1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
#!/usr/bin/env python3
# ***********************IMPORTANT NMAP LICENSE TERMS************************
# *
# * The Nmap Security Scanner is (C) 1996-2023 Nmap Software LLC ("The Nmap
# * Project"). Nmap is also a registered trademark of the Nmap Project.
# *
# * This program is distributed under the terms of the Nmap Public Source
# * License (NPSL). The exact license text applying to a particular Nmap
# * release or source code control revision is contained in the LICENSE
# * file distributed with that version of Nmap or source code control
# * revision. More Nmap copyright/legal information is available from
# * https://nmap.org/book/man-legal.html, and further information on the
# * NPSL license itself can be found at https://nmap.org/npsl/ . This
# * header summarizes some key points from the Nmap license, but is no
# * substitute for the actual license text.
# *
# * Nmap is generally free for end users to download and use themselves,
# * including commercial use. It is available from https://nmap.org.
# *
# * The Nmap license generally prohibits companies from using and
# * redistributing Nmap in commercial products, but we sell a special Nmap
# * OEM Edition with a more permissive license and special features for
# * this purpose. See https://nmap.org/oem/
# *
# * If you have received a written Nmap license agreement or contract
# * stating terms other than these (such as an Nmap OEM license), you may
# * choose to use and redistribute Nmap under those terms instead.
# *
# * The official Nmap Windows builds include the Npcap software
# * (https://npcap.com) for packet capture and transmission. It is under
# * separate license terms which forbid redistribution without special
# * permission. So the official Nmap Windows builds may not be redistributed
# * without special permission (such as an Nmap OEM license).
# *
# * Source is provided to this software because we believe users have a
# * right to know exactly what a program is going to do before they run it.
# * This also allows you to audit the software for security holes.
# *
# * Source code also allows you to port Nmap to new platforms, fix bugs, and add
# * new features. You are highly encouraged to submit your changes as a Github PR
# * or by email to the dev@nmap.org mailing list for possible incorporation into
# * the main distribution. Unless you specify otherwise, it is understood that
# * you are offering us very broad rights to use your submissions as described in
# * the Nmap Public Source License Contributor Agreement. This is important
# * because we fund the project by selling licenses with various terms, and also
# * because the inability to relicense code has caused devastating problems for
# * other Free Software projects (such as KDE and NASM).
# *
# * The free version of Nmap is distributed in the hope that it will be
# * useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Warranties,
# * indemnification and commercial support are all available through the
# * Npcap OEM program--see https://nmap.org/oem/
# *
# ***************************************************************************/
import sys
# Check if the given directory, and all its parent directories, are owned and
# writable only by our euid or by root. If symlinks are present, they are
# recursively checked, up to a limit of SYMLINK_LIMIT.
# https://www.securecoding.cert.org/confluence/display/seccode/FIO15-C.+Ensure+that+file+operations+are+performed+in+a+secure+directory
SYMLINK_LIMIT = 5
def is_secure_dir(path, num_symlinks=0):
import os
import os.path
import stat
if not os.path.isabs(path):
return False
if num_symlinks >= SYMLINK_LIMIT:
return False
dirs = []
while True:
dirs.append(path)
dirname = os.path.dirname(path)
if dirname == path:
break
path = dirname
# Traverse root-to-leaf.
dirs.reverse()
for dir in dirs:
if os.path.islink(dir):
link = os.readlink(dir)
if not is_secure_dir(link, num_symlinks + 1):
return False
continue
if not os.path.isdir(dir):
return False
buf = os.stat(dir)
if buf.st_uid != os.geteuid() and buf.st_uid != 0:
return False
if buf.st_mode & (stat.S_IWGRP | stat.S_IWOTH) != 0:
return False
return True
# Add the install_lib directory to sys.path, the list of directories searched
# for modules, but don't do it if the directory or its parents may be writable
# by other users. The following line is replaced by the installation program.
INSTALL_LIB = None
if INSTALL_LIB is not None and is_secure_dir(INSTALL_LIB):
sys.path.append(INSTALL_LIB) # lgtm[py/unreachable-statement]
try:
import zenmapGUI.App
except ImportError as e:
print("""\
Could not import the zenmapGUI.App module: %s.
I checked in these directories:""" % repr(e.message), file=sys.stderr)
for dir in sys.path:
print(" %s" % dir, file=sys.stderr)
print("""\
If you installed Zenmap in another directory, you may have to add the
modules directory to the PYTHONPATH environment variable.""", file=sys.stderr)
sys.exit(1)
if __name__ == '__main__':
try:
zenmapGUI.App.run()
except KeyboardInterrupt:
sys.exit(1)
|
