Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[PATCHed] Fix IPProto Scan (-sO) for UDP

From: Kris Katterjohn <katterjohn () gmail com>
Date: Sat, 27 Jan 2007 14:14:14 -0600
The attached patch (/nmap SVN r4404) fixes the IPProto Scan when a ICMP
Port Unreachable is received for UDP (and possibly others). We weren't
checking for the ICMP message before, so it was coming up open|filtered
or filtered. The SVN log:

------------------------------------------------------------------------
r4404 | kris | 2007-01-27 14:09:14 -0600 (Sat, 27 Jan 2007) | 1 line

Fix the IPProto scan for UDP. Now we check for ICMP Port Unreachable and
call it open if we get one. This was coming up open|filtered, and
sometimes filtered before.
------------------------------------------------------------------------

If anybody can test this further, that'd be great.

Thanks,
Kris Katterjohn

Index: scan_engine.cc
===================================================================
--- scan_engine.cc      (revision 4403)
+++ scan_engine.cc      (revision 4404)
@@ -3090,7 +3090,11 @@
            if (USI->scantype == UDP_SCAN && 
                hss->target->v4hostip()->s_addr == ip->ip_src.s_addr)
              newstate = PORT_CLOSED;
-           else newstate = PORT_FILTERED;
+           else if (USI->scantype == IPPROT_SCAN && 
+                    hss->target->v4hostip()->s_addr == ip->ip_src.s_addr)
+             newstate = PORT_OPEN;
+           else
+             newstate = PORT_FILTERED;
            break;
          case 9: /* dest. net admin prohibited */
          case 10: /* detst host admin prohibited */


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: