fix udp/tcp binary output (bdf8f531) · Commits · nimrod / masscan

src/in-binary.c

+61 −2

Original line number	Diff line number	Diff line
		@@ -42,6 +42,57 @@ parse_status(struct Output *out,
		record.reason = buf[10];
		record.ttl = buf[11];

		switch (record.port) {
		case 53:
		case 123:
		case 137:
		case 161:
		record.ip_proto = 17;
		break;
		case 36422:
		case 36412:
		case 2905:
		record.ip_proto = 132;
		break;
		default:
		record.ip_proto = 6;
		break;
		}

		/*
		* Now report the result
		*/
		output_report_status(out,
		record.timestamp,
		status,
		record.ip,
		record.ip_proto,
		record.port,
		record.reason,
		record.ttl);

		}

		/***************************************************************************
		***************************************************************************/
		static void
		parse_status2(struct Output *out,
		enum PortStatus status, /* open/closed */
		const unsigned char *buf, size_t buf_length)
		{
		struct MasscanRecord record;

		if (buf_length < 13)
		return;

		/* parse record */
		record.timestamp = buf[0]<<24 \| buf[1]<<16 \| buf[2]<<8 \| buf[3];
		record.ip = buf[4]<<24 \| buf[5]<<16 \| buf[6]<<8 \| buf[7];
		record.ip_proto = buf[8];
		record.port = buf[9]<<8 \| buf[10];
		record.reason = buf[11];
		record.ttl = buf[12];

		/*
		* Now report the result
		*/
		@@ -49,12 +100,14 @@ parse_status(struct Output *out,
		record.timestamp,
		status,
		record.ip,
		record.ip_proto,
		record.port,
		record.reason,
		record.ttl);

		}


		/***************************************************************************
		* [OBSOLETE]
		* This parses an old version of the banner record. I've still got files
		@@ -211,10 +264,10 @@ parse_file(struct Output out, const char filename)
		/* Depending on record type, do something different */
		switch (type) {
		case 1: /* STATUS: open */
		parse_status(out, Port_Open, buf, bytes_read);
		parse_status(out, PortStatus_Open, buf, bytes_read);
		break;
		case 2: /* STATUS: closed */
		parse_status(out, Port_Closed, buf, bytes_read);
		parse_status(out, PortStatus_Closed, buf, bytes_read);
		break;
		case 3: /* BANNER */
		parse_banner3(out, buf, bytes_read);
		@@ -230,6 +283,12 @@ parse_file(struct Output out, const char filename)
		case 5:
		parse_banner4(out, buf, bytes_read);
		break;
		case 6: /* STATUS: open */
		parse_status2(out, PortStatus_Open, buf, bytes_read);
		break;
		case 7: /* STATUS: closed */
		parse_status2(out, PortStatus_Closed, buf, bytes_read);
		break;
		case 'm': /* FILEHEADER */
		//goto end;
		break;

src/main-conf.c

+29 −7

Original line number	Diff line number	Diff line
		@@ -24,6 +24,19 @@
		#include <ctype.h>
		#include <limits.h>

		/***************************************************************************
		***************************************************************************/
		/*static struct Range top_ports_tcp[] = {
		{80, 80},{23, 23}, {443,443},{21,22},{25,25},{3389,3389},{110,110},
		{445,445},
		};
		static struct Range top_ports_udp[] = {
		{161, 161}, {631, 631}, {137,138},{123,123},{1434},{445,445},{135,135},
		{67,67},
		};
		static struct Range top_ports_sctp[] = {
		{7, 7},{9, 9},{20,22},{80,80},{179,179},{443,443},{1167,1167},
		};*/

		/***************************************************************************
		***************************************************************************/
		@@ -923,6 +936,8 @@ masscan_set_parameter(struct Masscan *masscan,
		exit(1);
		} else if (EQUALS("banners", name) \|\| EQUALS("banner", name)) {
		masscan->is_banners = 1;
		} else if (EQUALS("nobanners", name) \|\| EQUALS("nobanner", name)) {
		masscan->is_banners = 0;
		} else if (EQUALS("connection-timeout", name)) {
		masscan->tcp_connection_timeout = (unsigned)parseInt(value);
		} else if (EQUALS("datadir", name)) {
		@@ -1342,7 +1357,8 @@ is_singleton(const char *name)
		"no-stylesheet",
		"send-eth", "send-ip", "iflist", "randomize-hosts",
		"nmap", "trace-packet", "pfring", "sendq",
		"banners", "banner", "offline", "ping", "ping-sweep",
		"banners", "banner", "nobanners", "nobanner",
		"offline", "ping", "ping-sweep",
		"arp", "infinite", "interactive",
		0};
		size_t i;
		@@ -1412,6 +1428,9 @@ masscan_command_line(struct Masscan masscan, int argc, char argv[])
		/* Read in a binary file instead of scanning the network*/
		masscan->op = Operation_ReadScan;

		/* Default to reading banners */
		masscan->is_banners = 1;

		/* This option may be followed by many filenames, therefore,
		* skip forward in the argument list until the next
		* argument */
		@@ -1621,10 +1640,12 @@ masscan_command_line(struct Masscan masscan, int argc, char argv[])
		fprintf(stderr, "nmap(%s): unsupported. This code will never do DNS lookups.\n", argv[i]);
		exit(1);
		break;
		case 's':
		case 's': /* NMAP: scan type */
		if (argv[i][3] == '\0' && !isdigit(argv[i][2]&0xFF)) {
		/* This looks like an nmap option*/
		switch (argv[i][2]) {
		unsigned j;

		for (j=2; argv[i][j]; j++)
		switch (argv[i][j]) {
		case 'A':
		fprintf(stderr, "nmap(%s): ACK scan not yet supported\n", argv[i]);
		exit(1);
		@@ -1652,12 +1673,13 @@ masscan_command_line(struct Masscan masscan, int argc, char argv[])
		case 'O':
		fprintf(stderr, "nmap(%s): IP proto scan not yet supported\n", argv[i]);
		exit(1);
		case 'S': /* SYN scan - THIS IS WHAT WE DO! */
		case 'S': /* TCP SYN scan - THIS IS WHAT WE DO! */
		break;
		case 'T':
		case 'T': /* TCP connect scan */
		fprintf(stderr, "nmap(%s): connect() is too synchronous for cool kids\n", argv[i]);
		fprintf(stderr, "WARNING: doing SYN scan anyway\n");
		break;
		case 'U':
		case 'U': /* UDP scan */
		break;
		case 'V':
		fprintf(stderr, "nmap(%s): unlikely this will be supported\n", argv[i]);

src/main.c

+4 −3

Original line number	Diff line number	Diff line
		@@ -887,11 +887,11 @@ receive_thread(void *v)

		if (TCP_IS_SYNACK(px, parsed.transport_offset)) {
		/* figure out the status */
		status = Port_Unknown;
		status = PortStatus_Unknown;
		if ((px[parsed.transport_offset+13] & 0x2) == 0x2)
		status = Port_Open;
		status = PortStatus_Open;
		if ((px[parsed.transport_offset+13] & 0x4) == 0x4) {
		status = Port_Closed;
		status = PortStatus_Closed;
		}

		/* verify: syn-cookies */
		@@ -916,6 +916,7 @@ receive_thread(void *v)
		global_now,
		status,
		ip_them,
		6, /* ip proto = tcp */
		port_them,
		px[parsed.transport_offset + 13], /* tcp flags */
		px[parsed.ip_offset + 8] /* ttl */

src/masscan-status.h

+12 −0

Original line number	Diff line number	Diff line
		#ifndef MASSCAN_STATUS_H
		#define MASSCAN_STATUS_H

		#if 0
		enum PortStatus {
		Port_Unknown,
		Port_Open,
		@@ -12,6 +13,17 @@ enum PortStatus {
		Port_SctpClosed,
		Port_ArpOpen,
		};
		#endif

		enum PortStatus {
		PortStatus_Unknown,
		PortStatus_Open,
		PortStatus_Closed,
		PortStatus_Arp,
		PortStatus_Count

		};



		#endif

src/out-binary.c

+17 −18

Original line number	Diff line number	Diff line
		@@ -48,7 +48,7 @@ binary_out_close(struct Output out, FILE fp)
		****************************************************************************/
		static void
		binary_out_status(struct Output out, FILE fp, time_t timestamp,
		int status, unsigned ip, unsigned port, unsigned reason, unsigned ttl)
		int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
		{
		unsigned char foo[256];
		size_t bytes_written;
		@@ -57,24 +57,21 @@ binary_out_status(struct Output out, FILE fp, time_t timestamp,

		/* [TYPE] field */
		switch (status) {
		case Port_Open:
		case Port_UdpOpen:
		case Port_SctpOpen:
		case Port_IcmpEchoResponse:
		case Port_ArpOpen:
		foo[0] = Out_Open;
		case PortStatus_Open:
		foo[0] = Out_Open2;
		break;
		case Port_Closed:
		case Port_UdpClosed:
		case Port_SctpClosed:
		foo[0] = Out_Closed;
		case PortStatus_Closed:
		foo[0] = Out_Closed2;
		break;
		case PortStatus_Arp:
		foo[0] = Out_Arp2;
		break;
		default:
		return;
		}

		/* [LENGTH] field */
		foo[1] = 12;
		foo[1] = 13;

		/* [TIMESTAMP] field */
		foo[2] = (unsigned char)(timestamp>>24);
		@@ -87,16 +84,18 @@ binary_out_status(struct Output out, FILE fp, time_t timestamp,
		foo[8] = (unsigned char)(ip>> 8);
		foo[9] = (unsigned char)(ip>> 0);

		foo[10] = (unsigned char)(port>>8);
		foo[11] = (unsigned char)(port>>0);
		foo[10] = (unsigned char)(ip_proto);

		foo[11] = (unsigned char)(port>>8);
		foo[12] = (unsigned char)(port>>0);

		foo[12] = (unsigned char)reason;
		foo[13] = (unsigned char)ttl;
		foo[13] = (unsigned char)reason;
		foo[14] = (unsigned char)ttl;



		bytes_written = fwrite(&foo, 1, 14, fp);
		if (bytes_written != 14) {
		bytes_written = fwrite(&foo, 1, 15, fp);
		if (bytes_written != 15) {
		perror("output");
		exit(1);
		}