#75 ttl/reason now included in STATE field in XML output (0d779d04) · Commits · nimrod / masscan

src/in-binary.c

+46 −0

Original line number	Diff line number	Diff line
		@@ -146,6 +146,7 @@ parse_banner3(struct Output out, unsigned char buf, size_t buf_length)
		6, /* this is always TCP */
		record.port,
		record.app_proto,
		0, /* ttl */
		buf+12, (unsigned)buf_length-12
		);
		}
		@@ -159,6 +160,9 @@ parse_banner4(struct Output out, unsigned char buf, size_t buf_length)
		{
		struct MasscanRecord record;

		if (buf_length < 13)
		return;

		/*
		* Parse the parts that are common to most records
		*/
		@@ -181,10 +185,49 @@ parse_banner4(struct Output out, unsigned char buf, size_t buf_length)
		record.ip_proto, /* TCP=6, UDP=17 */
		record.port,
		record.app_proto, /* HTTP, SSL, SNMP, etc. */
		0, /* ttl */
		buf+13, (unsigned)buf_length-13
		);
		}

		/***************************************************************************
		***************************************************************************/
		static void
		parse_banner9(struct Output out, unsigned char buf, size_t buf_length)
		{
		struct MasscanRecord record;

		if (buf_length < 14)
		return;

		/*
		* Parse the parts that are common to most records
		*/
		record.timestamp = buf[0]<<24 \| buf[1]<<16 \| buf[2]<<8 \| buf[3];
		record.ip = buf[4]<<24 \| buf[5]<<16 \| buf[6]<<8 \| buf[7];
		record.ip_proto = buf[8];
		record.port = buf[9]<<8 \| buf[10];
		record.app_proto = buf[11]<<8 \| buf[12];
		record.ttl = buf[13];

		if (out->when_scan_started == 0)
		out->when_scan_started = record.timestamp;

		/*
		* Now print the output
		*/
		output_report_banner(
		out,
		record.timestamp,
		record.ip,
		record.ip_proto, /* TCP=6, UDP=17 */
		record.port,
		record.app_proto, /* HTTP, SSL, SNMP, etc. */
		record.ttl, /* ttl */
		buf+13, (unsigned)buf_length-14
		);
		}

		/***************************************************************************
		* Read in the file, one record at a time.
		***************************************************************************/
		@@ -321,6 +364,9 @@ parse_file(struct Output out, const char filename)
		case 7: /* STATUS: closed */
		parse_status2(out, PortStatus_Closed, buf, bytes_read);
		break;
		case 9:
		parse_banner9(out, buf, bytes_read);
		break;
		case 'm': /* FILEHEADER */
		//goto end;
		break;

src/main.c

+5 −3

Original line number	Diff line number	Diff line
		@@ -717,6 +717,7 @@ receive_thread(void *v)
		seqno_them = TCP_SEQNO(px, parsed.transport_offset);
		seqno_me = TCP_ACKNO(px, parsed.transport_offset);


		switch (parsed.ip_protocol) {
		case 132: /* SCTP */
		cookie = syn_cookie(ip_them, port_them \| (Proto_SCTP<<16), ip_me, port_me, entropy) & 0xFFFFFFFF;
		@@ -838,7 +839,8 @@ receive_thread(void *v)
		tcb = tcpcon_create_tcb(tcpcon,
		ip_me, ip_them,
		port_me, port_them,
		seqno_me, seqno_them+1);
		seqno_me, seqno_them+1,
		parsed.ip_ttl);
		(*status_tcb_count)++;
		}

		@@ -925,7 +927,7 @@ receive_thread(void *v)
		6, /* ip proto = tcp */
		port_them,
		px[parsed.transport_offset + 13], /* tcp flags */
		px[parsed.ip_offset + 8] /* ttl */
		parsed.ip_ttl
		);

		/*

src/out-binary.c

+14 −10

Original line number	Diff line number	Diff line
		@@ -112,26 +112,28 @@ binary_out_status(struct Output out, FILE fp, time_t timestamp,
		static void
		binary_out_banner(struct Output out, FILE fp, time_t timestamp,
		unsigned ip, unsigned ip_proto, unsigned port,
		enum ApplicationProtocol proto, const unsigned char *px, unsigned length)
		enum ApplicationProtocol proto, unsigned ttl,
		const unsigned char *px, unsigned length)
		{
		unsigned char foo[32768];
		unsigned i;
		size_t bytes_written;
		static const unsigned HeaderLength = 14;

		UNUSEDPARM(out);

		/* [TYPE] field */
		foo[0] = Out_Banner; /banner/
		foo[0] = Out_Banner9; /banner/

		/* [LENGTH] field*/
		if (length >= 128 * 128 - 13)
		if (length >= 128 * 128 - HeaderLength)
		return;
		if (length < 128 - 13) {
		foo[1] = (unsigned char)(length + 13);
		if (length < 128 - HeaderLength) {
		foo[1] = (unsigned char)(length + HeaderLength);
		i = 2;
		} else {
		foo[1] = (unsigned char)((length + 13)>>7) \| 0x80;
		foo[2] = (unsigned char)((length + 13) & 0x7F);
		foo[1] = (unsigned char)((length + HeaderLength)>>7) \| 0x80;
		foo[2] = (unsigned char)((length + HeaderLength) & 0x7F);
		i = 3;
		}

		@@ -154,12 +156,14 @@ binary_out_banner(struct Output out, FILE fp, time_t timestamp,
		foo[i+11] = (unsigned char)(proto>>8);
		foo[i+12] = (unsigned char)(proto>>0);

		foo[i+13] = (unsigned char)(ttl);

		/* Banner */
		memcpy(foo+i+13, px, length);
		memcpy(foo+i+14, px, length);


		bytes_written = fwrite(&foo, 1, length+i+13, fp);
		if (bytes_written != length+i+13) {
		bytes_written = fwrite(&foo, 1, length+i+HeaderLength, fp);
		if (bytes_written != length+i+HeaderLength) {
		perror("output");
		exit(1);
		}

src/out-grepable.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -161,10 +161,12 @@ grepable_out_status(struct Output out, FILE fp, time_t timestamp,
		static void
		grepable_out_banner(struct Output out, FILE fp, time_t timestamp,
		unsigned ip, unsigned ip_proto, unsigned port,
		enum ApplicationProtocol proto, const unsigned char *px, unsigned length)
		enum ApplicationProtocol proto, unsigned ttl,
		const unsigned char *px, unsigned length)
		{
		char banner_buffer[4096];

		UNUSEDPARM(ttl);
		UNUSEDPARM(timestamp);
		UNUSEDPARM(out);
		UNUSEDPARM(ip_proto);

src/out-null.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -54,8 +54,10 @@ null_out_status(struct Output out, FILE fp, time_t timestamp,
		static void
		null_out_banner(struct Output out, FILE fp, time_t timestamp,
		unsigned ip, unsigned ip_proto, unsigned port,
		enum ApplicationProtocol proto, const unsigned char *px, unsigned length)
		enum ApplicationProtocol proto, unsigned ttl,
		const unsigned char *px, unsigned length)
		{
		UNUSEDPARM(ttl);
		UNUSEDPARM(timestamp);
		UNUSEDPARM(out);
		UNUSEDPARM(fp);