OpenVAS Scanner
7.0.1~git
|
Launches the plugins, and manages multithreading.
More...
#include "attack.h"
#include "../misc/network.h"
#include "../misc/nvt_categories.h"
#include "../misc/pcap_openvas.h"
#include "../nasl/nasl_debug.h"
#include "hosts.h"
#include "pluginlaunch.h"
#include "pluginload.h"
#include "pluginscheduler.h"
#include "plugs_req.h"
#include "processes.h"
#include "sighand.h"
#include "utils.h"
#include <arpa/inet.h>
#include <errno.h>
#include <fcntl.h>
#include <glib.h>
#include <gvm/base/hosts.h>
#include <gvm/base/networking.h>
#include <gvm/base/prefs.h>
#include <gvm/base/proctitle.h>
#include <gvm/util/nvticache.h>
#include <stdlib.h>
#include <string.h>
#include <sys/wait.h>
#include <unistd.h>
Go to the source code of this file.
|
static int | set_kb_readable (int host_kb_index) |
| Add the Host KB index to the list of readable KBs used by ospd-openvas. More...
|
|
static void | set_scan_status (char *status) |
| Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly. More...
|
|
static int | comm_send_status (kb_t kb, char *hostname, int curr, int max) |
| Sends the status of a host's scan. More...
|
|
static void | error_message_to_client2 (kb_t kb, const char *msg, const char *port) |
|
static void | report_kb_failure (int errcode) |
|
static void | fork_sleep (int n) |
|
static enum net_scan_status | network_scan_status (struct scan_globals *globals) |
|
static int | scan_is_stopped () |
|
static int | nvti_category_is_safe (int category) |
| Checks that an NVT category is safe. More...
|
|
static int | get_check_new_vhosts_flag () |
| Return check_new_vhosts_flag. After reading must be clean with unset_check_new_vhosts_flag(), to avoid fetching unnecessarily. More...
|
|
static void | set_check_new_vhosts_flag () |
| Set global check_new_vhosts_flag to indicate that new vhosts must be fetched. More...
|
|
static void | unset_check_new_vhosts_flag () |
| Unset global check_new_vhosts_flag. Must be called once the vhosts have been fetched. More...
|
|
static void | check_new_vhosts () |
| Check if a plugin process pushed a new vhost value. More...
|
|
static int | launch_plugin (struct scan_globals *globals, struct scheduler_plugin *plugin, struct in6_addr *ip, GSList *vhosts, kb_t kb) |
| Launches a nvt. Respects safe check preference (i.e. does not try. More...
|
|
static int | kb_duplicate (kb_t dst, kb_t src, const gchar *filter) |
|
static kb_t | init_host_kb (struct scan_globals *globals, char *ip_str, kb_t *network_kb) |
| Inits or loads the knowledge base for a single host. More...
|
|
static void | attack_host (struct scan_globals *globals, struct in6_addr *ip, GSList *vhosts, plugins_scheduler_t sched, kb_t kb, kb_t *net_kb) |
| Attack one host. More...
|
|
static int | host_authorized (const gvm_host_t *host, const struct in6_addr *addr, const gvm_hosts_t *hosts_allow, const gvm_hosts_t *hosts_deny) |
|
static char * | vhosts_to_str (GSList *list) |
|
static int | check_host_authorization (gvm_host_t *host, const struct in6_addr *addr, kb_t kb) |
|
static void | attack_start (struct attack_start_args *args) |
| Set up some data and jump into attack_host() More...
|
|
static void | apply_hosts_preferences (gvm_hosts_t *hosts) |
|
static int | str_in_comma_list (const char *str, const char *comma_list) |
|
static int | iface_authorized (const char *iface) |
|
static int | apply_source_iface_preference () |
|
static int | check_kb_access () |
|
static void | handle_scan_stop_signal () |
|
void | attack_network (struct scan_globals *globals, kb_t *network_kb) |
| Attack a whole network. More...
|
|
Launches the plugins, and manages multithreading.
Definition in file attack.c.
◆ ERR_CANT_FORK
◆ ERR_HOST_DEAD
◆ G_LOG_DOMAIN
#define G_LOG_DOMAIN "sd main" |
GLib log domain.
Definition at line 76 of file attack.c.
◆ KB_RETRY_DELAY
#define KB_RETRY_DELAY 3 /*In sec*/ |
Wait KB_RETRY_DELAY seconds until trying again to get a new kb.
Definition at line 62 of file attack.c.
◆ MAX_FORK_RETRIES
#define MAX_FORK_RETRIES 10 |
◆ PROGRESS_BAR_STYLE
#define PROGRESS_BAR_STYLE 1 |
It switches progress bar styles. If set to 1, time oriented style and it take into account only alive host. If set to 0, it not reflect progress adequately in case of dead host, which will take into account with 0% processed, producing jumps in the process bar.
Definition at line 70 of file attack.c.
◆ net_scan_status
Enumerator |
---|
NSS_NONE | |
NSS_BUSY | |
NSS_DONE | |
Definition at line 91 of file attack.c.
◆ apply_hosts_preferences()
static void apply_hosts_preferences |
( |
gvm_hosts_t * |
hosts | ) |
|
|
static |
Definition at line 800 of file attack.c.
802 const char *ordering = prefs_get (
"hosts_ordering"),
803 *exclude_hosts = prefs_get (
"exclude_hosts");
811 if (!strcmp (ordering,
"random"))
813 gvm_hosts_shuffle (
hosts);
814 g_debug (
"hosts_ordering: Random.");
816 else if (!strcmp (ordering,
"reverse"))
818 gvm_hosts_reverse (
hosts);
819 g_debug (
"hosts_ordering: Reverse.");
823 g_debug (
"hosts_ordering: Sequential.");
829 int ret = gvm_hosts_exclude (
hosts, exclude_hosts);
832 g_message (
"exclude_hosts: Skipped %d host(s).", ret);
834 g_message (
"exclude_hosts: Error.");
838 if (prefs_get_bool (
"reverse_lookup_unify"))
839 g_debug (
"reverse_lookup_unify: Skipped %d host(s).",
840 gvm_hosts_reverse_lookup_unify (
hosts));
843 if (prefs_get_bool (
"reverse_lookup_only"))
844 g_debug (
"reverse_lookup_only: Skipped %d host(s).",
845 gvm_hosts_reverse_lookup_only (
hosts));
References hosts.
Referenced by attack_network().
◆ apply_source_iface_preference()
static int apply_source_iface_preference |
( |
| ) |
|
|
static |
Definition at line 914 of file attack.c.
916 const char *source_iface = prefs_get (
"source_iface");
919 if (source_iface == NULL)
926 g_strdup_printf (
"Unauthorized source interface: %s", source_iface);
927 g_warning (
"source_iface: Unauthorized source interface %s.",
935 gchar *msg = g_strdup_printf (
"Unauthorized source interface: %s"
936 " (system-wide restriction.)",
938 g_warning (
"source_iface: Unauthorized source interface %s."
939 " (sys_* preference restriction.)",
946 if (gvm_source_iface_init (source_iface))
949 g_strdup_printf (
"Erroneous source interface: %s", source_iface);
950 g_debug (
"source_iface: Error with %s interface.", source_iface);
957 char *ipstr, *ip6str;
958 ipstr = gvm_source_addr_str ();
959 ip6str = gvm_source_addr6_str ();
960 g_debug (
"source_iface: Using %s (%s / %s).", source_iface, ipstr,
References iface_authorized().
Referenced by attack_network().
◆ attack_host()
Attack one host.
Definition at line 526 of file attack.c.
530 int num_plugs, forks_retry = 0;
531 char ip_str[INET6_ADDRSTRLEN];
533 addr6_to_str (ip, ip_str);
537 kb_item_set_str (kb,
"internal/ip", ip_str, 0);
538 kb_item_set_int (kb,
"internal/hostpid", getpid ());
539 proctitle_set (
"openvas: testing %s", ip_str);
540 if (net_kb && *net_kb)
571 static int last_status = 0, cur_plug = 0;
584 buffer,
sizeof (buffer),
585 "LOG||| |||general/Host_Details||| |||<host><detail>"
586 "<name>Host dead</name><value>1</value><source>"
587 "<description/><type/><name/></source></detail></host>");
588 #if (PROGRESS_BAR_STYLE == 1)
594 kb_item_push_str (kb,
"internal/results", buffer);
602 g_debug (
"fork() failed - sleeping %d seconds (%s)",
603 forks_retry, strerror (errno));
609 g_debug (
"fork() failed too many times - aborting");
615 if ((cur_plug * 100) / num_plugs >= last_status
618 last_status = (cur_plug * 100) / num_plugs + 2;
627 else if (plugin == NULL)
References comm_send_status(), ERR_CANT_FORK, ERR_HOST_DEAD, fork_sleep(), host_kb, host_vhosts, init_host_kb(), launch_plugin(), MAX_FORK_RETRIES, openvas_signal, PLUG_RUNNING, pluginlaunch_init(), pluginlaunch_stop(), pluginlaunch_wait(), pluginlaunch_wait_for_free_process(), plugins_scheduler_count_active(), plugins_scheduler_free(), plugins_scheduler_next(), plugins_scheduler_stop(), process_alive(), scan_is_stopped(), and set_check_new_vhosts_flag().
Referenced by attack_start().
◆ attack_network()
void attack_network |
( |
struct scan_globals * |
globals, |
|
|
kb_t * |
network_kb |
|
) |
| |
Attack a whole network.
Definition at line 1008 of file attack.c.
1010 int max_hosts = 0, max_checks;
1011 const char *hostlist;
1014 int fork_retries = 0;
1019 gboolean network_phase = FALSE;
1020 gboolean do_network_scan = FALSE;
1024 gettimeofday (&then, NULL);
1026 if (prefs_get_bool (
"network_scan"))
1027 do_network_scan = TRUE;
1029 do_network_scan = FALSE;
1035 if (do_network_scan)
1043 network_phase = FALSE;
1047 network_phase = TRUE;
1052 network_phase = TRUE;
1063 hostlist = prefs_get (
"TARGET");
1064 if (hostlist == NULL)
1070 port_range = prefs_get (
"port_range");
1071 if (validate_port_range (port_range))
1077 int plugins_init_error = 0;
1079 prefs_get_bool (
"auto_enable_dependencies"),
1080 network_phase, &plugins_init_error);
1083 g_message (
"Couldn't initialize the plugin scheduler");
1087 if (plugins_init_error > 0)
1090 int i = atoi (prefs_get (
"ov_maindbid"));
1091 kb_t main_kb = NULL;
1094 "%d errors were found during the plugin scheduling. "
1095 "Some plugins have not been launched.",
1096 plugins_init_error);
1098 main_kb = kb_direct_conn (prefs_get (
"db_address"), i);
1100 kb_lnk_reset (main_kb);
1111 "WARNING: In network phase, but without targets! Stopping.");
1118 g_message (
"Start a new scan. Target(s) : %s, "
1119 "in network phase with target %s",
1122 rc = kb_new (network_kb, prefs_get (
"db_address"));
1129 kb_lnk_reset (*network_kb);
1133 g_message (
"Starts a new scan. Target(s) : %s, with max_hosts = %d and "
1135 hostlist, max_hosts, max_checks);
1137 hosts = gvm_hosts_new (hostlist);
1138 unresolved = gvm_hosts_resolve (
hosts);
1141 g_warning (
"Couldn't resolve hostname '%s'", (
char *) unresolved->data);
1142 unresolved = unresolved->next;
1144 g_slist_free_full (unresolved, g_free);
1151 gvm_hosts_free (
hosts);
1170 rc = kb_new (&
host_kb, prefs_get (
"db_address"));
1171 if (rc < 0 && rc != -2)
1185 host_str = gvm_host_value_str (
host);
1200 args.net_kb = network_kb;
1212 g_debug (
"fork() failed - %s. %s won't be tested",
1213 strerror (errno), host_str);
1218 g_debug (
"fork() failed - "
1219 "sleeping %d seconds and trying again...",
1242 g_message (
"Test complete");
1248 g_hash_table_destroy (files);
1252 gvm_hosts_free (
hosts);
1258 gettimeofday (&now, NULL);
1259 g_message (
"Total time to scan all hosts : %ld seconds",
1260 now.tv_sec - then.tv_sec);
References apply_hosts_preferences(), apply_source_iface_preference(), attack_network(), attack_start(), check_kb_access(), create_process(), error_message_to_client2(), scan_globals::files_translation, fork_sleep(), get_max_checks_number(), get_max_hosts_number(), attack_start_args::globals, handle_scan_stop_signal(), attack_start_args::host, attack_start_args::host_kb, host_kb, hosts, hosts_init(), hosts_new(), hosts_read(), hosts_set_pid(), KB_RETRY_DELAY, MAX_FORK_RETRIES, attack_start_args::net_kb, scan_globals::network_scan_status, network_scan_status(), scan_globals::network_targets, network_targets(), NSS_BUSY, NSS_DONE, openvas_signal, pid, plugins_scheduler_free(), plugins_scheduler_init(), report_kb_failure(), scan_is_stopped(), attack_start_args::sched, set_scan_status(), and timeval().
Referenced by attack_network(), and handle_client().
◆ attack_start()
Set up some data and jump into attack_host()
Definition at line 740 of file attack.c.
743 char ip_str[INET6_ADDRSTRLEN], *hostnames;
744 struct in6_addr hostip;
751 gettimeofday (&then, NULL);
753 kb_item_set_str (kb,
"internal/scan_id", globals->
scan_id, 0);
758 if (prefs_get_bool (
"expand_vhosts"))
759 gvm_host_add_reverse_lookup (args->
host);
760 if ((ret = gvm_vhosts_exclude (args->
host, prefs_get (
"exclude_hosts"))) > 0)
761 g_message (
"exclude_hosts: Skipped %d vhost(s).", ret);
762 gvm_host_get_addr6 (args->
host, &hostip);
763 addr6_to_str (&hostip, ip_str);
766 g_warning (
"Host %s access denied.", ip_str);
769 if (prefs_get_bool (
"test_empty_vhost"))
772 gvm_vhost_new (g_strdup (ip_str), g_strdup (
"IP-address"));
773 args->
host->vhosts = g_slist_prepend (args->
host->vhosts, vhost);
777 g_message (
"Testing %s (Vhosts: %s) [%d]", ip_str, hostnames, getpid ());
779 g_message (
"Testing %s [%d]", ip_str, getpid ());
787 gettimeofday (&now, NULL);
788 if (now.tv_usec < then.tv_usec)
791 now.tv_usec += 1000000;
793 g_message (
"Finished testing %s. Time : %ld.%.2ld secs", ip_str,
794 (
long) (now.tv_sec - then.tv_sec),
795 (
long) ((now.tv_usec - then.tv_usec) / 10000));
References attack_host(), check_host_authorization(), attack_start_args::globals, attack_start_args::host, attack_start_args::host_kb, attack_start_args::net_kb, scan_globals::scan_id, scan_is_stopped(), attack_start_args::sched, set_kb_readable(), timeval(), and vhosts_to_str().
Referenced by attack_network().
◆ check_host_authorization()
static int check_host_authorization |
( |
gvm_host_t * |
host, |
|
|
const struct in6_addr * |
addr, |
|
|
kb_t |
kb |
|
) |
| |
|
static |
Definition at line 706 of file attack.c.
709 gvm_hosts_t *hosts_allow, *hosts_deny;
710 gvm_hosts_t *sys_hosts_allow, *sys_hosts_deny;
713 hosts_allow = gvm_hosts_new (prefs_get (
"hosts_allow"));
714 hosts_deny = gvm_hosts_new (prefs_get (
"hosts_deny"));
720 sys_hosts_allow = gvm_hosts_new (prefs_get (
"sys_hosts_allow"));
721 sys_hosts_deny = gvm_hosts_new (prefs_get (
"sys_hosts_deny"));
725 kb,
"Host access denied (system-wide restriction.)", NULL);
729 gvm_hosts_free (hosts_allow);
730 gvm_hosts_free (hosts_deny);
731 gvm_hosts_free (sys_hosts_allow);
732 gvm_hosts_free (sys_hosts_deny);
References error_message_to_client2(), and host_authorized().
Referenced by attack_start().
◆ check_kb_access()
static int check_kb_access |
( |
| ) |
|
|
static |
◆ check_new_vhosts()
static void check_new_vhosts |
( |
| ) |
|
|
static |
Check if a plugin process pushed a new vhost value.
- Parameters
-
kb | Host scan KB. |
vhosts | List of vhosts to add new vhosts to. |
- Returns
- New vhosts list.
Definition at line 293 of file attack.c.
300 while ((value = kb_item_pop_str (
host_kb,
"internal/vhosts")))
303 char buffer[4096], *source;
306 g_snprintf (buffer,
sizeof (buffer),
"internal/source/%s", value);
307 source = kb_item_pop_str (
host_kb, buffer);
309 vhost = gvm_vhost_new (value, source);
References get_check_new_vhosts_flag(), host_kb, host_vhosts, and unset_check_new_vhosts_flag().
Referenced by launch_plugin().
◆ comm_send_status()
static int comm_send_status |
( |
kb_t |
kb, |
|
|
char * |
hostname, |
|
|
int |
curr, |
|
|
int |
max |
|
) |
| |
|
static |
Sends the status of a host's scan.
Definition at line 156 of file attack.c.
163 if (strlen (
hostname) > (
sizeof (buffer) - 50))
166 snprintf (buffer,
sizeof (buffer),
"%d/%d", curr,
max);
167 kb_item_push_str (kb,
"internal/status", buffer);
References hostname, and max.
Referenced by attack_host(), and Ensure().
◆ error_message_to_client2()
static void error_message_to_client2 |
( |
kb_t |
kb, |
|
|
const char * |
msg, |
|
|
const char * |
port |
|
) |
| |
|
static |
◆ fork_sleep()
static void fork_sleep |
( |
int |
n | ) |
|
|
static |
◆ get_check_new_vhosts_flag()
static int get_check_new_vhosts_flag |
( |
| ) |
|
|
static |
◆ handle_scan_stop_signal()
static void handle_scan_stop_signal |
( |
| ) |
|
|
static |
◆ host_authorized()
static int host_authorized |
( |
const gvm_host_t * |
host, |
|
|
const struct in6_addr * |
addr, |
|
|
const gvm_hosts_t * |
hosts_allow, |
|
|
const gvm_hosts_t * |
hosts_deny |
|
) |
| |
|
static |
◆ iface_authorized()
static int iface_authorized |
( |
const char * |
iface | ) |
|
|
static |
Definition at line 882 of file attack.c.
884 const char *ifaces_list;
889 ifaces_list = prefs_get (
"ifaces_deny");
892 ifaces_list = prefs_get (
"ifaces_allow");
896 ifaces_list = prefs_get (
"sys_ifaces_deny");
899 ifaces_list = prefs_get (
"sys_ifaces_allow");
References str_in_comma_list().
Referenced by apply_source_iface_preference().
◆ init_host_kb()
static kb_t init_host_kb |
( |
struct scan_globals * |
globals, |
|
|
char * |
ip_str, |
|
|
kb_t * |
network_kb |
|
) |
| |
|
static |
Inits or loads the knowledge base for a single host.
Fills the knowledge base with host-specific login information for local checks if defined.
- Parameters
-
globals | Global preference struct. |
ip_str | IP string of target host. |
- Returns
- A knowledge base.
Definition at line 480 of file attack.c.
483 gchar *hostname_pattern;
485 const gchar *kb_path = prefs_get (
"db_address");
492 rc = kb_new (&kb, kb_path);
499 hostname_pattern = g_strdup_printf (
"%s/*", ip_str);
501 g_free (hostname_pattern);
505 assert (network_kb != NULL);
506 assert (*network_kb != NULL);
511 rc = kb_new (&kb, kb_path);
References kb_duplicate(), network_scan_status(), NSS_BUSY, NSS_DONE, and report_kb_failure().
Referenced by attack_host().
◆ kb_duplicate()
static int kb_duplicate |
( |
kb_t |
dst, |
|
|
kb_t |
src, |
|
|
const gchar * |
filter |
|
) |
| |
|
static |
Definition at line 448 of file attack.c.
450 struct kb_item *items, *p_itm;
452 items = kb_item_get_pattern (src, filter ? filter :
"*");
453 for (p_itm = items; p_itm != NULL; p_itm = p_itm->next)
457 newname = strstr (p_itm->name,
"/");
459 newname = p_itm->name;
463 kb_item_add_str (dst, newname, p_itm->v_str, 0);
Referenced by init_host_kb().
◆ launch_plugin()
static int launch_plugin |
( |
struct scan_globals * |
globals, |
|
|
struct scheduler_plugin * |
plugin, |
|
|
struct in6_addr * |
ip, |
|
|
GSList * |
vhosts, |
|
|
kb_t |
kb |
|
) |
| |
|
static |
Launches a nvt. Respects safe check preference (i.e. does not try.
destructive nvt if save_checks is yes).
Does not launch a plugin twice if !save_kb_replay.
- Returns
- ERR_HOST_DEAD if host died, ERR_CANT_FORK if forking failed, 0 otherwise.
Definition at line 325 of file attack.c.
328 int optimize = prefs_get_bool (
"optimize_test"),
pid, ret = 0;
329 char *
oid, *
name, *error = NULL, ip_str[INET6_ADDRSTRLEN];
330 gboolean network_scan = FALSE;
333 addr6_to_str (ip, ip_str);
335 nvti = nvticache_get_nvt (
oid);
340 g_message (
"Plugin '%s' missing from nvticache.",
oid);
342 goto finish_launch_plugin;
346 if (nvti_category (nvti) !=
ACT_END)
349 goto finish_launch_plugin;
353 name = nvticache_get_filename (
oid);
354 g_message (
"Stopped scan wrap-up: Launching %s (%s)",
name,
oid);
362 if (prefs_get_bool (
"safe_checks")
365 if (prefs_get_bool (
"log_whole_attack"))
367 name = nvticache_get_filename (
oid);
368 g_message (
"Not launching %s (%s) against %s because safe checks are"
369 " enabled (this is not an error)",
374 goto finish_launch_plugin;
382 snprintf (asc_id,
sizeof (asc_id),
"Launched/%s",
oid);
384 if (kb_item_get_int (kb, asc_id) > 0)
386 if (prefs_get_bool (
"log_whole_attack"))
387 g_message (
"Not launching %s against %s because it has already "
388 "been lanched in the past (this is not an error)",
391 goto finish_launch_plugin;
394 kb_item_set_int (kb, asc_id, 1);
400 error =
"because a mandatory key is missing";
404 if (prefs_get_bool (
"log_whole_attack"))
406 name = nvticache_get_filename (
oid);
408 "Not launching %s (%s) against %s %s (this is not an error)",
name,
412 goto finish_launch_plugin;
416 if (kb_item_get_int (kb,
"Host/dead") > 0)
418 g_message (
"The remote host %s is dead", ip_str);
422 goto finish_launch_plugin;
432 goto finish_launch_plugin;
435 if (prefs_get_bool (
"log_whole_attack"))
437 name = nvticache_get_filename (
oid);
438 g_message (
"Launching %s (%s) against %s [%d]",
name,
oid, ip_str,
pid);
442 finish_launch_plugin:
References ACT_END, check_new_vhosts(), ERR_CANT_FORK, ERR_HOST_DEAD, mandatory_requirements_met(), name, network_scan_status(), NSS_BUSY, nvti_category_is_safe(), scheduler_plugin::oid, oid, pid, plugin_launch(), PLUGIN_STATUS_DONE, PLUGIN_STATUS_UNRUN, pluginlaunch_stop(), requirements_plugin(), scheduler_plugin::running_state, and scan_is_stopped().
Referenced by attack_host().
◆ network_scan_status()
◆ nvti_category_is_safe()
static int nvti_category_is_safe |
( |
int |
category | ) |
|
|
static |
◆ report_kb_failure()
static void report_kb_failure |
( |
int |
errcode | ) |
|
|
static |
Definition at line 182 of file attack.c.
186 errcode = abs (errcode);
187 msg = g_strdup_printf (
"WARNING: Cannot connect to KB at '%s': %s'",
188 prefs_get (
"db_address"), strerror (errcode));
189 g_warning (
"%s", msg);
Referenced by attack_network(), check_kb_access(), and init_host_kb().
◆ scan_is_stopped()
static int scan_is_stopped |
( |
| ) |
|
|
static |
◆ set_check_new_vhosts_flag()
static void set_check_new_vhosts_flag |
( |
| ) |
|
|
static |
◆ set_kb_readable()
static int set_kb_readable |
( |
int |
host_kb_index | ) |
|
|
static |
Add the Host KB index to the list of readable KBs used by ospd-openvas.
Definition at line 109 of file attack.c.
111 int i = atoi (prefs_get (
"ov_maindbid"));
114 main_kb = kb_direct_conn (prefs_get (
"db_address"), i);
117 kb_item_add_int_unique (main_kb,
"internal/dbindex", host_kb_index);
120 g_warning (
"Not possible to add the kb index %d to the list of "
Referenced by attack_start().
◆ set_scan_status()
static void set_scan_status |
( |
char * |
status | ) |
|
|
static |
Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly.
- Parameters
-
Definition at line 133 of file attack.c.
135 int i = atoi (prefs_get (
"ov_maindbid"));
138 main_kb = kb_direct_conn (prefs_get (
"db_address"), i);
142 char *scan_id = kb_item_get_str (main_kb, (
"internal/scanid"));
144 snprintf (buffer,
sizeof (buffer),
"internal/%s", scan_id);
145 kb_item_set_str (main_kb, buffer, status, 0);
149 g_warning (
"Not possible to set the scan as finished");
References scan_globals::scan_id.
Referenced by attack_network().
◆ str_in_comma_list()
static int str_in_comma_list |
( |
const char * |
str, |
|
|
const char * |
comma_list |
|
) |
| |
|
static |
Definition at line 849 of file attack.c.
851 gchar **element, **split;
853 if (str == NULL || comma_list == NULL)
856 split = g_strsplit (comma_list,
",", 0);
860 gchar *stripped = g_strstrip (*element);
862 if (stripped && strcmp (stripped, str) == 0)
Referenced by iface_authorized().
◆ unset_check_new_vhosts_flag()
static void unset_check_new_vhosts_flag |
( |
| ) |
|
|
static |
◆ vhosts_to_str()
static char* vhosts_to_str |
( |
GSList * |
list | ) |
|
|
static |
Definition at line 676 of file attack.c.
682 string = g_string_new (((gvm_vhost_t *)
list->data)->value);
683 if (g_slist_length (
list) == 1)
684 return g_string_free (
string, FALSE);
688 g_string_append (
string,
", ");
689 g_string_append (
string, ((gvm_vhost_t *)
list->data)->value);
692 return g_string_free (
string, FALSE);
References list::next.
Referenced by attack_start().
◆ check_new_vhosts_flag
int check_new_vhosts_flag = 0 |
|
static |
◆ global_scan_stop
◆ host_kb
◆ host_vhosts
GSList* host_vhosts = NULL |
|
static |
static int kb_duplicate(kb_t dst, kb_t src, const gchar *filter)
static int get_check_new_vhosts_flag()
Return check_new_vhosts_flag. After reading must be clean with unset_check_new_vhosts_flag(),...
static int host_authorized(const gvm_host_t *host, const struct in6_addr *addr, const gvm_hosts_t *hosts_allow, const gvm_hosts_t *hosts_deny)
void plugins_scheduler_stop(plugins_scheduler_t sched)
int hosts_read(void)
Returns -1 if client asked to stop all tests or connection was lost or error. 0 otherwise.
static int launch_plugin(struct scan_globals *globals, struct scheduler_plugin *plugin, struct in6_addr *ip, GSList *vhosts, kb_t kb)
Launches a nvt. Respects safe check preference (i.e. does not try.
void attack_network(struct scan_globals *globals, kb_t *network_kb)
Attack a whole network.
static void attack_host(struct scan_globals *globals, struct in6_addr *ip, GSList *vhosts, plugins_scheduler_t sched, kb_t kb, kb_t *net_kb)
Attack one host.
static int apply_source_iface_preference()
plugins_scheduler_t plugins_scheduler_init(const char *plugins_list, int autoload, int only_network, int *error)
static void report_kb_failure(int errcode)
static int iface_authorized(const char *iface)
static void fork_sleep(int n)
struct timeval timeval(unsigned long val)
static void set_check_new_vhosts_flag()
Set global check_new_vhosts_flag to indicate that new vhosts must be fetched.
void plugins_scheduler_free(plugins_scheduler_t sched)
static int comm_send_status(kb_t kb, char *hostname, int curr, int max)
Sends the status of a host's scan.
static int check_new_vhosts_flag
int plugins_scheduler_count_active(plugins_scheduler_t sched)
void(*)(int) openvas_signal(int signum, void(*handler)(int))
char * requirements_plugin(kb_t kb, nvti_t *nvti)
Determine if the plugin requirements are met.
static GSList * host_vhosts
static void error_message_to_client2(kb_t kb, const char *msg, const char *port)
struct scan_globals * globals
GHashTable * files_translation
int hosts_init(int max_hosts)
enum plugin_status running_state
static enum net_scan_status network_scan_status(struct scan_globals *globals)
static int str_in_comma_list(const char *str, const char *comma_list)
int hosts_new(char *name, kb_t kb)
void pluginlaunch_init(const char *host)
void pluginlaunch_wait(kb_t kb)
Waits and 'pushes' processes until num_running_processes is 0.
static int check_kb_access()
static int check_host_authorization(gvm_host_t *host, const struct in6_addr *addr, kb_t kb)
static void set_scan_status(char *status)
Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly.
static char * vhosts_to_str(GSList *list)
pid_t create_process(process_func_t function, void *argument)
Create a new process (fork).
void(* process_func_t)(void *)
int process_alive(pid_t pid)
plugins_scheduler_t sched
int plugin_launch(struct scan_globals *globals, struct scheduler_plugin *plugin, struct in6_addr *ip, GSList *vhosts, kb_t kb, nvti_t *nvti)
static int scan_is_stopped()
char * network_scan_status
static kb_t init_host_kb(struct scan_globals *globals, char *ip_str, kb_t *network_kb)
Inits or loads the knowledge base for a single host.
Host information, implemented as doubly linked list.
static void attack_start(struct attack_start_args *args)
Set up some data and jump into attack_host()
int get_max_checks_number(void)
void hosts_stop_all(void)
static void handle_scan_stop_signal()
int mandatory_requirements_met(kb_t kb, nvti_t *nvti)
Check whether mandatory requirements for plugin are met.
void pluginlaunch_wait_for_free_process(kb_t kb)
Waits and 'pushes' processes until the number of running processes has changed.
static void check_new_vhosts()
Check if a plugin process pushed a new vhost value.
static void unset_check_new_vhosts_flag()
Unset global check_new_vhosts_flag. Must be called once the vhosts have been fetched.
int get_max_hosts_number(void)
static int nvti_category_is_safe(int category)
Checks that an NVT category is safe.
int hosts_set_pid(char *name, pid_t pid)
static struct host * hosts
static int set_kb_readable(int host_kb_index)
Add the Host KB index to the list of readable KBs used by ospd-openvas.
struct scheduler_plugin * plugins_scheduler_next(plugins_scheduler_t h)
tree_cell * network_targets(lex_ctxt *lexic)
static void apply_hosts_preferences(gvm_hosts_t *hosts)