oproto

zelmor · May 16, 2019 · ae4b908 · ae4b908
1 parent 0e17953
commit ae4b908
Show file tree

Hide file tree

Showing 20 changed files with 310 additions and 86 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,3 @@
 paused.conf
 .Makefile.swp
-
+.vscode
diff --git a/src/main-conf.c b/src/main-conf.c
@@ -1787,6 +1787,13 @@ masscan_set_parameter(struct Masscan *masscan,
         if (masscan->op == 0)
             masscan->op = Operation_Scan;
     }
+    else if (EQUALS("oprotos", name) || EQUALS("oproto", name)) {
+        unsigned is_error = 0;
+        masscan->scan_type.oproto = 1;
+        rangelist_parse_ports(&masscan->ports, value, &is_error, Templ_Oproto_first);
+        if (masscan->op == 0)
+            masscan->op = Operation_Scan;
+    }
     else if (EQUALS("tcp-ports", name) || EQUALS("tcp-port", name)) {
         unsigned is_error = 0;
         masscan->scan_type.tcp = 1;
@@ -2300,8 +2307,10 @@ masscan_load_database_files(struct Masscan *masscan)
     if (filename) {
         if (masscan->payloads.udp == NULL)
             masscan->payloads.udp = payloads_udp_create();
-
-        payloads_read_pcap(filename, masscan->payloads.udp);
+        if (masscan->payloads.oproto == NULL)
+            masscan->payloads.oproto = payloads_udp_create();
+
+        payloads_read_pcap(filename, masscan->payloads.udp, masscan->payloads.oproto);
     }
 
     /*
@@ -2626,9 +2635,9 @@ masscan_command_line(struct Masscan *masscan, int argc, char *argv[])
                     case 'N':
                         fprintf(stderr, "nmap(%s): NULL scan not yet supported\n", argv[i]);
                         exit(1);
-                    case 'O':
-                        fprintf(stderr, "nmap(%s): IP proto scan not yet supported\n", argv[i]);
-                        exit(1);
+                    case 'O': /* Other IP protocols (not ICMP, UDP, TCP, or SCTP) */
+                        masscan->scan_type.oproto = 1;
+                        break;
                     case 'S': /* TCP SYN scan - THIS IS WHAT WE DO! */
                         masscan->scan_type.tcp = 1;
                         break;
@@ -2720,7 +2729,8 @@ masscan_command_line(struct Masscan *masscan, int argc, char *argv[])
      * If no other "scan type" found, then default to TCP
      */
     if (masscan->scan_type.udp == 0 && masscan->scan_type.sctp == 0
-        && masscan->scan_type.ping == 0 && masscan->scan_type.arp == 0)
+        && masscan->scan_type.ping == 0 && masscan->scan_type.arp == 0
+        && masscan->scan_type.oproto == 0)
         masscan->scan_type.tcp = 1;
 
     /*
@@ -2798,6 +2808,11 @@ masscan_echo(struct Masscan *masscan, FILE *fp, unsigned is_echo_all)
                 rrange.end -= Templ_UDP;
                 fprintf(fp,"U:");
                 range.begin = Templ_SCTP;
+            } else if (Templ_Oproto_first <= rrange.begin && rrange.begin <= Templ_Oproto_last) {
+                rrange.begin -= Templ_Oproto_first;
+                rrange.end -= Templ_Oproto_first;
+                fprintf(fp, "O:");
+                range.begin = Templ_Oproto_first;
             } else
                 range.begin = Templ_UDP;
             rrange.end = min(rrange.end, 65535);

diff --git a/src/main.c b/src/main.c
@@ -54,6 +54,7 @@
 #include "crypto-base64.h"      /* base64 encode/decode */
 #include "pixie-backtrace.h"
 #include "proto-sctp.h"
+#include "proto-oproto.h"       /* Other protocols on top of IP */
 #include "vulncheck.h"          /* checking vulns like monlist, poodle, heartblee */
 #include "main-readrange.h"
 #include "scripting.h"
@@ -829,6 +830,9 @@ receive_thread(void *v)
             case FOUND_SCTP:
                 handle_sctp(out, secs, px, length, cookie, &parsed, entropy);
                 break;
+            case FOUND_OPROTO: /* other IP proto */
+                handle_oproto(out, secs, px, length, &parsed, entropy);
+                break;
             case FOUND_TCP:
                 /* fall down to below */
                 break;
@@ -1141,6 +1145,7 @@ main_scan(struct Masscan *masscan)
      * makes lookups faster at high packet rates.
      */
     payloads_udp_trim(masscan->payloads.udp, &masscan->ports);
+    payloads_oproto_trim(masscan->payloads.oproto, &masscan->ports);
 
     /* Optimize target selection so it's a quick binary search instead
      * of walking large memory tables. When we scan the entire Internet
@@ -1204,6 +1209,7 @@ main_scan(struct Masscan *masscan)
                     parms->adapter_mac,
                     parms->router_mac,
                     masscan->payloads.udp,
+                    masscan->payloads.oproto,
                     rawsock_datalink(masscan->nic[index].adapter),
                     masscan->seed);
 
@@ -1503,6 +1509,7 @@ int main(int argc, char *argv[])
     masscan->shard.of = 1;
     masscan->min_packet_size = 60;
     masscan->payloads.udp = payloads_udp_create();
+    masscan->payloads.oproto = payloads_oproto_create();
     strcpy_s(   masscan->output.rotate.directory,
                 sizeof(masscan->output.rotate.directory),
                 ".");

diff --git a/src/masscan.h b/src/masscan.h
@@ -97,10 +97,11 @@ struct Masscan
 
     struct {
         unsigned tcp:1;
-        unsigned udp:1;
+        unsigned udp:1;     /* -sU */
         unsigned sctp:1;
-        unsigned ping:1; /* --ping, ICMP echo */
-        unsigned arp:1; /* --arp, local ARP scan */
+        unsigned ping:1;    /* --ping, ICMP echo */
+        unsigned arp:1;     /* --arp, local ARP scan */
+        unsigned oproto:1;  /* -sO */
     } scan_type;
 
     /**
@@ -369,6 +370,7 @@ struct Masscan
         char *nmap_service_probes_filename;
 
         struct PayloadsUDP *udp;
+        struct PayloadsUDP *oproto;
         struct TcpCfgPayloads *tcp;
         struct NmapServiceProbeList *probes;
     } payloads;

diff --git a/src/out-grepable.c b/src/out-grepable.c
@@ -10,10 +10,10 @@
 /****************************************************************************
  ****************************************************************************/
 static unsigned
-count_type(const struct RangeList *ports, int type)
+count_type(const struct RangeList *ports, int start_type, int end_type)
 {
-    unsigned min_port = type;
-    unsigned max_port = type + 65535;
+    unsigned min_port = start_type;
+    unsigned max_port = end_type;
     unsigned i;
     unsigned result = 0;
 
@@ -84,22 +84,28 @@ grepable_out_open(struct Output *out, FILE *fp)
     fprintf(fp, "# Masscan " MASSCAN_VERSION " scan initiated %s\n", 
                 timestamp);
 
-    count = count_type(&out->masscan->ports, Templ_TCP);
+    count = count_type(&out->masscan->ports, Templ_TCP, Templ_TCP_last);
     fprintf(fp, "# Ports scanned: TCP(%u;", count);
     if (count)
         print_port_list(&out->masscan->ports, Templ_TCP, fp);
 
-    count = count_type(&out->masscan->ports, Templ_UDP);
+    count = count_type(&out->masscan->ports, Templ_UDP, Templ_UDP_last);
     fprintf(fp, ") UDP(%u;", count);
     if (count)
         print_port_list(&out->masscan->ports, Templ_UDP, fp);
-
-    count = count_type(&out->masscan->ports, Templ_SCTP);
+
+
+    count = count_type(&out->masscan->ports, Templ_SCTP, Templ_SCTP_last);
     fprintf(fp, ") SCTP(%u;", count);
     if (count)
         print_port_list(&out->masscan->ports, Templ_SCTP, fp);
 
-    fprintf(fp, ") PROTOCOLS(0;)\n");
+    count = count_type(&out->masscan->ports, Templ_Oproto_first, Templ_Oproto_last);
+    fprintf(fp, ") PROTOCOLS(%u;", count);
+    if (count)
+        print_port_list(&out->masscan->ports, Templ_Oproto_first, fp);
+
+    fprintf(fp, ")\n");
 }
 
 /****************************************************************************
@@ -145,7 +151,7 @@ grepable_out_status(struct Output *out, FILE *fp, time_t timestamp,
     else if (ip_proto == 17)
         service = udp_service_name(port);
     else
-        service = "";
+        service = oproto_service_name(ip_proto);
 
 	fprintf(fp, "Timestamp: %lu", timestamp);     
 

diff --git a/src/out-tcp-services.c b/src/out-tcp-services.c
@@ -15,7 +15,7 @@
 
 static char *tcp_services[65536];
 static char *udp_services[65536];
-
+static char *oproto_services[256];
 
 
 const char *
@@ -82,3 +82,20 @@ udp_service_name(int port)
     }
 #endif
 }
+
+const char *
+oproto_service_name(int port)
+{
+    if (oproto_services[port])
+        return oproto_services[port];
+    {
+        struct protoent *result;
+
+        result = getprotobynumber(port);
+
+        if (result == 0)
+            return "unknown";
+
+        return oproto_services[port] = strdup(result->p_name);
+    }
+}
diff --git a/src/out-tcp-services.h b/src/out-tcp-services.h
@@ -3,6 +3,7 @@
 
 const char *tcp_service_name(int port);
 const char *udp_service_name(int port);
+const char *oproto_service_name(int protocol_number);
 
 #endif
 
diff --git a/src/output.c b/src/output.c
@@ -793,6 +793,9 @@ output_report_status(struct Output *out, time_t timestamp, int status,
             case 132:
                 out->counts.sctp.open++;
                 break;
+            default:
+                out->counts.oproto.open++;
+                break;
             }
             if (!out->is_show_open)
                 return;

diff --git a/src/output.h b/src/output.h
@@ -106,6 +106,10 @@ struct Output
         struct {
             uint64_t open;
         } arp;
+        struct {
+            uint64_t open;
+            uint64_t closed;
+        } oproto;
     } counts;
 
     struct {

diff --git a/src/proto-oproto.c b/src/proto-oproto.c
@@ -0,0 +1,10 @@
+#include "proto-oproto.h"
+
+void
+handle_oproto(struct Output *out, time_t timestamp,
+              const unsigned char *px, unsigned length,
+              struct PreprocessedInfo *parsed,
+              uint64_t entropy)
+{
+
+}
diff --git a/src/proto-oproto.h b/src/proto-oproto.h
@@ -0,0 +1,25 @@
+/*
+ Other IP protocol (not TCP, UDP, TCP, ICMP
+ Specificaly for scanning things like GRE.
+ */
+#ifndef PROTO_OPROTO_H
+#define PROTO_OPROTO_H
+#include <stdint.h>
+#include <time.h>
+struct Output;
+struct PreprocessedInfo;
+
+
+/**
+ * Parse an incoming response.
+ * @param entropy
+ *      The random seed, used in calculating syn-cookies.
+ */
+void
+handle_oproto(struct Output *out, time_t timestamp,
+           const unsigned char *px, unsigned length,
+           struct PreprocessedInfo *parsed,
+           uint64_t entropy);
+
+#endif
+
diff --git a/src/proto-preprocess.c b/src/proto-preprocess.c
@@ -127,7 +127,9 @@ preprocess_frame(const unsigned char *px, unsigned length, unsigned link_type,
         case   6: goto parse_tcp;
         case  17: goto parse_udp;
         case 132: goto parse_sctp;
-        default: return 0; /* todo: should add more protocols, like ICMP */
+        default:
+                VERIFY_REMAINING(0, FOUND_OPROTO);
+                return 0; /* todo: should add more protocols, like ICMP */
         }
     }
 

diff --git a/src/proto-preprocess.h b/src/proto-preprocess.h
@@ -22,6 +22,7 @@ enum {
     FOUND_LLC,
     FOUND_ARP,
     FOUND_SLL, /* Linux SLL */
+    FOUND_OPROTO, /* some other IP protocol */
 };
 struct PreprocessedInfo {
     const unsigned char *mac_src;

diff --git a/src/ranges.c b/src/ranges.c
@@ -784,6 +784,9 @@ rangelist_parse_ports(struct RangeList *ports, const char *string, unsigned *is_
                 case 'S': case 's':
                     proto_offset = Templ_SCTP;
                     break;
+                case 'O': case 'o':
+                    proto_offset = Templ_Oproto_first;
+                    break;
                 case 'I': case 'i':
                     proto_offset = Templ_ICMP_echo;
                     break;
@@ -805,7 +808,11 @@ rangelist_parse_ports(struct RangeList *ports, const char *string, unsigned *is_
             end = (unsigned)strtoul(p, &p, 0);
         }
 
-        if (port > 0xFFFF || end > 0xFFFF || end < port) {
+        if (port > 0xFF && proto_offset == Templ_Oproto_first) {
+            fprintf(stderr, "bad ports: %u-%u\n", port, end);
+            *is_error = 2;
+            return p;
+        } else if (port > 0xFFFF || end > 0xFFFF || end < port) {
             fprintf(stderr, "bad ports: %u-%u\n", port, end);
             *is_error = 2;
             return p;