OpenVAS Scanner  7.0.0~git
attack.h File Reference

attack.c header. More...

#include "../misc/scanneraux.h"
#include <gvm/util/kb.h>
Include dependency graph for attack.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

void attack_network (struct scan_globals *, kb_t *network_kb)
 Attack a whole network. More...
 

Detailed Description

attack.c header.

Definition in file attack.h.

Function Documentation

◆ attack_network()

void attack_network ( struct scan_globals ,
kb_t *  network_kb 
)

Attack a whole network.

Definition at line 977 of file attack.c.

978 {
979  int max_hosts = 0, max_checks;
980  const char *hostlist;
981  gvm_host_t *host;
982  plugins_scheduler_t sched;
983  int fork_retries = 0;
984  GHashTable *files;
985  struct timeval then, now;
986  gvm_hosts_t *hosts;
987  const gchar *network_targets, *port_range;
988  gboolean network_phase = FALSE;
989  gboolean do_network_scan = FALSE;
990  kb_t host_kb;
991  GSList *unresolved;
992 
993  gettimeofday (&then, NULL);
994 
995  if (prefs_get_bool ("network_scan"))
996  do_network_scan = TRUE;
997  else
998  do_network_scan = FALSE;
999 
1000  network_targets = prefs_get ("network_targets");
1001  if (network_targets != NULL)
1002  globals->network_targets = g_strdup (network_targets);
1003 
1004  if (do_network_scan)
1005  {
1006  enum net_scan_status nss;
1007 
1008  nss = network_scan_status (globals);
1009  switch (nss)
1010  {
1011  case NSS_DONE:
1012  network_phase = FALSE;
1013  break;
1014 
1015  case NSS_BUSY:
1016  network_phase = TRUE;
1017  break;
1018 
1019  default:
1020  globals->network_scan_status = g_strdup ("busy");
1021  network_phase = TRUE;
1022  break;
1023  }
1024  }
1025  else
1026  network_kb = NULL;
1027 
1028  if (check_kb_access ())
1029  return;
1030 
1031  /* Init and check Target List */
1032  hostlist = prefs_get ("TARGET");
1033  if (hostlist == NULL)
1034  {
1035  return;
1036  }
1037 
1038  /* Verify the port range is a valid one */
1039  port_range = prefs_get ("port_range");
1040  if (validate_port_range (port_range))
1041  {
1042  return;
1043  }
1044 
1045  /* Initialize the attack. */
1046  sched = plugins_scheduler_init (prefs_get ("plugin_set"),
1047  prefs_get_bool ("auto_enable_dependencies"),
1048  network_phase);
1049  if (!sched)
1050  {
1051  g_message ("Couldn't initialize the plugin scheduler");
1052  return;
1053  }
1054 
1055  max_hosts = get_max_hosts_number ();
1056  max_checks = get_max_checks_number ();
1057 
1058  if (network_phase)
1059  {
1060  if (network_targets == NULL)
1061  {
1062  g_warning (
1063  "WARNING: In network phase, but without targets! Stopping.");
1064  host = NULL;
1065  }
1066  else
1067  {
1068  int rc;
1069 
1070  g_message ("Start a new scan. Target(s) : %s, "
1071  "in network phase with target %s",
1072  hostlist, network_targets);
1073 
1074  rc = kb_new (network_kb, prefs_get ("db_address"));
1075  if (rc)
1076  {
1077  report_kb_failure (rc);
1078  host = NULL;
1079  }
1080  else
1081  kb_lnk_reset (*network_kb);
1082  }
1083  }
1084  else
1085  g_message ("Starts a new scan. Target(s) : %s, with max_hosts = %d and "
1086  "max_checks = %d",
1087  hostlist, max_hosts, max_checks);
1088 
1089  hosts = gvm_hosts_new (hostlist);
1090  unresolved = gvm_hosts_resolve (hosts);
1091  while (unresolved)
1092  {
1093  g_warning ("Couldn't resolve hostname '%s'", (char *) unresolved->data);
1094  unresolved = unresolved->next;
1095  }
1096  g_slist_free_full (unresolved, g_free);
1097  /* Apply Hosts preferences. */
1099 
1100  /* Don't start if the provided interface is unauthorized. */
1101  if (apply_source_iface_preference () != 0)
1102  {
1103  gvm_hosts_free (hosts);
1104  return;
1105  }
1106  host = gvm_hosts_next (hosts);
1107  if (host == NULL)
1108  goto stop;
1109  hosts_init (max_hosts);
1110  /*
1111  * Start the attack !
1112  */
1115  while (host && !scan_is_stopped () && !all_scans_are_stopped ())
1116  {
1117  int pid, rc;
1118  struct attack_start_args args;
1119  char *host_str;
1120 
1121  do
1122  {
1123  rc = kb_new (&host_kb, prefs_get ("db_address"));
1124  if (rc < 0 && rc != -2)
1125  {
1126  report_kb_failure (rc);
1127  goto scan_stop;
1128  }
1129  else if (rc == -2)
1130  {
1131  sleep (KB_RETRY_DELAY);
1132  continue;
1133  }
1134  break;
1135  }
1136  while (1);
1137 
1138  host_str = gvm_host_value_str (host);
1139  if (hosts_new (host_str, host_kb) < 0)
1140  {
1141  g_free (host_str);
1142  goto scan_stop;
1143  }
1144 
1146  {
1147  g_free (host_str);
1148  continue;
1149  }
1150  args.host = host;
1151  args.globals = globals;
1152  args.sched = sched;
1153  args.net_kb = network_kb;
1154  args.host_kb = host_kb;
1155 
1156  forkagain:
1158  /* Close child process' socket. */
1159  if (pid < 0)
1160  {
1161  fork_retries++;
1162  if (fork_retries > MAX_FORK_RETRIES)
1163  {
1164  /* Forking failed - we go to the wait queue. */
1165  g_debug ("fork() failed - %s. %s won't be tested",
1166  strerror (errno), host_str);
1167  g_free (host_str);
1168  goto stop;
1169  }
1170 
1171  g_debug ("fork() failed - "
1172  "sleeping %d seconds and trying again...",
1173  fork_retries);
1174  fork_sleep (fork_retries);
1175  goto forkagain;
1176  }
1177  hosts_set_pid (host_str, pid);
1178  if (network_phase)
1179  g_message ("Testing %s (network level) [%d]", network_targets, pid);
1180 
1181  if (network_phase)
1182  {
1183  host = NULL;
1184  globals->network_scan_status = g_strdup ("done");
1185  }
1186  else
1187  host = gvm_hosts_next (hosts);
1188  g_free (host_str);
1189  }
1190 
1191  /* Every host is being tested... We have to wait for the processes
1192  * to terminate. */
1193  while (hosts_read () == 0)
1194  ;
1195  g_message ("Test complete");
1196  set_scan_status ("finished");
1197 
1198 scan_stop:
1199  /* Free the memory used by the files uploaded by the user, if any. */
1200  files = globals->files_translation;
1201  if (files)
1202  g_hash_table_destroy (files);
1203 
1204 stop:
1205 
1206  if (all_scans_are_stopped ())
1207  {
1208  }
1209 
1210  gvm_hosts_free (hosts);
1211  g_free (globals->network_scan_status);
1212  g_free (globals->network_targets);
1213 
1215 
1216  gettimeofday (&now, NULL);
1217  g_message ("Total time to scan all hosts : %ld seconds",
1218  now.tv_sec - then.tv_sec);
1219 
1220  if (do_network_scan && network_phase && !scan_is_stopped ()
1221  && !all_scans_are_stopped ())
1222  attack_network (globals, network_kb);
1223 }

References all_scans_are_stopped(), apply_hosts_preferences(), apply_source_iface_preference(), attack_network(), attack_start(), check_kb_access(), create_process(), scan_globals::files_translation, fork_sleep(), get_max_checks_number(), get_max_hosts_number(), attack_start_args::globals, handle_scan_stop_signal(), handle_stop_all_scans_signal(), attack_start_args::host, attack_start_args::host_kb, host_kb, hosts, hosts_init(), hosts_new(), hosts_read(), hosts_set_pid(), KB_RETRY_DELAY, MAX_FORK_RETRIES, attack_start_args::net_kb, scan_globals::network_scan_status, network_scan_status(), scan_globals::network_targets, network_targets(), NSS_BUSY, NSS_DONE, openvas_signal, pid, plugins_scheduler_free(), plugins_scheduler_init(), report_kb_failure(), scan_is_stopped(), attack_start_args::sched, set_scan_status(), and timeval().

Referenced by attack_network(), and handle_client().

Here is the call graph for this function:
Here is the caller graph for this function:
scan_globals::network_targets
char * network_targets
Definition: scanneraux.h:34
hosts_read
int hosts_read(void)
Returns -1 if client asked to stop all tests or connection was lost or error. 0 otherwise.
Definition: hosts.c:250
plugins_scheduler
Definition: pluginscheduler.c:49
attack_start_args::host
gvm_host_t * host
Definition: attack.c:88
attack_network
void attack_network(struct scan_globals *globals, kb_t *network_kb)
Attack a whole network.
Definition: attack.c:977
attack_start_args
Definition: attack.c:82
apply_source_iface_preference
static int apply_source_iface_preference()
Definition: attack.c:889
report_kb_failure
static void report_kb_failure(int errcode)
Definition: attack.c:182
fork_sleep
static void fork_sleep(int n)
Definition: attack.c:194
timeval
struct timeval timeval(unsigned long val)
Definition: nasl_builtin_synscan.c:105
pid
static pid_t pid
Definition: nasl_builtin_nmap.c:499
plugins_scheduler_free
void plugins_scheduler_free(plugins_scheduler_t sched)
Definition: pluginscheduler.c:536
plugins_scheduler_init
plugins_scheduler_t plugins_scheduler_init(const char *plugins_list, int autoload, int only_network)
Definition: pluginscheduler.c:310
openvas_signal
void(*)(int) openvas_signal(int signum, void(*handler)(int))
Definition: sighand.c:87
handle_stop_all_scans_signal
static void handle_stop_all_scans_signal()
Definition: attack.c:967
attack_start_args::globals
struct scan_globals * globals
Definition: attack.c:84
scan_globals::files_translation
GHashTable * files_translation
Definition: scanneraux.h:36
hosts_init
int hosts_init(int max_hosts)
Definition: hosts.c:137
network_scan_status
static enum net_scan_status network_scan_status(struct scan_globals *globals)
Definition: attack.c:208
hosts_new
int hosts_new(char *name, kb_t kb)
Definition: hosts.c:144
KB_RETRY_DELAY
#define KB_RETRY_DELAY
Definition: attack.c:62
check_kb_access
static int check_kb_access()
Definition: attack.c:945
set_scan_status
static void set_scan_status(char *status)
Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly.
Definition: attack.c:133
create_process
pid_t create_process(process_func_t function, void *argument)
Create a new process (fork).
Definition: processes.c:97
process_func_t
void(* process_func_t)(void *)
Definition: processes.h:31
net_scan_status
net_scan_status
Definition: attack.c:91
host_kb
static kb_t host_kb
Definition: attack.c:463
attack_start_args::sched
plugins_scheduler_t sched
Definition: attack.c:85
scan_is_stopped
static int scan_is_stopped()
Definition: attack.c:227
scan_globals::network_scan_status
char * network_scan_status
Definition: scanneraux.h:35
host
Host information, implemented as doubly linked list.
Definition: hosts.c:46
attack_start
static void attack_start(struct attack_start_args *args)
Set up some data and jump into attack_host()
Definition: attack.c:711
get_max_checks_number
int get_max_checks_number(void)
Definition: utils.c:174
NSS_BUSY
@ NSS_BUSY
Definition: attack.c:94
handle_scan_stop_signal
static void handle_scan_stop_signal()
Definition: attack.c:960
MAX_FORK_RETRIES
#define MAX_FORK_RETRIES
Definition: attack.c:58
NSS_DONE
@ NSS_DONE
Definition: attack.c:95
get_max_hosts_number
int get_max_hosts_number(void)
Definition: utils.c:143
all_scans_are_stopped
static int all_scans_are_stopped()
Definition: attack.c:235
hosts_set_pid
int hosts_set_pid(char *name, pid_t pid)
Definition: hosts.c:169
hosts
static struct host * hosts
Definition: hosts.c:58
network_targets
tree_cell * network_targets(lex_ctxt *lexic)
Definition: nasl_scanner_glue.c:635
apply_hosts_preferences
static void apply_hosts_preferences(gvm_hosts_t *hosts)
Definition: attack.c:775