Re: Informal Nmap 3.94ALPHA1 Release

[Fyodor <fyodor () insecure org>]

On Mon, Dec 05, 2005 at 06:52:33PM -0800, BAKEMAN wrote:
> I have observed the same thing on 3.94ALPHA1. I believe that this is the
> same problem which effected 3.93 and was reported.
>
> http://seclists.org/lists/nmap-dev/2005/Jul-Sep/0194.html

Yeah, I did receive a number of reports that Idle scan was broken.  I
appreciate the reports, but nobody sent in a patch and I didn't have
time to look into it until today.  Here is a patch that seems to do
the trick (and will be in the next release):

--- idle_scan.cc        (revision 2813)
+++ idle_scan.cc        (working copy)
@@ -263,6 +263,16 @@
 
 }
 
+static void initialize_proxy_struct(struct idle_proxy_info *proxy) {
+  proxy->seqclass = proxy->latestid = proxy->probe_port = 0;
+  proxy->max_groupsz = proxy->min_groupsz = 0;
+  proxy->current_groupsz = 0;
+  proxy->senddelay = 0; 
+  proxy->max_senddelay = 0;
+  proxy->pd = NULL;
+  proxy->rawsd = -1;
+  proxy->ethptr = NULL;
+}
 
 /* takes a proxy name/IP, resolves it if neccessary, tests it for IPID
    suitability, and fills out an idle_proxy_info structure.  If the
@@ -301,7 +311,7 @@
 
   for(i=0; i < NUM_IPID_PROBES; i++) probe_returned[i] = 0;
 
-  memset(proxy, 0, sizeof(*proxy));
+  initialize_proxy_struct(proxy);
   initialize_timeout_info(&proxy->host.to);
 
   proxy->max_groupsz = (o.max_parallelism)? o.max_parallelism : 100;



Cheers,
Fyodor


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev