CERBERUS/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-06-26 19:22:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
Nmap - the Network Mapper. Github mirror of official SVN repository. https://svn.nmap.org/
1565 commits 2 branches 0 tags 626 MiB
Find a file
kris 332e8aa176 (The last paragraph of this message has an implementation re-work suggestion) 
o Fixed host discovery probe matching when looking at the returned TCP data in
  an ICMP error message.  This could lead to incorrectly discarded responses
  and the debugging error message: "Bogus trynum or sequence number in ICMP
  error message" [Kris]

Fyodor was getting the error message "Got ICMP error with a TCP header that was
too short" while scanning, and looked at the code to see a comment I made about
requiring 12 bytes of TCP data in an ICMP error message instead of the minimum
RFC requirement of 8 bytes.

I made this comment and requirement because tcp_trynum_pingseq_decode() was
being called on the TCP data, and was using the ACK field (which is just past
the 8 byte range).  However, upon further inspection, we came to the conclusion
that this code was broken because examining the ACK field should only be done
on a TCP response, not on our own probe (which is what we're looking at in the
ICMP data).

This assumes that -g is used (the only reason that the SEQ/ACK is checked since
the source port number is used otherwise), but the code is also broken without
it because the *_decode() function checks the destination port number rather
than the source port (which should be checked since it's our own probe we're
looking at).

So I've removed the 12-byte requirement and pingseq checking calls, and just
check that the received SEQ number matches the probe SEQ number.


Should we just work with the SEQ/ACK matching when using TCP and leave the
pingseq/trynum port number encoding to UDP?  This means behavior won't change
with the use of -g, and it should be guaranteed to be there since we'll only
be looking at whole TCP headers rather than any smaller chunks.  Plus, the SEQ
number is already getting encoded with the pingseq/trynum info, we're just not
decoding the ACK responses unless -g is used.
2008-07-26 00:25:24 +00:00
docs fix a wrong function name, noted by Matthew Boyle 2008-07-23 07:31:56 +00:00
libdnet-stripped o The Nmap Windows self-installer now automatically installs the MS 2008-06-29 04:52:00 +00:00
liblua o The Nmap Windows self-installer now automatically installs the MS 2008-06-29 04:52:00 +00:00
libpcap Delete auxiliary scripts config.guess, config.sub, depcomp, install-sh, 2007-11-27 06:22:46 +00:00
libpcre o The Nmap Windows self-installer now automatically installs the MS 2008-06-29 04:52:00 +00:00
macosx Fix a little typo in macosx/Makefile that kept COPYING.formatted from being 2008-07-11 20:54:31 +00:00
mswin32 Adjust licformat.sh to allow running it from a directory other than mswin32. 2008-07-11 20:52:17 +00:00
nselib Adding my unpwdb nselib; includes username and password lists, and docs 2008-07-08 04:16:49 +00:00
nselib-bin Merging changes from my vc2008-testing branch. This moves Windows development 2008-06-13 05:58:11 +00:00
scripts rebuild some generated content 2008-06-29 09:13:57 +00:00
acinclude.m4 Fix the test for GTK+ in configure.ac and move the macro RECVFROM_ARG6_TYPE from aclocal.m4 to acinclude.m4. 2007-10-22 23:27:22 +00:00
aclocal.m4 Check for Python only if Zenmap is requested, and bail out if Zenmap is 2007-11-22 08:37:34 +00:00
CHANGELOG (The last paragraph of this message has an implementation re-work suggestion) 2008-07-26 00:25:24 +00:00
charpool.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
charpool.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
config.guess o Updated to latest (as of 3/15) autoconf config.sub/config.guess 2008-03-15 10:21:56 +00:00
config.sub o Updated to latest (as of 3/15) autoconf config.sub/config.guess 2008-03-15 10:21:56 +00:00
configure Link against -lodm and -lcfg on AIX. 2008-06-15 07:05:12 +00:00
configure.ac Link against -lodm and -lcfg on AIX. 2008-06-15 07:05:12 +00:00
COPYING trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
COPYING.OpenSSL
depcomp Delete auxiliary scripts config.guess, config.sub, depcomp, install-sh, 2007-11-27 06:22:46 +00:00
FingerPrintResults.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
FingerPrintResults.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
global_structures.h Bump up MAX_OS_CLASSIFICATIONS_PER_FP from 8 to 10. 2008-07-15 20:07:25 +00:00
HACKING URL change from http://insecure.org/nmap/* to http://nmap.org/* 2008-01-17 07:22:03 +00:00
idle_scan.cc Adding packet validity checking to readip_pcap() so the caller can assume the 2008-06-30 23:55:19 +00:00
idle_scan.h This patch reorganizes the way ping probes are handled internally. 2008-05-29 07:49:37 +00:00
INSTALL URL change from http://insecure.org/nmap/* to http://nmap.org/* 2008-01-17 07:22:03 +00:00
install-sh
ltmain.sh Delete auxiliary scripts config.guess, config.sub, depcomp, install-sh, 2007-11-27 06:22:46 +00:00
MACLookup.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
MACLookup.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
main.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
Makefile.in Removed nse_string. Equivalent procedures are placed in 2008-07-07 17:31:38 +00:00
missing Delete auxiliary scripts config.guess, config.sub, depcomp, install-sh, 2007-11-27 06:22:46 +00:00
nmap-header-template.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap-mac-prefixes o Updated to include the latest MAC Address prefixes from the IEEE in 2008-05-30 21:47:20 +00:00
nmap-os-db Add July 2008 OS corrections. 2008-07-25 15:36:44 +00:00
nmap-protocols URL change from http://insecure.org/nmap/* to http://nmap.org/* 2008-01-17 07:22:03 +00:00
nmap-rpc URL change from http://insecure.org/nmap/* to http://nmap.org/* 2008-01-17 07:22:03 +00:00
nmap-service-probes slight updates to some MailEnable smtpd sigs 2008-07-25 21:56:50 +00:00
nmap-services Syncing the service names between nmap-service-probes and nmap-services 2008-04-29 17:03:09 +00:00
nmap.cc Merge r863 of nmap-exp/fyodor-perf: 2008-07-11 07:28:36 +00:00
nmap.h update version number 2008-06-29 09:13:44 +00:00
nmap.spec.in Remove the listing of zenmap.1.gz from nmap.spec.in, and remove the manual 2008-05-06 23:56:13 +00:00
nmap_amigaos.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_config.h.in trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_dns.cc Documenting an earlier change and adding a new, related one: 2008-07-14 19:52:31 +00:00
nmap_dns.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_error.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_error.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_rpc.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_rpc.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_tty.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_tty.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nmap_winconfig.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
NmapOps.cc Documenting an earlier change and adding a new, related one: 2008-07-14 19:52:31 +00:00
NmapOps.h Merge r863 of nmap-exp/fyodor-perf: 2008-07-11 07:28:36 +00:00
NmapOutputTable.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
NmapOutputTable.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
nse_debug.cc Large recode of nse_init.cc 2008-05-31 02:39:27 +00:00
nse_debug.h
nse_fs.cc Fix to Windows define for nse_fs 2008-05-31 08:22:39 +00:00
nse_fs.h Large recode of nse_init.cc 2008-05-31 02:39:27 +00:00
nse_init.cc Adapted current nse_main to use the new action closure change discussed here: 2008-07-07 17:34:37 +00:00
nse_init.h Large recode of nse_init.cc 2008-05-31 02:39:27 +00:00
nse_macros.h Updated some macros to clean up code. Moved 2008-07-07 17:33:36 +00:00
nse_main.cc Removed heap allocation (malloc) of struct run_record and included it 2008-07-07 17:50:47 +00:00
nse_main.h Added ScriptResult class change in order to avoid managing string memory 2008-07-07 17:37:08 +00:00
nse_nmaplib.cc Fixed nmap library which was returning it's first argument 2008-06-22 18:38:53 +00:00
nse_nmaplib.h Large recode of nse_init.cc 2008-05-31 02:39:27 +00:00
nse_nsock.cc Documenting an earlier change and adding a new, related one: 2008-07-14 19:52:31 +00:00
nse_nsock.h merge soc07 r5360:5367 - Merge Majek's raw packet NSE patch 2007-08-11 06:13:25 +00:00
nse_pcrelib.cc Removed nse_auxiliar. Updated Script Argument parsing. Fixed typos in 2008-05-31 02:19:24 +00:00
nse_pcrelib.h Revert r5485. This changes the pcre Lua module back to statically linked 2007-10-23 00:45:00 +00:00
osscan.cc Increase the line buffer for reading fingerprints in osscan.cc. The latest 2008-07-15 05:33:33 +00:00
osscan.h Make the parameter to parse_fingerprint_file const. 2008-06-13 17:32:47 +00:00
osscan2.cc Adding packet validity checking to readip_pcap() so the caller can assume the 2008-06-30 23:55:19 +00:00
osscan2.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
output.cc report scan time to hundredths of a second, not thousandths 2008-07-11 07:29:09 +00:00
output.h Added ScriptResult class change in order to avoid managing string memory 2008-07-07 17:37:08 +00:00
portlist.cc Added ScriptResult class change in order to avoid managing string memory 2008-07-07 17:37:08 +00:00
portlist.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
portreasons.cc Migrated remaining *alloc() calls to safe_*alloc() 2008-06-22 04:56:02 +00:00
portreasons.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
protocols.cc trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
protocols.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
README-WIN32 URL change from http://insecure.org/nmap/* to http://nmap.org/* 2008-01-17 07:22:03 +00:00
scan_engine.cc (The last paragraph of this message has an implementation re-work suggestion) 2008-07-26 00:25:24 +00:00
scan_engine.h Save timing ping probes between calls to ultra_scan. This allows, for example, 2008-07-11 06:12:38 +00:00
service_scan.cc Documenting an earlier change and adding a new, related one: 2008-07-14 19:52:31 +00:00
service_scan.h This patch reorganizes the way ping probes are handled internally. 2008-05-29 07:49:37 +00:00
services.cc This patch reorganizes the way ping probes are handled internally. 2008-05-29 07:49:37 +00:00
services.h This patch reorganizes the way ping probes are handled internally. 2008-05-29 07:49:37 +00:00
shtool
Target.cc Save timing ping probes between calls to ultra_scan. This allows, for example, 2008-07-11 06:12:38 +00:00
Target.h Save timing ping probes between calls to ultra_scan. This allows, for example, 2008-07-11 06:12:38 +00:00
TargetGroup.cc o Fixed an integer overflow which prevented a target specification 2008-06-03 19:25:16 +00:00
TargetGroup.h o Fixed an integer overflow which prevented a target specification 2008-06-03 19:25:16 +00:00
targets.cc A fix to r8309, this uses an error message already in nmap instead of the one I added 2008-06-18 01:55:25 +00:00
targets.h trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
tcpip.cc o Added --ip-options support for the connect() scan (-sT). [Kris] 2008-07-14 20:02:30 +00:00
tcpip.h o Added --ip-options support for the connect() scan (-sT). [Kris] 2008-07-14 20:02:30 +00:00
timing.cc Avoid showing the sending rate in bytes per second if no sent bytes have been 2008-07-23 22:21:37 +00:00
timing.h Avoid showing the sending rate in bytes per second if no sent bytes have been 2008-07-23 22:21:37 +00:00
traceroute.cc Adding packet validity checking to readip_pcap() so the caller can assume the 2008-06-30 23:55:19 +00:00
traceroute.h This patch reorganizes the way ping probes are handled internally. 2008-05-29 07:49:37 +00:00
utils.cc Move tval2msecs() to Nbase for reuse 2008-07-15 20:06:05 +00:00
utils.h Move tval2msecs() to Nbase for reuse 2008-07-15 20:06:05 +00:00
zenmap.spec.in Remove the share/icons and share/pixmaps from zenmap.spec.in because those are 2008-06-06 04:34:23 +00:00

docs/README 

Here is some documentation for Nmap, but these files are much less
comprehensive than what you'll find at the actual Nmap documentation
site ( http://nmap.org ).