Loading src/main-conf.c +6 −0 Original line number Diff line number Diff line Loading @@ -1189,6 +1189,12 @@ masscan_set_parameter(struct Masscan *masscan, } else if (EQUALS("traceroute", name)) { fprintf(stderr, "nmap(%s): unsupported\n", name); exit(1); } else if (EQUALS("test", name)) { if (EQUALS("csv", value)) masscan->is_test_csv = 1; } else if (EQUALS("notest", name)) { if (EQUALS("csv", value)) masscan->is_test_csv = 0; } else if (EQUALS("ttl", name)) { unsigned x = strtoul(value, 0, 0); if (x >= 256) { Loading src/main-listscan.c +15 −5 Original line number Diff line number Diff line Loading @@ -54,11 +54,21 @@ infinite: ip = rangelist_pick(&masscan->targets, xXx % count_ips); port = rangelist_pick(&masscan->ports, xXx / count_ips); if (count_ports == 1) if (count_ports == 1) { if (masscan->is_test_csv) { /* [KLUDGE] [TEST] * For testing randomness output, prints last two bytes of * IP address as CSV format for import into spreadsheet */ printf("%u,%u\n", (ip>>8)&0xFF, (ip>>0)&0xFF ); } else { printf("%u.%u.%u.%u\n", (ip>>24)&0xFF, (ip>>16)&0xFF, (ip>>8)&0xFF, (ip>>0)&0xFF ); else } } else printf("%u.%u.%u.%u:%u\n", (ip>>24)&0xFF, (ip>>16)&0xFF, (ip>>8)&0xFF, (ip>>0)&0xFF, port Loading src/masscan.h +1 −0 Original line number Diff line number Diff line Loading @@ -97,6 +97,7 @@ struct Masscan unsigned is_gmt:1; /* --gmt, all times in GMT */ unsigned is_capture_cert:1; /* --capture cert */ unsigned is_capture_html:1; /* --capture html */ unsigned is_test_csv:1; /* (temporary testing feature) */ /** * Wait forever for responses, instead of the default 10 seconds Loading src/proto-ssl.c +17 −8 Original line number Diff line number Diff line Loading @@ -4,7 +4,9 @@ This parses out the SSL "certificate" and "ephemeral keys", and any other information we want from SSL. BIZARRE CODE ALERT: This module uses "state-machines" to parse !!!!!!!!!!!! BIZARRE CODE ALERT !!!!!!!!!!!!!!! This module uses "state-machines" to parse SSL. This has a number of advantages, such as handling TCP segmentation and SSL record fragmentation without having to buffer any packets. But it's quite weird if you aren't used to Loading @@ -25,13 +27,9 @@ /*************************************************************************** struct { ProtocolVersion server_version; Random random; SessionID session_id; CipherSuite cipher_suite; CompressionMethod compression_method; } ServerHello; * This parses the "Server Hello" packet, the packet that comes before * certificates. What we want from this are the SSL version info and the * "cipher-suite" (which encryption protocol the server uses). ***************************************************************************/ static void server_hello( Loading Loading @@ -60,6 +58,17 @@ server_hello( UNUSEDPARM(banner1_private); UNUSEDPARM(banner1); /* What this structure looks like struct { ProtocolVersion server_version; Random random; SessionID session_id; CipherSuite cipher_suite; CompressionMethod compression_method; } ServerHello; */ /* 'for all bytes in the packet...' */ for (i=0; i<length; i++) switch (state) { case VERSION_MAJOR: Loading src/rand-blackrock.c +15 −9 Original line number Diff line number Diff line Loading @@ -156,20 +156,26 @@ blackrock_init(struct BlackRock *br, uint64_t range, uint64_t seed) /*************************************************************************** * This is a random meaningless function. Well, if we actually wanted * crypto-strength, we'd have to improve it, but for now, we just want * some random properties. * The inner round/mixer function. In DES, it's a series of S-box lookups, * which ***************************************************************************/ static inline uint64_t F(uint64_t j, uint64_t R, uint64_t seed) F(uint64_t r, uint64_t R, uint64_t seed) { static const uint64_t primes[] = { 961752031, 982324657, 15485843, 961752031, }; uint64_t r0, r1, r2, r3; R = ((R << (R&0x4)) + R + seed); R ^= sbox[R&0xF]; #define GETBYTE(R,n) ((((R)>>(n*8))^seed^r)&0xFF) return (((primes[j] * R + 25ULL) ^ R) + j); R ^= seed; r0 = sbox[GETBYTE(R,0)]<< 0 | sbox[GETBYTE(R,1)]<< 8; r1 = (sbox[GETBYTE(R,2)]<<16UL | sbox[GETBYTE(R,3)]<<24UL)&0x0ffffFFFFUL; r2 = sbox[GETBYTE(R,4)]<< 0 | sbox[GETBYTE(R,5)]<< 8; r3 = (sbox[GETBYTE(R,6)]<<16UL | sbox[GETBYTE(R,7)]<<24UL)&0x0ffffFFFFUL; R = r0 ^ r1 ^ r2<<23UL ^ r3<<33UL; return R; } Loading Loading
src/main-conf.c +6 −0 Original line number Diff line number Diff line Loading @@ -1189,6 +1189,12 @@ masscan_set_parameter(struct Masscan *masscan, } else if (EQUALS("traceroute", name)) { fprintf(stderr, "nmap(%s): unsupported\n", name); exit(1); } else if (EQUALS("test", name)) { if (EQUALS("csv", value)) masscan->is_test_csv = 1; } else if (EQUALS("notest", name)) { if (EQUALS("csv", value)) masscan->is_test_csv = 0; } else if (EQUALS("ttl", name)) { unsigned x = strtoul(value, 0, 0); if (x >= 256) { Loading
src/main-listscan.c +15 −5 Original line number Diff line number Diff line Loading @@ -54,11 +54,21 @@ infinite: ip = rangelist_pick(&masscan->targets, xXx % count_ips); port = rangelist_pick(&masscan->ports, xXx / count_ips); if (count_ports == 1) if (count_ports == 1) { if (masscan->is_test_csv) { /* [KLUDGE] [TEST] * For testing randomness output, prints last two bytes of * IP address as CSV format for import into spreadsheet */ printf("%u,%u\n", (ip>>8)&0xFF, (ip>>0)&0xFF ); } else { printf("%u.%u.%u.%u\n", (ip>>24)&0xFF, (ip>>16)&0xFF, (ip>>8)&0xFF, (ip>>0)&0xFF ); else } } else printf("%u.%u.%u.%u:%u\n", (ip>>24)&0xFF, (ip>>16)&0xFF, (ip>>8)&0xFF, (ip>>0)&0xFF, port Loading
src/masscan.h +1 −0 Original line number Diff line number Diff line Loading @@ -97,6 +97,7 @@ struct Masscan unsigned is_gmt:1; /* --gmt, all times in GMT */ unsigned is_capture_cert:1; /* --capture cert */ unsigned is_capture_html:1; /* --capture html */ unsigned is_test_csv:1; /* (temporary testing feature) */ /** * Wait forever for responses, instead of the default 10 seconds Loading
src/proto-ssl.c +17 −8 Original line number Diff line number Diff line Loading @@ -4,7 +4,9 @@ This parses out the SSL "certificate" and "ephemeral keys", and any other information we want from SSL. BIZARRE CODE ALERT: This module uses "state-machines" to parse !!!!!!!!!!!! BIZARRE CODE ALERT !!!!!!!!!!!!!!! This module uses "state-machines" to parse SSL. This has a number of advantages, such as handling TCP segmentation and SSL record fragmentation without having to buffer any packets. But it's quite weird if you aren't used to Loading @@ -25,13 +27,9 @@ /*************************************************************************** struct { ProtocolVersion server_version; Random random; SessionID session_id; CipherSuite cipher_suite; CompressionMethod compression_method; } ServerHello; * This parses the "Server Hello" packet, the packet that comes before * certificates. What we want from this are the SSL version info and the * "cipher-suite" (which encryption protocol the server uses). ***************************************************************************/ static void server_hello( Loading Loading @@ -60,6 +58,17 @@ server_hello( UNUSEDPARM(banner1_private); UNUSEDPARM(banner1); /* What this structure looks like struct { ProtocolVersion server_version; Random random; SessionID session_id; CipherSuite cipher_suite; CompressionMethod compression_method; } ServerHello; */ /* 'for all bytes in the packet...' */ for (i=0; i<length; i++) switch (state) { case VERSION_MAJOR: Loading
src/rand-blackrock.c +15 −9 Original line number Diff line number Diff line Loading @@ -156,20 +156,26 @@ blackrock_init(struct BlackRock *br, uint64_t range, uint64_t seed) /*************************************************************************** * This is a random meaningless function. Well, if we actually wanted * crypto-strength, we'd have to improve it, but for now, we just want * some random properties. * The inner round/mixer function. In DES, it's a series of S-box lookups, * which ***************************************************************************/ static inline uint64_t F(uint64_t j, uint64_t R, uint64_t seed) F(uint64_t r, uint64_t R, uint64_t seed) { static const uint64_t primes[] = { 961752031, 982324657, 15485843, 961752031, }; uint64_t r0, r1, r2, r3; R = ((R << (R&0x4)) + R + seed); R ^= sbox[R&0xF]; #define GETBYTE(R,n) ((((R)>>(n*8))^seed^r)&0xFF) return (((primes[j] * R + 25ULL) ^ R) + j); R ^= seed; r0 = sbox[GETBYTE(R,0)]<< 0 | sbox[GETBYTE(R,1)]<< 8; r1 = (sbox[GETBYTE(R,2)]<<16UL | sbox[GETBYTE(R,3)]<<24UL)&0x0ffffFFFFUL; r2 = sbox[GETBYTE(R,4)]<< 0 | sbox[GETBYTE(R,5)]<< 8; r3 = (sbox[GETBYTE(R,6)]<<16UL | sbox[GETBYTE(R,7)]<<24UL)&0x0ffffFFFFUL; R = r0 ^ r1 ^ r2<<23UL ^ r3<<33UL; return R; } Loading
