From 0d47952611198ef6b1163f366dc03922d20b1475 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 17 Apr 2024 09:42:04 +0200 Subject: Adding upstream version 7.94+git20230807.3be01efb1+dfsg. Signed-off-by: Daniel Baumann --- Target.h | 310 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 310 insertions(+) create mode 100644 Target.h (limited to 'Target.h') diff --git a/Target.h b/Target.h new file mode 100644 index 0000000..2feb7ee --- /dev/null +++ b/Target.h @@ -0,0 +1,310 @@ + +/*************************************************************************** + * Target.h -- The Target class encapsulates much of the information Nmap * + * has about a host. Results (such as ping, OS scan, etc) are stored in * + * this class as they are determined. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * + * The Nmap Security Scanner is (C) 1996-2023 Nmap Software LLC ("The Nmap + * Project"). Nmap is also a registered trademark of the Nmap Project. + * + * This program is distributed under the terms of the Nmap Public Source + * License (NPSL). The exact license text applying to a particular Nmap + * release or source code control revision is contained in the LICENSE + * file distributed with that version of Nmap or source code control + * revision. More Nmap copyright/legal information is available from + * https://nmap.org/book/man-legal.html, and further information on the + * NPSL license itself can be found at https://nmap.org/npsl/ . This + * header summarizes some key points from the Nmap license, but is no + * substitute for the actual license text. + * + * Nmap is generally free for end users to download and use themselves, + * including commercial use. It is available from https://nmap.org. + * + * The Nmap license generally prohibits companies from using and + * redistributing Nmap in commercial products, but we sell a special Nmap + * OEM Edition with a more permissive license and special features for + * this purpose. See https://nmap.org/oem/ + * + * If you have received a written Nmap license agreement or contract + * stating terms other than these (such as an Nmap OEM license), you may + * choose to use and redistribute Nmap under those terms instead. + * + * The official Nmap Windows builds include the Npcap software + * (https://npcap.com) for packet capture and transmission. It is under + * separate license terms which forbid redistribution without special + * permission. So the official Nmap Windows builds may not be redistributed + * without special permission (such as an Nmap OEM license). + * + * Source is provided to this software because we believe users have a + * right to know exactly what a program is going to do before they run it. + * This also allows you to audit the software for security holes. + * + * Source code also allows you to port Nmap to new platforms, fix bugs, and add + * new features. You are highly encouraged to submit your changes as a Github PR + * or by email to the dev@nmap.org mailing list for possible incorporation into + * the main distribution. Unless you specify otherwise, it is understood that + * you are offering us very broad rights to use your submissions as described in + * the Nmap Public Source License Contributor Agreement. This is important + * because we fund the project by selling licenses with various terms, and also + * because the inability to relicense code has caused devastating problems for + * other Free Software projects (such as KDE and NASM). + * + * The free version of Nmap is distributed in the hope that it will be + * useful, but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Warranties, + * indemnification and commercial support are all available through the + * Npcap OEM program--see https://nmap.org/oem/ + * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef TARGET_H +#define TARGET_H + +#include "nbase.h" + +#include "libnetutil/netutil.h" /* devtype */ + +#ifndef NOLUA +#include "nse_main.h" +#endif + +#include "portreasons.h" +#include "portlist.h" +#include "probespec.h" +#include "osscan.h" +#include "osscan2.h" +class FingerPrintResults; + +#include +#include +#include +#include /* time_t */ + +#ifndef INET6_ADDRSTRLEN +#define INET6_ADDRSTRLEN 46 +#endif + +enum osscan_flags { + OS_NOTPERF=0, OS_PERF, OS_PERF_UNREL +}; + +struct host_timeout_nfo { + unsigned long msecs_used; /* How many msecs has this Target used? */ + bool toclock_running; /* Is the clock running right now? */ + struct timeval toclock_start; /* When did the clock start? */ + time_t host_start, host_end; /* The absolute start and end for this host */ +}; + +struct TracerouteHop { + struct sockaddr_storage tag; + bool timedout; + std::string name; + struct sockaddr_storage addr; + int ttl; + float rtt; /* In milliseconds. */ + + int display_name(char *buf, size_t len) const { + if (name.empty()) + return Snprintf(buf, len, "%s", inet_ntop_ez(&addr, sizeof(addr))); + else + return Snprintf(buf, len, "%s (%s)", name.c_str(), inet_ntop_ez(&addr, sizeof(addr))); + } +}; + +struct EarlySvcResponse { + probespec pspec; + int len; + u8 data[1]; +}; + +class Target { + public: /* For now ... TODO: a lot of the data members should be made private */ + Target(); + ~Target(); + /* Returns the address family of the destination address. */ + int af() const; + /* Fills a sockaddr_storage with the AF_INET or AF_INET6 address + information of the target. This is a preferred way to get the + address since it is portable for IPv6 hosts. Returns 0 for + success. ss_len must be provided. It is not examined, but is set + to the size of the sockaddr copied in. */ + int TargetSockAddr(struct sockaddr_storage *ss, size_t *ss_len) const; + const struct sockaddr_storage *TargetSockAddr() const; + /* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ + void setTargetSockAddr(const struct sockaddr_storage *ss, size_t ss_len); + // Returns IPv4 target host address or {0} if unavailable. + struct in_addr v4host() const; + const struct in_addr *v4hostip() const; + const struct in6_addr *v6hostip() const; + /* The source address used to reach the target */ + int SourceSockAddr(struct sockaddr_storage *ss, size_t *ss_len) const; + const struct sockaddr_storage *SourceSockAddr() const; + /* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ + void setSourceSockAddr(const struct sockaddr_storage *ss, size_t ss_len); + struct sockaddr_storage source() const; + const struct in_addr *v4sourceip() const; + const struct in6_addr *v6sourceip() const; + /* The IPv4 or IPv6 literal string for the target host */ + const char *targetipstr() const { return targetipstring; } + /* The IPv4 or IPv6 literal string for the source address */ + const char *sourceipstr() const { return sourceipstring; } + /* Give the name from the last setHostName() call, which should be + the name obtained from reverse-resolution (PTR query) of the IP (v4 + or v6). If the name has not been set, or was set to NULL, an empty + string ("") is returned to make printing easier. */ + const char *HostName() const { return hostname? hostname : ""; } + /* You can set to NULL to erase a name or if it failed to resolve -- or + just don't call this if it fails to resolve. The hostname is blown + away when you setTargetSockAddr(), so make sure you do these in proper + order + */ + void setHostName(const char *name); + /* Generates a printable string consisting of the host's IP + address and hostname (if available). Eg "www.insecure.org + (64.71.184.53)" or "fe80::202:e3ff:fe14:1102". The name is + written into the buffer provided, which is also returned. Results + that do not fit in buflen will be truncated. */ + const char *NameIP(char *buf, size_t buflen) const; + /* This next version returns a STATIC buffer -- so no concurrency */ + const char *NameIP() const; + + /* Give the name from the last setTargetName() call, which is the + name of the target given on the command line if it's a named + host. */ + const char *TargetName() const { return targetname; } + /* You can set to NULL to erase a name. The targetname is blown + away when you setTargetSockAddr(), so make sure you do these in proper + order + */ + void setTargetName(const char *name); + + /* If the host is directly connected on a network, set and retrieve + that information here. directlyConnected() will abort if it hasn't + been set yet. */ + void setDirectlyConnected(bool connected); + bool directlyConnected() const; + int directlyConnectedOrUnset() const; /* 1-directly connected, 0-no, -1-we don't know*/ + + /* If the host is NOT directly connected, you can set the next hop + value here. It is OK to pass in a sockaddr_in or sockaddr_in6 + casted to sockaddr_storage*/ + void setNextHop(const struct sockaddr_storage *next_hop, size_t next_hop_len); + /* Returns the next hop for sending packets to this host. Returns true if + next_hop was filled in. It might be false, for example, if + next_hop has never been set */ + bool nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len) const; + + void setMTU(int devmtu); + int MTU(void) const; + + /* Sets the interface type to one of: + devt_ethernet, devt_loopback, devt_p2p, devt_other + */ + void setIfType(devtype iftype) { interface_type = iftype; } + /* Returns -1 if it has not yet been set with setIfType() */ + devtype ifType() const { return interface_type; } + /* Starts the timeout clock for the host running (e.g. you are + beginning a scan). If you do not have the current time handy, + you can pass in NULL. When done, call stopTimeOutClock (it will + also automatically be stopped of timedOut() returns true) */ + void startTimeOutClock(const struct timeval *now); + /* The complement to startTimeOutClock. */ + void stopTimeOutClock(const struct timeval *now); + /* Is the timeout clock currently running? */ + bool timeOutClockRunning() const { return htn.toclock_running; } + /* Returns whether the host is timedout. If the timeoutclock is + running, counts elapsed time for that. Pass NULL if you don't have the + current time handy. You might as well also pass NULL if the + clock is not running, as the func won't need the time. */ + bool timedOut(const struct timeval *now) const; + /* Return time_t for the start and end time of this host */ + time_t StartTime() const { return htn.host_start; } + time_t EndTime() const { return htn.host_end; } + + /* Takes a 6-byte MAC address */ + int setMACAddress(const u8 *addy); + int setSrcMACAddress(const u8 *addy); + int setNextHopMACAddress(const u8 *addy); // this should be the target's own MAC if directlyConnected() + + /* Returns a pointer to 6-byte MAC address, or NULL if none is set */ + const u8 *MACAddress() const; + const u8 *SrcMACAddress() const; + const u8 *NextHopMACAddress() const; + +/* Set the device names so that they can be returned by deviceName() + and deviceFullName(). The normal name may not include alias + qualifier, while the full name may include it (e.g. "eth1:1"). If + these are non-null, they will overwrite the stored version */ + void setDeviceNames(const char *name, const char *fullname); + const char *deviceName() const; + const char *deviceFullName() const; + + int osscanPerformed(void) const; + void osscanSetFlag(int flag); + + struct seq_info seq; + int distance; + enum dist_calc_method distance_calculation_method; + FingerPrintResults *FPR; /* FP results get by the OS scan system. */ + PortList ports; + std::vector earlySvcResponses; + + int weird_responses; /* echo responses from other addresses, Ie a network broadcast address */ + int flags; /* HOST_UNKNOWN, HOST_UP, or HOST_DOWN. */ + struct timeout_info to; + char *hostname; // Null if unable to resolve or unset + char * targetname; // The name of the target host given on the command line if it is a named host + + struct probespec traceroute_probespec; + std::list traceroute_hops; + + /* If the address for this target came from a DNS lookup, the list of + resultant addresses (sometimes there are more than one) that were not scanned. */ + std::list unscanned_addrs; + +#ifndef NOLUA + ScriptResults scriptResults; +#endif + + state_reason_t reason; + + /* A probe that is known to receive a response. This is used to hold the + current timing ping probe type during scanning. */ + probespec pingprobe; + /* The state the port or protocol entered when the response to pingprobe was + received. */ + int pingprobe_state; + + private: + void FreeInternal(); // Free memory allocated inside this object + // Creates a "presentation" formatted string out of the target's IPv4/IPv6 address + void GenerateTargetIPString(); + // Creates a "presentation" formatted string out of the source IPv4/IPv6 address. + void GenerateSourceIPString(); + struct sockaddr_storage targetsock, sourcesock, nexthopsock; + size_t targetsocklen, sourcesocklen, nexthopsocklen; + int directly_connected; // -1 = unset; 0 = no; 1 = yes + char targetipstring[INET6_ADDRSTRLEN]; + char sourceipstring[INET6_ADDRSTRLEN]; + mutable char *nameIPBuf; /* for the NameIP(void) function to return */ + u8 MACaddress[6], SrcMACaddress[6], NextHopMACaddress[6]; + bool MACaddress_set, SrcMACaddress_set, NextHopMACaddress_set; + struct host_timeout_nfo htn; + devtype interface_type; + char devname[32]; + char devfullname[32]; + int mtu; + /* 0 (OS_NOTPERF) if os detection not performed + * 1 (OS_PERF) if os detection performed + * 2 (OS_PERF_UNREL) if an unreliable os detection has been performed */ + int osscan_flag; +}; + +#endif /* TARGET_H */ + -- cgit v1.2.3