Nmap Development mailing list archives
Nmap 3.75 crashing in win95
From: "Ganga Bhavani" <GBhavani () everdreamcorp com>
Date: Thu, 4 Nov 2004 14:20:37 -0800
Hi, During my testing of latest nmap-3.75, I found that it is crashing on windows 95. During initialization on window 95, nmap tries to load iphlpapi.dll and in the case of failure to load this dll, nmap uses inetmib1 instead. The method SendARP() in pcapsend.c which makes use of iphlpapi.dll is causing this crash. The older version nmap-3.50 used to work as it used to send raw arp packet instead of using SendARP(). I have come up with the following patch which checks iphlp_avail and if that dll is not available executes send_raw_arp() (old code for send_arp() to send raw arp packet). Please let me if you see any issues with this patch. Thanks, Ganga The diff looks as follows: --- pcapsend.c.org 2004-11-04 12:50:33.657840200 -0800 +++ pcapsend.c 2004-11-04 13:05:02.383956300 -0800 @@ -99,6 +99,7 @@ static void releaseadapter(); static void send_arp(DWORD ifi, DWORD ip); +static void send_raw_arp(DWORD ifi, DWORD ip); static int lookupip(DWORD ip, DWORD ifi); // ARP cache @@ -113,6 +114,7 @@ // For rawsock fallback extern SOCKET global_raw_socket; extern int rawsock_avail; +extern int iphlp_avail; extern NmapOps o; @@ -537,6 +539,14 @@ PBYTE pBuffer; struct in_addr myip; + /* For windows95 machines that does not load iphlpapi.dll, send raw + ARP packet */ + if( !iphlp_avail ) + { + send_raw_arp(ifi,ip); + return; + } + ret = SendARP( ip, 0, uMACAddr, &uSize ); if( NO_ERROR == ret ) @@ -546,6 +556,48 @@ } } +// this to send raw arp packet +static void send_raw_arp(DWORD ifi, DWORD ip) +{ + struct arp_hdr arp_h; + LPADAPTER pAdap; + BYTE mymac[6]; + int len; + unsigned long mytype; + struct in_addr myip; + BYTE bcastmac[6]; // more Ethernet code ! + memset(bcastmac, 0xFF, 6); + + if(0 != ifi2ipaddr(ifi, &myip)) + fatal("sendarp: failed to find my ip ?!?\n"); + + // get the MAC et al + len = 6; + pAdap = if2adapter(ifi, mymac, &len, &mytype); + if(!pAdap) + { + // do nothing for localhost scan + if(myip.s_addr == 0x0100007f) return; + else fatal("send_arp: can't send on this interface\n"); + } + + arp_h.ar_hrd=0x0100; + + arp_h.ar_pro=0x0008; /* format of protocol address * / + arp_h.ar_hln=6; /* length of hardware address * / + arp_h.ar_pln=4; /* length of protocol addres */ + arp_h.ar_op=0x0100 ; + memcpy(arp_h.ar_sha,mymac,6); + memcpy(arp_h.ar_spa,&myip.s_addr,4); + memset(arp_h.ar_tha,0,6); + memcpy(arp_h.ar_tpa,&ip,4); + + realsend(pAdap, (char*)&arp_h, sizeof(arp_h), + bcastmac, mymac, len, mytype, ETH_ARP); + + releaseadapter(); +} + // resolves an ip addr into a nexthop and index static int ip2route(const struct in_addr *dest, DWORD *nexthop, DWORD *ifi) {
Attachment:
pcapsend.c.patch
Description: pcapsend.c.patch
--------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Nmap 3.75 crashing in win95 Ganga Bhavani (Nov 04)
- Re: Nmap 3.75 crashing in win95 Fyodor (Nov 04)