OpenVAS Scanner  7.0.0~git
nasl_builtin_nmap.c File Reference

Advanced wrapper for nmap. Perform comprehensive network scanning. More...

#include "../misc/plugutils.h"
#include "nasl_lex_ctxt.h"
#include <glib.h>
#include <gvm/base/logging.h>
#include <gvm/base/prefs.h>
#include <gvm/util/kb.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
Include dependency graph for nasl_builtin_nmap.c:

Go to the source code of this file.

Data Structures

struct  nse_script
 Handle the results of a NSE script. More...
 
struct  traceroute_hop
 Describe a detected hop on the route. More...
 
struct  nmap_port
 Store port information. More...
 
struct  nmap_host
 Store host information. More...
 
struct  nmap_parser
 Handle states for XML parsing. More...
 
struct  nmap_t
 Main nmap execution handler. More...
 
struct  nmap_opt_t
 Describe an nmap command line option. More...
 

Macros

#define CHUNK_LEN   512
 Input chunks size for the XML parser. More...
 
#define MAX_TRACE_HOPS   64
 Maximum number of hops to the target. More...
 
#define NMAP_CMD   "nmap"
 Nmap command to call. More...
 
#define PREF_TREAT_ALL_HOST_ONLINE   "Treat all hosts as online"
 Plugin parameter description: skip alive hosts discovery phase. More...
 
#define PREF_TRACEROUTE   "Trace hop path to each host"
 Plugin parameter description: perform traceroute. More...
 
#define PREF_NO_DNS   "Disable DNS resolution"
 Plugin parameter description: don't perform reverse resolution on discovered IP addresses. More...
 
#define PREF_TCP_SCANNING_TECHNIQUE   "TCP scanning technique"
 Plugin parameter description: TCP port scanning technique to use. More...
 
#define PREF_SERVICE_SCAN   "Service scan"
 Plugin parameter description: perform service/version detection scan. More...
 
#define PREF_RPC_PORT_SCAN   "RPC port scan"
 Plugin parameter description: perform RPC port scan. More...
 
#define PREF_IDENTIFY_REMOTE_OS   "Identify the remote OS"
 Plugin parameter description: perform remote OS fingerprinting. More...
 
#define PREF_AGGRESSIVE_OS_DETECT   "Aggressive OS detection"
 Plugin parameter description: guess OS from closest match if necessary. More...
 
#define PREF_FRAGMENT_IP   "Fragment IP packets (bypasses firewalls)"
 Plugin parameter description: try to evade defense by fragmenting IP packets. More...
 
#define PREF_SOURCE_PORT   "Source port"
 Plugin parameter description: set source port. More...
 
#define PREF_TIMING_POLICY   "Timing policy"
 Plugin parameter description: select timing template. More...
 
#define PREF_HOST_TIMEOUT   "Host Timeout (ms)"
 Plugin parameter description: give up on host after this time elapsed. More...
 
#define PREF_MIN_RTT_TIMEOUT   "Min RTT Timeout (ms)"
 Plugin parameter description: probe round trip time hint (minimal value) More...
 
#define PREF_MAX_RTT_TIMEOUT   "Max RTT Timeout (ms)"
 Plugin parameter description: probe round trip time hint (maximal value). More...
 
#define PREF_INITIAL_RTT_TIMEOUT   "Initial RTT timeout (ms)"
 Plugin parameter description: probe round trip time hint (initial value). More...
 
#define PREF_MIN_PARALLELISM   "Ports scanned in parallel (min)"
 Plugin parameter description: force minimum number of parallel active probes. More...
 
#define PREF_MAX_PARALLELISM   "Ports scanned in parallel (max)"
 Plugin parameter description: force maximum number of parallel active probes. More...
 
#define PREF_MIN_HOSTGROUP   "Hosts scanned in parallel (min)"
 Plugin parameter description: force minimum number of hosts to scan in parallel. More...
 
#define PREF_MAX_HOSTGROUP   "Hosts scanned in parallel (max)"
 Plugin parameter description: force maximum number of hosts to scan in parallel. More...
 
#define PREF_INTERPROBE_DELAY   "Minimum wait between probes (ms)"
 Plugin parameter description: set idle interval between probes. More...
 
#define PREF_EXCLUDE_HOSTS   "Exclude hosts"
 Plugin parameter description: comma-separated list of hosts to exclude from the scan. More...
 
#define PREF_IMPORT_XML_FILE   "File containing XML results"
 Plugin parameter description: import XML file. More...
 
#define OPT_SET   "yes"
 Checkbox value (when set). More...
 
#define OPT_UNSET   "no"
 Checkbox value (when unset). More...
 
#define list_free(list, dtor, udata)
 
#define PRINT_NOT_NULL(x)   ((x) ? (x) : "")
 

Functions

static nmap_tnmap_create (lex_ctxt *lexic)
 Instantiate a new nmap handler, rebuild command line or open XML file to parse. More...
 
static void nmap_destroy (nmap_t *nmap)
 Release a nmap handler and associated resources. More...
 
static int build_cmd_line (nmap_t *nmap)
 Rebuild command line to run according to plugin parameters. More...
 
static int add_arg (nmap_t *nmap, const gchar *name, const gchar *value)
 Add a couple argument/value on the command line. More...
 
static int add_nse_arguments (nmap_t *nmap)
 Add NSE (nmap scripting engine) related arguments to the command line according to user script selection and preferences. More...
 
static gchar * get_script_list (nmap_t *nmap)
 Make the comma-separated list of NSE scripts selected by the user. More...
 
static gchar * get_script_args (nmap_t *nmap)
 Make the comma-separated list of NSE arguments set by the user. More...
 
static int add_scantype_arguments (nmap_t *nmap)
 Add the TCP scantype flag to the command line. More...
 
static int add_timing_arguments (nmap_t *nmap)
 Add timing template argument to the command line. More...
 
static int add_portrange (nmap_t *nmap)
 Add the range of ports to scan to the command line. More...
 
static void setup_xml_parser (nmap_t *nmap)
 Setup XML parser internals. More...
 
static void set_opentag_callbacks (GHashTable *open)
 Populate the callbacks hashtable with handlers for opening tags. More...
 
static void set_closetag_callbacks (GHashTable *close)
 Populate the callbacks hashtable with handlers for closing tags. More...
 
static int add_target (nmap_t *nmap)
 Append scan target to the command line. More...
 
static void dbg_display_cmdline (nmap_t *nmap)
 Display the final command line for debug. More...
 
static void sig_h ()
 Signal handler (Halt). More...
 
static void sig_c ()
 Signal handler (Child). More...
 
static int nmap_run_and_parse (nmap_t *nmap)
 Run nmap and parse its XML output (or load an external file if requested). More...
 
static void current_host_reset (nmap_t *nmap)
 Clear the current host object. More...
 
static void port_destroy (gpointer data, gpointer udata)
 Completely release a port object. More...
 
static void nse_script_destroy (gpointer data, gpointer udata)
 Completely release a NSE script object. More...
 
static void simple_item_destroy (gpointer data, gpointer udata)
 Simple wrapper to call g_free from within g_slist_foreach statements. More...
 
static void tmphost_add_port (nmap_t *nmap)
 Add port information to the current host object. More...
 
static void tmphost_add_nse_hostscript (nmap_t *nmap, gchar *name, gchar *output)
 Add NSE hostscript result to the current host object. More...
 
static void tmphost_add_nse_portscript (nmap_t *nmap, gchar *name, gchar *output)
 Add NSE portscript result to a port of the current host. More...
 
static void xml_start_element (GMarkupParseContext *context, const gchar *element_name, const gchar **attribute_names, const gchar **attribute_values, gpointer user_data, GError **error)
 Top level XML parser callback: handle an opening tag and call the corresponding method. More...
 
static void xml_end_element (GMarkupParseContext *context, const gchar *element_name, gpointer user_data, GError **error)
 Top level XML parser callback: handle an closing tag and call the corresponding method. More...
 
static void xml_read_text (GMarkupParseContext *context, const gchar *text, gsize text_len, gpointer user_data, GError **error)
 Top level XML parser callback: handle text sections and store it into the read buffer if enable_read is set to TRUE. More...
 
static void xmltag_open_host (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening host tag. More...
 
static void xmltag_open_status (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening status tag. More...
 
static void xmltag_open_address (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening address tag. More...
 
static void xmltag_open_ports (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening ports tag. More...
 
static void xmltag_open_port (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening port tag. More...
 
static void xmltag_open_state (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening state tag. More...
 
static void xmltag_open_service (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening service tag. More...
 
static void xmltag_open_cpe (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening cpe tag. More...
 
static void xmltag_open_hostscript (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening hostscript tag. More...
 
static void xmltag_open_osmatch (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening osmatch tag. More...
 
static void xmltag_open_script (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening script tag. More...
 
static void xmltag_open_tcpsequence (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening tcpsequence tag. More...
 
static void xmltag_open_ipidsequence (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening ipidsequence tag. More...
 
static void xmltag_open_hop (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening hop tag. More...
 
static void xmltag_open_distance (nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
 Sublevel XML parser callback: handle an opening distance tag. More...
 
static void xmltag_close_host (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing host tag. More...
 
static void xmltag_close_ports (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing host tag. More...
 
static void xmltag_close_port (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing port tag. More...
 
static void xmltag_close_cpe (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing cpe tag. More...
 
static void xmltag_close_hostscript (nmap_t *nmap)
 Sublevel XML parser callback: handle an closing hostscript tag. More...
 
static gchar * get_attr_value (const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
 Helper function: get attribute value from the separate name/value tables. More...
 
static void current_host_saveall (nmap_t *nmap)
 Dump current host object state into the knowledge base. More...
 
static void save_host_state (nmap_t *nmap)
 Store host state (host alive/dead) into the knowledge base. More...
 
static void save_open_ports (nmap_t *nmap)
 Save information about open ports for the current host into the knowledge base. More...
 
static void register_service (nmap_t *nmap, struct nmap_port *p)
 Save information about a detected service (version) into the knowledge base. More...
 
static void save_detected_os (nmap_t *nmap)
 Save information about detected operating system into the knowledge base. More...
 
static void save_tcpseq_details (nmap_t *nmap)
 Save information about TCP sequence number generation into the knowledge base. More...
 
static void save_ipidseq_details (nmap_t *nmap)
 Save information about IP ID generation into the knowledge base. More...
 
static void save_traceroute_details (nmap_t *nmap)
 Save information about network topology to the target (traceroute) into the knowledge base. More...
 
static void save_portscripts (nmap_t *nmap)
 Save information about postrule NSE scripts into the knowledge base. More...
 
static void save_hostscripts (nmap_t *nmap)
 Save information about hostrule NSE scripts into the knowledge base. More...
 
tree_cellplugin_run_nmap (lex_ctxt *lexic)
 Run the nmap_net subsystem. More...
 

Variables

static pid_t pid = 0
 

Detailed Description

Advanced wrapper for nmap. Perform comprehensive network scanning.

This plugin was designed to be executed only once per network. It generates the nmap command line according to the specified options, runs nmap, parses the output and stores results for each host in the knowledge base.

Definition in file nasl_builtin_nmap.c.

Macro Definition Documentation

◆ CHUNK_LEN

#define CHUNK_LEN   512

Input chunks size for the XML parser.

Definition at line 67 of file nasl_builtin_nmap.c.

◆ list_free

#define list_free (   list,
  dtor,
  udata 
)
Value:
do \
{ \
if (list) \
{ \
g_slist_foreach (list, (GFunc) dtor, udata); \
g_slist_free (list); \
list = NULL; \
} \
} \
while (0)

Definition at line 1189 of file nasl_builtin_nmap.c.

◆ MAX_TRACE_HOPS

#define MAX_TRACE_HOPS   64

Maximum number of hops to the target.

Definition at line 72 of file nasl_builtin_nmap.c.

◆ NMAP_CMD

#define NMAP_CMD   "nmap"

Nmap command to call.

Definition at line 77 of file nasl_builtin_nmap.c.

◆ OPT_SET

#define OPT_SET   "yes"

Checkbox value (when set).

Definition at line 207 of file nasl_builtin_nmap.c.

◆ OPT_UNSET

#define OPT_UNSET   "no"

Checkbox value (when unset).

Definition at line 212 of file nasl_builtin_nmap.c.

◆ PREF_AGGRESSIVE_OS_DETECT

#define PREF_AGGRESSIVE_OS_DETECT   "Aggressive OS detection"

Plugin parameter description: guess OS from closest match if necessary.

Definition at line 122 of file nasl_builtin_nmap.c.

◆ PREF_EXCLUDE_HOSTS

#define PREF_EXCLUDE_HOSTS   "Exclude hosts"

Plugin parameter description: comma-separated list of hosts to exclude from the scan.

Definition at line 197 of file nasl_builtin_nmap.c.

◆ PREF_FRAGMENT_IP

#define PREF_FRAGMENT_IP   "Fragment IP packets (bypasses firewalls)"

Plugin parameter description: try to evade defense by fragmenting IP packets.

Definition at line 128 of file nasl_builtin_nmap.c.

◆ PREF_HOST_TIMEOUT

#define PREF_HOST_TIMEOUT   "Host Timeout (ms)"

Plugin parameter description: give up on host after this time elapsed.

Definition at line 144 of file nasl_builtin_nmap.c.

◆ PREF_IDENTIFY_REMOTE_OS

#define PREF_IDENTIFY_REMOTE_OS   "Identify the remote OS"

Plugin parameter description: perform remote OS fingerprinting.

Definition at line 116 of file nasl_builtin_nmap.c.

◆ PREF_IMPORT_XML_FILE

#define PREF_IMPORT_XML_FILE   "File containing XML results"

Plugin parameter description: import XML file.

Definition at line 202 of file nasl_builtin_nmap.c.

◆ PREF_INITIAL_RTT_TIMEOUT

#define PREF_INITIAL_RTT_TIMEOUT   "Initial RTT timeout (ms)"

Plugin parameter description: probe round trip time hint (initial value).

Definition at line 162 of file nasl_builtin_nmap.c.

◆ PREF_INTERPROBE_DELAY

#define PREF_INTERPROBE_DELAY   "Minimum wait between probes (ms)"

Plugin parameter description: set idle interval between probes.

Definition at line 191 of file nasl_builtin_nmap.c.

◆ PREF_MAX_HOSTGROUP

#define PREF_MAX_HOSTGROUP   "Hosts scanned in parallel (max)"

Plugin parameter description: force maximum number of hosts to scan in parallel.

Definition at line 186 of file nasl_builtin_nmap.c.

◆ PREF_MAX_PARALLELISM

#define PREF_MAX_PARALLELISM   "Ports scanned in parallel (max)"

Plugin parameter description: force maximum number of parallel active probes.

Definition at line 174 of file nasl_builtin_nmap.c.

◆ PREF_MAX_RTT_TIMEOUT

#define PREF_MAX_RTT_TIMEOUT   "Max RTT Timeout (ms)"

Plugin parameter description: probe round trip time hint (maximal value).

Definition at line 156 of file nasl_builtin_nmap.c.

◆ PREF_MIN_HOSTGROUP

#define PREF_MIN_HOSTGROUP   "Hosts scanned in parallel (min)"

Plugin parameter description: force minimum number of hosts to scan in parallel.

Definition at line 180 of file nasl_builtin_nmap.c.

◆ PREF_MIN_PARALLELISM

#define PREF_MIN_PARALLELISM   "Ports scanned in parallel (min)"

Plugin parameter description: force minimum number of parallel active probes.

Definition at line 168 of file nasl_builtin_nmap.c.

◆ PREF_MIN_RTT_TIMEOUT

#define PREF_MIN_RTT_TIMEOUT   "Min RTT Timeout (ms)"

Plugin parameter description: probe round trip time hint (minimal value)

Definition at line 150 of file nasl_builtin_nmap.c.

◆ PREF_NO_DNS

#define PREF_NO_DNS   "Disable DNS resolution"

Plugin parameter description: don't perform reverse resolution on discovered IP addresses.

Definition at line 95 of file nasl_builtin_nmap.c.

◆ PREF_RPC_PORT_SCAN

#define PREF_RPC_PORT_SCAN   "RPC port scan"

Plugin parameter description: perform RPC port scan.

Definition at line 111 of file nasl_builtin_nmap.c.

◆ PREF_SERVICE_SCAN

#define PREF_SERVICE_SCAN   "Service scan"

Plugin parameter description: perform service/version detection scan.

Definition at line 106 of file nasl_builtin_nmap.c.

◆ PREF_SOURCE_PORT

#define PREF_SOURCE_PORT   "Source port"

Plugin parameter description: set source port.

Definition at line 133 of file nasl_builtin_nmap.c.

◆ PREF_TCP_SCANNING_TECHNIQUE

#define PREF_TCP_SCANNING_TECHNIQUE   "TCP scanning technique"

Plugin parameter description: TCP port scanning technique to use.

Definition at line 100 of file nasl_builtin_nmap.c.

◆ PREF_TIMING_POLICY

#define PREF_TIMING_POLICY   "Timing policy"

Plugin parameter description: select timing template.

Definition at line 138 of file nasl_builtin_nmap.c.

◆ PREF_TRACEROUTE

#define PREF_TRACEROUTE   "Trace hop path to each host"

Plugin parameter description: perform traceroute.

Definition at line 89 of file nasl_builtin_nmap.c.

◆ PREF_TREAT_ALL_HOST_ONLINE

#define PREF_TREAT_ALL_HOST_ONLINE   "Treat all hosts as online"

Plugin parameter description: skip alive hosts discovery phase.

Definition at line 84 of file nasl_builtin_nmap.c.

◆ PRINT_NOT_NULL

#define PRINT_NOT_NULL (   x)    ((x) ? (x) : "")

Function Documentation

◆ add_arg()

int add_arg ( nmap_t nmap,
const gchar *  name,
const gchar *  value 
)
static

Add a couple argument/value on the command line.

Parameters
[in,out]nmapHandler to use.
[in]nameName of the flag/option.
[in]valueValue of the option (or NULL for simple flags).
Returns
-1 on failure or 1 on success.

Definition at line 715 of file nasl_builtin_nmap.c.

716 {
717  if (!name)
718  return -1;
719 
720  if (!nmap->args)
721  {
722  /* Initial call, instantiate the NULL terminated list of arguments */
723  nmap->args = g_malloc (sizeof (*nmap->args));
724  nmap->arg_idx = 0;
725  }
726 
727  if (!value)
728  {
729  /* simple flag (no value) */
730  nmap->args =
731  g_realloc (nmap->args, (nmap->arg_idx + 2) * sizeof (gchar *));
732  nmap->args[nmap->arg_idx++] = g_strdup (name);
733  }
734  else
735  {
736  /* name->value argument */
737  nmap->args =
738  g_realloc (nmap->args, (nmap->arg_idx + 3) * sizeof (gchar *));
739  nmap->args[nmap->arg_idx++] = g_strdup (name);
740  nmap->args[nmap->arg_idx++] = g_strdup (value);
741  }
742 
743  /* NULL-terminate the list */
744  nmap->args[nmap->arg_idx] = NULL;
745 
746  return 1;
747 }

References nmap_t::arg_idx, nmap_t::args, and name.

Referenced by add_nse_arguments(), add_portrange(), add_scantype_arguments(), add_target(), add_timing_arguments(), and build_cmd_line().

Here is the caller graph for this function:

◆ add_nse_arguments()

int add_nse_arguments ( nmap_t nmap)
static

Add NSE (nmap scripting engine) related arguments to the command line according to user script selection and preferences.

Parameters
[in,out]nmapHandler to use.
Returns
1 success

Definition at line 758 of file nasl_builtin_nmap.c.

759 {
760  gchar *pscript, *pargs;
761 
762  pscript = get_script_list (nmap);
763  pargs = get_script_args (nmap);
764  if (strlen (pscript))
765  {
766  /* Add script flags if user requested some NSE */
767  add_arg (nmap, "--script", pscript);
768 
769  if (strlen (pargs))
770  add_arg (nmap, "--script-args", pargs);
771  }
772  g_free (pscript);
773  g_free (pargs);
774 
775  return 1;
776 }

References add_arg(), get_script_args(), and get_script_list().

Referenced by build_cmd_line().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_portrange()

int add_portrange ( nmap_t nmap)
static

Add the range of ports to scan to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 928 of file nasl_builtin_nmap.c.

929 {
930  const char *portrange = prefs_get ("port_range");
931 
932  if (!portrange)
933  {
934  g_debug ("Invalid environment: unavailable \"port_range\"\n");
935  return -1;
936  }
937 
938  return add_arg (nmap, "-p", portrange);
939 }

References add_arg().

Referenced by build_cmd_line().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_scantype_arguments()

int add_scantype_arguments ( nmap_t nmap)
static

Add the TCP scantype flag to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 868 of file nasl_builtin_nmap.c.

869 {
870  int i;
871  gchar *scantype;
872  nmap_opt_t flagmap[] = {
873  {"connect()", "-sT", FALSE}, {"SYN", "-sS", FALSE},
874  {"ACK", "-sA", FALSE}, {"FIN", "-sF", FALSE},
875  {"Window", "-sW", FALSE}, {"Maimon", "-sM", FALSE},
876  {"Xmas tree", "-sX", FALSE}, {"Null", "-sN", FALSE},
877  {"SCTP Init", "-sY", FALSE}, {"SCTP COOKIE_ECHO", "-sZ", FALSE},
878  {NULL, NULL, FALSE}};
879 
881  if (!scantype)
882  return -1;
883 
884  for (i = 0; flagmap[i].optname; i++)
885  if (g_strcmp0 (scantype, flagmap[i].optname) == 0)
886  return add_arg (nmap, flagmap[i].flag, NULL);
887 
888  return -1;
889 }

References add_arg(), get_plugin_preference(), nmap_t::oid, nmap_opt_t::optname, and PREF_TCP_SCANNING_TECHNIQUE.

Referenced by build_cmd_line().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_target()

int add_target ( nmap_t nmap)
static

Append scan target to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 1029 of file nasl_builtin_nmap.c.

1030 {
1031  struct scan_globals *globals;
1032  gchar *network;
1033 
1034  globals = nmap->env->globals;
1035  if (!globals)
1036  {
1037  g_debug ("Invalid environment: unavailable \"globals\"\n");
1038  return -1;
1039  }
1040 
1041  network = globals->network_targets;
1042  if (!network)
1043  {
1044  g_debug ("Invalid environment: unavailable \"network_targets\"\n");
1045  return -1;
1046  }
1047 
1048  return add_arg (nmap, network, NULL);
1049 }

References add_arg(), nmap_t::env, script_infos::globals, and scan_globals::network_targets.

Referenced by build_cmd_line().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_timing_arguments()

int add_timing_arguments ( nmap_t nmap)
static

Add timing template argument to the command line.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 899 of file nasl_builtin_nmap.c.

900 {
901  int i;
902  gchar *timing;
903  nmap_opt_t flagmap[] = {
904  {"Paranoid", "-T0", FALSE}, {"Sneaky", "-T1", FALSE},
905  {"Polite", "-T2", FALSE}, {"Normal", "-T3", FALSE},
906  {"Aggressive", "-T4", FALSE}, {"Insane", "-T5", FALSE},
907  {NULL, NULL, FALSE}};
908 
909  timing = get_plugin_preference (nmap->oid, PREF_TIMING_POLICY);
910  if (!timing)
911  return -1;
912 
913  for (i = 0; flagmap[i].optname; i++)
914  if (g_strcmp0 (timing, flagmap[i].optname) == 0)
915  return add_arg (nmap, flagmap[i].flag, NULL);
916 
917  return -1;
918 }

References add_arg(), get_plugin_preference(), nmap_t::oid, nmap_opt_t::optname, and PREF_TIMING_POLICY.

Referenced by build_cmd_line().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ build_cmd_line()

int build_cmd_line ( nmap_t nmap)
static

Rebuild command line to run according to plugin parameters.

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure and 1 on success.

Definition at line 614 of file nasl_builtin_nmap.c.

615 {
616  int i;
617  /* this list handles basic options (simple flag or name/value) */
618  nmap_opt_t options[] = {
619  /* --- Host discovery --- */
620  {PREF_TREAT_ALL_HOST_ONLINE, "-Pn", FALSE},
621  {PREF_TRACEROUTE, "--traceroute", FALSE},
622  {PREF_NO_DNS, "-n", FALSE},
623 
624  /* --- Scan techniques --- */
625  {PREF_SERVICE_SCAN, "-sV", FALSE},
626  {PREF_RPC_PORT_SCAN, "-sR", FALSE},
627 
628  /* --- OS Detection --- */
629  {PREF_IDENTIFY_REMOTE_OS, "-O", FALSE},
630  {PREF_AGGRESSIVE_OS_DETECT, "--osscan-guess", FALSE},
631 
632  /* --- Firewall/IDS evasion --- */
633  {PREF_FRAGMENT_IP, "-f", FALSE},
634  {PREF_SOURCE_PORT, "-g", TRUE},
635 
636  /* --- Timing and performances --- */
637  {PREF_HOST_TIMEOUT, "--host-timeout", TRUE},
638  {PREF_MIN_RTT_TIMEOUT, "--min-rtt-timeout", TRUE},
639  {PREF_MAX_RTT_TIMEOUT, "--max-rtt-timeout", TRUE},
640  {PREF_INITIAL_RTT_TIMEOUT, "--initial-rtt-timeout", TRUE},
641  {PREF_MIN_PARALLELISM, "--min-parallelism", TRUE},
642  {PREF_MAX_PARALLELISM, "--max-parallelism", TRUE},
643  {PREF_MIN_HOSTGROUP, "--min-hostgroup", TRUE},
644  {PREF_MAX_HOSTGROUP, "--max-hostgroup", TRUE},
645  {PREF_INTERPROBE_DELAY, "--delay", TRUE},
646 
647  /* --- Targets specification --- */
648  {PREF_EXCLUDE_HOSTS, "--exclude", TRUE},
649 
650  {NULL, NULL, FALSE}};
651 
652  /* Nmap invocation */
653  add_arg (nmap, NMAP_CMD, NULL);
654 
655  /* Enable XML output on stdout */
656  add_arg (nmap, "-oX", "-");
657 
658  for (i = 0; options[i].optname; i++)
659  {
660  gchar *optval;
661 
662  optval = get_plugin_preference (nmap->oid, options[i].optname);
663  if (!optval)
664  continue;
665 
666  if (options[i].argument_required)
667  {
668  if (strlen (optval) > 0)
669  if (add_arg (nmap, options[i].flag, optval) < 0)
670  return -1;
671  }
672  else
673  {
674  if (g_strcmp0 (optval, OPT_SET) == 0)
675  if (add_arg (nmap, options[i].flag, NULL) < 0)
676  return -1;
677  }
678  }
679 
680  if (add_portrange (nmap) < 0)
681  return -1;
682 
683  /* Always enable UDP port scan, so that the port list controls this. */
684  if (add_arg (nmap, "-sU", NULL) < 0)
685  return -1;
686 
687  /* Scan technique */
688  if (add_scantype_arguments (nmap) < 0)
689  return -1;
690 
691  /* Timing policy */
692  if (add_timing_arguments (nmap) < 0)
693  return -1;
694 
695  /* Script scan */
696  if (add_nse_arguments (nmap) < 0)
697  return -1;
698 
699  if (add_target (nmap) < 0)
700  return -1;
701 
702  return 1;
703 }

References add_arg(), add_nse_arguments(), add_portrange(), add_scantype_arguments(), add_target(), add_timing_arguments(), get_plugin_preference(), NMAP_CMD, nmap_t::oid, OPT_SET, nmap_opt_t::optname, PREF_AGGRESSIVE_OS_DETECT, PREF_EXCLUDE_HOSTS, PREF_FRAGMENT_IP, PREF_HOST_TIMEOUT, PREF_IDENTIFY_REMOTE_OS, PREF_INITIAL_RTT_TIMEOUT, PREF_INTERPROBE_DELAY, PREF_MAX_HOSTGROUP, PREF_MAX_PARALLELISM, PREF_MAX_RTT_TIMEOUT, PREF_MIN_HOSTGROUP, PREF_MIN_PARALLELISM, PREF_MIN_RTT_TIMEOUT, PREF_NO_DNS, PREF_RPC_PORT_SCAN, PREF_SERVICE_SCAN, PREF_SOURCE_PORT, PREF_TRACEROUTE, and PREF_TREAT_ALL_HOST_ONLINE.

Referenced by nmap_create().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ current_host_reset()

void current_host_reset ( nmap_t nmap)
static

Clear the current host object.

Parameters
[in,out]nmapHandler to use.

Definition at line 1207 of file nasl_builtin_nmap.c.

1208 {
1209  int i;
1210 
1211  g_free (nmap->tmphost.addr);
1212  g_free (nmap->tmphost.state);
1213  g_free (nmap->tmphost.best_os);
1214  g_free (nmap->tmphost.tcpseq_index);
1215  g_free (nmap->tmphost.tcpseq_difficulty);
1216  g_free (nmap->tmphost.ipidseq);
1217 
1218  for (i = 0; i < MAX_TRACE_HOPS; i++)
1219  {
1220  g_free (nmap->tmphost.trace[i].addr);
1221  g_free (nmap->tmphost.trace[i].rtt);
1222  g_free (nmap->tmphost.trace[i].host);
1223  }
1224 
1225  list_free (nmap->tmphost.ports, port_destroy, nmap);
1228 
1229  memset (&nmap->tmphost, 0x00, sizeof (struct nmap_host));
1230 }

References traceroute_hop::addr, nmap_host::addr, nmap_host::best_os, traceroute_hop::host, nmap_host::host_scripts, nmap_host::ipidseq, list_free, MAX_TRACE_HOPS, nse_script_destroy(), nmap_host::os_cpes, port_destroy(), nmap_host::ports, traceroute_hop::rtt, simple_item_destroy(), nmap_host::state, nmap_host::tcpseq_difficulty, nmap_host::tcpseq_index, nmap_t::tmphost, and nmap_host::trace.

Referenced by xmltag_close_host().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ current_host_saveall()

void current_host_saveall ( nmap_t nmap)
static

Dump current host object state into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1862 of file nasl_builtin_nmap.c.

1863 {
1864  /* Host state: dead or alive */
1865  save_host_state (nmap);
1866 
1867  /* Open ports and services (all protocols included) */
1868  save_open_ports (nmap);
1869 
1870  /* OS fingerprinting results */
1871  save_detected_os (nmap);
1872 
1873  /* TCP/IP sensitive fields details */
1874  save_tcpseq_details (nmap);
1875  save_ipidseq_details (nmap);
1876 
1877  /* Traceroute */
1878  save_traceroute_details (nmap);
1879 
1880  /* NSE results */
1881  save_hostscripts (nmap);
1882  save_portscripts (nmap);
1883 }

References save_detected_os(), save_host_state(), save_hostscripts(), save_ipidseq_details(), save_open_ports(), save_portscripts(), save_tcpseq_details(), and save_traceroute_details().

Referenced by xmltag_close_host().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ dbg_display_cmdline()

void dbg_display_cmdline ( nmap_t nmap)
static

Display the final command line for debug.

Parameters
[in,out]nmapHandler to use.

Definition at line 1057 of file nasl_builtin_nmap.c.

1058 {
1059  int i;
1060 
1061  for (i = 0; nmap->args[i]; i++)
1062  g_debug ("%s ", nmap->args[i]);
1063 
1064  if (i == 0)
1065  {
1066  g_debug ("<empty>");
1067  }
1068 }

References nmap_t::args.

Referenced by nmap_create().

Here is the caller graph for this function:

◆ get_attr_value()

gchar * get_attr_value ( const gchar *  name,
const gchar **  attribute_names,
const gchar **  attribute_values 
)
static

Helper function: get attribute value from the separate name/value tables.

Parameters
[in]nameName of the attribute to lookup.
[in]attribute_namesTable of the attribute names.
[in]attribute_valuesTable of the attribute values.
Returns
the desired value or NULL if nothing was found

Definition at line 1845 of file nasl_builtin_nmap.c.

1847 {
1848  int i;
1849 
1850  for (i = 0; attribute_names[i]; i++)
1851  if (g_strcmp0 (attribute_names[i], name) == 0)
1852  return g_strdup (attribute_values[i]);
1853  return NULL;
1854 }

References name.

Referenced by xmltag_open_address(), xmltag_open_distance(), xmltag_open_hop(), xmltag_open_ipidsequence(), xmltag_open_osmatch(), xmltag_open_port(), xmltag_open_script(), xmltag_open_service(), xmltag_open_state(), xmltag_open_status(), and xmltag_open_tcpsequence().

Here is the caller graph for this function:

◆ get_script_args()

gchar * get_script_args ( nmap_t nmap)
static

Make the comma-separated list of NSE arguments set by the user.

Parameters
[in,out]nmapHandler to use.
Returns
A dynamically allocated string containing the list of NSE arguments to use

Definition at line 829 of file nasl_builtin_nmap.c.

830 {
831  kb_t kb = plug_get_kb (nmap->env);
832  struct kb_item *top, *res;
833  gchar **argv, *argstr;
834  int i = 0;
835 
836  argv = NULL;
837 
838  top = res = kb_item_get_all (kb, "NmapNSE/arguments");
839  while (res)
840  {
841  argv = (gchar **) g_realloc (argv, (i + 1) * sizeof (gchar *));
842  argv[i++] = g_strdup (res->v_str);
843  res = res->next;
844  }
845 
846  argv = (gchar **) g_realloc (argv, (i + 1) * sizeof (gchar *));
847  argv[i] = NULL;
848 
849  kb_item_free (top);
850 
851  argstr = g_strjoinv (",", argv);
852 
853  for (i = 0; argv[i]; i++)
854  g_free (argv[i]);
855  g_free (argv);
856 
857  return argstr;
858 }

References nmap_t::env, and plug_get_kb().

Referenced by add_nse_arguments().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_script_list()

gchar * get_script_list ( nmap_t nmap)
static

Make the comma-separated list of NSE scripts selected by the user.

Parameters
[in,out]nmapHandler to use.
Returns
A dynamically allocated string containing the list of NSE scripts to run.

Definition at line 787 of file nasl_builtin_nmap.c.

788 {
789  kb_t kb = plug_get_kb (nmap->env);
790  struct kb_item *top, *res;
791  gchar **scriptv, *scriptstr;
792  int i = 0;
793 
794  scriptv = NULL;
795 
796  /* Read list of scripts from the KB */
797  top = res = kb_item_get_all (kb, "NmapNSE/scripts");
798  while (res)
799  {
800  scriptv = (gchar **) g_realloc (scriptv, (i + 1) * sizeof (gchar *));
801  scriptv[i++] = g_strdup (res->v_str);
802  res = res->next;
803  }
804 
805  scriptv = (gchar **) g_realloc (scriptv, (i + 1) * sizeof (gchar *));
806  scriptv[i] = NULL;
807 
808  kb_item_free (top);
809 
810  scriptstr = g_strjoinv (",", scriptv);
811 
812  for (i = 0; scriptv[i]; i++)
813  g_free (scriptv[i]);
814 
815  g_free (scriptv);
816 
817  return scriptstr;
818 }

References nmap_t::env, and plug_get_kb().

Referenced by add_nse_arguments().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nmap_create()

nmap_t * nmap_create ( lex_ctxt lexic)
static

Instantiate a new nmap handler, rebuild command line or open XML file to parse.

Parameters
[in]lexicNASL state
Returns
The newly allocated nmap handler or NULL on error.

Definition at line 540 of file nasl_builtin_nmap.c.

541 {
542  gchar *pref;
543  nmap_t *nmap;
544 
545  nmap = (nmap_t *) g_malloc0 (sizeof (nmap_t));
546 
547  nmap->env = lexic->script_infos;
548  nmap->oid = lexic->oid;
549 
550  /* import results from external file? */
552  if (!pref || !strlen (pref))
553  {
554  /* no: build command line to execute */
555  if (build_cmd_line (nmap) < 0)
556  {
557  nmap_destroy (nmap);
558  return NULL;
559  }
560 
561  /* Display command line to use */
562  g_debug ("Nmap initialized: ");
563  dbg_display_cmdline (nmap);
564  }
565  else
566  {
567  /* yes: store filename */
568  nmap->filename = get_plugin_preference_fname (nmap->env, pref);
569  g_debug ("Reading nmap results from file: %s\n", nmap->filename);
570  }
571 
572  setup_xml_parser (nmap);
573  return nmap;
574 }

References build_cmd_line(), dbg_display_cmdline(), nmap_t::env, nmap_t::filename, get_plugin_preference(), get_plugin_preference_fname(), nmap_destroy(), struct_lex_ctxt::oid, nmap_t::oid, PREF_IMPORT_XML_FILE, struct_lex_ctxt::script_infos, and setup_xml_parser().

Referenced by plugin_run_nmap().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nmap_destroy()

void nmap_destroy ( nmap_t nmap)
static

Release a nmap handler and associated resources.

Parameters
[in,out]nmapHandler to free.

Definition at line 582 of file nasl_builtin_nmap.c.

583 {
584  if (!nmap)
585  return;
586 
587  if (nmap->args)
588  {
589  int i;
590 
591  for (i = 0; i < nmap->arg_idx; i++)
592  g_free (nmap->args[i]);
593 
594  g_free (nmap->args);
595  }
596 
597  if (nmap->parser.opentag)
598  g_hash_table_destroy (nmap->parser.opentag);
599 
600  if (nmap->parser.closetag)
601  g_hash_table_destroy (nmap->parser.closetag);
602 
603  g_free (nmap);
604 }

References nmap_t::arg_idx, nmap_t::args, nmap_parser::closetag, nmap_parser::opentag, and nmap_t::parser.

Referenced by nmap_create(), and plugin_run_nmap().

Here is the caller graph for this function:

◆ nmap_run_and_parse()

int nmap_run_and_parse ( nmap_t nmap)
static

Run nmap and parse its XML output (or load an external file if requested).

Parameters
[in,out]nmapHandler to use.
Returns
-1 on failure or 1 on success.

Definition at line 1099 of file nasl_builtin_nmap.c.

1100 {
1101  FILE *fproc;
1102  int fd = 0;
1103  size_t len;
1104  int ret = 1; /* success */
1105  gchar chunk[CHUNK_LEN];
1106  void (*old_sig_t) () = NULL;
1107  void (*old_sig_i) () = NULL;
1108  void (*old_sig_c) () = NULL;
1109  GMarkupParseContext *ctx;
1110  const GMarkupParser callbacks = {
1111  xml_start_element, xml_end_element, xml_read_text, NULL, /* passthrough */
1112  NULL /* error */
1113  };
1114 
1115  if (nmap->filename)
1116  {
1117  /* read results from external file */
1118  fproc = fopen (nmap->filename, "r");
1119  }
1120  else
1121  {
1122  /* Update signal handlers. */
1123  old_sig_t = signal (SIGTERM, sig_h);
1124  old_sig_i = signal (SIGINT, sig_h);
1125  old_sig_c = signal (SIGCHLD, sig_c);
1126 
1127  /* execute nmap and read results from the process output */
1128  if (g_spawn_async_with_pipes (NULL, nmap->args, NULL, G_SPAWN_SEARCH_PATH,
1129  NULL, NULL, &pid, NULL, &fd, NULL, NULL)
1130  == FALSE)
1131  return -1;
1132  fproc = fdopen (fd, "r");
1133  }
1134 
1135  if (!fproc)
1136  {
1137  perror ("nmap_run_and_parse()");
1138  return -1;
1139  }
1140 
1141  ctx = g_markup_parse_context_new (&callbacks, 0, nmap, NULL);
1142 
1143  while ((len = fread (chunk, sizeof (gchar), CHUNK_LEN, fproc)) > 0)
1144  {
1145  GError *err = NULL;
1146 
1147  if (!g_markup_parse_context_parse (ctx, chunk, len, &err))
1148  {
1149  if (err)
1150  {
1151  g_debug ("g_markup_parse_context_parse() failed (%s)\n",
1152  err->message);
1153  g_error_free (err);
1154 
1155  /* display the problematic chunk */
1156  chunk[len] = '\0';
1157  g_debug ("Error occurred while parsing: %s\n", chunk);
1158 
1159  ret = -1;
1160  }
1161  break;
1162  }
1163  }
1164 
1165  if (nmap->filename && ferror (fproc))
1166  {
1167  perror ("nmap_run_and_parse()");
1168  ret = -1;
1169  }
1170 
1171  if (nmap->filename)
1172  {
1173  fclose (fproc);
1174  }
1175  else
1176  {
1177  fclose (fproc);
1178  g_spawn_close_pid (pid);
1179  signal (SIGINT, old_sig_i);
1180  signal (SIGTERM, old_sig_t);
1181  signal (SIGCHLD, old_sig_c);
1182  }
1183 
1184  g_markup_parse_context_free (ctx);
1185 
1186  return ret;
1187 }

References nmap_t::args, CHUNK_LEN, nmap_t::filename, pid, sig_c(), sig_h(), xml_end_element(), xml_read_text(), and xml_start_element().

Referenced by plugin_run_nmap().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nse_script_destroy()

void nse_script_destroy ( gpointer  data,
gpointer  udata 
)
static

Completely release a NSE script object.

Parameters
[in]dataList item data pointer (according to GFunc specification). A struct nse_script * is expected here.
[in]udataUser defined data pointer (according to GFunc specification). A nmap_t * is expected here.

Definition at line 1272 of file nasl_builtin_nmap.c.

1273 {
1274  struct nse_script *script;
1275 
1276  (void) udata;
1277  script = (struct nse_script *) data;
1278  if (script)
1279  {
1280  g_free (script->name);
1281  g_free (script->output);
1282  g_free (script);
1283  }
1284 }

References nse_script::name, and nse_script::output.

Referenced by current_host_reset(), and port_destroy().

Here is the caller graph for this function:

◆ plugin_run_nmap()

tree_cell* plugin_run_nmap ( lex_ctxt lexic)

Run the nmap_net subsystem.

Parameters
[in]lexicNASL state.
Returns
NULL on error, FAKE_CELL on success.

Definition at line 509 of file nasl_builtin_nmap.c.

510 {
511  nmap_t *nmap;
512 
513  g_debug ("Starting Nmap builtin wrapper\n");
514 
515  /* Initialize our nmap handler */
516  if ((nmap = nmap_create (lexic)) == NULL)
517  {
518  g_debug ("Unable to initialize Nmap\n");
519  return NULL;
520  }
521 
522  /* Execute nmap and store results */
523  nmap_run_and_parse (nmap);
524 
525  /* release resources */
526  nmap_destroy (nmap);
527 
528  return FAKE_CELL;
529 }

References FAKE_CELL, nmap_create(), nmap_destroy(), and nmap_run_and_parse().

Here is the call graph for this function:

◆ port_destroy()

void port_destroy ( gpointer  data,
gpointer  udata 
)
static

Completely release a port object.

Parameters
[in]dataList item data pointer (according to GFunc specification). A struct nmap_port * is expected here.
[in]udataUser defined data pointer (according to GFunc specification). A nmap_t * is expected here.

Definition at line 1241 of file nasl_builtin_nmap.c.

1242 {
1243  struct nmap_port *port;
1244  nmap_t *nmap;
1245 
1246  port = (struct nmap_port *) data;
1247  nmap = (nmap_t *) udata;
1248 
1249  if (port)
1250  {
1251  g_free (port->proto);
1252  g_free (port->portno);
1253  g_free (port->state);
1254  g_free (port->service);
1255  g_free (port->version);
1256 
1257  list_free (port->port_scripts, nse_script_destroy, nmap);
1259  g_free (port);
1260  }
1261 }

References list_free, nse_script_destroy(), nmap_port::port_scripts, nmap_port::portno, nmap_port::proto, nmap_port::service, simple_item_destroy(), nmap_port::state, nmap_port::version, and nmap_port::version_cpes.

Referenced by current_host_reset().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ register_service()

void register_service ( nmap_t nmap,
struct nmap_port p 
)
static

Save information about a detected service (version) into the knowledge base.

Parameters
[in]nmapHandler to use.
[in]pService description.

Definition at line 1940 of file nasl_builtin_nmap.c.

1941 {
1942  gchar key[64];
1943 
1944  if (!p->portno || !p->proto || !p->service)
1945  return;
1946 
1947  /* TCP services aren't stored with the same syntax than the other layer 4
1948  * protocols. */
1949  if (g_strcmp0 (p->proto, "tcp") == 0)
1950  g_snprintf (key, sizeof (key), "%s/Services/%s", nmap->tmphost.addr,
1951  p->service);
1952  else
1953  g_snprintf (key, sizeof (key), "%s/Services/%s/%s", nmap->tmphost.addr,
1954  p->proto, p->service);
1955  plug_set_key (nmap->env, key, ARG_INT, GINT_TO_POINTER (atoi (p->portno)));
1956 
1957  /* The service detection system requires discovered services to be
1958  * registered under the "Known" label too */
1959  g_snprintf (key, sizeof (key), "%s/Known/%s/%s", nmap->tmphost.addr, p->proto,
1960  p->portno);
1961  plug_set_key (nmap->env, key, ARG_STRING, p->service);
1962 
1963  if (p->version)
1964  {
1965  /* Store version detection results if available */
1966  g_snprintf (key, sizeof (key), "%s/Version/%s/%s", nmap->tmphost.addr,
1967  p->proto, p->portno);
1968  plug_set_key (nmap->env, key, ARG_STRING, p->version);
1969  }
1970 
1971  if (p->version_cpes)
1972  {
1973  GSList *pcpe;
1974 
1975  g_snprintf (key, sizeof (key), "%s/App/%s/%s", nmap->tmphost.addr,
1976  p->proto, p->portno);
1977 
1978  for (pcpe = p->version_cpes; pcpe; pcpe = g_slist_next (pcpe))
1979  plug_set_key (nmap->env, key, ARG_STRING, (gchar *) pcpe->data);
1980  }
1981 }

References nmap_host::addr, ARG_INT, ARG_STRING, nmap_t::env, plug_set_key(), nmap_port::portno, nmap_port::proto, nmap_port::service, nmap_t::tmphost, nmap_port::version, and nmap_port::version_cpes.

Referenced by save_open_ports().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_detected_os()

void save_detected_os ( nmap_t nmap)
static

Save information about detected operating system into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1990 of file nasl_builtin_nmap.c.

1991 {
1992  gchar key[32];
1993 
1994  if (nmap->tmphost.best_os)
1995  {
1996  g_snprintf (key, sizeof (key), "%s/Host/OS", nmap->tmphost.addr);
1997  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.best_os);
1998  }
1999 
2000  if (nmap->tmphost.os_cpes)
2001  {
2002  GSList *pcpe;
2003 
2004  /* Use a different key to ensure that Host/OS remains unique. */
2005  g_snprintf (key, sizeof (key), "%s/Host/CPE", nmap->tmphost.addr);
2006 
2007  for (pcpe = nmap->tmphost.os_cpes; pcpe; pcpe = g_slist_next (pcpe))
2008  plug_set_key (nmap->env, key, ARG_STRING, (gchar *) pcpe->data);
2009  }
2010 }

References nmap_host::addr, ARG_STRING, nmap_host::best_os, nmap_t::env, nmap_host::os_cpes, plug_set_key(), and nmap_t::tmphost.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_host_state()

void save_host_state ( nmap_t nmap)
static

Store host state (host alive/dead) into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1891 of file nasl_builtin_nmap.c.

1892 {
1893  gchar key[32];
1894 
1895  if (!nmap->tmphost.state)
1896  return;
1897 
1898  g_snprintf (key, sizeof (key), "%s/Host/State", nmap->tmphost.addr);
1899  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.state);
1900 }

References nmap_host::addr, ARG_STRING, nmap_t::env, plug_set_key(), nmap_host::state, and nmap_t::tmphost.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_hostscripts()

void save_hostscripts ( nmap_t nmap)
static

Save information about hostrule NSE scripts into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2131 of file nasl_builtin_nmap.c.

2132 {
2133  GSList *pscript;
2134 
2135  for (pscript = nmap->tmphost.host_scripts; pscript;
2136  pscript = g_slist_next (pscript))
2137  {
2138  struct nse_script *script;
2139  gchar key[128];
2140 
2141  script = (struct nse_script *) pscript->data;
2142  g_snprintf (key, sizeof (key), "%s/NmapNSE/results/hostscripts/%s",
2143  nmap->tmphost.addr, script->name);
2144  plug_set_key (nmap->env, key, ARG_STRING, script->output);
2145  }
2146 }

References nmap_host::addr, ARG_STRING, nmap_t::env, nmap_host::host_scripts, nse_script::name, nse_script::output, plug_set_key(), and nmap_t::tmphost.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_ipidseq_details()

void save_ipidseq_details ( nmap_t nmap)
static

Save information about IP ID generation into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2040 of file nasl_builtin_nmap.c.

2041 {
2042  gchar key[32];
2043 
2044  if (!nmap->tmphost.ipidseq)
2045  return;
2046 
2047  g_snprintf (key, sizeof (key), "%s/Host/ipidseq", nmap->tmphost.addr);
2048  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.ipidseq);
2049 }

References nmap_host::addr, ARG_STRING, nmap_t::env, nmap_host::ipidseq, plug_set_key(), and nmap_t::tmphost.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_open_ports()

void save_open_ports ( nmap_t nmap)
static

Save information about open ports for the current host into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 1909 of file nasl_builtin_nmap.c.

1910 {
1911  GSList *pport;
1912 
1913  for (pport = nmap->tmphost.ports; pport; pport = g_slist_next (pport))
1914  {
1915  struct nmap_port *p;
1916 
1917  p = (struct nmap_port *) pport->data;
1918  if (strncmp (p->state, "open", 4) == 0)
1919  {
1920  gchar key[64];
1921 
1922  g_snprintf (key, sizeof (key), "%s/Ports/%s/%s", nmap->tmphost.addr,
1923  p->proto, p->portno);
1924  plug_set_key (nmap->env, key, ARG_INT, (void *) 1);
1925 
1926  /* Register detected service */
1927  register_service (nmap, p);
1928  }
1929  }
1930 }

References nmap_host::addr, ARG_INT, nmap_t::env, plug_set_key(), nmap_port::portno, nmap_host::ports, nmap_port::proto, register_service(), nmap_port::state, and nmap_t::tmphost.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_portscripts()

void save_portscripts ( nmap_t nmap)
static

Save information about postrule NSE scripts into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2092 of file nasl_builtin_nmap.c.

2093 {
2094  GSList *pport;
2095 
2096  for (pport = nmap->tmphost.ports; pport; pport = g_slist_next (pport))
2097  {
2098  GSList *pscript;
2099  struct nmap_port *port;
2100 
2101  port = (struct nmap_port *) pport->data;
2102 
2103  for (pscript = port->port_scripts; pscript;
2104  pscript = g_slist_next (pscript))
2105  {
2106  struct nse_script *script;
2107  gchar key[128], portspec[16];
2108 
2109  script = (struct nse_script *) pscript->data;
2110 
2111  g_snprintf (key, sizeof (key), "%s/NmapNSE/results/%s",
2112  nmap->tmphost.addr, script->name);
2113 
2114  g_snprintf (portspec, sizeof (portspec), "%s/%s", port->proto,
2115  port->portno);
2116  plug_set_key (nmap->env, key, ARG_STRING, portspec);
2117 
2118  g_strlcat (key, "/", sizeof (key));
2119  g_strlcat (key, portspec, sizeof (key));
2120  plug_set_key (nmap->env, key, ARG_STRING, script->output);
2121  }
2122  }
2123 }

References nmap_host::addr, ARG_STRING, nmap_t::env, nse_script::name, nse_script::output, plug_set_key(), nmap_port::port_scripts, nmap_port::portno, nmap_host::ports, nmap_port::proto, and nmap_t::tmphost.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_tcpseq_details()

void save_tcpseq_details ( nmap_t nmap)
static

Save information about TCP sequence number generation into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2019 of file nasl_builtin_nmap.c.

2020 {
2021  gchar key[64];
2022 
2023  if (!nmap->tmphost.tcpseq_index || !nmap->tmphost.tcpseq_difficulty)
2024  return;
2025 
2026  g_snprintf (key, sizeof (key), "%s/Host/tcp_seq_index", nmap->tmphost.addr);
2027  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.tcpseq_index);
2028 
2029  g_snprintf (key, sizeof (key), "%s/Host/tcp_seq_difficulty",
2030  nmap->tmphost.addr);
2031  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.tcpseq_difficulty);
2032 }

References nmap_host::addr, ARG_STRING, nmap_t::env, plug_set_key(), nmap_host::tcpseq_difficulty, nmap_host::tcpseq_index, and nmap_t::tmphost.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ save_traceroute_details()

void save_traceroute_details ( nmap_t nmap)
static

Save information about network topology to the target (traceroute) into the knowledge base.

Parameters
[in]nmapHandler to use.

Definition at line 2058 of file nasl_builtin_nmap.c.

2059 {
2060  int i;
2061  gchar key[64];
2062 
2063  if (!nmap->tmphost.distance || nmap->tmphost.distance >= MAX_TRACE_HOPS)
2064  return;
2065 
2066  g_snprintf (key, sizeof (key), "%s/Host/distance", nmap->tmphost.addr);
2067  plug_set_key (nmap->env, key, ARG_INT,
2068  GINT_TO_POINTER (nmap->tmphost.distance));
2069 
2070  for (i = 0; i < nmap->tmphost.distance; i++)
2071  {
2072  g_snprintf (key, sizeof (key), "%s/Host/traceroute/hops/%d",
2073  nmap->tmphost.addr, i + 1);
2074  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.trace[i].addr);
2075 
2076  g_snprintf (key, sizeof (key), "%s/Host/traceroute/hops/%d/rtt",
2077  nmap->tmphost.addr, i + 1);
2078  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.trace[i].rtt);
2079 
2080  g_snprintf (key, sizeof (key), "%s/Host/traceroute/hops/%d/host",
2081  nmap->tmphost.addr, i + 1);
2082  plug_set_key (nmap->env, key, ARG_STRING, nmap->tmphost.trace[i].host);
2083  }
2084 }

References traceroute_hop::addr, nmap_host::addr, ARG_INT, ARG_STRING, nmap_host::distance, nmap_t::env, traceroute_hop::host, MAX_TRACE_HOPS, plug_set_key(), traceroute_hop::rtt, nmap_t::tmphost, and nmap_host::trace.

Referenced by current_host_saveall().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_closetag_callbacks()

void set_closetag_callbacks ( GHashTable *  close)
static

Populate the callbacks hashtable with handlers for closing tags.

Parameters
[out]closeThe hashtable to populate.

Definition at line 1003 of file nasl_builtin_nmap.c.

1004 {
1005  const struct
1006  {
1007  const gchar *tag;
1008  void (*func) (nmap_t *);
1009  } callbacks[] = {{"host", xmltag_close_host},
1010  {"ports", xmltag_close_ports},
1011  {"port", xmltag_close_port},
1012  {"cpe", xmltag_close_cpe},
1013  {"hostscript", xmltag_close_hostscript},
1014  {NULL, NULL}};
1015  int i;
1016 
1017  for (i = 0; callbacks[i].tag; i++)
1018  g_hash_table_insert (close, (void *) callbacks[i].tag, callbacks[i].func);
1019 }

References xmltag_close_cpe(), xmltag_close_host(), xmltag_close_hostscript(), xmltag_close_port(), and xmltag_close_ports().

Referenced by setup_xml_parser().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_opentag_callbacks()

void set_opentag_callbacks ( GHashTable *  open)
static

Populate the callbacks hashtable with handlers for opening tags.

Parameters
[out]openThe hashtable to populate.

Definition at line 969 of file nasl_builtin_nmap.c.

970 {
971  const struct
972  {
973  const gchar *tag;
974  void (*func) (nmap_t *, const gchar **, const gchar **);
975  } callbacks[] = {{"hop", xmltag_open_hop},
976  {"osmatch", xmltag_open_osmatch},
977  {"port", xmltag_open_port},
978  {"service", xmltag_open_service},
979  {"cpe", xmltag_open_cpe},
980  {"state", xmltag_open_state},
981  {"status", xmltag_open_status},
982  {"host", xmltag_open_host},
983  {"address", xmltag_open_address},
984  {"script", xmltag_open_script},
985  {"ports", xmltag_open_ports},
986  {"distance", xmltag_open_distance},
987  {"hostscript", xmltag_open_hostscript},
988  {"tcpsequence", xmltag_open_tcpsequence},
989  {"ipidsequence", xmltag_open_ipidsequence},
990  {NULL, NULL}};
991  int i;
992 
993  for (i = 0; callbacks[i].tag; i++)
994  g_hash_table_insert (open, (void *) callbacks[i].tag, callbacks[i].func);
995 }

References xmltag_open_address(), xmltag_open_cpe(), xmltag_open_distance(), xmltag_open_hop(), xmltag_open_host(), xmltag_open_hostscript(), xmltag_open_ipidsequence(), xmltag_open_osmatch(), xmltag_open_port(), xmltag_open_ports(), xmltag_open_script(), xmltag_open_service(), xmltag_open_state(), xmltag_open_status(), and xmltag_open_tcpsequence().

Referenced by setup_xml_parser().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_xml_parser()

void setup_xml_parser ( nmap_t nmap)
static

Setup XML parser internals.

Parameters
[in,out]nmapHandler to use.

Definition at line 947 of file nasl_builtin_nmap.c.

948 {
949  /* reset internal states */
950  nmap->parser.in_host = FALSE;
951  nmap->parser.in_ports = FALSE;
952  nmap->parser.in_port = FALSE;
953  nmap->parser.in_hostscript = FALSE;
954  nmap->parser.enable_read = FALSE;
955 
956  nmap->parser.opentag = g_hash_table_new (g_str_hash, g_str_equal);
957  nmap->parser.closetag = g_hash_table_new (g_str_hash, g_str_equal);
958 
961 }

References nmap_parser::closetag, nmap_parser::enable_read, nmap_parser::in_host, nmap_parser::in_hostscript, nmap_parser::in_port, nmap_parser::in_ports, nmap_parser::opentag, nmap_t::parser, set_closetag_callbacks(), and set_opentag_callbacks().

Referenced by nmap_create().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ sig_c()

void sig_c ( )
static

Signal handler (Child).

Definition at line 1084 of file nasl_builtin_nmap.c.

1085 {
1086  if (pid > 0)
1087  waitpid (pid, NULL, WNOHANG);
1088 }

References pid.

Referenced by nmap_run_and_parse().

Here is the caller graph for this function:

◆ sig_h()

void sig_h ( )
static

Signal handler (Halt).

Definition at line 1074 of file nasl_builtin_nmap.c.

1075 {
1076  if (pid > 0)
1077  kill (pid, SIGKILL);
1078 }

References pid.

Referenced by nmap_run_and_parse().

Here is the caller graph for this function:

◆ simple_item_destroy()

void simple_item_destroy ( gpointer  data,
gpointer  udata 
)
static

Simple wrapper to call g_free from within g_slist_foreach statements.

Parameters
[in]dataList item data pointer (according to GFunc specification). A struct nse_script * is expected here.
[in]udataUser defined data pointer (according to GFunc specification). This parameter is not used.

Definition at line 1296 of file nasl_builtin_nmap.c.

1297 {
1298  (void) udata;
1299  g_free (data);
1300 }

Referenced by current_host_reset(), and port_destroy().

Here is the caller graph for this function:

◆ tmphost_add_nse_hostscript()

void tmphost_add_nse_hostscript ( nmap_t nmap,
gchar *  name,
gchar *  output 
)
static

Add NSE hostscript result to the current host object.

Parameters
[in,out]nmapHandler to use.
[in]nameName of the NSE script that produced the output.
[in]outputOutput produced by this NSE script.

Definition at line 1325 of file nasl_builtin_nmap.c.

1326 {
1327  struct nse_script *s;
1328 
1329  s = g_malloc0 (sizeof (struct nse_script));
1330  s->name = name;
1331  s->output = output;
1332  nmap->tmphost.host_scripts = g_slist_prepend (nmap->tmphost.host_scripts, s);
1333 }

References nmap_host::host_scripts, nse_script::name, name, nse_script::output, and nmap_t::tmphost.

Referenced by xmltag_open_script().

Here is the caller graph for this function:

◆ tmphost_add_nse_portscript()

void tmphost_add_nse_portscript ( nmap_t nmap,
gchar *  name,
gchar *  output 
)
static

Add NSE portscript result to a port of the current host.

Parameters
[in,out]nmapHandler to use.
[in]nameName of the NSE script that produced the output.
[in]outputOutput produced by this NSE script.

Definition at line 1343 of file nasl_builtin_nmap.c.

1344 {
1345  struct nse_script *s;
1346 
1347  s = g_malloc0 (sizeof (struct nse_script));
1348  s->name = name;
1349  s->output = output;
1350  nmap->tmpport.port_scripts = g_slist_prepend (nmap->tmpport.port_scripts, s);
1351 }

References nse_script::name, name, nse_script::output, nmap_port::port_scripts, and nmap_t::tmpport.

Referenced by xmltag_open_script().

Here is the caller graph for this function:

◆ tmphost_add_port()

void tmphost_add_port ( nmap_t nmap)
static

Add port information to the current host object.

Parameters
[in,out]nmapHandler to use.

Definition at line 1308 of file nasl_builtin_nmap.c.

1309 {
1310  struct nmap_port *newport;
1311 
1312  newport = g_malloc0 (sizeof (struct nmap_port));
1313  memcpy (newport, &nmap->tmpport, sizeof (struct nmap_port));
1314  nmap->tmphost.ports = g_slist_prepend (nmap->tmphost.ports, newport);
1315 }

References nmap_host::ports, nmap_t::tmphost, and nmap_t::tmpport.

Referenced by xmltag_close_port().

Here is the caller graph for this function:

◆ xml_end_element()

void xml_end_element ( GMarkupParseContext *  context,
const gchar *  element_name,
gpointer  user_data,
GError **  error 
)
static

Top level XML parser callback: handle an closing tag and call the corresponding method.

Parameters
[in]contextThe XML parser.
[in]element_nameThe name of the current tag.
[in]user_dataA pointer to the current nmap_t structure.
[in]errorReturn location of a GError.

Definition at line 1390 of file nasl_builtin_nmap.c.

1392 {
1393  nmap_t *nmap = (nmap_t *) user_data;
1394  void (*callback) (nmap_t *);
1395 
1396  (void) context;
1397  (void) error;
1398  callback = g_hash_table_lookup (nmap->parser.closetag, element_name);
1399  if (callback)
1400  callback (nmap);
1401 }

References nmap_parser::closetag, and nmap_t::parser.

Referenced by nmap_run_and_parse().

Here is the caller graph for this function:

◆ xml_read_text()

void xml_read_text ( GMarkupParseContext *  context,
const gchar *  text,
gsize  text_len,
gpointer  user_data,
GError **  error 
)
static

Top level XML parser callback: handle text sections and store it into the read buffer if enable_read is set to TRUE.

Parameters
[in]contextThe XML parser.
[in]textThe current text chunk.
[in]text_lenChunk size.
[in]user_dataA pointer to the current nmap_t structure.
[in]errorReturn location of a GError.

Definition at line 1414 of file nasl_builtin_nmap.c.

1416 {
1417  nmap_t *nmap = (nmap_t *) user_data;
1418 
1419  (void) context;
1420  (void) error;
1421  (void) text_len;
1422  if (!nmap->parser.enable_read)
1423  return;
1424 
1425  if (nmap->parser.rbuff)
1426  {
1427  gchar *tmpbuff;
1428 
1429  tmpbuff = g_strdup_printf ("%s%s", nmap->parser.rbuff, text);
1430  g_free (nmap->parser.rbuff);
1431  nmap->parser.rbuff = tmpbuff;
1432  }
1433  else
1434  {
1435  nmap->parser.rbuff = g_strdup (text);
1436  }
1437 }

References nmap_parser::enable_read, nmap_t::parser, and nmap_parser::rbuff.

Referenced by nmap_run_and_parse().

Here is the caller graph for this function:

◆ xml_start_element()

void xml_start_element ( GMarkupParseContext *  context,
const gchar *  element_name,
const gchar **  attribute_names,
const gchar **  attribute_values,
gpointer  user_data,
GError **  error 
)
static

Top level XML parser callback: handle an opening tag and call the corresponding method.

Parameters
[in]contextThe XML parser.
[in]element_nameThe name of the current tag.
[in]attribute_namesNULL terminated list of attributes names.
[in]attribute_valuesNULL terminated list of attributes values.
[in]user_dataA pointer to the current nmap_t structure.
[in]errorReturn location of a GError.

Definition at line 1365 of file nasl_builtin_nmap.c.

1369 {
1370  nmap_t *nmap = (nmap_t *) user_data;
1371  void (*callback) (nmap_t *, const gchar **, const gchar **);
1372  (void) context;
1373  (void) error;
1374 
1375  callback = g_hash_table_lookup (nmap->parser.opentag, element_name);
1376  if (callback)
1377  callback (nmap, attribute_names, attribute_values);
1378 }

References nmap_parser::opentag, and nmap_t::parser.

Referenced by nmap_run_and_parse().

Here is the caller graph for this function:

◆ xmltag_close_cpe()

void xmltag_close_cpe ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing cpe tag.

Parameters
[in]nmapHandler to use.

Definition at line 1806 of file nasl_builtin_nmap.c.

1807 {
1808  if (nmap->parser.rbuff)
1809  {
1810  if (nmap->parser.in_port)
1811  nmap->tmpport.version_cpes =
1812  g_slist_prepend (nmap->tmpport.version_cpes, nmap->parser.rbuff);
1813  else
1814  nmap->tmphost.os_cpes =
1815  g_slist_prepend (nmap->tmphost.os_cpes, nmap->parser.rbuff);
1816  }
1817 
1818  /* Don't free rbuff here, as we need it in the CPE list. */
1819  nmap->parser.rbuff = NULL;
1820  nmap->parser.enable_read = FALSE;
1821 }

References nmap_parser::enable_read, nmap_parser::in_port, nmap_host::os_cpes, nmap_t::parser, nmap_parser::rbuff, nmap_t::tmphost, nmap_t::tmpport, and nmap_port::version_cpes.

Referenced by set_closetag_callbacks().

Here is the caller graph for this function:

◆ xmltag_close_host()

void xmltag_close_host ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing host tag.

Parameters
[in]nmapHandler to use.

Definition at line 1769 of file nasl_builtin_nmap.c.

1770 {
1771  nmap->parser.in_host = FALSE;
1772  current_host_saveall (nmap);
1773  current_host_reset (nmap);
1774 }

References current_host_reset(), current_host_saveall(), nmap_parser::in_host, and nmap_t::parser.

Referenced by set_closetag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_close_hostscript()

void xmltag_close_hostscript ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing hostscript tag.

Parameters
[in]nmapHandler to use.

Definition at line 1829 of file nasl_builtin_nmap.c.

1830 {
1831  nmap->parser.in_hostscript = FALSE;
1832 }

References nmap_parser::in_hostscript, and nmap_t::parser.

Referenced by set_closetag_callbacks().

Here is the caller graph for this function:

◆ xmltag_close_port()

void xmltag_close_port ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing port tag.

Parameters
[in]nmapHandler to use.

Definition at line 1793 of file nasl_builtin_nmap.c.

1794 {
1795  nmap->parser.in_port = FALSE;
1796  tmphost_add_port (nmap);
1797  memset (&nmap->tmpport, 0x00, sizeof (struct nmap_port));
1798 }

References nmap_parser::in_port, nmap_t::parser, tmphost_add_port(), and nmap_t::tmpport.

Referenced by set_closetag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_close_ports()

void xmltag_close_ports ( nmap_t nmap)
static

Sublevel XML parser callback: handle an closing host tag.

Parameters
[in]nmapHandler to use.

Definition at line 1782 of file nasl_builtin_nmap.c.

1783 {
1784  nmap->parser.in_ports = FALSE;
1785 }

References nmap_parser::in_ports, and nmap_t::parser.

Referenced by set_closetag_callbacks().

Here is the caller graph for this function:

◆ xmltag_open_address()

void xmltag_open_address ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening address tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1479 of file nasl_builtin_nmap.c.

1481 {
1482  if (!nmap->parser.in_host)
1483  g_debug ("Error: opening <address> tag out of host description\n");
1484  else
1485  nmap->tmphost.addr = get_attr_value ("addr", attrnames, attrval);
1486 }

References nmap_host::addr, get_attr_value(), nmap_parser::in_host, nmap_t::parser, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_cpe()

void xmltag_open_cpe ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening cpe tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1580 of file nasl_builtin_nmap.c.

1581 {
1582  (void) attrnames;
1583  (void) attrval;
1584  /* Safety check */
1585  if (nmap->parser.rbuff)
1586  {
1587  g_free (nmap->parser.rbuff);
1588  nmap->parser.rbuff = NULL;
1589  }
1590  nmap->parser.enable_read = TRUE;
1591 }

References nmap_parser::enable_read, nmap_t::parser, and nmap_parser::rbuff.

Referenced by set_opentag_callbacks().

Here is the caller graph for this function:

◆ xmltag_open_distance()

void xmltag_open_distance ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening distance tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1708 of file nasl_builtin_nmap.c.

1710 {
1711  gchar *diststr;
1712 
1713  if (!nmap->parser.in_host)
1714  return;
1715 
1716  diststr = get_attr_value ("value", attrnames, attrval);
1717  if (diststr)
1718  {
1719  nmap->tmphost.distance = atoi (diststr);
1720  g_free (diststr);
1721  }
1722 }

References nmap_host::distance, get_attr_value(), nmap_parser::in_host, nmap_t::parser, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_hop()

void xmltag_open_hop ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening hop tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1732 of file nasl_builtin_nmap.c.

1733 {
1734  int ttl;
1735  gchar *ttl_str;
1736 
1737  if (!nmap->parser.in_host)
1738  return;
1739 
1740  ttl_str = get_attr_value ("ttl", attrnames, attrval);
1741  ttl = atoi (ttl_str) - 1; /* decrease ttl by one to use it as index */
1742  g_free (ttl_str);
1743 
1744  if (ttl < MAX_TRACE_HOPS)
1745  {
1746  if (!nmap->tmphost.trace[ttl].addr && !nmap->tmphost.trace[ttl].host
1747  && !nmap->tmphost.trace[ttl].rtt)
1748  {
1749  nmap->tmphost.trace[ttl].addr =
1750  get_attr_value ("ipaddr", attrnames, attrval);
1751  nmap->tmphost.trace[ttl].host =
1752  get_attr_value ("host", attrnames, attrval);
1753  nmap->tmphost.trace[ttl].rtt =
1754  get_attr_value ("rtt", attrnames, attrval);
1755  }
1756  else
1757  g_debug ("Inconsistent results: duplicate traceroute information!");
1758  }
1759  else
1760  g_debug ("Trace TTL out of bounds: %d (max=%d)", ttl, MAX_TRACE_HOPS);
1761 }

References traceroute_hop::addr, get_attr_value(), traceroute_hop::host, nmap_parser::in_host, MAX_TRACE_HOPS, nmap_t::parser, traceroute_hop::rtt, nmap_t::tmphost, and nmap_host::trace.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_host()

void xmltag_open_host ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening host tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1447 of file nasl_builtin_nmap.c.

1448 {
1449  (void) attrnames;
1450  (void) attrval;
1451  nmap->parser.in_host = TRUE;
1452 }

References nmap_parser::in_host, and nmap_t::parser.

Referenced by set_opentag_callbacks().

Here is the caller graph for this function:

◆ xmltag_open_hostscript()

void xmltag_open_hostscript ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening hostscript tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1601 of file nasl_builtin_nmap.c.

1603 {
1604  (void) attrnames;
1605  (void) attrval;
1606  nmap->parser.in_hostscript = TRUE;
1607 }

References nmap_parser::in_hostscript, and nmap_t::parser.

Referenced by set_opentag_callbacks().

Here is the caller graph for this function:

◆ xmltag_open_ipidsequence()

void xmltag_open_ipidsequence ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening ipidsequence tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1691 of file nasl_builtin_nmap.c.

1693 {
1694  if (!nmap->parser.in_host)
1695  return;
1696 
1697  nmap->tmphost.ipidseq = get_attr_value ("class", attrnames, attrval);
1698 }

References get_attr_value(), nmap_parser::in_host, nmap_host::ipidseq, nmap_t::parser, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_osmatch()

void xmltag_open_osmatch ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening osmatch tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1617 of file nasl_builtin_nmap.c.

1619 {
1620  gchar *confstr;
1621 
1622  confstr = get_attr_value ("accuracy", attrnames, attrval);
1623  if (confstr)
1624  {
1625  int confidence;
1626 
1627  confidence = atoi (confstr);
1628  if (confidence > nmap->tmphost.os_confidence)
1629  {
1630  g_free (nmap->tmphost.best_os);
1631  nmap->tmphost.best_os = get_attr_value ("name", attrnames, attrval);
1632  nmap->tmphost.os_confidence = confidence;
1633  }
1634 
1635  g_free (confstr);
1636  }
1637 }

References nmap_host::best_os, get_attr_value(), nmap_host::os_confidence, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_port()

void xmltag_open_port ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening port tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1511 of file nasl_builtin_nmap.c.

1512 {
1513  nmap->parser.in_port = TRUE;
1514  nmap->tmpport.proto = get_attr_value ("protocol", attrnames, attrval);
1515  nmap->tmpport.portno = get_attr_value ("portid", attrnames, attrval);
1516 }

References get_attr_value(), nmap_parser::in_port, nmap_t::parser, nmap_port::portno, nmap_port::proto, and nmap_t::tmpport.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_ports()

void xmltag_open_ports ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening ports tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1496 of file nasl_builtin_nmap.c.

1497 {
1498  (void) attrnames;
1499  (void) attrval;
1500  nmap->parser.in_ports = TRUE;
1501 }

References nmap_parser::in_ports, and nmap_t::parser.

Referenced by set_opentag_callbacks().

Here is the caller graph for this function:

◆ xmltag_open_script()

void xmltag_open_script ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening script tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1647 of file nasl_builtin_nmap.c.

1649 {
1650  gchar *name, *output;
1651 
1652  if (!nmap->parser.in_host)
1653  return;
1654 
1655  name = get_attr_value ("id", attrnames, attrval);
1656  output = get_attr_value ("output", attrnames, attrval);
1657 
1658  if (nmap->parser.in_port)
1659  tmphost_add_nse_portscript (nmap, name, output);
1660  else
1661  tmphost_add_nse_hostscript (nmap, name, output);
1662 }

References get_attr_value(), nmap_parser::in_host, nmap_parser::in_port, name, nse_script::output, nmap_t::parser, tmphost_add_nse_hostscript(), and tmphost_add_nse_portscript().

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_service()

void xmltag_open_service ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening service tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1542 of file nasl_builtin_nmap.c.

1544 {
1545  if (!nmap->parser.in_port || !nmap->tmpport.proto || !nmap->tmpport.portno)
1546  g_debug ("Error: opening <service> tag out of port description\n");
1547  else
1548  {
1549  gchar *product, *version, *extrainfo;
1550 
1551  nmap->tmpport.service = get_attr_value ("name", attrnames, attrval);
1552 
1553  /* also store version detection results if available */
1554  product = get_attr_value ("product", attrnames, attrval);
1555  version = get_attr_value ("version", attrnames, attrval);
1556  extrainfo = get_attr_value ("extrainfo", attrnames, attrval);
1557 
1558  if (product || version || extrainfo)
1559 #define PRINT_NOT_NULL(x) ((x) ? (x) : "")
1560  nmap->tmpport.version = g_strdup_printf (
1561  "%s %s %s", PRINT_NOT_NULL (product), PRINT_NOT_NULL (version),
1562  PRINT_NOT_NULL (extrainfo));
1563 #undef PRINT_NOT_NULL
1564 
1565  /* g_free'ing NULLs is harmless */
1566  g_free (product);
1567  g_free (version);
1568  g_free (extrainfo);
1569  }
1570 }

References get_attr_value(), nmap_parser::in_port, nmap_t::parser, nmap_port::portno, PRINT_NOT_NULL, nmap_port::proto, nmap_port::service, nmap_t::tmpport, and nmap_port::version.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_state()

void xmltag_open_state ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening state tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1526 of file nasl_builtin_nmap.c.

1527 {
1528  if (!nmap->parser.in_port || !nmap->tmpport.proto || !nmap->tmpport.portno)
1529  g_debug ("Error: opening <state> tag out of port description\n");
1530  else
1531  nmap->tmpport.state = get_attr_value ("state", attrnames, attrval);
1532 }

References get_attr_value(), nmap_parser::in_port, nmap_t::parser, nmap_port::portno, nmap_port::proto, nmap_port::state, and nmap_t::tmpport.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_status()

void xmltag_open_status ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening status tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1462 of file nasl_builtin_nmap.c.

1464 {
1465  if (!nmap->parser.in_host)
1466  g_debug ("Error: opening <status> tag out of host description\n");
1467  else
1468  nmap->tmphost.state = get_attr_value ("state", attrnames, attrval);
1469 }

References get_attr_value(), nmap_parser::in_host, nmap_t::parser, nmap_host::state, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ xmltag_open_tcpsequence()

void xmltag_open_tcpsequence ( nmap_t nmap,
const gchar **  attrnames,
const gchar **  attrval 
)
static

Sublevel XML parser callback: handle an opening tcpsequence tag.

Parameters
[in]nmapHandler to use.
[in]attrnamesNULL terminated list of attributes names.
[in]attrvalNULL terminated list of attributes values.

Definition at line 1672 of file nasl_builtin_nmap.c.

1674 {
1675  if (!nmap->parser.in_host)
1676  return;
1677 
1678  nmap->tmphost.tcpseq_index = get_attr_value ("index", attrnames, attrval);
1679  nmap->tmphost.tcpseq_difficulty =
1680  get_attr_value ("difficulty", attrnames, attrval);
1681 }

References get_attr_value(), nmap_parser::in_host, nmap_t::parser, nmap_host::tcpseq_difficulty, nmap_host::tcpseq_index, and nmap_t::tmphost.

Referenced by set_opentag_callbacks().

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ pid

nmap_parser::in_hostscript
gboolean in_hostscript
Definition: nasl_builtin_nmap.c:285
save_detected_os
static void save_detected_os(nmap_t *nmap)
Save information about detected operating system into the knowledge base.
Definition: nasl_builtin_nmap.c:1990
nmap_host::tcpseq_index
gchar * tcpseq_index
Definition: nasl_builtin_nmap.c:262
nmap_t::args
gchar ** args
Definition: nasl_builtin_nmap.c:296
PREF_MAX_RTT_TIMEOUT
#define PREF_MAX_RTT_TIMEOUT
Plugin parameter description: probe round trip time hint (maximal value).
Definition: nasl_builtin_nmap.c:156
PREF_EXCLUDE_HOSTS
#define PREF_EXCLUDE_HOSTS
Plugin parameter description: comma-separated list of hosts to exclude from the scan.
Definition: nasl_builtin_nmap.c:197
xmltag_open_cpe
static void xmltag_open_cpe(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening cpe tag.
Definition: nasl_builtin_nmap.c:1580
scan_globals::network_targets
char * network_targets
Definition: scanneraux.h:34
xmltag_close_hostscript
static void xmltag_close_hostscript(nmap_t *nmap)
Sublevel XML parser callback: handle an closing hostscript tag.
Definition: nasl_builtin_nmap.c:1829
xmltag_close_port
static void xmltag_close_port(nmap_t *nmap)
Sublevel XML parser callback: handle an closing port tag.
Definition: nasl_builtin_nmap.c:1793
PREF_MIN_HOSTGROUP
#define PREF_MIN_HOSTGROUP
Plugin parameter description: force minimum number of hosts to scan in parallel.
Definition: nasl_builtin_nmap.c:180
nmap_port::version_cpes
GSList * version_cpes
Definition: nasl_builtin_nmap.c:247
nmap_host
Store host information.
Definition: nasl_builtin_nmap.c:257
xmltag_open_service
static void xmltag_open_service(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening service tag.
Definition: nasl_builtin_nmap.c:1542
nmap_port::portno
gchar * portno
Definition: nasl_builtin_nmap.c:239
nmap_t::filename
const gchar * filename
Definition: nasl_builtin_nmap.c:300
PREF_TREAT_ALL_HOST_ONLINE
#define PREF_TREAT_ALL_HOST_ONLINE
Plugin parameter description: skip alive hosts discovery phase.
Definition: nasl_builtin_nmap.c:84
nmap_opt_t::optname
gchar * optname
Definition: nasl_builtin_nmap.c:320
get_attr_value
static gchar * get_attr_value(const gchar *name, const gchar **attribute_names, const gchar **attribute_values)
Helper function: get attribute value from the separate name/value tables.
Definition: nasl_builtin_nmap.c:1845
nmap_host::ports
GSList * ports
Definition: nasl_builtin_nmap.c:270
plug_get_kb
kb_t plug_get_kb(struct script_infos *args)
Definition: plugutils.c:627
xmltag_open_state
static void xmltag_open_state(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening state tag.
Definition: nasl_builtin_nmap.c:1526
set_opentag_callbacks
static void set_opentag_callbacks(GHashTable *open)
Populate the callbacks hashtable with handlers for opening tags.
Definition: nasl_builtin_nmap.c:969
xmltag_open_port
static void xmltag_open_port(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening port tag.
Definition: nasl_builtin_nmap.c:1511
nmap_host::trace
struct traceroute_hop trace[MAX_TRACE_HOPS]
Definition: nasl_builtin_nmap.c:267
nmap_t::env
struct script_infos * env
Definition: nasl_builtin_nmap.c:303
simple_item_destroy
static void simple_item_destroy(gpointer data, gpointer udata)
Simple wrapper to call g_free from within g_slist_foreach statements.
Definition: nasl_builtin_nmap.c:1296
add_scantype_arguments
static int add_scantype_arguments(nmap_t *nmap)
Add the TCP scantype flag to the command line.
Definition: nasl_builtin_nmap.c:868
PREF_MIN_PARALLELISM
#define PREF_MIN_PARALLELISM
Plugin parameter description: force minimum number of parallel active probes.
Definition: nasl_builtin_nmap.c:168
xml_read_text
static void xml_read_text(GMarkupParseContext *context, const gchar *text, gsize text_len, gpointer user_data, GError **error)
Top level XML parser callback: handle text sections and store it into the read buffer if enable_read ...
Definition: nasl_builtin_nmap.c:1414
nmap_port::proto
gchar * proto
Definition: nasl_builtin_nmap.c:238
nmap_destroy
static void nmap_destroy(nmap_t *nmap)
Release a nmap handler and associated resources.
Definition: nasl_builtin_nmap.c:582
PREF_HOST_TIMEOUT
#define PREF_HOST_TIMEOUT
Plugin parameter description: give up on host after this time elapsed.
Definition: nasl_builtin_nmap.c:144
traceroute_hop::host
gchar * host
Definition: nasl_builtin_nmap.c:229
register_service
static void register_service(nmap_t *nmap, struct nmap_port *p)
Save information about a detected service (version) into the knowledge base.
Definition: nasl_builtin_nmap.c:1940
traceroute_hop::rtt
gchar * rtt
Definition: nasl_builtin_nmap.c:230
nmap_host::tcpseq_difficulty
gchar * tcpseq_difficulty
Definition: nasl_builtin_nmap.c:263
PREF_INTERPROBE_DELAY
#define PREF_INTERPROBE_DELAY
Plugin parameter description: set idle interval between probes.
Definition: nasl_builtin_nmap.c:191
xml_start_element
static void xml_start_element(GMarkupParseContext *context, const gchar *element_name, const gchar **attribute_names, const gchar **attribute_values, gpointer user_data, GError **error)
Top level XML parser callback: handle an opening tag and call the corresponding method.
Definition: nasl_builtin_nmap.c:1365
pid
static pid_t pid
Definition: nasl_builtin_nmap.c:499
port_destroy
static void port_destroy(gpointer data, gpointer udata)
Completely release a port object.
Definition: nasl_builtin_nmap.c:1241
FAKE_CELL
#define FAKE_CELL
Definition: nasl_tree.h:119
PREF_TRACEROUTE
#define PREF_TRACEROUTE
Plugin parameter description: perform traceroute.
Definition: nasl_builtin_nmap.c:89
PREF_TCP_SCANNING_TECHNIQUE
#define PREF_TCP_SCANNING_TECHNIQUE
Plugin parameter description: TCP port scanning technique to use.
Definition: nasl_builtin_nmap.c:100
nmap_create
static nmap_t * nmap_create(lex_ctxt *lexic)
Instantiate a new nmap handler, rebuild command line or open XML file to parse.
Definition: nasl_builtin_nmap.c:540
PREF_MIN_RTT_TIMEOUT
#define PREF_MIN_RTT_TIMEOUT
Plugin parameter description: probe round trip time hint (minimal value)
Definition: nasl_builtin_nmap.c:150
nmap_t
Main nmap execution handler.
Definition: nasl_builtin_nmap.c:293
add_target
static int add_target(nmap_t *nmap)
Append scan target to the command line.
Definition: nasl_builtin_nmap.c:1029
PREF_SOURCE_PORT
#define PREF_SOURCE_PORT
Plugin parameter description: set source port.
Definition: nasl_builtin_nmap.c:133
PREF_AGGRESSIVE_OS_DETECT
#define PREF_AGGRESSIVE_OS_DETECT
Plugin parameter description: guess OS from closest match if necessary.
Definition: nasl_builtin_nmap.c:122
nmap_host::best_os
gchar * best_os
Definition: nasl_builtin_nmap.c:261
OPT_SET
#define OPT_SET
Checkbox value (when set).
Definition: nasl_builtin_nmap.c:207
xmltag_open_address
static void xmltag_open_address(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening address tag.
Definition: nasl_builtin_nmap.c:1479
name
const char * name
Definition: nasl_init.c:377
nmap_parser::opentag
GHashTable * opentag
Definition: nasl_builtin_nmap.c:279
xmltag_open_distance
static void xmltag_open_distance(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening distance tag.
Definition: nasl_builtin_nmap.c:1708
sig_c
static void sig_c()
Signal handler (Child).
Definition: nasl_builtin_nmap.c:1084
save_hostscripts
static void save_hostscripts(nmap_t *nmap)
Save information about hostrule NSE scripts into the knowledge base.
Definition: nasl_builtin_nmap.c:2131
current_host_reset
static void current_host_reset(nmap_t *nmap)
Clear the current host object.
Definition: nasl_builtin_nmap.c:1207
nse_script_destroy
static void nse_script_destroy(gpointer data, gpointer udata)
Completely release a NSE script object.
Definition: nasl_builtin_nmap.c:1272
nse_script
Handle the results of a NSE script.
Definition: nasl_builtin_nmap.c:217
nmap_parser::rbuff
gchar * rbuff
Definition: nasl_builtin_nmap.c:287
save_traceroute_details
static void save_traceroute_details(nmap_t *nmap)
Save information about network topology to the target (traceroute) into the knowledge base.
Definition: nasl_builtin_nmap.c:2058
PREF_TIMING_POLICY
#define PREF_TIMING_POLICY
Plugin parameter description: select timing template.
Definition: nasl_builtin_nmap.c:138
nmap_parser::in_port
gboolean in_port
Definition: nasl_builtin_nmap.c:284
script_infos::globals
struct scan_globals * globals
Definition: scanneraux.h:45
PREF_IMPORT_XML_FILE
#define PREF_IMPORT_XML_FILE
Plugin parameter description: import XML file.
Definition: nasl_builtin_nmap.c:202
PREF_IDENTIFY_REMOTE_OS
#define PREF_IDENTIFY_REMOTE_OS
Plugin parameter description: perform remote OS fingerprinting.
Definition: nasl_builtin_nmap.c:116
build_cmd_line
static int build_cmd_line(nmap_t *nmap)
Rebuild command line to run according to plugin parameters.
Definition: nasl_builtin_nmap.c:614
nse_script::output
gchar * output
Definition: nasl_builtin_nmap.c:220
PREF_MAX_HOSTGROUP
#define PREF_MAX_HOSTGROUP
Plugin parameter description: force maximum number of hosts to scan in parallel.
Definition: nasl_builtin_nmap.c:186
set_closetag_callbacks
static void set_closetag_callbacks(GHashTable *close)
Populate the callbacks hashtable with handlers for closing tags.
Definition: nasl_builtin_nmap.c:1003
xmltag_close_cpe
static void xmltag_close_cpe(nmap_t *nmap)
Sublevel XML parser callback: handle an closing cpe tag.
Definition: nasl_builtin_nmap.c:1806
MAX_TRACE_HOPS
#define MAX_TRACE_HOPS
Maximum number of hops to the target.
Definition: nasl_builtin_nmap.c:72
nmap_parser::in_ports
gboolean in_ports
Definition: nasl_builtin_nmap.c:283
struct_lex_ctxt::oid
const char * oid
Definition: nasl_lex_ctxt.h:42
PREF_NO_DNS
#define PREF_NO_DNS
Plugin parameter description: don't perform reverse resolution on discovered IP addresses.
Definition: nasl_builtin_nmap.c:95
add_arg
static int add_arg(nmap_t *nmap, const gchar *name, const gchar *value)
Add a couple argument/value on the command line.
Definition: nasl_builtin_nmap.c:715
nmap_run_and_parse
static int nmap_run_and_parse(nmap_t *nmap)
Run nmap and parse its XML output (or load an external file if requested).
Definition: nasl_builtin_nmap.c:1099
get_script_args
static gchar * get_script_args(nmap_t *nmap)
Make the comma-separated list of NSE arguments set by the user.
Definition: nasl_builtin_nmap.c:829
CHUNK_LEN
#define CHUNK_LEN
Input chunks size for the XML parser.
Definition: nasl_builtin_nmap.c:67
nmap_host::addr
gchar * addr
Definition: nasl_builtin_nmap.c:259
tmphost_add_port
static void tmphost_add_port(nmap_t *nmap)
Add port information to the current host object.
Definition: nasl_builtin_nmap.c:1308
nmap_host::ipidseq
gchar * ipidseq
Definition: nasl_builtin_nmap.c:264
scan_globals
Definition: scanneraux.h:32
PREF_MAX_PARALLELISM
#define PREF_MAX_PARALLELISM
Plugin parameter description: force maximum number of parallel active probes.
Definition: nasl_builtin_nmap.c:174
xmltag_close_host
static void xmltag_close_host(nmap_t *nmap)
Sublevel XML parser callback: handle an closing host tag.
Definition: nasl_builtin_nmap.c:1769
nmap_port
Store port information.
Definition: nasl_builtin_nmap.c:236
dbg_display_cmdline
static void dbg_display_cmdline(nmap_t *nmap)
Display the final command line for debug.
Definition: nasl_builtin_nmap.c:1057
struct_lex_ctxt::script_infos
struct script_infos * script_infos
Definition: nasl_lex_ctxt.h:41
PRINT_NOT_NULL
#define PRINT_NOT_NULL(x)
nmap_port::version
gchar * version
Definition: nasl_builtin_nmap.c:244
nmap_parser::closetag
GHashTable * closetag
Definition: nasl_builtin_nmap.c:280
tmphost_add_nse_hostscript
static void tmphost_add_nse_hostscript(nmap_t *nmap, gchar *name, gchar *output)
Add NSE hostscript result to the current host object.
Definition: nasl_builtin_nmap.c:1325
nmap_port::port_scripts
GSList * port_scripts
Definition: nasl_builtin_nmap.c:245
xmltag_open_hostscript
static void xmltag_open_hostscript(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening hostscript tag.
Definition: nasl_builtin_nmap.c:1601
get_plugin_preference_fname
const char * get_plugin_preference_fname(struct script_infos *desc, const char *filename)
Get the file name of a plugins preference that is of type "file".
Definition: plugutils.c:455
xmltag_close_ports
static void xmltag_close_ports(nmap_t *nmap)
Sublevel XML parser callback: handle an closing host tag.
Definition: nasl_builtin_nmap.c:1782
xmltag_open_ports
static void xmltag_open_ports(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening ports tag.
Definition: nasl_builtin_nmap.c:1496
nmap_parser::enable_read
gboolean enable_read
Definition: nasl_builtin_nmap.c:286
nmap_host::state
gchar * state
Definition: nasl_builtin_nmap.c:260
xmltag_open_ipidsequence
static void xmltag_open_ipidsequence(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening ipidsequence tag.
Definition: nasl_builtin_nmap.c:1691
nmap_opt_t
Describe an nmap command line option.
Definition: nasl_builtin_nmap.c:318
ARG_INT
#define ARG_INT
Definition: plugutils.h:34
nmap_t::tmpport
struct nmap_port tmpport
Definition: nasl_builtin_nmap.c:312
PREF_INITIAL_RTT_TIMEOUT
#define PREF_INITIAL_RTT_TIMEOUT
Plugin parameter description: probe round trip time hint (initial value).
Definition: nasl_builtin_nmap.c:162
save_portscripts
static void save_portscripts(nmap_t *nmap)
Save information about postrule NSE scripts into the knowledge base.
Definition: nasl_builtin_nmap.c:2092
sig_h
static void sig_h()
Signal handler (Halt).
Definition: nasl_builtin_nmap.c:1074
save_host_state
static void save_host_state(nmap_t *nmap)
Store host state (host alive/dead) into the knowledge base.
Definition: nasl_builtin_nmap.c:1891
xmltag_open_osmatch
static void xmltag_open_osmatch(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening osmatch tag.
Definition: nasl_builtin_nmap.c:1617
add_nse_arguments
static int add_nse_arguments(nmap_t *nmap)
Add NSE (nmap scripting engine) related arguments to the command line according to user script select...
Definition: nasl_builtin_nmap.c:758
add_portrange
static int add_portrange(nmap_t *nmap)
Add the range of ports to scan to the command line.
Definition: nasl_builtin_nmap.c:928
save_tcpseq_details
static void save_tcpseq_details(nmap_t *nmap)
Save information about TCP sequence number generation into the knowledge base.
Definition: nasl_builtin_nmap.c:2019
list_free
#define list_free(list, dtor, udata)
Definition: nasl_builtin_nmap.c:1189
PREF_SERVICE_SCAN
#define PREF_SERVICE_SCAN
Plugin parameter description: perform service/version detection scan.
Definition: nasl_builtin_nmap.c:106
xmltag_open_host
static void xmltag_open_host(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening host tag.
Definition: nasl_builtin_nmap.c:1447
nmap_t::tmphost
struct nmap_host tmphost
Definition: nasl_builtin_nmap.c:311
add_timing_arguments
static int add_timing_arguments(nmap_t *nmap)
Add timing template argument to the command line.
Definition: nasl_builtin_nmap.c:899
nmap_port::state
gchar * state
Definition: nasl_builtin_nmap.c:240
nmap_t::parser
struct nmap_parser parser
Definition: nasl_builtin_nmap.c:309
setup_xml_parser
static void setup_xml_parser(nmap_t *nmap)
Setup XML parser internals.
Definition: nasl_builtin_nmap.c:947
plug_set_key
void plug_set_key(struct script_infos *args, char *name, int type, const void *value)
Definition: plugutils.c:585
PREF_FRAGMENT_IP
#define PREF_FRAGMENT_IP
Plugin parameter description: try to evade defense by fragmenting IP packets.
Definition: nasl_builtin_nmap.c:128
get_plugin_preference
char * get_plugin_preference(const char *oid, const char *name)
Definition: plugutils.c:396
current_host_saveall
static void current_host_saveall(nmap_t *nmap)
Dump current host object state into the knowledge base.
Definition: nasl_builtin_nmap.c:1862
nmap_t::arg_idx
int arg_idx
Definition: nasl_builtin_nmap.c:297
nmap_host::host_scripts
GSList * host_scripts
Definition: nasl_builtin_nmap.c:269
NMAP_CMD
#define NMAP_CMD
Nmap command to call.
Definition: nasl_builtin_nmap.c:77
nmap_port::service
gchar * service
Definition: nasl_builtin_nmap.c:241
nse_script::name
gchar * name
Definition: nasl_builtin_nmap.c:219
xmltag_open_tcpsequence
static void xmltag_open_tcpsequence(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening tcpsequence tag.
Definition: nasl_builtin_nmap.c:1672
tmphost_add_nse_portscript
static void tmphost_add_nse_portscript(nmap_t *nmap, gchar *name, gchar *output)
Add NSE portscript result to a port of the current host.
Definition: nasl_builtin_nmap.c:1343
xmltag_open_script
static void xmltag_open_script(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening script tag.
Definition: nasl_builtin_nmap.c:1647
xmltag_open_status
static void xmltag_open_status(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening status tag.
Definition: nasl_builtin_nmap.c:1462
nmap_host::os_cpes
GSList * os_cpes
Definition: nasl_builtin_nmap.c:271
ARG_STRING
#define ARG_STRING
Definition: plugutils.h:33
xml_end_element
static void xml_end_element(GMarkupParseContext *context, const gchar *element_name, gpointer user_data, GError **error)
Top level XML parser callback: handle an closing tag and call the corresponding method.
Definition: nasl_builtin_nmap.c:1390
list
Definition: nasl_builtin_synscan.c:259
nmap_parser::in_host
gboolean in_host
Definition: nasl_builtin_nmap.c:282
xmltag_open_hop
static void xmltag_open_hop(nmap_t *nmap, const gchar **attrnames, const gchar **attrval)
Sublevel XML parser callback: handle an opening hop tag.
Definition: nasl_builtin_nmap.c:1732
nmap_t::oid
const char * oid
Definition: nasl_builtin_nmap.c:306
traceroute_hop::addr
gchar * addr
Definition: nasl_builtin_nmap.c:228
nmap_host::distance
int distance
Definition: nasl_builtin_nmap.c:266
PREF_RPC_PORT_SCAN
#define PREF_RPC_PORT_SCAN
Plugin parameter description: perform RPC port scan.
Definition: nasl_builtin_nmap.c:111
get_script_list
static gchar * get_script_list(nmap_t *nmap)
Make the comma-separated list of NSE scripts selected by the user.
Definition: nasl_builtin_nmap.c:787
save_ipidseq_details
static void save_ipidseq_details(nmap_t *nmap)
Save information about IP ID generation into the knowledge base.
Definition: nasl_builtin_nmap.c:2040
save_open_ports
static void save_open_ports(nmap_t *nmap)
Save information about open ports for the current host into the knowledge base.
Definition: nasl_builtin_nmap.c:1909
nmap_host::os_confidence
int os_confidence
Definition: nasl_builtin_nmap.c:268