Nmap Development mailing list archives
Re: Receiving broadcasts in Nsock
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 17 Aug 2010 00:24:52 +0200
On 16 aug 2010, at 23.33, David Fifield wrote:
On Sun, Aug 15, 2010 at 10:40:58PM +0200, Patrik Karlsson wrote:On 13 aug 2010, at 17.40, Daniel Miller wrote:On 08/12/2010 04:02 PM, Ron wrote:On Thu, 12 Aug 2010 22:52:38 +0200 Patrik Karlsson<patrik () cqure net> wrote:About broadcast in NSE, do you need to do something to set SO_BROADCAST on the socket or is this taken care of?I'm *guessing* that's the issue, and I remember talking about enabling SO_BROADCAST on the list in the past. I don't think NSE has the ability to enable SO_BROADCAST, but I could be wrong.SO_BROADCAST support was added to nsock, but is off by default. From nsock/include/nsock.h: /* Turns on or off broadcast support on new sockets. Default is off (0, false) set in nsp_new(). Any non-zero (true) value sets SO_BROADCAST on all new sockets (value of optval will be used directly in the setsockopt() call */ void nsp_setbroadcast(nsock_pool nsp, int optval); nsp_new() is called for NSE in nse_nsock.cc in luaopen_nsock(). To enable broadcast, a call to nsp_setbroadcast() must be made after that call.So I looked into this a bit more as I was curios to test some new ideas out. I managed to make the setbroadcast call and have my NSE code send broadcasts out. However, I ran into some trouble as all UDP sockets are connected to the destination address.I investigated this last year, and determined that the problem was that in Nsock, there is no way to create a socket without also connecting it. The underlying call to socket isn't made until nsock_connect_internal is called, which is later than when nsi_new is called. I posted an example that works in Python but not in NSE here: http://seclists.org/nmap-dev/2009/q4/105 Normally you would do new_socket, bind, receive. This doesn't work in NSE because when you do the receive you don't have a real socket yet; creating a socket by doing a connect first somehow prevents the receive from working. My recommendation then was to create a real socket at the time of nsi_new.The man page for connect says: "The parameter socket is a socket. If it is of type SOCK_DGRAM, this call specifies the peer with which the socket is to be associated; this address is that to which datagrams are to be sent, and the only address from which data-grams are to be received." As far as I can tell this makes it difficult to receive any response at all to a broadcast request. I made a quick test re-connecting the socket with the address family AF_UNSPEC immediately after the send was issued. "Datagram sockets may dissolve the association by connecting to an invalid address, such as a null address or an address with the address family set to AF_UNSPEC (the error EAFNOSUPPORT will be harmlessly returned)." This allowed the socket to receive the response from one of the clients responding to the broadcast request.Can you show how you did this? It's a clever idea.
I changed the send to a sendto and it now works on linux as well. The problem with copying the peer data from recvfrom is that the next send will go to the wrong host. This currently is not a problem for me in my testing, ones it becomes a problem I might fix that to ;) Here's a new patch.
David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Attachment:
nsock-broadcast-2.patch
Description:
//Patrik -- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Adding new NSE discovered targets to Nmap, (continued)
- Re: Adding new NSE discovered targets to Nmap Ron (Aug 15)
- Re: Adding new NSE discovered targets to Nmap Patrik Karlsson (Aug 15)
- Re: Adding new NSE discovered targets to Nmap Fyodor (Aug 16)
- Re: Adding new NSE discovered targets to Nmap Patrik Karlsson (Aug 16)
- Re: Adding new NSE discovered targets to Nmap Ron (Aug 16)
- Re: Adding new NSE discovered targets to Nmap David Fifield (Sep 19)
- Re: Adding new NSE discovered targets to Nmap Patrik Karlsson (Aug 15)
- Re: Adding new NSE discovered targets to Nmap Ron (Aug 15)
- Receiving broadcasts in Nsock David Fifield (Aug 16)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 17)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 19)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 21)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 30)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 12)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 31)
- Re: Adding new NSE discovered targets to Nmap David Fifield (Sep 06)