#90 detection for HEARTBLEED vulnerability (be3d0cc2) · Commits · nimrod / masscan

src/main-conf.c

+8 −1

Original line number	Diff line number	Diff line
		@@ -408,6 +408,7 @@ masscan_echo(struct Masscan masscan, FILE fp)

		fprintf(fp, "%scapture = cert\n", masscan->is_capture_cert?"":"no");
		fprintf(fp, "%scapture = html\n", masscan->is_capture_html?"":"no");
		fprintf(fp, "%scapture = heartbleed\n", masscan->is_capture_heartbleed?"":"no");

		/*
		* TCP payloads
		@@ -1015,6 +1016,8 @@ masscan_set_parameter(struct Masscan *masscan,
		masscan->is_capture_cert = 1;
		else if (EQUALS("html", value))
		masscan->is_capture_html = 1;
		else if (EQUALS("heartbleed", value))
		masscan->is_capture_heartbleed = 1;
		else {
		fprintf(stderr, "FAIL: %s: unknown capture type\n", value);
		exit(1);
		@@ -1024,6 +1027,8 @@ masscan_set_parameter(struct Masscan *masscan,
		masscan->is_capture_cert = 0;
		else if (EQUALS("html", value))
		masscan->is_capture_html = 0;
		else if (EQUALS("heartbleed", value))
		masscan->is_capture_heartbleed = 0;
		else {
		fprintf(stderr, "FAIL: %s: unknown capture type\n", value);
		exit(1);
		@@ -1108,7 +1113,8 @@ masscan_set_parameter(struct Masscan *masscan,
		masscan->is_banners = 0;
		} else if (EQUALS("blackrock-rounds", name)) {
		masscan->blackrock_rounds = (unsigned)parseInt(value);
		} else if (EQUALS("connection-timeout", name)) {
		} else if (EQUALS("connection-timeout", name) \|\| EQUALS("tcp-timeout", name)) {
		/* The timeout for "banners" TCP connections */
		masscan->tcp_connection_timeout = (unsigned)parseInt(value);
		} else if (EQUALS("datadir", name)) {
		strcpy_s(masscan->nmap.datadir, sizeof(masscan->nmap.datadir), value);
		@@ -1142,6 +1148,7 @@ masscan_set_parameter(struct Masscan *masscan,
		} else if (EQUALS("heartbleed", name)) {
		masscan->is_heartbleed = 1;
		masscan_set_parameter(masscan, "no-capture", "cert");
		masscan_set_parameter(masscan, "no-capture", "heartbleed");
		masscan_set_parameter(masscan, "banners", "true");
		} else if (EQUALS("hello-file", name)) {
		/* When connecting via TCP, send this file */

src/main.c

+2 −1

Original line number	Diff line number	Diff line
		@@ -611,7 +611,8 @@ receive_thread(void *v)
		);
		tcpcon_set_banner_flags(tcpcon,
		masscan->is_capture_cert,
		masscan->is_capture_html);
		masscan->is_capture_html,
		masscan->is_capture_heartbleed);
		if (masscan->http_user_agent_length)
		tcpcon_set_parameter( tcpcon,
		"http-user-agent",

src/masscan-app.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -29,6 +29,7 @@ masscan_app_to_string(enum ApplicationProtocol proto)
		case PROTO_HTML_FULL: return "html";
		case PROTO_NTP: return "ntp";
		case PROTO_VULN: return "vuln";
		case PROTO_HEARTBLEED: return "heartbleed";
		default:
		sprintf_s(tmp, sizeof(tmp), "(%u)", proto);
		return tmp;

src/masscan-app.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -26,6 +26,7 @@ enum ApplicationProtocol {
		PROTO_HTML_FULL,
		PROTO_NTP, /* network time protocol, udp/123 */
		PROTO_VULN,
		PROTO_HEARTBLEED
		};

		const char *

src/masscan.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -161,6 +161,7 @@ struct Masscan
		unsigned is_gmt:1; /* --gmt, all times in GMT */
		unsigned is_capture_cert:1; /* --capture cert */
		unsigned is_capture_html:1; /* --capture html */
		unsigned is_capture_heartbleed:1; /* --capture heartbleed */
		unsigned is_test_csv:1; /* (temporary testing feature) */
		unsigned is_infinite:1; /* -infinite */
		unsigned is_readscan:1; /* --readscan, Operation_Readscan */