Nmap Development mailing list archives
Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...)
From: David Fifield <david () bamsoftware com>
Date: Wed, 17 Feb 2010 18:16:24 -0700
On Tue, Feb 16, 2010 at 11:31:34AM -0600, Kris Katterjohn wrote:
On 02/11/2010 04:53 PM, Kris Katterjohn wrote:Alright, I like to think my branch is essentially complete. So here we go: * ip_open(), ip_send() and ip_close() methods for sending packets starting with an IPv4 header * Works with arbitrary (non-Target) hosts using various routing functions and sends over raw socket or ethernet if preferred and is available * Fallback: if ethernet is preferred but no (ethernet) route can be found, the raw socket is used instead. If an ethernet route is found but an error occurs then we pass an error to the script. Keeping in mind your suggestion, I feel this is similar to how eth vs raw decisions are made elsewhere, even though those parts use Target information while this is done itself. * Errors are passed to the script for use with try() exception handling * Tested on Linux and Windows; kx also verified on Windows earlier * Docs added to scripting.xml (similar to ethernet_* methods' docs) * IP ID sequence script with optional probeport arg; recently done up with NSEDoc (although my NSEDoc-fu is weak as I don't recall ever using it)On 02/12/2010 07:37 PM, Kris Katterjohn wrote:OK, I have one more thing to add to the list: nmap.is_privileged(). This gives the script the boolean value of o.isr00t. This makes it easy to tell, for instance, in ipidseq's hostrule if the raw socket open will fail instead of having to try in action and return an error if not.Has anybody tested this branch and run into any problems? Checking out the branch, building Nmap and running the IP ID script on a host is all it takes for a basic run through. Under most OS's, using with and without --send-eth tests the sending of ethernet frames (or not), or the fallback functionality for using a raw socket for going over, say, a point-to-point link even if you specify --send-eth. As previously mentioned: I've tested on Linux and Windows, kx tested on Windows (and Linux in VM I believe) using earlier revisions (not newer ones?), and Patrick said it looked good. So: if there are no objections or problems, I'd like to merge over to trunk this week (before the weekend). If Fyodor or David wants to give me the go-ahead before then, then cool ;)
I tested out the branch and the script, and it looks good when run along with OS detection. IP ID Sequence Generation: Randomized Host script results: |_ipidseq: Randomized [used port 22] I like the overall look and interface of the new functions. About Windows support: Have you (or anyone) tested raw sending to a non-Target? How are you testing this generally? If you have even just a short script snippet, that is fine. I was thinking that the code should check for the option PACKET_SEND_ETH_STRONG and refuse to fall back to a raw socket in the case, but I can't find anywhere else where that is enforced. In the C-Lua functions, I recommend including the strerror and perhaps errno in error strings. In the scripting.xml documentation, I think that the raw IP sending should be given primary coverage, with Ethernet sending mentioned at the end as an alternative for special situations (the opposite precedence that is there now). What do you think, and would you make that change if you agree? The nmap.is_privileged function I have no objection to. All the above is fine with me. One thing deserves some further design discussion, which is the nmap.get_ports function. I think it would be better to wrap PortList::nextPort more directly, giving scripts one-at-a-time access to port tables (and avoiding creating a potentially large table of tables, most of which won't be used by many scripts). A script that needs the full port list can easily create it by doing just what your C function does, looping with nextPort. Scripts like ipidseq.nse that need just any old port wouldn't need to allocate as much memory. I think the ipidseq script is a great idea. I know it's something I've wanted before. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Raw ethernet frame questions and NSE library questions, (continued)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions kx (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Fyodor (Feb 08)
- Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Patrick Donnelly (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 12)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 16)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) David Fifield (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kurt (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) David Fifield (Feb 18)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 17)
- error compiling 5.21 Mike Calmus (Feb 20)
- Re: error compiling 5.21 David Fifield (Feb 22)
- Re: error compiling 5.21 Mike Calmus (Feb 23)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Patrick Donnelly (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 17)