[PATCH] Don't Idle scan your idle proxy

["Kurt Grutzmacher" <grutz () jingojango net>]

While working with an idlescan we recognized that trying to scan the
idle proxy with an idle scan would do bad things. Sometimes it would
kill the scan, othertimes is just gave us some really funky
information. Since you don't want to ever scan the idle proxy I wrote
a quick patch to ignore it.

Since I couldn't figure out a way to pull out the proxy's IP address
from the proxy structure within idle_scan() I pulled some string fun.
If someone can clean it up then please do it. This is one of those
"works in our testing" scenarios.

(in case the patch file gets droped...)

--- idle_scan.cc        2006-03-25 15:56:16.000000000 -0800
+++ ../idle_scan.cc     2006-06-05 12:12:08.000000000 -0700
@@ -960,6 +960,7 @@
              char *proxyName) {

  static char lastproxy[MAXHOSTNAMELEN + 1] = ""; /* The proxy used
in any previous call */
+  static char proxyip[MAXHOSTNAMELEN + 1];
  static struct idle_proxy_info proxy;
  int groupsz;
  int portidx = 0; /* Used for splitting the port array into chunks */
@@ -981,6 +982,14 @@
    return;
  }

+  Strncpy(proxyip, proxyName, MAXHOSTNAMELEN);
+  if(strtok(proxyip, ":")) {
+    if (!strncmp(target->NameIP(), proxyip, MAXHOSTNAMELEN) ) {
+      log_write(LOG_STDOUT, "Skipping Idle Scan against %s -- can't
idle scan the idle proxy.\n",target->NameIP());
+      return;
+    }
+  }
+
  target->startTimeOutClock(NULL);

  /* If this is the first call,  */



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev