Loading data/exclude.conf +142 −0 Original line number Diff line number Diff line Loading @@ -67,6 +67,8 @@ 153.11.0.0/16 #Date: Mon, 7 Oct 2013 17:25:41 -0700 #Subject: Re: please stop the attack to our router #From: Di Li <di@egihosting.com> Loading @@ -87,3 +89,143 @@ # #Di 4.53.201.0/24 5.152.179.0/24 8.12.162.0-8.12.164.255 8.14.84.0/22 8.14.145.0-8.14.147.255 8.17.250.0-8.17.252.255 23.27.0.0/16 23.231.128.0/17 37.72.172.0/23 38.72.200.0/22 50.93.192.0-50.93.197.255 50.115.128.0/20 50.117.0.0/17 50.118.128.0/17 63.141.222.0/24 64.62.253.0/24 64.92.96.0/19 64.145.79.0/24 64.145.82.0/23 64.158.146.0/23 65.49.24.0/24 65.49.93.0/24 65.162.192.0/22 66.79.160.0/19 66.160.191.0/24 68.68.96.0/20 69.46.64.0/19 69.176.80.0/20 72.13.80.0/20 72.52.76.0/24 74.82.43.0/24 74.82.160.0/19 74.114.88.0/22 74.115.0.0/24 74.115.2.0/24 74.115.4.0/24 74.122.100.0/22 75.127.0.0/24 103.251.91.0/24 108.171.32.0/24 108.171.42.0/24 108.171.52.0/24 108.171.62.0/24 118.193.78.0/23 130.93.16.0/23 136.0.0.0/16 142.111.0.0/16 142.252.0.0/16 146.82.55.93 149.54.136.0/21 149.54.152.0/21 166.88.0.0/16 172.252.0.0/16 173.245.64.0/19 173.245.194.0/23 173.245.220.0/22 173.252.192.0/18 178.18.16.0/22 178.18.26.0-178.18.29.255 183.182.22.0/24 192.92.114.0/24 192.155.160.0/19 192.177.0.0/16 192.186.0.0/18 192.249.64.0/20 192.250.240.0/20 194.110.214.0/24 198.12.120.0-198.12.122.255 198.144.240.0/20 199.33.120.0/24 199.33.124.0/22 199.48.147.0/24 199.68.196.0/22 199.127.240.0/21 199.187.168.0/22 199.188.238.0/23 199.255.208.0/24 203.12.6.0/24 204.13.64.0/21 204.16.192.0/21 204.19.238.0/24 204.74.208.0/20 205.159.189.0/24 205.164.0.0/18 205.209.128.0/18 206.108.52.0/23 206.165.4.0/24 208.77.40.0/21 208.80.4.0/22 208.123.223.0/24 209.51.185.0/24 209.54.48.0/20 209.107.192.0/23 209.107.210.0/24 209.107.212.0/24 211.156.110.0/23 216.83.33.0-216.83.49.255 216.83.51.0-216.83.63.255 216.151.183.0/24 216.151.190.0/23 216.172.128.0/19 216.185.36.0/24 216.218.233.0/24 216.224.112.0/20 #Received: from [194.77.40.242] (HELO samba.agouros.de) # for abuse@erratasec.com; Sat, 12 Oct 2013 09:55:35 -0500 #Received: from rumba.agouros.de (rumba-internal [192.168.8.1]) by # samba.agouros.de (Postfix) with ESMTPS id 9055FBAD1D for # <abuse@erratasec.com>; Sat, 12 Oct 2013 16:55:32 +0200 (CEST) #Received: from rumba.agouros.de (localhost [127.0.0.1]) by rumba.agouros.de # (Postfix) with ESMTP id 7B5DD206099 for <abuse@erratasec.com>; Sat, 12 Oct # 2013 16:55:32 +0200 (CEST) #Received: from localhost.localdomain (localhost [127.0.0.1]) by # rumba.agouros.de (Postfix) with ESMTP id 5FBC420601D for # <abuse@erratasec.com>; Sat, 12 Oct 2013 16:55:32 +0200 (CEST) #To: <abuse@erratasec.com> #Subject: Loginattempts from Your net #Message-ID: <20131012145532.5FBC420601D@rumba.agouros.de> #Date: Sat, 12 Oct 2013 16:55:32 +0200 #From: <elwood@agouros.de> # #The address 209.126.230.72 from Your network tried to log in to #our network using Port 22 (1)/tcp. Below You will find a listing of the dates and #times the incidents occured as well as the attacked IP-Addresses. #This is a matter of concern for us and continued tries might result in #legal action. If the machine was victim to a hack take it offline, repair #the damage and use better protection next time. #The times included are in Central European (Summer) Time. #Date Sourceip port destips # #07.10.2013 22:34:40 CEST 209.126.230.72 22 194.77.40.242 (1) #08.10.2013 01:44:15 CEST 209.126.230.72 22 194.77.40.246 (1) # #Regards, #Konstantin Agouros 194.77.40.242 194.77.40.246 src/main-conf.c +139 −32 Original line number Diff line number Diff line Loading @@ -86,6 +86,25 @@ print_nmap_help(void) "\n"); } /*************************************************************************** ***************************************************************************/ static unsigned count_cidr_bits(struct Range range) { unsigned i; for (i=0; i<32; i++) { unsigned mask = 0xFFFFFFFF >> i; if ((range.begin & ~mask) == (range.end & ~mask)) { if ((range.begin & mask) == 0 && (range.end & mask) == mask) return i; } } return 0; } /*************************************************************************** * Echoes the configuration for one nic Loading @@ -104,12 +123,25 @@ masscan_echo_nic(struct Masscan *masscan, FILE *fp, unsigned i) sprintf_s(zzz, sizeof(zzz), "[%u]", i); fprintf(fp, "adapter%s = %s\n", zzz, masscan->nic[i].ifname); if (masscan->nic[i].src.ip.first == masscan->nic[i].src.ip.last) fprintf(fp, "adapter-ip%s = %u.%u.%u.%u\n", zzz, (masscan->nic[i].src.ip.first>>24)&0xFF, (masscan->nic[i].src.ip.first>>16)&0xFF, (masscan->nic[i].src.ip.first>> 8)&0xFF, (masscan->nic[i].src.ip.first>> 0)&0xFF ); else fprintf(fp, "adapter-ip%s = %u.%u.%u.%u\n", zzz, (masscan->nic[i].adapter_ip>>24)&0xFF, (masscan->nic[i].adapter_ip>>16)&0xFF, (masscan->nic[i].adapter_ip>> 8)&0xFF, (masscan->nic[i].adapter_ip>> 0)&0xFF (masscan->nic[i].src.ip.first>>24)&0xFF, (masscan->nic[i].src.ip.first>>16)&0xFF, (masscan->nic[i].src.ip.first>> 8)&0xFF, (masscan->nic[i].src.ip.first>> 0)&0xFF, (masscan->nic[i].src.ip.last>>24)&0xFF, (masscan->nic[i].src.ip.last>>16)&0xFF, (masscan->nic[i].src.ip.last>> 8)&0xFF, (masscan->nic[i].src.ip.last>> 0)&0xFF ); fprintf(fp, "adapter-mac%s = %02x:%02x:%02x:%02x:%02x:%02x\n", zzz, masscan->nic[i].adapter_mac[0], masscan->nic[i].adapter_mac[1], Loading Loading @@ -202,17 +234,10 @@ masscan_echo(struct Masscan *masscan, FILE *fp) (range.begin>> 0)&0xFF ); if (range.begin != range.end) { unsigned i; unsigned cidr_bits = count_cidr_bits(range); for (i=0; i<30; i++) { if ((range.begin&(1<<i))==0 && (range.end&(1<<i))) ; else break; } i = 32-i; if ((range.begin & (0xFFFFFFFF>>i)) == ((range.end & (0xFFFFFFFF>>i)))) { fprintf(fp, "/%u", i); if (cidr_bits) { fprintf(fp, "/%u", cidr_bits); } else fprintf(fp, "-%u.%u.%u.%u", (range.end>>24)&0xFF, Loading @@ -224,6 +249,12 @@ masscan_echo(struct Masscan *masscan, FILE *fp) fprintf(fp, "\n"); } fprintf(fp, "\n"); if (masscan->http_user_agent) fprintf( fp, "http-user-agent = %.*s\n", masscan->http_user_agent_length, masscan->http_user_agent); } Loading Loading @@ -471,6 +502,15 @@ parseTime(const char *value) return num; } /*************************************************************************** ***************************************************************************/ static int is_power_of_two(uint64_t x) { while ((x&1) == 0) x >>= 1; return x == 1; } /*************************************************************************** Loading Loading @@ -545,22 +585,58 @@ masscan_set_parameter(struct Masscan *masscan, struct Range range; range = range_parse_ipv4(value, 0, 0); /* Check for bad format */ if (range.begin > range.end) { fprintf(stderr, "CONF: bad source IPv4 address: %s=%s\n", LOG(0, "FAIL: bad source IPv4 address: %s=%s\n", name, value); return; LOG(0, "hint addresses look like \"19.168.1.23\"\n"); exit(1); } masscan->nic[index].adapter_ip = range.begin; /* If more than one IP address given, make the range is * an even power of two (1, 2, 4, 8, 16, ...) */ if (!is_power_of_two(range.end - range.begin + 1)) { LOG(0, "FAIL: range must be even power of two: %s=%s\n", name, value); exit(1); } masscan->nic[index].src.ip.first = range.begin; masscan->nic[index].src.ip.last = range.end; masscan->nic[index].src.ip.range = range.end - range.begin + 1; } else if (EQUALS("adapter-port", name) || EQUALS("source-port", name)) { /* Send packets FROM this port number */ unsigned x = strtoul(value, 0, 0); if (x > 65535) { fprintf(stderr, "error: %s=<n>: expected number less than 1000\n", unsigned is_error = 0; struct RangeList ports; memset(&ports, 0, sizeof(ports)); rangelist_parse_ports(&ports, value, &is_error); /* Check if there was an error in parsing */ if (is_error) { LOG(0, "FAIL: bad source port specification: %s\n", name); } else { masscan->nic[index].adapter_port = x; exit(1); } /* Only allow one range of ports */ if (ports.count != 1) { LOG(0, "FAIL: only one source port range may be specified: %s\n", name); exit(1); } /* verify range is even power of 2 (1, 2, 4, 8, 16, ...) */ if (!is_power_of_two(ports.list[0].end - ports.list[0].begin + 1)) { LOG(0, "FAIL: source port range must be even power of two: %s=%s\n", name, value); exit(1); } masscan->nic[index].src.port.first = ports.list[0].begin; masscan->nic[index].src.port.last = ports.list[0].end; masscan->nic[index].src.port.range = ports.list[0].end - ports.list[0].begin + 1; } else if (EQUALS("adapter-mac", name) || EQUALS("spoof-mac", name) || EQUALS("source-mac", name)) { /* Send packets FROM this MAC address */ Loading Loading @@ -616,12 +692,18 @@ masscan_set_parameter(struct Masscan *masscan, } else if (EQUALS("ports", name) || EQUALS("port", name)) { rangelist_parse_ports(&masscan->ports, value); unsigned is_error = 0; rangelist_parse_ports(&masscan->ports, value, &is_error); if (masscan->op == 0) masscan->op = Operation_Scan; } else if (EQUALS("exclude-ports", name) || EQUALS("exclude-port", name)) { rangelist_parse_ports(&masscan->exclude_port, value); unsigned is_error = 0; rangelist_parse_ports(&masscan->exclude_port, value, &is_error); if (is_error) { LOG(0, "FAIL: bad exclude port: %s\n", value); exit(1); } } else if (EQUALS("arp", name) || EQUALS("arpscan", name)) { /* Add ICMP ping request */ struct Range range; Loading Loading @@ -736,6 +818,15 @@ masscan_set_parameter(struct Masscan *masscan, } else if (EQUALS("host-timeout", name)) { fprintf(stderr, "nmap(%s): unsupported: this is an asynchronous tool, so no timeouts\n", name); exit(1); } else if (EQUALS("http-user-agent", name)) { if (masscan->http_user_agent) free(masscan->http_user_agent); masscan->http_user_agent_length = (unsigned)strlen(value); masscan->http_user_agent = (unsigned char *)malloc(masscan->http_user_agent_length+1); memcpy( masscan->http_user_agent, value, masscan->http_user_agent_length+1 ); } else if (EQUALS("iflist", name)) { masscan->op = Operation_List_Adapters; } else if (EQUALS("includefile", name)) { Loading Loading @@ -1413,5 +1504,21 @@ mainconf_selftest() if (strcmp(test, "test 1") != 0) return 1; /* failure */ { struct Range range; range.begin = 16; range.end = 32-1; if (count_cidr_bits(range) != 28) return 1; range.begin = 1; range.end = 13; if (count_cidr_bits(range) != 0) return 1; } return 0; } No newline at end of file src/main-initadapter.c +13 −10 Original line number Diff line number Diff line Loading @@ -18,12 +18,12 @@ int masscan_initialize_adapter( struct Masscan *masscan, unsigned index, unsigned *r_adapter_ip, unsigned char *adapter_mac, unsigned char *router_mac) { char *ifname; char ifname2[256]; unsigned adapter_ip = 0; LOG(1, "initializing adapter\n"); Loading Loading @@ -59,17 +59,20 @@ masscan_initialize_adapter( * is done by queryin the adapter (or configured by user). If the * adapter doesn't have one, then the user must configure one. */ *r_adapter_ip = masscan->nic[index].adapter_ip; if (*r_adapter_ip == 0) { *r_adapter_ip = rawsock_get_adapter_ip(ifname); adapter_ip = masscan->nic[index].src.ip.first; if (adapter_ip == 0) { adapter_ip = rawsock_get_adapter_ip(ifname); LOG(2, "auto-detected: adapter-ip=%u.%u.%u.%u\n", (*r_adapter_ip>>24)&0xFF, (*r_adapter_ip>>16)&0xFF, (*r_adapter_ip>> 8)&0xFF, (*r_adapter_ip>> 0)&0xFF (adapter_ip>>24)&0xFF, (adapter_ip>>16)&0xFF, (adapter_ip>> 8)&0xFF, (adapter_ip>> 0)&0xFF ); masscan->nic[index].src.ip.first = adapter_ip; masscan->nic[index].src.ip.last = adapter_ip; masscan->nic[index].src.ip.range = 1; } if (*r_adapter_ip == 0) { if (adapter_ip == 0) { fprintf(stderr, "FAIL: failed to detect IP of interface \"%s\"\n", ifname); fprintf(stderr, " [hint] did you spell the name correctly?\n"); fprintf(stderr, " [hint] if it has no IP address, manually set with \"--adapter-ip 192.168.100.5\"\n"); Loading Loading @@ -152,7 +155,7 @@ masscan_initialize_adapter( arp_resolve_sync( masscan->nic[index].adapter, *r_adapter_ip, adapter_ip, adapter_mac, router_ipv4, router_mac); Loading src/main-ptrace.c +2 −2 Original line number Diff line number Diff line Loading @@ -105,8 +105,8 @@ packet_trace(FILE *fp, const unsigned char *px, size_t length, unsigned is_sent) ); break; } fprintf(fp, "%s (%5.4f) TCP %-21s > %-21s %s\n", direction, timestamp - global_timestamp_start, from, to, sz_type); fprintf(fp, "%s (%5.4f) TCP %-21s > %-21s %s %u-bytes\n", direction, timestamp - global_timestamp_start, from, to, sz_type, parsed.app_length); break; case FOUND_IPV6: break; Loading src/main-src.c 0 → 100644 +16 −0 Original line number Diff line number Diff line #include "main-src.h" int is_myself(const struct Source *src, unsigned ip, unsigned port) { return is_my_ip(src, ip) && is_my_port(src, port); } int is_my_ip(const struct Source *src, unsigned ip) { return src->ip.first <= ip && ip <= src->ip.last; } int is_my_port(const struct Source *src, unsigned port) { return src->port.first <= port && port <= src->port.last; } Loading
data/exclude.conf +142 −0 Original line number Diff line number Diff line Loading @@ -67,6 +67,8 @@ 153.11.0.0/16 #Date: Mon, 7 Oct 2013 17:25:41 -0700 #Subject: Re: please stop the attack to our router #From: Di Li <di@egihosting.com> Loading @@ -87,3 +89,143 @@ # #Di 4.53.201.0/24 5.152.179.0/24 8.12.162.0-8.12.164.255 8.14.84.0/22 8.14.145.0-8.14.147.255 8.17.250.0-8.17.252.255 23.27.0.0/16 23.231.128.0/17 37.72.172.0/23 38.72.200.0/22 50.93.192.0-50.93.197.255 50.115.128.0/20 50.117.0.0/17 50.118.128.0/17 63.141.222.0/24 64.62.253.0/24 64.92.96.0/19 64.145.79.0/24 64.145.82.0/23 64.158.146.0/23 65.49.24.0/24 65.49.93.0/24 65.162.192.0/22 66.79.160.0/19 66.160.191.0/24 68.68.96.0/20 69.46.64.0/19 69.176.80.0/20 72.13.80.0/20 72.52.76.0/24 74.82.43.0/24 74.82.160.0/19 74.114.88.0/22 74.115.0.0/24 74.115.2.0/24 74.115.4.0/24 74.122.100.0/22 75.127.0.0/24 103.251.91.0/24 108.171.32.0/24 108.171.42.0/24 108.171.52.0/24 108.171.62.0/24 118.193.78.0/23 130.93.16.0/23 136.0.0.0/16 142.111.0.0/16 142.252.0.0/16 146.82.55.93 149.54.136.0/21 149.54.152.0/21 166.88.0.0/16 172.252.0.0/16 173.245.64.0/19 173.245.194.0/23 173.245.220.0/22 173.252.192.0/18 178.18.16.0/22 178.18.26.0-178.18.29.255 183.182.22.0/24 192.92.114.0/24 192.155.160.0/19 192.177.0.0/16 192.186.0.0/18 192.249.64.0/20 192.250.240.0/20 194.110.214.0/24 198.12.120.0-198.12.122.255 198.144.240.0/20 199.33.120.0/24 199.33.124.0/22 199.48.147.0/24 199.68.196.0/22 199.127.240.0/21 199.187.168.0/22 199.188.238.0/23 199.255.208.0/24 203.12.6.0/24 204.13.64.0/21 204.16.192.0/21 204.19.238.0/24 204.74.208.0/20 205.159.189.0/24 205.164.0.0/18 205.209.128.0/18 206.108.52.0/23 206.165.4.0/24 208.77.40.0/21 208.80.4.0/22 208.123.223.0/24 209.51.185.0/24 209.54.48.0/20 209.107.192.0/23 209.107.210.0/24 209.107.212.0/24 211.156.110.0/23 216.83.33.0-216.83.49.255 216.83.51.0-216.83.63.255 216.151.183.0/24 216.151.190.0/23 216.172.128.0/19 216.185.36.0/24 216.218.233.0/24 216.224.112.0/20 #Received: from [194.77.40.242] (HELO samba.agouros.de) # for abuse@erratasec.com; Sat, 12 Oct 2013 09:55:35 -0500 #Received: from rumba.agouros.de (rumba-internal [192.168.8.1]) by # samba.agouros.de (Postfix) with ESMTPS id 9055FBAD1D for # <abuse@erratasec.com>; Sat, 12 Oct 2013 16:55:32 +0200 (CEST) #Received: from rumba.agouros.de (localhost [127.0.0.1]) by rumba.agouros.de # (Postfix) with ESMTP id 7B5DD206099 for <abuse@erratasec.com>; Sat, 12 Oct # 2013 16:55:32 +0200 (CEST) #Received: from localhost.localdomain (localhost [127.0.0.1]) by # rumba.agouros.de (Postfix) with ESMTP id 5FBC420601D for # <abuse@erratasec.com>; Sat, 12 Oct 2013 16:55:32 +0200 (CEST) #To: <abuse@erratasec.com> #Subject: Loginattempts from Your net #Message-ID: <20131012145532.5FBC420601D@rumba.agouros.de> #Date: Sat, 12 Oct 2013 16:55:32 +0200 #From: <elwood@agouros.de> # #The address 209.126.230.72 from Your network tried to log in to #our network using Port 22 (1)/tcp. Below You will find a listing of the dates and #times the incidents occured as well as the attacked IP-Addresses. #This is a matter of concern for us and continued tries might result in #legal action. If the machine was victim to a hack take it offline, repair #the damage and use better protection next time. #The times included are in Central European (Summer) Time. #Date Sourceip port destips # #07.10.2013 22:34:40 CEST 209.126.230.72 22 194.77.40.242 (1) #08.10.2013 01:44:15 CEST 209.126.230.72 22 194.77.40.246 (1) # #Regards, #Konstantin Agouros 194.77.40.242 194.77.40.246
src/main-conf.c +139 −32 Original line number Diff line number Diff line Loading @@ -86,6 +86,25 @@ print_nmap_help(void) "\n"); } /*************************************************************************** ***************************************************************************/ static unsigned count_cidr_bits(struct Range range) { unsigned i; for (i=0; i<32; i++) { unsigned mask = 0xFFFFFFFF >> i; if ((range.begin & ~mask) == (range.end & ~mask)) { if ((range.begin & mask) == 0 && (range.end & mask) == mask) return i; } } return 0; } /*************************************************************************** * Echoes the configuration for one nic Loading @@ -104,12 +123,25 @@ masscan_echo_nic(struct Masscan *masscan, FILE *fp, unsigned i) sprintf_s(zzz, sizeof(zzz), "[%u]", i); fprintf(fp, "adapter%s = %s\n", zzz, masscan->nic[i].ifname); if (masscan->nic[i].src.ip.first == masscan->nic[i].src.ip.last) fprintf(fp, "adapter-ip%s = %u.%u.%u.%u\n", zzz, (masscan->nic[i].src.ip.first>>24)&0xFF, (masscan->nic[i].src.ip.first>>16)&0xFF, (masscan->nic[i].src.ip.first>> 8)&0xFF, (masscan->nic[i].src.ip.first>> 0)&0xFF ); else fprintf(fp, "adapter-ip%s = %u.%u.%u.%u\n", zzz, (masscan->nic[i].adapter_ip>>24)&0xFF, (masscan->nic[i].adapter_ip>>16)&0xFF, (masscan->nic[i].adapter_ip>> 8)&0xFF, (masscan->nic[i].adapter_ip>> 0)&0xFF (masscan->nic[i].src.ip.first>>24)&0xFF, (masscan->nic[i].src.ip.first>>16)&0xFF, (masscan->nic[i].src.ip.first>> 8)&0xFF, (masscan->nic[i].src.ip.first>> 0)&0xFF, (masscan->nic[i].src.ip.last>>24)&0xFF, (masscan->nic[i].src.ip.last>>16)&0xFF, (masscan->nic[i].src.ip.last>> 8)&0xFF, (masscan->nic[i].src.ip.last>> 0)&0xFF ); fprintf(fp, "adapter-mac%s = %02x:%02x:%02x:%02x:%02x:%02x\n", zzz, masscan->nic[i].adapter_mac[0], masscan->nic[i].adapter_mac[1], Loading Loading @@ -202,17 +234,10 @@ masscan_echo(struct Masscan *masscan, FILE *fp) (range.begin>> 0)&0xFF ); if (range.begin != range.end) { unsigned i; unsigned cidr_bits = count_cidr_bits(range); for (i=0; i<30; i++) { if ((range.begin&(1<<i))==0 && (range.end&(1<<i))) ; else break; } i = 32-i; if ((range.begin & (0xFFFFFFFF>>i)) == ((range.end & (0xFFFFFFFF>>i)))) { fprintf(fp, "/%u", i); if (cidr_bits) { fprintf(fp, "/%u", cidr_bits); } else fprintf(fp, "-%u.%u.%u.%u", (range.end>>24)&0xFF, Loading @@ -224,6 +249,12 @@ masscan_echo(struct Masscan *masscan, FILE *fp) fprintf(fp, "\n"); } fprintf(fp, "\n"); if (masscan->http_user_agent) fprintf( fp, "http-user-agent = %.*s\n", masscan->http_user_agent_length, masscan->http_user_agent); } Loading Loading @@ -471,6 +502,15 @@ parseTime(const char *value) return num; } /*************************************************************************** ***************************************************************************/ static int is_power_of_two(uint64_t x) { while ((x&1) == 0) x >>= 1; return x == 1; } /*************************************************************************** Loading Loading @@ -545,22 +585,58 @@ masscan_set_parameter(struct Masscan *masscan, struct Range range; range = range_parse_ipv4(value, 0, 0); /* Check for bad format */ if (range.begin > range.end) { fprintf(stderr, "CONF: bad source IPv4 address: %s=%s\n", LOG(0, "FAIL: bad source IPv4 address: %s=%s\n", name, value); return; LOG(0, "hint addresses look like \"19.168.1.23\"\n"); exit(1); } masscan->nic[index].adapter_ip = range.begin; /* If more than one IP address given, make the range is * an even power of two (1, 2, 4, 8, 16, ...) */ if (!is_power_of_two(range.end - range.begin + 1)) { LOG(0, "FAIL: range must be even power of two: %s=%s\n", name, value); exit(1); } masscan->nic[index].src.ip.first = range.begin; masscan->nic[index].src.ip.last = range.end; masscan->nic[index].src.ip.range = range.end - range.begin + 1; } else if (EQUALS("adapter-port", name) || EQUALS("source-port", name)) { /* Send packets FROM this port number */ unsigned x = strtoul(value, 0, 0); if (x > 65535) { fprintf(stderr, "error: %s=<n>: expected number less than 1000\n", unsigned is_error = 0; struct RangeList ports; memset(&ports, 0, sizeof(ports)); rangelist_parse_ports(&ports, value, &is_error); /* Check if there was an error in parsing */ if (is_error) { LOG(0, "FAIL: bad source port specification: %s\n", name); } else { masscan->nic[index].adapter_port = x; exit(1); } /* Only allow one range of ports */ if (ports.count != 1) { LOG(0, "FAIL: only one source port range may be specified: %s\n", name); exit(1); } /* verify range is even power of 2 (1, 2, 4, 8, 16, ...) */ if (!is_power_of_two(ports.list[0].end - ports.list[0].begin + 1)) { LOG(0, "FAIL: source port range must be even power of two: %s=%s\n", name, value); exit(1); } masscan->nic[index].src.port.first = ports.list[0].begin; masscan->nic[index].src.port.last = ports.list[0].end; masscan->nic[index].src.port.range = ports.list[0].end - ports.list[0].begin + 1; } else if (EQUALS("adapter-mac", name) || EQUALS("spoof-mac", name) || EQUALS("source-mac", name)) { /* Send packets FROM this MAC address */ Loading Loading @@ -616,12 +692,18 @@ masscan_set_parameter(struct Masscan *masscan, } else if (EQUALS("ports", name) || EQUALS("port", name)) { rangelist_parse_ports(&masscan->ports, value); unsigned is_error = 0; rangelist_parse_ports(&masscan->ports, value, &is_error); if (masscan->op == 0) masscan->op = Operation_Scan; } else if (EQUALS("exclude-ports", name) || EQUALS("exclude-port", name)) { rangelist_parse_ports(&masscan->exclude_port, value); unsigned is_error = 0; rangelist_parse_ports(&masscan->exclude_port, value, &is_error); if (is_error) { LOG(0, "FAIL: bad exclude port: %s\n", value); exit(1); } } else if (EQUALS("arp", name) || EQUALS("arpscan", name)) { /* Add ICMP ping request */ struct Range range; Loading Loading @@ -736,6 +818,15 @@ masscan_set_parameter(struct Masscan *masscan, } else if (EQUALS("host-timeout", name)) { fprintf(stderr, "nmap(%s): unsupported: this is an asynchronous tool, so no timeouts\n", name); exit(1); } else if (EQUALS("http-user-agent", name)) { if (masscan->http_user_agent) free(masscan->http_user_agent); masscan->http_user_agent_length = (unsigned)strlen(value); masscan->http_user_agent = (unsigned char *)malloc(masscan->http_user_agent_length+1); memcpy( masscan->http_user_agent, value, masscan->http_user_agent_length+1 ); } else if (EQUALS("iflist", name)) { masscan->op = Operation_List_Adapters; } else if (EQUALS("includefile", name)) { Loading Loading @@ -1413,5 +1504,21 @@ mainconf_selftest() if (strcmp(test, "test 1") != 0) return 1; /* failure */ { struct Range range; range.begin = 16; range.end = 32-1; if (count_cidr_bits(range) != 28) return 1; range.begin = 1; range.end = 13; if (count_cidr_bits(range) != 0) return 1; } return 0; } No newline at end of file
src/main-initadapter.c +13 −10 Original line number Diff line number Diff line Loading @@ -18,12 +18,12 @@ int masscan_initialize_adapter( struct Masscan *masscan, unsigned index, unsigned *r_adapter_ip, unsigned char *adapter_mac, unsigned char *router_mac) { char *ifname; char ifname2[256]; unsigned adapter_ip = 0; LOG(1, "initializing adapter\n"); Loading Loading @@ -59,17 +59,20 @@ masscan_initialize_adapter( * is done by queryin the adapter (or configured by user). If the * adapter doesn't have one, then the user must configure one. */ *r_adapter_ip = masscan->nic[index].adapter_ip; if (*r_adapter_ip == 0) { *r_adapter_ip = rawsock_get_adapter_ip(ifname); adapter_ip = masscan->nic[index].src.ip.first; if (adapter_ip == 0) { adapter_ip = rawsock_get_adapter_ip(ifname); LOG(2, "auto-detected: adapter-ip=%u.%u.%u.%u\n", (*r_adapter_ip>>24)&0xFF, (*r_adapter_ip>>16)&0xFF, (*r_adapter_ip>> 8)&0xFF, (*r_adapter_ip>> 0)&0xFF (adapter_ip>>24)&0xFF, (adapter_ip>>16)&0xFF, (adapter_ip>> 8)&0xFF, (adapter_ip>> 0)&0xFF ); masscan->nic[index].src.ip.first = adapter_ip; masscan->nic[index].src.ip.last = adapter_ip; masscan->nic[index].src.ip.range = 1; } if (*r_adapter_ip == 0) { if (adapter_ip == 0) { fprintf(stderr, "FAIL: failed to detect IP of interface \"%s\"\n", ifname); fprintf(stderr, " [hint] did you spell the name correctly?\n"); fprintf(stderr, " [hint] if it has no IP address, manually set with \"--adapter-ip 192.168.100.5\"\n"); Loading Loading @@ -152,7 +155,7 @@ masscan_initialize_adapter( arp_resolve_sync( masscan->nic[index].adapter, *r_adapter_ip, adapter_ip, adapter_mac, router_ipv4, router_mac); Loading
src/main-ptrace.c +2 −2 Original line number Diff line number Diff line Loading @@ -105,8 +105,8 @@ packet_trace(FILE *fp, const unsigned char *px, size_t length, unsigned is_sent) ); break; } fprintf(fp, "%s (%5.4f) TCP %-21s > %-21s %s\n", direction, timestamp - global_timestamp_start, from, to, sz_type); fprintf(fp, "%s (%5.4f) TCP %-21s > %-21s %s %u-bytes\n", direction, timestamp - global_timestamp_start, from, to, sz_type, parsed.app_length); break; case FOUND_IPV6: break; Loading
src/main-src.c 0 → 100644 +16 −0 Original line number Diff line number Diff line #include "main-src.h" int is_myself(const struct Source *src, unsigned ip, unsigned port) { return is_my_ip(src, ip) && is_my_port(src, port); } int is_my_ip(const struct Source *src, unsigned ip) { return src->ip.first <= ip && ip <= src->ip.last; } int is_my_port(const struct Source *src, unsigned port) { return src->port.first <= port && port <= src->port.last; }
