_port_status(port, PORT_UNFILTERED, "tcp"); scanning_ports[port].done = true; } } + }else if ((tcp->th_flags & TH_RST) && (par->scan_type == SYN_SCAN)) { + int port = ntohs(tcp->th_sport); + + if(port != MAGIC_PORT){ + + if(scanning_ports.find(port) != scanning_ports.end()){ + if(!scanning_ports[port].done){ + scanning_ports[port].done = true; + set_port_status(port, PORT_CLOSED, "tcp"); + } + } + } + }else if ((tcp->th_flags & (TH_ACK|TH_SYN)) && (par->scan_type == SYN_SCAN)) { + int port = ntohs(tcp->th_sport); + + if(port != MAGIC_PORT){ + + if(scanning_ports.find(port) != scanning_ports.end()){ + if(!scanning_ports[port].done){ + set_port_status(port, PORT_OPEN, "tcp"); + rawsend.send_tcp_raw(source, hostname, MAGIC_PORT, port, 0, 0, TH_RST, 0, 0, 0); + scanning_ports[port].done = true; + } + } + } } ! //bzero(response, 65534); ! } ! } ! gettimeofday(&tv2, 0); ! ! if(port){ ! if(SUB_TIMEVALS(tv2,scanning_ports[port].tv) > maxtimeval) ! maxtimeval = SUB_TIMEVALS(tv2,scanning_ports[port].tv); ! } ! ! if(SUB_TIMEVALS(tv2,tv1) >= timeout || SUB_TIMEVALS(tv2,tv1) > MAX_RAW_WAIT + packets * 500) ! stop = true; } + + return maxtimeval; } Index: icediscover.h =================================================================== RCS file: /cvsroot/javanetsim/IceScan/icediscover.h,v retrieving revision 1.22 retrieving revision 1.23 diff -C2 -d -r1.22 -r1.23 *** icediscover.h 16 Dec 2006 16:06:06 -0000 1.22 --- icediscover.h 16 Dec 2006 17:18:28 -0000 1.23 *************** *** 42,45 **** --- 42,46 ---- if(par->forceuid){ #endif + //we're root, so can work with raw sockets icestring hostname_(hostname); Index: portdef.h =================================================================== RCS file: /cvsroot/javanetsim/IceScan/portdef.h,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** portdef.h 16 Dec 2006 00:29:16 -0000 1.1 --- portdef.h 16 Dec 2006 17:18:28 -0000 1.2 *************** *** 15,18 **** --- 15,19 ---- bool done; long time; + struct timeval tv; int socket_ptr; int attempt; |
