OpenVAS Scanner  7.0.1~git
nasl_builtin_nmap.c File Reference

Advanced wrapper for nmap. Perform comprehensive network scanning. More...

#include "../misc/plugutils.h"
#include "nasl_lex_ctxt.h"
#include <glib.h>
#include <gvm/base/logging.h>
#include <gvm/base/prefs.h>
#include <gvm/util/kb.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
Include dependency graph for nasl_builtin_nmap.c:

Go to the source code of this file.

Data Structures

struct  nse_script
 Handle the results of a NSE script. More...
 
struct  traceroute_hop
 Describe a detected hop on the route. More...
 
struct  nmap_port
 Store port information. More...
 
struct  nmap_host
 Store host information. More...
 
struct  nmap_parser
 Handle states for XML parsing. More...
 
struct  nmap_t
 Main nmap execution handler. More...
 
struct  nmap_opt_t
 Describe an nmap command line option. More...
 

Macros

#define CHUNK_LEN   512
 Input chunks size for the XML parser. More...
 
#define MAX_TRACE_HOPS   64
 Maximum number of hops to the target. More...
 
#define NMAP_CMD   "nmap"
 Nmap command to call. More...
 
#define PREF_TREAT_ALL_HOST_ONLINE   "Treat all hosts as online"
 Plugin parameter description: skip alive hosts discovery phase. More...
 
#define PREF_TRACEROUTE   "Trace hop path to each host"
 Plugin parameter description: perform traceroute. More...
 
#define PREF_NO_DNS   "Disable DNS resolution"
 Plugin parameter description: don't perform reverse resolution on discovered IP addresses. More...
 
#define PREF_TCP_SCANNING_TECHNIQUE   "TCP scanning technique"
 Plugin parameter description: TCP port scanning technique to use. More...
 
#define PREF_SERVICE_SCAN   "Service scan"
 Plugin parameter description: perform service/version detection scan. More...
 
#define PREF_RPC_PORT_SCAN   "RPC port scan"
 Plugin parameter description: perform RPC port scan. More...
 
#define PREF_IDENTIFY_REMOTE_OS   "Identify the remote OS"
 Plugin parameter description: perform remote OS fingerprinting. More...
 
#define PREF_AGGRESSIVE_OS_DETECT   "Aggressive OS detection"
 Plugin parameter description: guess OS from closest match if necessary. More...
 
#define PREF_FRAGMENT_IP   "Fragment IP packets (bypasses firewalls)"
 Plugin parameter description: try to evade defense by fragmenting IP packets. More...
 
#define PREF_SOURCE_PORT   "Source port"
 Plugin parameter description: set source port. More...
 
#define PREF_TIMING_POLICY   "Timing policy"
 Plugin parameter description: select timing template. More...
 
#define PREF_HOST_TIMEOUT   "Host Timeout (ms)"
 Plugin parameter description: give up on host after this time elapsed. More...
 
#define PREF_MIN_RTT_TIMEOUT   "Min RTT Timeout (ms)"
 Plugin parameter description: probe round trip time hint (minimal value) More...
 
#define PREF_MAX_RTT_TIMEOUT   "Max RTT Timeout (ms)"
 Plugin parameter description: probe round trip time hint (maximal value). More...
 
#define PREF_INITIAL_RTT_TIMEOUT   "Initial RTT timeout (ms)"
 Plugin parameter description: probe round trip time hint (initial value). More...
 
#define PREF_MIN_PARALLELISM   "Ports scanned in parallel (min)"
 Plugin parameter description: force minimum number of parallel active probes. More...
 
#define PREF_MAX_PARALLELISM   "Ports scanned in parallel (max)"
 Plugin parameter description: force maximum number of parallel active probes. More...
 
#define PREF_MIN_HOSTGROUP   "Hosts scanned in parallel (min)"
 Plugin parameter description: force minimum number of hosts to scan in parallel. More...
 
#define PREF_MAX_HOSTGROUP   "Hosts scanned in parallel (max)"
 Plugin parameter description: force maximum number of hosts to scan in parallel. More...
 
#define PREF_INTERPROBE_DELAY   "Minimum wait between probes (ms)"
 Plugin parameter description: set idle interval between probes. More...
 
#define PREF_EXCLUDE_HOSTS   "Exclude hosts"
 Plugin parameter description: comma-separated list of hosts to exclude from the scan. More...
 
#define PREF_IMPORT_XML_FILE   "File containing XML results"
 Plugin parameter description: import XML file. More...
 
#define OPT_SET   "yes"
 Checkbox value (when set). More...
 
#define OPT_UNSET   "no"
 Checkbox value (when unset). More...
 
#define list_free(list, dtor, udata)
 
#define PRINT_NOT_NULL(x)   ((x) ? (x) : "")
 

Functions

static nmap_tnmap_create (lex_ctxt *lexic)
 Instantiate a new nmap handler, rebuild command line or open XML file to parse. More...
 
static void nmap_destroy (nmap_t *nmap)
 Release a nmap handler and associated resources. More...
 
static int build_cmd_line (nmap_t *nmap)
 Rebuild command line to run according to plugin parameters. More...
 
static int add_arg (nmap_t *nmap, const gchar *name, const gchar *value)
 Add a couple argument/value on the command line. More...
 
static int add_nse_arguments (nmap_t *nmap)
 Add NSE (nmap scripting engine) related arguments to the command line according to user script selection and preferences. More...
 
static gchar * get_script_list (nmap_t *nmap)
 Make the comma-separated list of NSE scripts selected by the user. More...
 
static gchar * get_script_args (nmap_t *nmap)
 Make the comma-separated list of NSE arguments set by the user. More...
 
static int add_scantype_arguments (nmap_t *nmap)
 Add the TCP scantype flag to the command line. More...
 
static int add_timing_arguments (nmap_t *nmap)
 Add timing template argument to the command line. More...
 
static int add_portrange (nmap_t *nmap)
 Add the range of ports to scan to the command line. More...
 
static void setup_xml_parser (nmap_t *nmap)
 Setup XML parser internals. More...
 
static void set_opentag_callbacks (GHashTable *open)
 Populate the callbacks hashtable with handlers for opening tags. More...
 
static void set_closetag_callbacks (GHashTable *close)
 Populate the callbacks hashtable with handlers for closing tags. More...
 
static int add_target (nmap_t *nmap)
 Append scan target to the command line. More...
 
static void dbg_display_cmdline (nmap_t *nmap)
 Display the final command line for debug. More...
 
static void sig_h ()
 Signal handler (Halt). More...
 
static void sig_c ()
 Signal handler (Child). More...
 
static int nmap_run_and_parse (nmap_t *nmap)
 Run nmap and parse its XML output (or load an external file if requested). More...
 
static void current_host_reset (nmap_t *nmap)
 Clear the current host object. More...
 
static void port_destroy (gpointer data, gpointer udata)
 Completely release a port object. More...
 
static void nse_script_destroy (gpointer data, gpointer udata)
 Completely release a NSE script object. More...
 
static void simple_item_destroy (gpointer data, gpointer udata)
 Simple wrapper to call g_free from within g_slist_foreach statements. More...
 
static void tmphost_add_port (nmap_t *nmap)
 Add port information to the current host object. More...
 
static void tmphost_add_nse_hostscript (nmap_t *nmap, gchar *name, gchar *output)
 Add NSE hostscript result to the current host object. More...
 
static void tmphost_add_nse_portscript (nmap_t *nmap, gchar *name, gchar *output)
 Add NSE portscript result to a port of the current host. More...
 
static void xml_start_element (GMarkupParseContext *context, const gchar *element_name, const gchar **attribute_names, const gchar **attribute_values, gpointer user_data, GError **error)
 Top level XML parser callback: handle an opening tag and call the corresponding method. More...
 
static void xml_end_element (GMarkupParseContext *context, const gchar *element_name, gpointer user_data, GError **error)
 Top level XML parser callback: handle an closing tag and call the corresponding method. More...
 
static void xml_read_text (GMarkupParseContext *context, const gchar *text, gsize text_len, gpointer user_data, GError **error)
 Top level XML parser callback: handle text sections and store it into the read buffer if enable_read is set to TRUE. More...
 
static void xmltag_open_host (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening host tag. More...
 
static void xmltag_open_status (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening status tag. More...
 
static void xmltag_open_address (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening address tag. More...
 
static void xmltag_open_ports (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening ports tag. More...
 
static void xmltag_open_port (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening port tag. More...
 
static void xmltag_open_state (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening state tag. More...
 
static void xmltag_open_service (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening service tag. More...
 
static void xmltag_open_cpe (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening cpe tag. More...
 
static void xmltag_open_hostscript (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening hostscript tag. More...
 
static void xmltag_open_osmatch (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening osmatch tag. More...
 
static void xmltag_open_script (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening script tag. More...
 
static void xmltag_open_tcpsequence (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening tcpsequence tag. More...
 
static void xmltag_open_ipidsequence (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening ipidsequence tag. More...
 
static void xmltag_open_hop (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening hop tag. More...
 
static void xmltag_open_distance (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening distance tag. More...
 
static void xmltag_close_host (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing host tag. More...
 
static void xmltag_close_ports (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing host tag. More...
 
static void xmltag_close_port (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing port tag. More...
 
static void xmltag_close_cpe (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing cpe tag. More...
 
static void xmltag_close_hostscript (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing hostscript tag. More...
 
static gchar * get_attr_value (const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
 Helper function: get attribute value from the separate name/value tables. More...
 
static void current_host_saveall (nmap_t *nmap)
 Dump current host object state into the knowledge base. More...
 
static void save_host_state (nmap_t *nmap)
 Store host state (host alive/dead) into the knowledge base. More...
 
static void save_open_ports (nmap_t *nmap)
 Save information about open ports for the current host into the knowledge base. More...
 
static void register_service (nmap_t *nmap, struct nmap_port *p)
 Save information about a detected service (version) into the knowledge base. More...
 
static void save_detected_os (nmap_t *nmap)
 Save information about detected operating system into the knowledge base. More...
 
static void save_tcpseq_details (nmap_t *nmap)
 Save information about TCP sequence number generation into the knowledge base. More...
 
static void save_ipidseq_details (nmap_t *nmap)
 Save information about IP ID generation into the knowledge base. More...
 
static void save_traceroute_details (nmap_t *nmap)
 Save information about network topology to the target (traceroute) into the knowledge base. More...
 
static void save_portscripts (nmap_t *nmap)
 Save information about postrule NSE scripts into the knowledge base. More...
 
static void save_hostscripts (nmap_t *nmap)
 Save information about hostrule NSE scripts into the knowledge base. More...
 
tree_cellplugin_run_nmap (lex_ctxt *lexic)
 Run the nmap_net subsystem. More...
 

Variables

static pid_t pid = 0
 

Detailed Description

Advanced wrapper for nmap. Perform comprehensive network scanning.

This plugin was designed to be executed only once per network. It generates the nmap command line according to the specified options, runs nmap, parses the output and stores results for each host in the knowledge base.

Definition in file nasl_builtin_nmap.c.

Macro Definition Documentation

◆ CHUNK_LEN

#define CHUNK_LEN   512

Input chunks size for the XML parser.

Definition at line 67 of file nasl_builtin_nmap.c.

Referenced by nmap_run_and_parse().

◆ list_free

#define list_free (   list,
  dtor,
  udata 
)
Value:
do \
{ \
if (list) \
{ \
g_slist_foreach (list, (GFunc) dtor, udata); \
g_slist_free (list); \
list = NULL; \
} \
} \
while (0)

Definition at line 1189 of file nasl_builtin_nmap.c.

Referenced by current_host_reset(), and port_destroy().

◆ MAX_TRACE_HOPS

#define MAX_TRACE_HOPS   64

Maximum number of hops to the target.

Definition at line 72 of file nasl_builtin_nmap.c.

Referenced by current_host_reset(), save_traceroute_details(), and xmltag_open_hop().

◆ NMAP_CMD

#define NMAP_CMD   "nmap"

Nmap command to call.

Definition at line 77 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ OPT_SET

#define OPT_SET   "yes"

Checkbox value (when set).

Definition at line 207 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ OPT_UNSET

#define OPT_UNSET   "no"

Checkbox value (when unset).

Definition at line 212 of file nasl_builtin_nmap.c.

◆ PREF_AGGRESSIVE_OS_DETECT

#define PREF_AGGRESSIVE_OS_DETECT   "Aggressive OS detection"

Plugin parameter description: guess OS from closest match if necessary.

Definition at line 122 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_EXCLUDE_HOSTS

#define PREF_EXCLUDE_HOSTS   "Exclude hosts"

Plugin parameter description: comma-separated list of hosts to exclude from the scan.

Definition at line 197 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_FRAGMENT_IP

#define PREF_FRAGMENT_IP   "Fragment IP packets (bypasses firewalls)"

Plugin parameter description: try to evade defense by fragmenting IP packets.

Definition at line 128 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_HOST_TIMEOUT

#define PREF_HOST_TIMEOUT   "Host Timeout (ms)"

Plugin parameter description: give up on host after this time elapsed.

Definition at line 144 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_IDENTIFY_REMOTE_OS

#define PREF_IDENTIFY_REMOTE_OS   "Identify the remote OS"

Plugin parameter description: perform remote OS fingerprinting.

Definition at line 116 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_IMPORT_XML_FILE

#define PREF_IMPORT_XML_FILE   "File containing XML results"

Plugin parameter description: import XML file.

Definition at line 202 of file nasl_builtin_nmap.c.

Referenced by nmap_create().

◆ PREF_INITIAL_RTT_TIMEOUT

#define PREF_INITIAL_RTT_TIMEOUT   "Initial RTT timeout (ms)"

Plugin parameter description: probe round trip time hint (initial value).

Definition at line 162 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_INTERPROBE_DELAY

#define PREF_INTERPROBE_DELAY   "Minimum wait between probes (ms)"

Plugin parameter description: set idle interval between probes.

Definition at line 191 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_MAX_HOSTGROUP

#define PREF_MAX_HOSTGROUP   "Hosts scanned in parallel (max)"

Plugin parameter description: force maximum number of hosts to scan in parallel.

Definition at line 186 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_MAX_PARALLELISM

#define PREF_MAX_PARALLELISM   "Ports scanned in parallel (max)"

Plugin parameter description: force maximum number of parallel active probes.

Definition at line 174 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_MAX_RTT_TIMEOUT

#define PREF_MAX_RTT_TIMEOUT   "Max RTT Timeout (ms)"

Plugin parameter description: probe round trip time hint (maximal value).

Definition at line 156 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_MIN_HOSTGROUP

#define PREF_MIN_HOSTGROUP   "Hosts scanned in parallel (min)"

Plugin parameter description: force minimum number of hosts to scan in parallel.

Definition at line 180 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_MIN_PARALLELISM

#define PREF_MIN_PARALLELISM   "Ports scanned in parallel (min)"

Plugin parameter description: force minimum number of parallel active probes.

Definition at line 168 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_MIN_RTT_TIMEOUT

#define PREF_MIN_RTT_TIMEOUT   "Min RTT Timeout (ms)"

Plugin parameter description: probe round trip time hint (minimal value)

Definition at line 150 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_NO_DNS

#define PREF_NO_DNS   "Disable DNS resolution"

Plugin parameter description: don't perform reverse resolution on discovered IP addresses.

Definition at line 95 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_RPC_PORT_SCAN

#define PREF_RPC_PORT_SCAN   "RPC port scan"

Plugin parameter description: perform RPC port scan.

Definition at line 111 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_SERVICE_SCAN

#define PREF_SERVICE_SCAN   "Service scan"

Plugin parameter description: perform service/version detection scan.

Definition at line 106 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_SOURCE_PORT

#define PREF_SOURCE_PORT   "Source port"

Plugin parameter description: set source port.

Definition at line 133 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_TCP_SCANNING_TECHNIQUE

#define PREF_TCP_SCANNING_TECHNIQUE   "TCP scanning technique"

Plugin parameter description: TCP port scanning technique to use.

Definition at line 100 of file nasl_builtin_nmap.c.

Referenced by add_scantype_arguments().

◆ PREF_TIMING_POLICY

#define PREF_TIMING_POLICY   "Timing policy"

Plugin parameter description: select timing template.

Definition at line 138 of file nasl_builtin_nmap.c.

Referenced by add_timing_arguments().

◆ PREF_TRACEROUTE

#define PREF_TRACEROUTE   "Trace hop path to each host"

Plugin parameter description: perform traceroute.

Definition at line 89 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PREF_TREAT_ALL_HOST_ONLINE

#define PREF_TREAT_ALL_HOST_ONLINE   "Treat all hosts as online"

Plugin parameter description: skip alive hosts discovery phase.

Definition at line 84 of file nasl_builtin_nmap.c.

Referenced by build_cmd_line().

◆ PRINT_NOT_NULL

#define PRINT_NOT_NULL (   x)    ((x) ? (x) : "")

Referenced by xmltag_open_service().

Function Documentation

◆ add_arg()

int add_arg ( nmap_t nmap,
const gchar *  name,
const gchar *  value 
)
static

Add a couple argument/value on the command line.

Parameters
[in,out]nmapHandler to use.
[in]nameName of the flag/option.
[in]valueValue of the option (or NULL for simple flags).
Returns
-1 on failure or 1 on success.

Definition at line 715 of file nasl_builtin_nmap.c.

References nmap_t::arg_idx, nmap_t::args, and name.

Referenced by add_nse_arguments(), add_portrange(), add_scantype_arguments(), add_target(), add_timing_arguments(), and build_cmd_line().

716 {
717  if (!name)
718  return -1;
719 
720  if (!nmap->args)
721  {
722  /* Initial call, instantiate the NULL terminated list of arguments */
723  nmap->args = g_malloc (sizeof (*nmap->args));
724  nmap->arg_idx = 0;
725  }
726 
727  if (!value)
728  {
729  /* simple flag (no value) */
730  nmap->args =
731  g_realloc (nmap->args, (nmap->arg_idx + 2) * sizeof (gchar *));
732  nmap->args[nmap->arg_idx++] = g_strdup (name);
733  }
734  else
735  {
736  /* name->value argument */
737  nmap->args =
738  g_realloc (nmap->args, (nmap->arg_idx + 3) * sizeof (gchar *));
739  nmap->args[nmap->arg_idx++] = g_strdup (name);
740  nmap->args[nmap->arg_idx++] = g_strdup (value);
741  }
742 
743  /* NULL-terminate the list */
744  nmap->args[nmap->arg_idx] = NULL;
745 
746  return 1;
747 }
gchar ** args
const char * name
Definition: nasl_init.c:377
Here is the caller graph for this function:

◆ add_nse_arguments()

int add_nse_arguments ( nmap_t nmap)
static

Add NSE (nmap scripting engine) related arguments to the command line according to user script selection and preferences.

Parameters
[in,out]nmapHandler to use.
Returns
1 success

Definition at line 758 of file nasl_builtin_nmap.c.

References add_arg(), get_script_args(), and get_script_list().

Referenced by build_cmd_line().

759 {
760  gchar *pscript, *pargs;
761 
762  pscript = get_script_list (nmap);
763  pargs = get_script_args (nmap);
764  if (strlen (pscript))
765  {
766  /* Add script flags if user requested some NSE */
767  add_arg (nmap, "--script", pscript);
768 
769  if (strlen (pargs))
770  add_arg (nmap, "--script-args", pargs);
771  }
772  g_free (pscript);
773  g_free (pargs);
774 
775  return 1;
776 }
static gchar * get_script_args(nmap_t *nmap)
Make the comma-separated list of NSE arguments set by the user.
static int add_arg(nmap_t *nmap, const gchar *name, const gchar *value)
Add a couple argument/value on the command line.
static gchar * get_script_list(nmap_t *nmap)
Make the comma-separated list of NSE scripts selected by the user.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_portrange()

int add_portrange ( nmap_t nmap)
static

Add the range of ports to scan to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 928 of file nasl_builtin_nmap.c.

References add_arg().

Referenced by build_cmd_line().

929 {
930  const char *portrange = prefs_get ("port_range");
931 
932  if (!portrange)
933  {
934  g_debug ("Invalid environment: unavailable \"port_range\"\n");
935  return -1;
936  }
937 
938  return add_arg (nmap, "-p", portrange);
939 }
static int add_arg(nmap_t *nmap, const gchar *name, const gchar *value)
Add a couple argument/value on the command line.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_scantype_arguments()

int add_scantype_arguments ( nmap_t nmap)
static

Add the TCP scantype flag to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 868 of file nasl_builtin_nmap.c.

References add_arg(), get_plugin_preference(), nmap_t::oid, nmap_opt_t::optname, and PREF_TCP_SCANNING_TECHNIQUE.

Referenced by build_cmd_line().

869 {
870  int i;
871  gchar *scantype;
872  nmap_opt_t flagmap[] = {
873  {"connect()", "-sT", FALSE}, {"SYN", "-sS", FALSE},
874  {"ACK", "-sA", FALSE}, {"FIN", "-sF", FALSE},
875  {"Window", "-sW", FALSE}, {"Maimon", "-sM", FALSE},
876  {"Xmas tree", "-sX", FALSE}, {"Null", "-sN", FALSE},
877  {"SCTP Init", "-sY", FALSE}, {"SCTP COOKIE_ECHO", "-sZ", FALSE},
878  {NULL, NULL, FALSE}};
879 
880  scantype = get_plugin_preference (nmap->oid, PREF_TCP_SCANNING_TECHNIQUE, -1);
881  if (!scantype)
882  return -1;
883 
884  for (i = 0; flagmap[i].optname; i++)
885  if (g_strcmp0 (scantype, flagmap[i].optname) == 0)
886  return add_arg (nmap, flagmap[i].flag, NULL);
887 
888  return -1;
889 }
const char * oid
#define PREF_TCP_SCANNING_TECHNIQUE
Plugin parameter description: TCP port scanning technique to use.
Describe an nmap command line option.
static int add_arg(nmap_t *nmap, const gchar *name, const gchar *value)
Add a couple argument/value on the command line.
char * get_plugin_preference(const char *oid, const char *name, int pref_id)
Get the a plugins preference.
Definition: plugutils.c:408
Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_target()

int add_target ( nmap_t nmap)
static

Append scan target to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 1029 of file nasl_builtin_nmap.c.

References add_arg(), nmap_t::env, script_infos::globals, and scan_globals::network_targets.

Referenced by build_cmd_line().

1030 {
1031  struct scan_globals *globals;
1032  gchar *network;
1033 
1034  globals = nmap->env->globals;
1035  if (!globals)
1036  {
1037  g_debug ("Invalid environment: unavailable \"globals\"\n");
1038  return -1;
1039  }
1040 
1041  network = globals->network_targets;
1042  if (!network)
1043  {
1044  g_debug ("Invalid environment: unavailable \"network_targets\"\n");
1045  return -1;
1046  }
1047 
1048  return add_arg (nmap, network, NULL);
1049 }
struct scan_globals * globals
Definition: scanneraux.h:45
struct script_infos * env
static int add_arg(nmap_t *nmap, const gchar *name, const gchar *value)
Add a couple argument/value on the command line.
char * network_targets
Definition: scanneraux.h:34
Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_timing_arguments()

int add_timing_arguments ( nmap_t nmap)
static

Add timing template argument to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 899 of file nasl_builtin_nmap.c.

References add_arg(), get_plugin_preference(), nmap_t::oid, nmap_opt_t::optname, and PREF_TIMING_POLICY.

Referenced by build_cmd_line().

900 {
901  int i;
902  gchar *timing;
903  nmap_opt_t flagmap[] = {
904  {"Paranoid", "-T0", FALSE}, {"Sneaky", "-T1", FALSE},
905  {"Polite", "-T2", FALSE}, {"Normal", "-T3", FALSE},
906  {"Aggressive", "-T4", FALSE}, {"Insane", "-T5", FALSE},
907  {NULL, NULL, FALSE}};
908 
909  timing = get_plugin_preference (nmap->oid, PREF_TIMING_POLICY, -1);
910  if (!timing)
911  return -1;
912 
913  for (i = 0; flagmap[i].optname; i++)
914  if (g_strcmp0 (timing, flagmap[i].optname) == 0)
915  return add_arg (nmap, flagmap[i].flag, NULL);
916 
917  return -1;
918 }
const char * oid
#define PREF_TIMING_POLICY
Plugin parameter description: select timing template.
Describe an nmap command line option.
static int add_arg(nmap_t *nmap, const gchar *name, const gchar *value)
Add a couple argument/value on the command line.
char * get_plugin_preference(const char *oid, const char *name, int pref_id)
Get the a plugins preference.
Definition: plugutils.c:408
Here is the call graph for this function:
Here is the caller graph for this function:

◆ build_cmd_line()

int build_cmd_line ( nmap_t nmap)
static

Rebuild command line to run according to plugin parameters.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure and 1 on success.

Definition at line 614 of file nasl_builtin_nmap.c.

References add_arg(), add_nse_arguments(), add_portrange(), add_scantype_arguments(), add_target(), add_timing_arguments(), get_plugin_preference(), NMAP_CMD, nmap_t::oid, OPT_SET, nmap_opt_t::optname, PREF_AGGRESSIVE_OS_DETECT, PREF_EXCLUDE_HOSTS, PREF_FRAGMENT_IP, PREF_HOST_TIMEOUT, PREF_IDENTIFY_REMOTE_OS, PREF_INITIAL_RTT_TIMEOUT, PREF_INTERPROBE_DELAY, PREF_MAX_HOSTGROUP, PREF_MAX_PARALLELISM, PREF_MAX_RTT_TIMEOUT, PREF_MIN_HOSTGROUP, PREF_MIN_PARALLELISM, PREF_MIN_RTT_TIMEOUT, PREF_NO_DNS, PREF_RPC_PORT_SCAN, PREF_SERVICE_SCAN, PREF_SOURCE_PORT, PREF_TRACEROUTE, and PREF_TREAT_ALL_HOST_ONLINE.

Referenced by nmap_create().

615 {
616  int i;
617  /* this list handles basic options (simple flag or name/value) */
618  nmap_opt_t options[] = {
619  /* --- Host discovery --- */
620  {PREF_TREAT_ALL_HOST_ONLINE, "-Pn", FALSE},
621  {PREF_TRACEROUTE, "--traceroute", FALSE},
622  {PREF_NO_DNS, "-n", FALSE},
623 
624  /* --- Scan techniques --- */
625  {PREF_SERVICE_SCAN, "-sV", FALSE},
626  {PREF_RPC_PORT_SCAN, "-sR", FALSE},
627 
628  /* --- OS Detection --- */
629  {PREF_IDENTIFY_REMOTE_OS, "-O", FALSE},
630  {PREF_AGGRESSIVE_OS_DETECT, "--osscan-guess", FALSE},
631 
632  /* --- Firewall/IDS evasion --- */
633  {PREF_FRAGMENT_IP, "-f", FALSE},
634  {PREF_SOURCE_PORT, "-g", TRUE},
635 
636  /* --- Timing and performances --- */
637  {PREF_HOST_TIMEOUT, "--host-timeout", TRUE},
638  {PREF_MIN_RTT_TIMEOUT, "--min-rtt-timeout", TRUE},
639  {PREF_MAX_RTT_TIMEOUT, "--max-rtt-timeout", TRUE},
640  {PREF_INITIAL_RTT_TIMEOUT, "--initial-rtt-timeout", TRUE},
641  {PREF_MIN_PARALLELISM, "--min-parallelism", TRUE},
642  {PREF_MAX_PARALLELISM, "--max-parallelism", TRUE},
643  {PREF_MIN_HOSTGROUP, "--min-hostgroup", TRUE},
644  {PREF_MAX_HOSTGROUP, "--max-hostgroup", TRUE},
645  {PREF_INTERPROBE_DELAY, "--delay", TRUE},
646 
647  /* --- Targets specification --- */
648  {PREF_EXCLUDE_HOSTS, "--exclude", TRUE},
649 
650  {NULL, NULL, FALSE}};
651 
652  /* Nmap invocation */
653  add_arg (nmap, NMAP_CMD, NULL);
654 
655  /* Enable XML output on stdout */
656  add_arg (nmap, "-oX", "-");
657 
658  for (i = 0; options[i].optname; i++)
659  {
660  gchar *optval;
661 
662  optval = get_plugin_preference (nmap->oid, options[i].optname, -1);
663  if (!optval)
664  continue;
665 
666  if (options[i].argument_required)
667  {
668  if (strlen (optval) > 0)
669  if (add_arg (nmap, options[i].flag, optval) < 0)
670  return -1;
671  }
672  else
673  {
674  if (g_strcmp0 (optval, OPT_SET) == 0)
675  if (add_arg (nmap, options[i].flag, NULL) < 0)
676  return -1;
677  }
678  }
679 
680  if (add_portrange (nmap) < 0)
681  return -1;
682 
683  /* Always enable UDP port scan, so that the port list controls this. */
684  if (add_arg (nmap, "-sU", NULL) < 0)
685  return -1;
686 
687  /* Scan technique */
688  if (add_scantype_arguments (nmap) < 0)
689  return -1;
690 
691  /* Timing policy */
692  if (add_timing_arguments (nmap) < 0)
693  return -1;
694 
695  /* Script scan */
696  if (add_nse_arguments (nmap) < 0)
697  return -1;
698 
699  if (add_target (nmap) < 0)
700  return -1;
701 
702  return 1;
703 }
#define PREF_TREAT_ALL_HOST_ONLINE
Plugin parameter description: skip alive hosts discovery phase.
#define PREF_MAX_RTT_TIMEOUT
Plugin parameter description: probe round trip time hint (maximal value).
static int add_scantype_arguments(nmap_t *nmap)
Add the TCP scantype flag to the command line.
#define NMAP_CMD
Nmap command to call.
#define PREF_RPC_PORT_SCAN
Plugin parameter description: perform RPC port scan.
const char * oid
static int add_target(nmap_t *nmap)
Append scan target to the command line.
#define PREF_INTERPROBE_DELAY
Plugin parameter description: set idle interval between probes.
#define PREF_EXCLUDE_HOSTS
Plugin parameter description: comma-separated list of hosts to exclude from the scan.
#define PREF_MIN_PARALLELISM
Plugin parameter description: force minimum number of parallel active probes.
#define PREF_AGGRESSIVE_OS_DETECT
Plugin parameter description: guess OS from closest match if necessary.
#define OPT_SET
Checkbox value (when set).
#define PREF_TRACEROUTE
Plugin parameter description: perform traceroute.
#define PREF_HOST_TIMEOUT
Plugin parameter description: give up on host after this time elapsed.
#define PREF_MAX_HOSTGROUP
Plugin parameter description: force maximum number of hosts to scan in parallel.
#define PREF_SOURCE_PORT
Plugin parameter description: set source port.
Describe an nmap command line option.
#define PREF_MIN_RTT_TIMEOUT
Plugin parameter description: probe round trip time hint (minimal value)
#define PREF_IDENTIFY_REMOTE_OS
Plugin parameter description: perform remote OS fingerprinting.
static int add_arg(nmap_t *nmap, const gchar *name, const gchar *value)
Add a couple argument/value on the command line.
#define PREF_INITIAL_RTT_TIMEOUT
Plugin parameter description: probe round trip time hint (initial value).
#define PREF_NO_DNS
Plugin parameter description: don&#39;t perform reverse resolution on discovered IP addresses.
static int add_portrange(nmap_t *nmap)
Add the range of ports to scan to the command line.
#define PREF_SERVICE_SCAN
Plugin parameter description: perform service/version detection scan.
static int add_timing_arguments(nmap_t *nmap)
Add timing template argument to the command line.
#define PREF_MAX_PARALLELISM
Plugin parameter description: force maximum number of parallel active probes.
char * get_plugin_preference(const char *oid, const char *name, int pref_id)
Get the a plugins preference.
Definition: plugutils.c:408
#define PREF_FRAGMENT_IP
Plugin parameter description: try to evade defense by fragmenting IP packets.
static int add_nse_arguments(nmap_t *nmap)
Add NSE (nmap scripting engine) related arguments to the command line according to user script select...
#define PREF_MIN_HOSTGROUP
Plugin parameter description: force minimum number of hosts to scan in parallel.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ current_host_reset()

void current_host_reset ( nmap_t nmap)
static

Clear the current host object.

Parameters
[in,out]nmapHandler to use.

Definition at line 1207 of file nasl_builtin_nmap.c.

References traceroute_hop::addr, nmap_host::addr, nmap_host::best_os, traceroute_hop::host, nmap_host::host_scripts, nmap_host::ipidseq, list_free, MAX_TRACE_HOPS, nse_script_destroy(), nmap_host::os_cpes, port_destroy(), nmap_host::ports, traceroute_hop::rtt, simple_item_destroy(), nmap_host::state, nmap_host::tcpseq_difficulty, nmap_host::tcpseq_index, nmap_t::tmphost, and nmap_host::trace.

Referenced by xmltag_close_host().

1208 {
1209  int i;
1210 
1211  g_free (nmap->tmphost.addr);
1212  g_free (nmap->tmphost.state);
1213  g_free (nmap->tmphost.best_os);
1214  g_free (nmap->tmphost.tcpseq_index);
1215  g_free (nmap->tmphost.tcpseq_difficulty);
1216  g_free (nmap->tmphost.ipidseq);
1217 
1218  for (i = 0; i < MAX_TRACE_HOPS; i++)
1219  {
1220  g_free (nmap->tmphost.trace[i].addr);
1221  g_free (nmap->tmphost.trace[i].rtt);
1222  g_free (nmap->tmphost.trace[i].host);
1223  }
1224 
1225  list_free (nmap->tmphost.ports, port_destroy, nmap);
1228 
1229  memset (&nmap->tmphost, 0x00, sizeof (struct nmap_host));
1230 }
GSList * ports
struct traceroute_hop trace[MAX_TRACE_HOPS]
gchar * tcpseq_index
gchar * tcpseq_difficulty
static void simple_item_destroy(gpointer data, gpointer udata)
Simple wrapper to call g_free from within g_slist_foreach statements.
static void port_destroy(gpointer data, gpointer udata)
Completely release a port object.
struct nmap_host tmphost
static void nse_script_destroy(gpointer data, gpointer udata)
Completely release a NSE script object.
#define list_free(list, dtor, udata)
#define MAX_TRACE_HOPS
Maximum number of hops to the target.
GSList * host_scripts
GSList * os_cpes
Store host information.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ current_host_saveall()

void current_host_saveall ( nmap_t nmap)
static

Dump current host object state into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1862 of file nasl_builtin_nmap.c.

References save_detected_os(), save_host_state(), save_hostscripts(), save_ipidseq_details(), save_open_ports(), save_portscripts(), save_tcpseq_details(), and save_traceroute_details().

Referenced by xmltag_close_host().

1863 {
1864  /* Host state: dead or alive */
1865  save_host_state (nmap);
1866 
1867  /* Open ports and services (all protocols included) */
1868  save_open_ports (nmap);
1869 
1870  /* OS fingerprinting results */
1871  save_detected_os (nmap);
1872 
1873  /* TCP/IP sensitive fields details */
1874  save_tcpseq_details (nmap);
1875  save_ipidseq_details (nmap);
1876 
1877  /* Traceroute */
1878  save_traceroute_details (nmap);
1879 
1880  /* NSE results */
1881  save_hostscripts (nmap);
1882  save_portscripts (nmap);
1883 }
static void save_ipidseq_details(nmap_t *nmap)
Save information about IP ID generation into the knowledge base.
static void save_detected_os(nmap_t *nmap)
Save information about detected operating system into the knowledge base.
static void save_hostscripts(nmap_t *nmap)
Save information about hostrule NSE scripts into the knowledge base.
static void save_traceroute_details(nmap_t *nmap)
Save information about network topology to the target (traceroute) into the knowledge base...
static void save_portscripts(nmap_t *nmap)
Save information about postrule NSE scripts into the knowledge base.
static void save_host_state(nmap_t *nmap)
Store host state (host alive/dead) into the knowledge base.
static void save_tcpseq_details(nmap_t *nmap)
Save information about TCP sequence number generation into the knowledge base.
static void save_open_ports(nmap_t *nmap)
Save information about open ports for the current host into the knowledge base.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ dbg_display_cmdline()

void dbg_display_cmdline ( nmap_t nmap)
static

Display the final command line for debug.

Parameters
[in,out]nmapHandler to use.

Definition at line 1057 of file nasl_builtin_nmap.c.

References nmap_t::args.

Referenced by nmap_create().

1058 {
1059  int i;
1060 
1061  for (i = 0; nmap->args[i]; i++)
1062  g_debug ("%s ", nmap->args[i]);
1063 
1064  if (i == 0)
1065  {
1066  g_debug ("<empty>");
1067  }
1068 }
gchar ** args
Here is the caller graph for this function:

◆ get_attr_value()

gchar * get_attr_value ( const gchar *  name,
const gchar **  attribute_names,
const gchar **  attribute_values 
)
static

Helper function: get attribute value from the separate name/value tables.

Parameters
[in]nameName of the attribute to lookup.
[in]attribute_namesTable of the attribute names.
[in]attribute_valuesTable of the attribute values.
Returns
the desired value or NULL if nothing was found

Definition at line 1845 of file nasl_builtin_nmap.c.

References name.

Referenced by xmltag_open_address(), xmltag_open_distance(), xmltag_open_hop(), xmltag_open_ipidsequence(), xmltag_open_osmatch(), xmltag_open_port(), xmltag_open_script(), xmltag_open_service(), xmltag_open_state(), xmltag_open_status(), and xmltag_open_tcpsequence().

1847 {
1848  int i;
1849 
1850  for (i = 0; attribute_names[i]; i++)
1851  if (g_strcmp0 (attribute_names[i], name) == 0)
1852  return g_strdup (attribute_values[i]);
1853  return NULL;
1854 }
const char * name
Definition: nasl_init.c:377
Here is the caller graph for this function:

◆ get_script_args()

gchar * get_script_args ( nmap_t nmap)
static

Make the comma-separated list of NSE arguments set by the user.

Parameters
[in,out]nmapHandler to use.
Returns
A dynamically allocated string containing the list of NSE arguments to use

Definition at line 829 of file nasl_builtin_nmap.c.

References nmap_t::env, and plug_get_kb().

Referenced by add_nse_arguments().

830 {
831  kb_t kb = plug_get_kb (nmap->env);
832  struct kb_item *top, *res;
833  gchar **argv, *argstr;
834  int i = 0;
835 
836  argv = NULL;
837 
838  top = res = kb_item_get_all (kb, "NmapNSE/arguments");
839  while (res)
840  {
841  argv = (gchar **) g_realloc (argv, (i + 1) * sizeof (gchar *));
842  argv[i++] = g_strdup (res->v_str);
843  res = res->next;
844  }
845 
846  argv = (gchar **) g_realloc (argv, (i + 1) * sizeof (gchar *));
847  argv[i] = NULL;
848 
849  kb_item_free (top);
850 
851  argstr = g_strjoinv (",", argv);
852 
853  for (i = 0; argv[i]; i++)
854  g_free (argv[i]);
855  g_free (argv);
856 
857  return argstr;
858 }
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:658
struct script_infos * env
Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_script_list()

gchar * get_script_list ( nmap_t nmap)
static

Make the comma-separated list of NSE scripts selected by the user.

Parameters
[in,out]nmapHandler to use.
Returns
A dynamically allocated string containing the list of NSE scripts to run.

Definition at line 787 of file nasl_builtin_nmap.c.

References nmap_t::env, and plug_get_kb().

Referenced by add_nse_arguments().

788 {
789  kb_t kb = plug_get_kb (nmap->env);
790  struct kb_item *top, *res;
791  gchar **scriptv, *scriptstr;
792  int i = 0;
793 
794  scriptv = NULL;
795 
796  /* Read list of scripts from the KB */
797  top = res = kb_item_get_all (kb, "NmapNSE/scripts");
798  while (res)
799  {
800  scriptv = (gchar **) g_realloc (scriptv, (i + 1) * sizeof (gchar *));
801  scriptv[i++] = g_strdup (res->v_str);
802  res = res->next;
803  }
804 
805  scriptv = (gchar **) g_realloc (scriptv, (i + 1) * sizeof (gchar *));
806  scriptv[i] = NULL;
807 
808  kb_item_free (top);
809 
810  scriptstr = g_strjoinv (",", scriptv);
811 
812  for (i = 0; scriptv[i]; i++)
813  g_free (scriptv[i]);
814 
815  g_free (scriptv);
816 
817  return scriptstr;
818 }
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:658
struct script_infos * env
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nmap_create()

nmap_t * nmap_create ( lex_ctxt lexic)
static

Instantiate a new nmap handler, rebuild command line or open XML file to parse.

Parameters
[in]lexicNASL state
Returns
The newly allocated nmap handler or NULL on error.

Definition at line 540 of file nasl_builtin_nmap.c.

References build_cmd_line(), dbg_display_cmdline(), nmap_t::env, nmap_t::filename, get_plugin_preference(), get_plugin_preference_fname(), nmap_destroy(), struct_lex_ctxt::oid, nmap_t::oid, PREF_IMPORT_XML_FILE, struct_lex_ctxt::script_infos, and setup_xml_parser().

Referenced by plugin_run_nmap().

541 {
542  gchar *pref;
543  nmap_t *nmap;
544 
545  nmap = (nmap_t *) g_malloc0 (sizeof (nmap_t));
546 
547  nmap->env = lexic->script_infos;
548  nmap->oid = lexic->oid;
549 
550  /* import results from external file? */
551  pref = get_plugin_preference (lexic->oid, PREF_IMPORT_XML_FILE, -1);
552  if (!pref || !strlen (pref))
553  {
554  /* no: build command line to execute */
555  if (build_cmd_line (nmap) < 0)
556  {
557  nmap_destroy (nmap);
558  return NULL;
559  }
560 
561  /* Display command line to use */
562  g_debug ("Nmap initialized: ");
563  dbg_display_cmdline (nmap);
564  }
565  else
566  {
567  /* yes: store filename */
568  nmap->filename = get_plugin_preference_fname (nmap->env, pref);
569  g_debug ("Reading nmap results from file: %s\n", nmap->filename);
570  }
571 
572  setup_xml_parser (nmap);
573  return nmap;
574 }
static void nmap_destroy(nmap_t *nmap)
Release a nmap handler and associated resources.
const char * oid
struct script_infos * env
const char * get_plugin_preference_fname(struct script_infos *desc, const char *filename)
Get the file name of a plugins preference that is of type "file".
Definition: plugutils.c:486
struct script_infos * script_infos
Definition: nasl_lex_ctxt.h:41
static void dbg_display_cmdline(nmap_t *nmap)
Display the final command line for debug.
static int build_cmd_line(nmap_t *nmap)
Rebuild command line to run according to plugin parameters.
#define PREF_IMPORT_XML_FILE
Plugin parameter description: import XML file.
static void setup_xml_parser(nmap_t *nmap)
Setup XML parser internals.
char * get_plugin_preference(const char *oid, const char *name, int pref_id)
Get the a plugins preference.
Definition: plugutils.c:408
const char * oid
Definition: nasl_lex_ctxt.h:42
Main nmap execution handler.
const gchar * filename
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nmap_destroy()

void nmap_destroy ( nmap_t nmap)
static

Release a nmap handler and associated resources.

Parameters
[in,out]nmapHandler to free.

Definition at line 582 of file nasl_builtin_nmap.c.

References nmap_t::arg_idx, nmap_t::args, nmap_parser::closetag, nmap_parser::opentag, and nmap_t::parser.

Referenced by nmap_create(), and plugin_run_nmap().

583 {
584  if (!nmap)
585  return;
586 
587  if (nmap->args)
588  {
589  int i;
590 
591  for (i = 0; i < nmap->arg_idx; i++)
592  g_free (nmap->args[i]);
593 
594  g_free (nmap->args);
595  }
596 
597  if (nmap->parser.opentag)
598  g_hash_table_destroy (nmap->parser.opentag);
599 
600  if (nmap->parser.closetag)
601  g_hash_table_destroy (nmap->parser.closetag);
602 
603  g_free (nmap);
604 }
GHashTable * closetag
gchar ** args
GHashTable * opentag
struct nmap_parser parser
Here is the caller graph for this function:

◆ nmap_run_and_parse()

int nmap_run_and_parse ( nmap_t nmap)
static

Run nmap and parse its XML output (or load an external file if requested).

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 1099 of file nasl_builtin_nmap.c.

References nmap_t::args, CHUNK_LEN, nmap_t::filename, pid, sig_c(), sig_h(), xml_end_element(), xml_read_text(), and xml_start_element().

Referenced by plugin_run_nmap().

1100 {
1101  FILE *fproc;
1102  int fd = 0;
1103  size_t len;
1104  int ret = 1; /* success */
1105  gchar chunk[CHUNK_LEN];
1106  void (*old_sig_t) () = NULL;
1107  void (*old_sig_i) () = NULL;
1108  void (*old_sig_c) () = NULL;
1109  GMarkupParseContext *ctx;
1110  const GMarkupParser callbacks = {
1111  xml_start_element, xml_end_element, xml_read_text, NULL, /* passthrough */
1112  NULL /* error */
1113  };
1114 
1115  if (nmap->filename)
1116  {
1117  /* read results from external file */
1118  fproc = fopen (nmap->filename, "r");
1119  }
1120  else
1121  {
1122  /* Update signal handlers. */
1123  old_sig_t = signal (SIGTERM, sig_h);
1124  old_sig_i = signal (SIGINT, sig_h);
1125  old_sig_c = signal (SIGCHLD, sig_c);
1126 
1127  /* execute nmap and read results from the process output */
1128  if (g_spawn_async_with_pipes (NULL, nmap->args, NULL, G_SPAWN_SEARCH_PATH,
1129  NULL, NULL, &pid, NULL, &fd, NULL, NULL)
1130  == FALSE)
1131  return -1;
1132  fproc = fdopen (fd, "r");
1133  }
1134 
1135  if (!fproc)
1136  {
1137  perror ("nmap_run_and_parse()");
1138  return -1;
1139  }
1140 
1141  ctx = g_markup_parse_context_new (&callbacks, 0, nmap, NULL);
1142 
1143  while ((len = fread (chunk, sizeof (gchar), CHUNK_LEN, fproc)) > 0)
1144  {
1145  GError *err = NULL;
1146 
1147  if (!g_markup_parse_context_parse (ctx, chunk, len, &err))
1148  {
1149  if (err)
1150  {
1151  g_debug ("g_markup_parse_context_parse() failed (%s)\n",
1152  err->message);
1153  g_error_free (err);
1154 
1155  /* display the problematic chunk */
1156  chunk[len] = '\0';
1157  g_debug ("Error occurred while parsing: %s\n", chunk);
1158 
1159  ret = -1;
1160  }
1161  break;
1162  }
1163  }
1164 
1165  if (nmap->filename && ferror (fproc))
1166  {
1167  perror ("nmap_run_and_parse()");
1168  ret = -1;
1169  }
1170 
1171  if (nmap->filename)
1172  {
1173  fclose (fproc);
1174  }
1175  else
1176  {
1177  fclose (fproc);
1178  g_spawn_close_pid (pid);
1179  signal (SIGINT, old_sig_i);
1180  signal (SIGTERM, old_sig_t);
1181  signal (SIGCHLD, old_sig_c);
1182  }
1183 
1184  g_markup_parse_context_free (ctx);
1185 
1186  return ret;
1187 }
static void xml_read_text(GMarkupParseContext *context, const gchar *text, gsize text_len, gpointer user_data, GError **error)
Top level XML parser callback: handle text sections and store it into the read buffer if enable_read ...
static void xml_start_element(GMarkupParseContext *context, const gchar *element_name, const gchar **attribute_names, const gchar **attribute_values, gpointer user_data, GError **error)
Top level XML parser callback: handle an opening tag and call the corresponding method.
static pid_t pid
gchar ** args
static void sig_c()
Signal handler (Child).
#define CHUNK_LEN
Input chunks size for the XML parser.
static void sig_h()
Signal handler (Halt).
static void xml_end_element(GMarkupParseContext *context, const gchar *element_name, gpointer user_data, GError **error)
Top level XML parser callback: handle an closing tag and call the corresponding method.
const gchar * filename
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nse_script_destroy()

void nse_script_destroy ( gpointer  data,
gpointer  udata 
)
static

Completely release a NSE script object.

Parameters
[in]dataList item data pointer (according to GFunc specification). A struct nse_script * is expected here.
[in]udataUser defined data pointer (according to GFunc specification). A nmap_t * is expected here.

Definition at line 1272 of file nasl_builtin_nmap.c.

References nse_script::name, and nse_script::output.

Referenced by current_host_reset(), and port_destroy().

1273 {
1274  struct nse_script *script;
1275 
1276  (void) udata;
1277  script = (struct nse_script *) data;
1278  if (script)
1279  {
1280  g_free (script->name);
1281  g_free (script->output);
1282  g_free (script);
1283  }
1284 }
Handle the results of a NSE script.
Here is the caller graph for this function:

◆ plugin_run_nmap()

tree_cell* plugin_run_nmap ( lex_ctxt lexic)

Run the nmap_net subsystem.

Parameters
[in]lexicNASL state.
Returns
NULL on error, FAKE_CELL on success.

Definition at line 509 of file nasl_builtin_nmap.c.

References FAKE_CELL, nmap_create(), nmap_destroy(), and nmap_run_and_parse().

510 {
511  nmap_t *nmap;
512 
513  g_debug ("Starting Nmap builtin wrapper\n");
514 
515  /* Initialize our nmap handler */
516  if ((nmap = nmap_create (lexic)) == NULL)
517  {
518  g_debug ("Unable to initialize Nmap\n");
519  return NULL;
520  }
521 
522  /* Execute nmap and store results */
523  nmap_run_and_parse (nmap);
524 
525  /* release resources */
526  nmap_destroy (nmap);
527 
528  return FAKE_CELL;
529 }
#define FAKE_CELL
Definition: nasl_tree.h:119
static void nmap_destroy(nmap_t *nmap)
Release a nmap handler and associated resources.
static nmap_t * nmap_create(lex_ctxt *lexic)
Instantiate a new nmap handler, rebuild command line or open XML file to parse.
static int nmap_run_and_parse(nmap_t *nmap)
Run nmap and parse its XML output (or load an external file if requested).
Main nmap execution handler.
Here is the call graph for this function:

◆ port_destroy()

void port_destroy ( gpointer  data,
gpointer  udata 
)
static

Completely release a port object.

Parameters
[in]dataList item data pointer (according to GFunc specification). A struct nmap_port * is expected here.
[in]udataUser defined data pointer (according to GFunc specification). A nmap_t * is expected here.

Definition at line 1241 of file nasl_builtin_nmap.c.

References list_free, nse_script_destroy(), nmap_port::port_scripts, nmap_port::portno, nmap_port::proto, nmap_port::service, simple_item_destroy(), nmap_port::state, nmap_port::version, and nmap_port::version_cpes.

Referenced by current_host_reset().

1242 {
1243  struct nmap_port *port;
1244  nmap_t *nmap;
1245 
1246  port = (struct nmap_port *) data;
1247  nmap = (nmap_t *) udata;
1248 
1249  if (port)
1250  {
1251  g_free (port->proto);
1252  g_free (port->portno);
1253  g_free (port->state);
1254  g_free (port->service);
1255  g_free (port->version);
1256 
1257  list_free (port->port_scripts, nse_script_destroy, nmap);
1259  g_free (port);
1260  }
1261 }
GSList * version_cpes
static void simple_item_destroy(gpointer data, gpointer udata)
Simple wrapper to call g_free from within g_slist_foreach statements.
Store port information.
GSList * port_scripts
static void nse_script_destroy(gpointer data, gpointer udata)
Completely release a NSE script object.
#define list_free(list, dtor, udata)
Main nmap execution handler.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ register_service()

void register_service ( nmap_t nmap,
struct nmap_port p 
)
static

Save information about a detected service (version) into the knowledge base.

Parameters
[in]nmapHandler to use.
[in]pService description.

Definition at line 1940 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_INT, ARG_STRING, nmap_t::env, plug_set_key(), nmap_port::portno, nmap_port::proto, nmap_port::service, nmap_t::tmphost, nmap_port::version, and nmap_port::version_cpes.

Referenced by save_open_ports().

1941 {
1942  gchar key[64];
1943 
1944  if (!p->portno || !p->proto || !p->service)
1945  return;
1946 
1947  /* TCP services aren't stored with the same syntax than the other layer 4
1948  * protocols. */
1949  if (g_strcmp0 (p->proto, "tcp") == 0)
1950  g_snprintf (key, sizeof (key), "%s/Services/%s", nmap->tmphost.addr,
1951  p->service);
1952  else
1953  g_snprintf (key, sizeof (key), "%s/Services/%s/%s", nmap->tmphost.addr,
1954  p->proto, p->service);
1955  plug_set_key (nmap->env, key, ARG_INT, GINT_TO_POINTER (atoi (p->portno)));
1956 
1957  /* The service detection system requires discovered services to be
1958  * registered under the "Known" label too */
1959  g_snprintf (key, sizeof (key), "%s/Known/%s/%s", nmap->tmphost.addr, p->proto,
1960  p->portno);
1961  plug_set_key (nmap->env, key, ARG_STRING, p->service);
1962 
1963  if (p->version)
1964  {
1965  /* Store version detection results if available */
1966  g_snprintf (key, sizeof (key), "%s/Version/%s/%s", nmap->tmphost.addr,
1967  p->proto, p->portno);
1968  plug_set_key (nmap->env, key, ARG_STRING, p->version);
1969  }
1970 
1971  if (p->version_cpes)
1972  {
1973  GSList *pcpe;
1974 
1975  g_snprintf (key, sizeof (key), "%s/App/%s/%s", nmap->tmphost.addr,
1976  p->proto, p->portno);
1977 
1978  for (pcpe = p->version_cpes; pcpe; pcpe = g_slist_next (pcpe))
1979  plug_set_key (nmap->env, key, ARG_STRING, (gchar *) pcpe->data);
1980  }
1981 }
GSList * version_cpes
struct script_infos * env
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
#define ARG_INT
Definition: plugutils.h:34
#define ARG_STRING
Definition: plugutils.h:33
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_detected_os()

void save_detected_os ( nmap_t nmap)
static

Save information about detected operating system into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1990 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_STRING, nmap_host::best_os, nmap_t::env, nmap_host::os_cpes, plug_set_key(), and nmap_t::tmphost.

Referenced by current_host_saveall().

1991 {
1992  gchar key[32];
1993 
1994  if (nmap->tmphost.best_os)
1995  {
1996  g_snprintf (key, sizeof (key), "%s/Host/OS", nmap->tmphost.addr);
1997  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.best_os);
1998  }
1999 
2000  if (nmap->tmphost.os_cpes)
2001  {
2002  GSList *pcpe;
2003 
2004  /* Use a different key to ensure that Host/OS remains unique. */
2005  g_snprintf (key, sizeof (key), "%s/Host/CPE", nmap->tmphost.addr);
2006 
2007  for (pcpe = nmap->tmphost.os_cpes; pcpe; pcpe = g_slist_next (pcpe))
2008  plug_set_key (nmap->env, key, ARG_STRING, (gchar *) pcpe->data);
2009  }
2010 }
struct script_infos * env
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
#define ARG_STRING
Definition: plugutils.h:33
GSList * os_cpes
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_host_state()

void save_host_state ( nmap_t nmap)
static

Store host state (host alive/dead) into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1891 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_STRING, nmap_t::env, plug_set_key(), nmap_host::state, and nmap_t::tmphost.

Referenced by current_host_saveall().

1892 {
1893  gchar key[32];
1894 
1895  if (!nmap->tmphost.state)
1896  return;
1897 
1898  g_snprintf (key, sizeof (key), "%s/Host/State", nmap->tmphost.addr);
1899  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.state);
1900 }
struct script_infos * env
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
#define ARG_STRING
Definition: plugutils.h:33
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_hostscripts()

void save_hostscripts ( nmap_t nmap)
static

Save information about hostrule NSE scripts into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2131 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_STRING, nmap_t::env, nmap_host::host_scripts, nse_script::name, nse_script::output, plug_set_key(), and nmap_t::tmphost.

Referenced by current_host_saveall().

2132 {
2133  GSList *pscript;
2134 
2135  for (pscript = nmap->tmphost.host_scripts; pscript;
2136  pscript = g_slist_next (pscript))
2137  {
2138  struct nse_script *script;
2139  gchar key[128];
2140 
2141  script = (struct nse_script *) pscript->data;
2142  g_snprintf (key, sizeof (key), "%s/NmapNSE/results/hostscripts/%s",
2143  nmap->tmphost.addr, script->name);
2144  plug_set_key (nmap->env, key, ARG_STRING, script->output);
2145  }
2146 }
struct script_infos * env
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
Handle the results of a NSE script.
#define ARG_STRING
Definition: plugutils.h:33
GSList * host_scripts
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_ipidseq_details()

void save_ipidseq_details ( nmap_t nmap)
static

Save information about IP ID generation into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2040 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_STRING, nmap_t::env, nmap_host::ipidseq, plug_set_key(), and nmap_t::tmphost.

Referenced by current_host_saveall().

2041 {
2042  gchar key[32];
2043 
2044  if (!nmap->tmphost.ipidseq)
2045  return;
2046 
2047  g_snprintf (key, sizeof (key), "%s/Host/ipidseq", nmap->tmphost.addr);
2048  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.ipidseq);
2049 }
struct script_infos * env
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
#define ARG_STRING
Definition: plugutils.h:33
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_open_ports()

void save_open_ports ( nmap_t nmap)
static

Save information about open ports for the current host into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1909 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_INT, nmap_t::env, plug_set_key(), nmap_port::portno, nmap_host::ports, nmap_port::proto, register_service(), nmap_port::state, and nmap_t::tmphost.

Referenced by current_host_saveall().

1910 {
1911  GSList *pport;
1912 
1913  for (pport = nmap->tmphost.ports; pport; pport = g_slist_next (pport))
1914  {
1915  struct nmap_port *p;
1916 
1917  p = (struct nmap_port *) pport->data;
1918  if (strncmp (p->state, "open", 4) == 0)
1919  {
1920  gchar key[64];
1921 
1922  g_snprintf (key, sizeof (key), "%s/Ports/%s/%s", nmap->tmphost.addr,
1923  p->proto, p->portno);
1924  plug_set_key (nmap->env, key, ARG_INT, (void *) 1);
1925 
1926  /* Register detected service */
1927  register_service (nmap, p);
1928  }
1929  }
1930 }
static void register_service(nmap_t *nmap, struct nmap_port *p)
Save information about a detected service (version) into the knowledge base.
GSList * ports
struct script_infos * env
Store port information.
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
#define ARG_INT
Definition: plugutils.h:34
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_portscripts()

void save_portscripts ( nmap_t nmap)
static

Save information about postrule NSE scripts into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2092 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_STRING, nmap_t::env, nse_script::name, nse_script::output, plug_set_key(), nmap_port::port_scripts, nmap_port::portno, nmap_host::ports, nmap_port::proto, and nmap_t::tmphost.

Referenced by current_host_saveall().

2093 {
2094  GSList *pport;
2095 
2096  for (pport = nmap->tmphost.ports; pport; pport = g_slist_next (pport))
2097  {
2098  GSList *pscript;
2099  struct nmap_port *port;
2100 
2101  port = (struct nmap_port *) pport->data;
2102 
2103  for (pscript = port->port_scripts; pscript;
2104  pscript = g_slist_next (pscript))
2105  {
2106  struct nse_script *script;
2107  gchar key[128], portspec[16];
2108 
2109  script = (struct nse_script *) pscript->data;
2110 
2111  g_snprintf (key, sizeof (key), "%s/NmapNSE/results/%s",
2112  nmap->tmphost.addr, script->name);
2113 
2114  g_snprintf (portspec, sizeof (portspec), "%s/%s", port->proto,
2115  port->portno);
2116  plug_set_key (nmap->env, key, ARG_STRING, portspec);
2117 
2118  g_strlcat (key, "/", sizeof (key));
2119  g_strlcat (key, portspec, sizeof (key));
2120  plug_set_key (nmap->env, key, ARG_STRING, script->output);
2121  }
2122  }
2123 }
GSList * ports
struct script_infos * env
Store port information.
struct nmap_host tmphost
GSList * port_scripts
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
Handle the results of a NSE script.
#define ARG_STRING
Definition: plugutils.h:33
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_tcpseq_details()

void save_tcpseq_details ( nmap_t nmap)
static

Save information about TCP sequence number generation into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2019 of file nasl_builtin_nmap.c.

References nmap_host::addr, ARG_STRING, nmap_t::env, plug_set_key(), nmap_host::tcpseq_difficulty, nmap_host::tcpseq_index, and nmap_t::tmphost.

Referenced by current_host_saveall().

2020 {
2021  gchar key[64];
2022 
2023  if (!nmap->tmphost.tcpseq_index || !nmap->tmphost.tcpseq_difficulty)
2024  return;
2025 
2026  g_snprintf (key, sizeof (key), "%s/Host/tcp_seq_index", nmap->tmphost.addr);
2027  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.tcpseq_index);
2028 
2029  g_snprintf (key, sizeof (key), "%s/Host/tcp_seq_difficulty",
2030  nmap->tmphost.addr);
2031  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.tcpseq_difficulty);
2032 }
gchar * tcpseq_index
gchar * tcpseq_difficulty
struct script_infos * env
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
#define ARG_STRING
Definition: plugutils.h:33
Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_traceroute_details()

void save_traceroute_details ( nmap_t nmap)
static

Save information about network topology to the target (traceroute) into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2058 of file nasl_builtin_nmap.c.

References traceroute_hop::addr, nmap_host::addr, ARG_INT, ARG_STRING, nmap_host::distance, nmap_t::env, traceroute_hop::host, MAX_TRACE_HOPS, plug_set_key(), traceroute_hop::rtt, nmap_t::tmphost, and nmap_host::trace.

Referenced by current_host_saveall().

2059 {
2060  int i;
2061  gchar key[64];
2062 
2063  if (!nmap->tmphost.distance || nmap->tmphost.distance >= MAX_TRACE_HOPS)
2064  return;
2065 
2066  g_snprintf (key, sizeof (key), "%s/Host/distance", nmap->tmphost.addr);
2067  plug_set_key (nmap->env, key, ARG_INT,
2068  GINT_TO_POINTER (nmap->tmphost.distance));
2069 
2070  for (i = 0; i < nmap->tmphost.distance; i++)
2071  {
2072  g_snprintf (key, sizeof (key), "%s/Host/traceroute/hops/%d",
2073  nmap->tmphost.addr, i + 1);
2074  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.trace[i].addr);
2075 
2076  g_snprintf (key, sizeof (key), "%s/Host/traceroute/hops/%d/rtt",
2077  nmap->tmphost.addr, i + 1);
2078  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.trace[i].rtt);
2079 
2080  g_snprintf (key, sizeof (key), "%s/Host/traceroute/hops/%d/host",
2081  nmap->tmphost.addr, i + 1);
2082  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.trace[i].host);
2083  }
2084 }
struct traceroute_hop trace[MAX_TRACE_HOPS]
struct script_infos * env
struct nmap_host tmphost
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:616
#define MAX_TRACE_HOPS
Maximum number of hops to the target.
#define ARG_INT
Definition: plugutils.h:34
#define ARG_STRING
Definition: plugutils.h:33
Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_closetag_callbacks()

void set_closetag_callbacks ( GHashTable *  close)
static

Populate the callbacks hashtable with handlers for closing tags.

Parameters
[out]closeThe hashtable to populate.

Definition at line 1003 of file nasl_builtin_nmap.c.

References xmltag_close_cpe(), xmltag_close_host(), xmltag_close_hostscript(), xmltag_close_port(), and xmltag_close_ports().

Referenced by setup_xml_parser().

1004 {
1005  const struct
1006  {
1007  const gchar *tag;
1008  void (*func) (nmap_t *);
1009  } callbacks[] = {{"host", xmltag_close_host},
1010  {"ports", xmltag_close_ports},
1011  {"port", xmltag_close_port},
1012  {"cpe", xmltag_close_cpe},
1013  {"hostscript", xmltag_close_hostscript},
1014  {NULL, NULL}};
1015  int i;
1016 
1017  for (i = 0; callbacks[i].tag; i++)
1018  g_hash_table_insert (close, (void *) callbacks[i].tag, callbacks[i].func);
1019 }
static void xmltag_close_port(nmap_t *nmap)
Sublevel XML parser callback: handle an closing port tag.
static void xmltag_close_ports(nmap_t *nmap)
Sublevel XML parser callback: handle an closing host tag.
static void xmltag_close_host(nmap_t *nmap)
Sublevel XML parser callback: handle an closing host tag.
static void xmltag_close_cpe(nmap_t *nmap)
Sublevel XML parser callback: handle an closing cpe tag.
Main nmap execution handler.
static void xmltag_close_hostscript(nmap_t *nmap)
Sublevel XML parser callback: handle an closing hostscript tag.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_opentag_callbacks()

void set_opentag_callbacks ( GHashTable *  open)
static

Populate the callbacks hashtable with handlers for opening tags.

Parameters
[out]openThe hashtable to populate.

Definition at line 969 of file nasl_builtin_nmap.c.

References xmltag_open_address(), xmltag_open_cpe(), xmltag_open_distance(), xmltag_open_hop(), xmltag_open_host(), xmltag_open_hostscript(), xmltag_open_ipidsequence(), xmltag_open_osmatch(), xmltag_open_port(), xmltag_open_ports(), xmltag_open_script(), xmltag_open_service(), xmltag_open_state(), xmltag_open_status(), and xmltag_open_tcpsequence().

Referenced by setup_xml_parser().

970 {
971  const struct
972  {
973  const gchar *tag;
974  void (*func) (nmap_t *, const gchar **, const gchar **);
975  } callbacks[] = {{"hop", xmltag_open_hop},
976  {"osmatch", xmltag_open_osmatch},
977  {"port", xmltag_open_port},
978  {"service", xmltag_open_service},
979  {"cpe", xmltag_open_cpe},
980  {"state", xmltag_open_state},
981  {"status", xmltag_open_status},
982  {"host", xmltag_open_host},
983  {"address", xmltag_open_address},
984  {"script", xmltag_open_script},
985  {"ports", xmltag_open_ports},
986  {"distance", xmltag_open_distance},
987  {"hostscript", xmltag_open_hostscript},
988  {"tcpsequence", xmltag_open_tcpsequence},
989  {"ipidsequence", xmltag_open_ipidsequence},
990  {NULL, NULL}};
991  int i;
992 
993  for (i = 0; callbacks[i].tag; i++)
994  g_hash_table_insert (open, (void *) callbacks[i].tag, callbacks[i].func);
995 }
static void xmltag_open_port(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening port tag.
static void xmltag_open_cpe(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening cpe tag.
static void xmltag_open_script(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening script tag.
static void xmltag_open_hop(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening hop tag.
static void xmltag_open_distance(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening distance tag.
static void xmltag_open_address(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening address tag.
static void xmltag_open_hostscript(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening hostscript tag.
static void xmltag_open_osmatch(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening osmatch tag.
static void xmltag_open_host(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening host tag.
static void xmltag_open_ipidsequence(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening ipidsequence tag.
static void xmltag_open_ports(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening ports tag.
static void xmltag_open_status(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening status tag.
static void xmltag_open_service(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening service tag.
Main nmap execution handler.
static void xmltag_open_state(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening state tag.
static void xmltag_open_tcpsequence(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening tcpsequence tag.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_xml_parser()

void setup_xml_parser ( nmap_t nmap)
static

Setup XML parser internals.

Parameters
[in,out]nmapHandler to use.

Definition at line 947 of file nasl_builtin_nmap.c.

References nmap_parser::closetag, nmap_parser::enable_read, nmap_parser::in_host, nmap_parser::in_hostscript, nmap_parser::in_port, nmap_parser::in_ports, nmap_parser::opentag, nmap_t::parser, set_closetag_callbacks(), and set_opentag_callbacks().

Referenced by nmap_create().

948 {
949  /* reset internal states */
950  nmap->parser.in_host = FALSE;
951  nmap->parser.in_ports = FALSE;
952  nmap->parser.in_port = FALSE;
953  nmap->parser.in_hostscript = FALSE;
954  nmap->parser.enable_read = FALSE;
955 
956  nmap->parser.opentag = g_hash_table_new (g_str_hash, g_str_equal);
957  nmap->parser.closetag = g_hash_table_new (g_str_hash, g_str_equal);
958 
961 }
gboolean in_hostscript
static void set_opentag_callbacks(GHashTable *open)
Populate the callbacks hashtable with handlers for opening tags.
GHashTable * closetag
GHashTable * opentag
static void set_closetag_callbacks(GHashTable *close)
Populate the callbacks hashtable with handlers for closing tags.
struct nmap_parser parser
gboolean enable_read
Here is the call graph for this function:
Here is the caller graph for this function:

◆ sig_c()

void sig_c ( )
static

Signal handler (Child).

Definition at line 1084 of file nasl_builtin_nmap.c.

References pid.

Referenced by nmap_run_and_parse().

1085 {
1086  if (pid > 0)
1087  waitpid (pid, NULL, WNOHANG);
1088 }
static pid_t pid
Here is the caller graph for this function:

◆ sig_h()

void sig_h ( )
static

Signal handler (Halt).

Definition at line 1074 of file nasl_builtin_nmap.c.

References pid.

Referenced by nmap_run_and_parse().

1075 {
1076  if (pid > 0)
1077  kill (pid, SIGKILL);
1078 }
static pid_t pid
Here is the caller graph for this function:

◆ simple_item_destroy()

void simple_item_destroy ( gpointer  data,
gpointer  udata 
)
static

Simple wrapper to call g_free from within g_slist_foreach statements.

Parameters
[in]dataList item data pointer (according to GFunc specification). A struct nse_script * is expected here.
[in]udataUser defined data pointer (according to GFunc specification). This parameter is not used.

Definition at line 1296 of file nasl_builtin_nmap.c.

Referenced by current_host_reset(), and port_destroy().

1297 {
1298  (void) udata;
1299  g_free (data);
1300 }
Here is the caller graph for this function:

◆ tmphost_add_nse_hostscript()

void tmphost_add_nse_hostscript ( nmap_t nmap,
gchar *  name,
gchar *  output 
)
static

Add NSE hostscript result to the current host object.

Parameters
[in,out]nmapHandler to use.
[in]nameName of the NSE script that produced the output.
[in]outputOutput produced by this NSE script.

Definition at line 1325 of file nasl_builtin_nmap.c.

References nmap_host::host_scripts, nse_script::name, name, nse_script::output, and nmap_t::tmphost.

Referenced by xmltag_open_script().

1326 {
1327  struct nse_script *s;
1328 
1329  s = g_malloc0 (sizeof (struct nse_script));
1330  s->name = name;
1331  s->output = output;
1332  nmap->tmphost.host_scripts = g_slist_prepend (nmap->tmphost.host_scripts, s);
1333 }
struct nmap_host tmphost
const char * name
Definition: nasl_init.c:377
Handle the results of a NSE script.
GSList * host_scripts
Here is the caller graph for this function:

◆ tmphost_add_nse_portscript()

void tmphost_add_nse_portscript ( nmap_t nmap,
gchar *  name,
gchar *  output 
)
static

Add NSE portscript result to a port of the current host.

Parameters
[in,out]nmapHandler to use.
[in]nameName of the NSE script that produced the output.
[in]outputOutput produced by this NSE script.

Definition at line 1343 of file nasl_builtin_nmap.c.

References nse_script::name, name, nse_script::output, nmap_port::port_scripts, and nmap_t::tmpport.

Referenced by xmltag_open_script().

1344 {
1345  struct nse_script *s;
1346 
1347  s = g_malloc0 (sizeof (struct nse_script));
1348  s->name = name;
1349  s->output = output;
1350  nmap->tmpport.port_scripts = g_slist_prepend (nmap->tmpport.port_scripts, s);
1351 }
struct nmap_port tmpport
GSList * port_scripts
const char * name
Definition: nasl_init.c:377
Handle the results of a NSE script.
Here is the caller graph for this function:

◆ tmphost_add_port()

void tmphost_add_port ( nmap_t nmap)
static

Add port information to the current host object.

Parameters
[in,out]nmapHandler to use.

Definition at line 1308 of file nasl_builtin_nmap.c.

References nmap_host::ports, nmap_t::tmphost, and nmap_t::tmpport.

Referenced by xmltag_close_port().

1309 {
1310  struct nmap_port *newport;
1311 
1312  newport = g_malloc0 (sizeof (struct nmap_port));
1313  memcpy (newport, &nmap->tmpport, sizeof (struct nmap_port));
1314  nmap->tmphost.ports = g_slist_prepend (nmap->tmphost.ports, newport);
1315 }
GSList * ports
Store port information.
struct nmap_port tmpport
struct nmap_host tmphost
Here is the caller graph for this function:

◆ xml_end_element()

void xml_end_element ( GMarkupParseContext *  context,
const gchar *  element_name,
gpointer  user_data,
GError **  error 
)
static

Top level XML parser callback: handle an closing tag and call the corresponding method.

Parameters
[in]contextThe XML parser.
[in]element_nameThe name of the current tag.
[in]user_dataA pointer to the current nmap_t structure.
[in]errorReturn location of a GError.

Definition at line 1390 of file nasl_builtin_nmap.c.

References nmap_parser::closetag, and nmap_t::parser.

Referenced by nmap_run_and_parse().

1392 {
1393  nmap_t *nmap = (nmap_t *) user_data;
1394  void (*callback) (nmap_t *);
1395 
1396  (void) context;
1397  (void) error;
1398  callback = g_hash_table_lookup (nmap->parser.closetag, element_name);
1399  if (callback)
1400  callback (nmap);
1401 }
GHashTable * closetag
struct nmap_parser parser
Main nmap execution handler.
Here is the caller graph for this function:

◆ xml_read_text()

void xml_read_text ( GMarkupParseContext *  context,
const gchar *  text,
gsize  text_len,
gpointer  user_data,
GError **  error 
)
static

Top level XML parser callback: handle text sections and store it into the read buffer if enable_read is set to TRUE.

Parameters
[in]contextThe XML parser.
[in]textThe current text chunk.
[in]text_lenChunk size.
[in]user_dataA pointer to the current nmap_t structure.
[in]errorReturn location of a GError.

Definition at line 1414 of file nasl_builtin_nmap.c.

References nmap_parser::enable_read, nmap_t::parser, and nmap_parser::rbuff.

Referenced by nmap_run_and_parse().

1416 {
1417  nmap_t *nmap = (nmap_t *) user_data;
1418 
1419  (void) context;
1420  (void) error;
1421  (void) text_len;
1422  if (!nmap->parser.enable_read)
1423  return;
1424 
1425  if (nmap->parser.rbuff)
1426  {
1427  gchar *tmpbuff;
1428 
1429  tmpbuff = g_strdup_printf ("%s%s", nmap->parser.rbuff, text);
1430  g_free (nmap->parser.rbuff);
1431  nmap->parser.rbuff = tmpbuff;
1432  }
1433  else
1434  {
1435  nmap->parser.rbuff = g_strdup (text);
1436  }
1437 }
struct nmap_parser parser
Main nmap execution handler.
gboolean enable_read
Here is the caller graph for this function:

◆ xml_start_element()

void xml_start_element ( GMarkupParseContext *  context,
const gchar *  element_name,
const gchar **  attribute_names,
const gchar **  attribute_values,
gpointer  user_data,
GError **  error 
)
static

Top level XML parser callback: handle an opening tag and call the corresponding method.

Parameters
[in]contextThe XML parser.
[in]element_nameThe name of the current tag.
[in]attribute_namesNULL terminated list of attributes names.
[in]attribute_valuesNULL terminated list of attributes values.
[in]user_dataA pointer to the current nmap_t structure.
[in]errorReturn location of a GError.

Definition at line 1365 of file nasl_builtin_nmap.c.

References nmap_parser::opentag, and nmap_t::parser.

Referenced by nmap_run_and_parse().

1369 {
1370  nmap_t *nmap = (nmap_t *) user_data;
1371  void (*callback) (nmap_t *, const gchar **, const gchar **);
1372  (void) context;
1373  (void) error;
1374 
1375  callback = g_hash_table_lookup (nmap->parser.opentag, element_name);
1376  if (callback)
1377  callback (nmap, attribute_names, attribute_values);
1378 }
GHashTable * opentag
struct nmap_parser parser
Main nmap execution handler.
Here is the caller graph for this function:

◆ xmltag_close_cpe()

void xmltag_close_cpe ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing cpe tag.

Parameters
[in]nmapHandler to use.

Definition at line 1806 of file nasl_builtin_nmap.c.

References nmap_parser::enable_read, nmap_parser::in_port, nmap_host::os_cpes, nmap_t::parser, nmap_parser::rbuff, nmap_t::tmphost, nmap_t::tmpport, and nmap_port::version_cpes.

Referenced by set_closetag_callbacks().

1807 {
1808  if (nmap->parser.rbuff)
1809  {
1810  if (nmap->parser.in_port)
1811  nmap->tmpport.version_cpes =
1812  g_slist_prepend (nmap->tmpport.version_cpes, nmap->parser.rbuff);
1813  else
1814  nmap->tmphost.os_cpes =
1815  g_slist_prepend (nmap->tmphost.os_cpes, nmap->parser.rbuff);
1816  }
1817 
1818  /* Don't free rbuff here, as we need it in the CPE list. */
1819  nmap->parser.rbuff = NULL;
1820  nmap->parser.enable_read = FALSE;
1821 }
GSList * version_cpes
struct nmap_port tmpport
struct nmap_host tmphost
struct nmap_parser parser
GSList * os_cpes
gboolean enable_read
Here is the caller graph for this function:

◆ xmltag_close_host()

void xmltag_close_host ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing host tag.

Parameters
[in]nmapHandler to use.

Definition at line 1769 of file nasl_builtin_nmap.c.

References current_host_reset(), current_host_saveall(), nmap_parser::in_host, and nmap_t::parser.

Referenced by set_closetag_callbacks().

1770 {
1771  nmap->parser.in_host = FALSE;
1772  current_host_saveall (nmap);
1773  current_host_reset (nmap);
1774 }
static void current_host_reset(nmap_t *nmap)
Clear the current host object.
struct nmap_parser parser
static void current_host_saveall(nmap_t *nmap)
Dump current host object state into the knowledge base.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_close_hostscript()

void xmltag_close_hostscript ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing hostscript tag.

Parameters
[in]nmapHandler to use.

Definition at line 1829 of file nasl_builtin_nmap.c.

References nmap_parser::in_hostscript, and nmap_t::parser.

Referenced by set_closetag_callbacks().

1830 {
1831  nmap->parser.in_hostscript = FALSE;
1832 }
gboolean in_hostscript
struct nmap_parser parser
Here is the caller graph for this function:

◆ xmltag_close_port()

void xmltag_close_port ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing port tag.

Parameters
[in]nmapHandler to use.

Definition at line 1793 of file nasl_builtin_nmap.c.

References nmap_parser::in_port, nmap_t::parser, tmphost_add_port(), and nmap_t::tmpport.

Referenced by set_closetag_callbacks().

1794 {
1795  nmap->parser.in_port = FALSE;
1796  tmphost_add_port (nmap);
1797  memset (&nmap->tmpport, 0x00, sizeof (struct nmap_port));
1798 }
Store port information.
struct nmap_port tmpport
struct nmap_parser parser
static void tmphost_add_port(nmap_t *nmap)
Add port information to the current host object.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_close_ports()

void xmltag_close_ports ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing host tag.

Parameters
[in]nmapHandler to use.

Definition at line 1782 of file nasl_builtin_nmap.c.

References nmap_parser::in_ports, and nmap_t::parser.

Referenced by set_closetag_callbacks().

1783 {
1784  nmap->parser.in_ports = FALSE;
1785 }
struct nmap_parser parser
Here is the caller graph for this function:

◆ xmltag_open_address()

void xmltag_open_address ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening address tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1479 of file nasl_builtin_nmap.c.

References nmap_host::addr, get_attr_value(), nmap_parser::in_host, nmap_t::parser, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

1481 {
1482  if (!nmap->parser.in_host)
1483  g_debug ("Error: opening <address> tag out of host description\n");
1484  else
1485  nmap->tmphost.addr = get_attr_value ("addr", attrnames, attrval);
1486 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_host tmphost
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_cpe()

void xmltag_open_cpe ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening cpe tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1580 of file nasl_builtin_nmap.c.

References nmap_parser::enable_read, nmap_t::parser, and nmap_parser::rbuff.

Referenced by set_opentag_callbacks().

1581 {
1582  (void) attrnames;
1583  (void) attrval;
1584  /* Safety check */
1585  if (nmap->parser.rbuff)
1586  {
1587  g_free (nmap->parser.rbuff);
1588  nmap->parser.rbuff = NULL;
1589  }
1590  nmap->parser.enable_read = TRUE;
1591 }
struct nmap_parser parser
gboolean enable_read
Here is the caller graph for this function:

◆ xmltag_open_distance()

void xmltag_open_distance ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening distance tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1708 of file nasl_builtin_nmap.c.

References nmap_host::distance, get_attr_value(), nmap_parser::in_host, nmap_t::parser, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

1710 {
1711  gchar *diststr;
1712 
1713  if (!nmap->parser.in_host)
1714  return;
1715 
1716  diststr = get_attr_value ("value", attrnames, attrval);
1717  if (diststr)
1718  {
1719  nmap->tmphost.distance = atoi (diststr);
1720  g_free (diststr);
1721  }
1722 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_host tmphost
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_hop()

void xmltag_open_hop ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening hop tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1732 of file nasl_builtin_nmap.c.

References traceroute_hop::addr, get_attr_value(), traceroute_hop::host, nmap_parser::in_host, MAX_TRACE_HOPS, nmap_t::parser, traceroute_hop::rtt, nmap_t::tmphost, and nmap_host::trace.

Referenced by set_opentag_callbacks().

1733 {
1734  int ttl;
1735  gchar *ttl_str;
1736 
1737  if (!nmap->parser.in_host)
1738  return;
1739 
1740  ttl_str = get_attr_value ("ttl", attrnames, attrval);
1741  ttl = atoi (ttl_str) - 1; /* decrease ttl by one to use it as index */
1742  g_free (ttl_str);
1743 
1744  if (ttl < MAX_TRACE_HOPS)
1745  {
1746  if (!nmap->tmphost.trace[ttl].addr && !nmap->tmphost.trace[ttl].host
1747  && !nmap->tmphost.trace[ttl].rtt)
1748  {
1749  nmap->tmphost.trace[ttl].addr =
1750  get_attr_value ("ipaddr", attrnames, attrval);
1751  nmap->tmphost.trace[ttl].host =
1752  get_attr_value ("host", attrnames, attrval);
1753  nmap->tmphost.trace[ttl].rtt =
1754  get_attr_value ("rtt", attrnames, attrval);
1755  }
1756  else
1757  g_debug ("Inconsistent results: duplicate traceroute information!");
1758  }
1759  else
1760  g_debug ("Trace TTL out of bounds: %d (max=%d)", ttl, MAX_TRACE_HOPS);
1761 }
struct traceroute_hop trace[MAX_TRACE_HOPS]
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_host tmphost
struct nmap_parser parser
#define MAX_TRACE_HOPS
Maximum number of hops to the target.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_host()

void xmltag_open_host ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening host tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1447 of file nasl_builtin_nmap.c.

References nmap_parser::in_host, and nmap_t::parser.

Referenced by set_opentag_callbacks().

1448 {
1449  (void) attrnames;
1450  (void) attrval;
1451  nmap->parser.in_host = TRUE;
1452 }
struct nmap_parser parser
Here is the caller graph for this function:

◆ xmltag_open_hostscript()

void xmltag_open_hostscript ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening hostscript tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1601 of file nasl_builtin_nmap.c.

References nmap_parser::in_hostscript, and nmap_t::parser.

Referenced by set_opentag_callbacks().

1603 {
1604  (void) attrnames;
1605  (void) attrval;
1606  nmap->parser.in_hostscript = TRUE;
1607 }
gboolean in_hostscript
struct nmap_parser parser
Here is the caller graph for this function:

◆ xmltag_open_ipidsequence()

void xmltag_open_ipidsequence ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening ipidsequence tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1691 of file nasl_builtin_nmap.c.

References get_attr_value(), nmap_parser::in_host, nmap_host::ipidseq, nmap_t::parser, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

1693 {
1694  if (!nmap->parser.in_host)
1695  return;
1696 
1697  nmap->tmphost.ipidseq = get_attr_value ("class", attrnames, attrval);
1698 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_host tmphost
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_osmatch()

void xmltag_open_osmatch ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening osmatch tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1617 of file nasl_builtin_nmap.c.

References nmap_host::best_os, get_attr_value(), nmap_host::os_confidence, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

1619 {
1620  gchar *confstr;
1621 
1622  confstr = get_attr_value ("accuracy", attrnames, attrval);
1623  if (confstr)
1624  {
1625  int confidence;
1626 
1627  confidence = atoi (confstr);
1628  if (confidence > nmap->tmphost.os_confidence)
1629  {
1630  g_free (nmap->tmphost.best_os);
1631  nmap->tmphost.best_os = get_attr_value ("name", attrnames, attrval);
1632  nmap->tmphost.os_confidence = confidence;
1633  }
1634 
1635  g_free (confstr);
1636  }
1637 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_host tmphost
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_port()

void xmltag_open_port ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening port tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1511 of file nasl_builtin_nmap.c.

References get_attr_value(), nmap_parser::in_port, nmap_t::parser, nmap_port::portno, nmap_port::proto, and nmap_t::tmpport.

Referenced by set_opentag_callbacks().

1512 {
1513  nmap->parser.in_port = TRUE;
1514  nmap->tmpport.proto = get_attr_value ("protocol", attrnames, attrval);
1515  nmap->tmpport.portno = get_attr_value ("portid", attrnames, attrval);
1516 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_port tmpport
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_ports()

void xmltag_open_ports ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening ports tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1496 of file nasl_builtin_nmap.c.

References nmap_parser::in_ports, and nmap_t::parser.

Referenced by set_opentag_callbacks().

1497 {
1498  (void) attrnames;
1499  (void) attrval;
1500  nmap->parser.in_ports = TRUE;
1501 }
struct nmap_parser parser
Here is the caller graph for this function:

◆ xmltag_open_script()

void xmltag_open_script ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening script tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1647 of file nasl_builtin_nmap.c.

References get_attr_value(), nmap_parser::in_host, nmap_parser::in_port, name, nse_script::output, nmap_t::parser, tmphost_add_nse_hostscript(), and tmphost_add_nse_portscript().

Referenced by set_opentag_callbacks().

1649 {
1650  gchar *name, *output;
1651 
1652  if (!nmap->parser.in_host)
1653  return;
1654 
1655  name = get_attr_value ("id", attrnames, attrval);
1656  output = get_attr_value ("output", attrnames, attrval);
1657 
1658  if (nmap->parser.in_port)
1659  tmphost_add_nse_portscript (nmap, name, output);
1660  else
1661  tmphost_add_nse_hostscript (nmap, name, output);
1662 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
const char * name
Definition: nasl_init.c:377
struct nmap_parser parser
static void tmphost_add_nse_hostscript(nmap_t *nmap, gchar *name, gchar *output)
Add NSE hostscript result to the current host object.
static void tmphost_add_nse_portscript(nmap_t *nmap, gchar *name, gchar *output)
Add NSE portscript result to a port of the current host.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_service()

void xmltag_open_service ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening service tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1542 of file nasl_builtin_nmap.c.

References get_attr_value(), nmap_parser::in_port, nmap_t::parser, nmap_port::portno, PRINT_NOT_NULL, nmap_port::proto, nmap_port::service, nmap_t::tmpport, and nmap_port::version.

Referenced by set_opentag_callbacks().

1544 {
1545  if (!nmap->parser.in_port || !nmap->tmpport.proto || !nmap->tmpport.portno)
1546  g_debug ("Error: opening <service> tag out of port description\n");
1547  else
1548  {
1549  gchar *product, *version, *extrainfo;
1550 
1551  nmap->tmpport.service = get_attr_value ("name", attrnames, attrval);
1552 
1553  /* also store version detection results if available */
1554  product = get_attr_value ("product", attrnames, attrval);
1555  version = get_attr_value ("version", attrnames, attrval);
1556  extrainfo = get_attr_value ("extrainfo", attrnames, attrval);
1557 
1558  if (product || version || extrainfo)
1559 #define PRINT_NOT_NULL(x) ((x) ? (x) : "")
1560  nmap->tmpport.version = g_strdup_printf (
1561  "%s %s %s", PRINT_NOT_NULL (product), PRINT_NOT_NULL (version),
1562  PRINT_NOT_NULL (extrainfo));
1563 #undef PRINT_NOT_NULL
1564 
1565  /* g_free'ing NULLs is harmless */
1566  g_free (product);
1567  g_free (version);
1568  g_free (extrainfo);
1569  }
1570 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_port tmpport
#define PRINT_NOT_NULL(x)
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_state()

void xmltag_open_state ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening state tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1526 of file nasl_builtin_nmap.c.

References get_attr_value(), nmap_parser::in_port, nmap_t::parser, nmap_port::portno, nmap_port::proto, nmap_port::state, and nmap_t::tmpport.

Referenced by set_opentag_callbacks().

1527 {
1528  if (!nmap->parser.in_port || !nmap->tmpport.proto || !nmap->tmpport.portno)
1529  g_debug ("Error: opening <state> tag out of port description\n");
1530  else
1531  nmap->tmpport.state = get_attr_value ("state", attrnames, attrval);
1532 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_port tmpport
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_status()

void xmltag_open_status ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening status tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1462 of file nasl_builtin_nmap.c.

References get_attr_value(), nmap_parser::in_host, nmap_t::parser, nmap_host::state, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

1464 {
1465  if (!nmap->parser.in_host)
1466  g_debug ("Error: opening <status> tag out of host description\n");
1467  else
1468  nmap->tmphost.state = get_attr_value ("state", attrnames, attrval);
1469 }
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_host tmphost
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_tcpsequence()

void xmltag_open_tcpsequence ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening tcpsequence tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1672 of file nasl_builtin_nmap.c.

References get_attr_value(), nmap_parser::in_host, nmap_t::parser, nmap_host::tcpseq_difficulty, nmap_host::tcpseq_index, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

1674 {
1675  if (!nmap->parser.in_host)
1676  return;
1677 
1678  nmap->tmphost.tcpseq_index = get_attr_value ("index", attrnames, attrval);
1679  nmap->tmphost.tcpseq_difficulty =
1680  get_attr_value ("difficulty", attrnames, attrval);
1681 }
gchar * tcpseq_index
gchar * tcpseq_difficulty
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
struct nmap_host tmphost
struct nmap_parser parser
Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ pid