OpenVAS Libraries  9.0.3
nasl_builtin_find_service.c File Reference
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include <signal.h>
#include <ctype.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include "../misc/arglists.h"
#include "../misc/network.h"
#include "../misc/plugutils.h"
#include "../base/nvticache.h"
#include "nasl_lex_ctxt.h"
#include <glib.h>
Include dependency graph for nasl_builtin_find_service.c:

Go to the source code of this file.

Macros

#define SMART_TCP_RW
 
#define CERT_FILE   "SSL certificate : "
 
#define KEY_FILE   "SSL private key : "
 
#define PEM_PASS   "PEM password : "
 
#define CA_FILE   "CA file : "
 
#define CNX_TIMEOUT_PREF   "Network connection timeout : "
 
#define RW_TIMEOUT_PREF   "Network read/write timeout : "
 
#define WRAP_TIMEOUT_PREF   "Wrapped service read timeout : "
 
#define TEST_SSL_PREF   "Test SSL based services"
 
#define NUM_CHILDREN   "Number of connections done in parallel : "
 
#define MAX_SHIFT   (3*365*86400)
 
#define DIFF_1970_1900   2208988800U
 
#define ABS(x)   (((x) < 0) ? -(x):(x))
 
#define DIFFTV1000(t1, t2)   ((t1.tv_sec - t2.tv_sec)*1000 + (t1.tv_usec - t2.tv_usec)/1000)
 
#define TESTSTRING   "OpenVAS Wrap Test"
 
#define MAX_SONS   128
 

Functions

void mark_echo_server (struct arglist *desc, int port)
 
void mark_ncacn_http_server (struct arglist *desc, int port, char *buffer)
 
void mark_vnc_server (struct arglist *desc, int port, char *buffer)
 
void mark_nntp_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_swat_server (struct arglist *desc, int port, unsigned char *buffer)
 
void mark_vqserver (struct arglist *desc, int port, unsigned char *buffer)
 
void mark_mldonkey (struct arglist *desc, int port, unsigned char *buffer)
 
void mark_http_server (struct arglist *desc, int port, unsigned char *buffer, int trp)
 
void mark_locked_adsubtract_server (struct arglist *desc, int port, unsigned char *buffer, int trp)
 
void mark_rmserver (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_smtp_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_snpp_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_ftp_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_ssh_server (struct arglist *desc, int port, char *buffer)
 
void mark_http_proxy (struct arglist *desc, int port, unsigned char *buffer, int trp)
 
void mark_pop_server (struct arglist *desc, int port, char *buffer)
 
void mark_imap_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_auth_server (struct arglist *desc, int port, char *buffer)
 
void mark_postgresql (struct arglist *desc, int port, char *buffer)
 
void mark_mysql (struct arglist *desc, int port, char *buffer)
 
void mark_cvspserver (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_cvsupserver (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_cvslockserver (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_rsync (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_wild_shell (struct arglist *desc, int port, char *buffer)
 
void mark_telnet_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_gnome14_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_eggdrop_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_netbus_server (struct arglist *desc, int port, char *buffer)
 
void mark_linuxconf (struct arglist *desc, int port, unsigned char *buffer)
 
void mark_listserv_server (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_fssniffer (struct arglist *desc, int port, char *buffer, int trp)
 
void mark_remote_nc_server (struct arglist *desc, int port, char *buffer, int trp)
 
tree_cellplugin_run_find_service (lex_ctxt *lexic)
 

Variables

const char * oid
 

Macro Definition Documentation

◆ ABS

#define ABS (   x)    (((x) < 0) ? -(x):(x))

◆ CA_FILE

#define CA_FILE   "CA file : "

Definition at line 46 of file nasl_builtin_find_service.c.

◆ CERT_FILE

#define CERT_FILE   "SSL certificate : "

Definition at line 43 of file nasl_builtin_find_service.c.

◆ CNX_TIMEOUT_PREF

#define CNX_TIMEOUT_PREF   "Network connection timeout : "

Definition at line 47 of file nasl_builtin_find_service.c.

◆ DIFF_1970_1900

#define DIFF_1970_1900   2208988800U

Definition at line 1489 of file nasl_builtin_find_service.c.

◆ DIFFTV1000

#define DIFFTV1000 (   t1,
  t2 
)    ((t1.tv_sec - t2.tv_sec)*1000 + (t1.tv_usec - t2.tv_usec)/1000)

◆ KEY_FILE

#define KEY_FILE   "SSL private key : "

Definition at line 44 of file nasl_builtin_find_service.c.

◆ MAX_SHIFT

#define MAX_SHIFT   (3*365*86400)

Definition at line 1488 of file nasl_builtin_find_service.c.

◆ MAX_SONS

#define MAX_SONS   128

Definition at line 2465 of file nasl_builtin_find_service.c.

◆ NUM_CHILDREN

#define NUM_CHILDREN   "Number of connections done in parallel : "

Definition at line 53 of file nasl_builtin_find_service.c.

◆ PEM_PASS

#define PEM_PASS   "PEM password : "

Definition at line 45 of file nasl_builtin_find_service.c.

◆ RW_TIMEOUT_PREF

#define RW_TIMEOUT_PREF   "Network read/write timeout : "

Definition at line 48 of file nasl_builtin_find_service.c.

◆ SMART_TCP_RW

#define SMART_TCP_RW

Definition at line 19 of file nasl_builtin_find_service.c.

◆ TEST_SSL_PREF

#define TEST_SSL_PREF   "Test SSL based services"

Definition at line 50 of file nasl_builtin_find_service.c.

◆ TESTSTRING

#define TESTSTRING   "OpenVAS Wrap Test"

◆ WRAP_TIMEOUT_PREF

#define WRAP_TIMEOUT_PREF   "Wrapped service read timeout : "

Definition at line 49 of file nasl_builtin_find_service.c.

Function Documentation

◆ mark_auth_server()

void mark_auth_server ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 383 of file nasl_builtin_find_service.c.

384 {
385  register_service (desc, port, "auth");
386  post_log (oid, desc, port, "An identd server is running on this port");
387 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_cvslockserver()

void mark_cvslockserver ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 428 of file nasl_builtin_find_service.c.

429 {
430  register_service (desc, port, "cvslockserver");
431  /* if (port != 2401) */
432  post_log (oid, desc, port, "A CVSLock server server is running on this port");
433 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_cvspserver()

void mark_cvspserver ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 411 of file nasl_builtin_find_service.c.

412 {
413  register_service (desc, port, "cvspserver");
414  /* if (port != 2401) */
415  post_log (oid, desc, port, "A CVS pserver server is running on this port");
416 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_cvsupserver()

void mark_cvsupserver ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 420 of file nasl_builtin_find_service.c.

421 {
422  register_service (desc, port, "cvsup");
423  post_log (oid, desc, port, "A CVSup server is running on this port");
424 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_echo_server()

void mark_echo_server ( struct arglist desc,
int  port 
)

Definition at line 102 of file nasl_builtin_find_service.c.

103 {
104  register_service (desc, port, "echo");
105  post_log (oid, desc, port, "An echo server is running on this port");
106 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_eggdrop_server()

void mark_eggdrop_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 480 of file nasl_builtin_find_service.c.

481 {
482  char ban[255];
483  register_service (desc, port, "eggdrop");
484  {
485  snprintf (ban, sizeof (ban),
486  "An eggdrop IRC bot seems to be running a control server on this port%s",
487  get_encaps_through (trp));
488  post_log (oid, desc, port, ban);
489  }
490 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_fssniffer()

void mark_fssniffer ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 1123 of file nasl_builtin_find_service.c.

1124 {
1125  char ban[255];
1126  register_service (desc, port, "FsSniffer");
1127  {
1128  snprintf (ban, sizeof (ban),
1129  "A FsSniffer backdoor seems to be running on this port%s",
1130  get_encaps_through (trp));
1131  post_alarm (oid, desc, port, ban);
1132  }
1133 }
const char * oid
void post_alarm(const char *oid, struct arglist *desc, int port, const char *action)
Definition: plugutils.c:425
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_ftp_server()

void mark_ftp_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 279 of file nasl_builtin_find_service.c.

280 {
281  register_service (desc, port, "ftp");
282 
283  if (buffer != NULL)
284  {
285  char ban[255];
286 
287  snprintf (ban, sizeof (ban), "ftp/banner/%d", port);
288  plug_replace_key (desc, ban, ARG_STRING, buffer);
289  }
290  if (buffer != NULL)
291  {
292  char *report = g_malloc0 (255 + strlen (buffer));
293  char *t = strchr (buffer, '\n');
294  if (t != NULL)
295  t[0] = '\0';
296  snprintf (report, 255 + strlen (buffer), "An FTP server is running on this port%s.\n\
297 Here is its banner : \n%s",
298  get_encaps_through (trp), buffer);
299  post_log (oid, desc, port, report);
300  g_free (report);
301  }
302  else
303  {
304  char report[255];
305  snprintf (report, sizeof (report),
306  "An FTP server is running on this port%s.",
307  get_encaps_through (trp));
308  post_log (oid, desc, port, report);
309  }
310 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_gnome14_server()

void mark_gnome14_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 467 of file nasl_builtin_find_service.c.

468 {
469  char ban[255];
470  register_service (desc, port, "gnome14");
471  {
472  snprintf (ban, sizeof (ban),
473  "A Gnome 1.4 server seems to be running on this port%s",
474  get_encaps_through (trp));
475  post_log (oid, desc, port, ban);
476  }
477 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_http_proxy()

void mark_http_proxy ( struct arglist desc,
int  port,
unsigned char *  buffer,
int  trp 
)

Definition at line 323 of file nasl_builtin_find_service.c.

324 {
325  char ban[512];
326  /* the banner is in www/banner/port */
327  register_service (desc, port, "http_proxy");
328  snprintf (ban, sizeof (ban), "An HTTP proxy is running on this port%s",
329  get_encaps_through (trp));
330  post_log (oid, desc, port, ban);
331 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_http_server()

void mark_http_server ( struct arglist desc,
int  port,
unsigned char *  buffer,
int  trp 
)

Definition at line 173 of file nasl_builtin_find_service.c.

175 {
176  char ban[512];
177  register_service (desc, port, "www");
178  snprintf (ban, sizeof (ban), "www/banner/%d", port);
179  plug_replace_key (desc, ban, ARG_STRING, buffer);
180  snprintf (ban, sizeof (ban), "A web server is running on this port%s",
181  get_encaps_through (trp));
182  post_log (oid, desc, port, ban);
183 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_imap_server()

void mark_imap_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 369 of file nasl_builtin_find_service.c.

370 {
371  char ban[512];
372  register_service (desc, port, "imap");
373  snprintf (ban, sizeof (ban), "imap/banner/%d", port);
374  plug_replace_key (desc, ban, ARG_STRING, buffer);
375  {
376  snprintf (ban, sizeof (ban), "An IMAP server is running on this port%s",
377  get_encaps_through (trp));
378  post_log (oid, desc, port, ban);
379  }
380 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_linuxconf()

void mark_linuxconf ( struct arglist desc,
int  port,
unsigned char *  buffer 
)

Definition at line 501 of file nasl_builtin_find_service.c.

502 {
503  char ban[512];
504  register_service (desc, port, "linuxconf");
505  snprintf (ban, sizeof (ban), "linuxconf/banner/%d", port);
506  plug_replace_key (desc, ban, ARG_STRING, buffer);
507  post_log (oid, desc, port, "Linuxconf is running on this port");
508 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38

◆ mark_listserv_server()

void mark_listserv_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 1109 of file nasl_builtin_find_service.c.

1110 {
1111  char ban[255];
1112  register_service (desc, port, "listserv");
1113  {
1114  snprintf (ban, sizeof (ban),
1115  "A LISTSERV daemon seems to be running on this port%s",
1116  get_encaps_through (trp));
1117  post_log (oid, desc, port, ban);
1118  }
1119 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_locked_adsubtract_server()

void mark_locked_adsubtract_server ( struct arglist desc,
int  port,
unsigned char *  buffer,
int  trp 
)

Definition at line 187 of file nasl_builtin_find_service.c.

189 {
190  char ban[512];
191  register_service (desc, port, "AdSubtract");
192  snprintf (ban, sizeof (ban), "AdSubtract/banner/%d", port);
193  plug_replace_key (desc, ban, ARG_STRING, buffer);
194  snprintf (ban, sizeof (ban),
195  "A (locked) AdSubtract server is running on this port%s",
196  get_encaps_through (trp));
197  post_log (oid, desc, port, ban);
198 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_mldonkey()

void mark_mldonkey ( struct arglist desc,
int  port,
unsigned char *  buffer 
)

Definition at line 162 of file nasl_builtin_find_service.c.

163 {
164  char ban[512];
165  register_service (desc, port, "mldonkey");
166  snprintf (ban, sizeof (ban), "A mldonkey server is running on this port");
167  post_log (oid, desc, port, ban);
168 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_mysql()

void mark_mysql ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 403 of file nasl_builtin_find_service.c.

404 {
405  register_service (desc, port, "mysql");
406  /* if (port != 3306) */
407  post_log (oid, desc, port, "A MySQL server is running on this port");
408 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_ncacn_http_server()

void mark_ncacn_http_server ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 109 of file nasl_builtin_find_service.c.

110 {
111  char ban[256];
112  if (port == 593)
113  {
114  register_service (desc, port, "http-rpc-epmap");
115  snprintf (ban, sizeof (ban), "http-rpc-epmap/banner/%d", port);
116  plug_replace_key (desc, ban, ARG_STRING, buffer);
117  }
118  else
119  {
120  register_service (desc, port, "ncacn_http");
121  snprintf (ban, sizeof (ban), "ncacn_http/banner/%d", port);
122  plug_replace_key (desc, ban, ARG_STRING, buffer);
123  }
124 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
#define ARG_STRING
Definition: arglists.h:38

◆ mark_netbus_server()

void mark_netbus_server ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 493 of file nasl_builtin_find_service.c.

494 {
495  register_service (desc, port, "netbus");
496  post_alarm (oid, desc, port, "NetBus is running on this port");
497 }
const char * oid
void post_alarm(const char *oid, struct arglist *desc, int port, const char *action)
Definition: plugutils.c:425

◆ mark_nntp_server()

void mark_nntp_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 136 of file nasl_builtin_find_service.c.

137 {
138  char ban[512];
139  register_service (desc, port, "nntp");
140  snprintf (ban, sizeof (ban), "nntp/banner/%d", port);
141  plug_replace_key (desc, ban, ARG_STRING, buffer);
142  snprintf (ban, sizeof (ban), "An NNTP server is running on this port%s",
143  get_encaps_through (trp));
144  post_log (oid, desc, port, ban);
145 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_pop_server()

void mark_pop_server ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 334 of file nasl_builtin_find_service.c.

335 {
336  char *c = strchr (buffer, '\n');
337  char ban[512];
338  char *buffer2;
339  int i;
340  if (c)
341  c[0] = 0;
342  buffer2 = g_strdup (buffer);
343  for (i = 0; i < strlen (buffer2); i++)
344  buffer2[i] = tolower (buffer2[i]);
345  if (!strcmp (buffer2, "+ok"))
346  {
347  register_service (desc, port, "pop1");
348  snprintf (ban, sizeof (ban), "pop1/banner/%d", port);
349  plug_replace_key (desc, ban, ARG_STRING, buffer);
350  }
351  else if (strstr (buffer2, "pop2"))
352  {
353  register_service (desc, port, "pop2");
354  snprintf (ban, sizeof (ban), "pop2/banner/%d", port);
355  plug_replace_key (desc, ban, ARG_STRING, buffer);
356  post_log (oid, desc, port, "a pop2 server is running on this port");
357  }
358  else
359  {
360  register_service (desc, port, "pop3");
361  snprintf (ban, sizeof (ban), "pop3/banner/%d", port);
362  plug_replace_key (desc, ban, ARG_STRING, buffer);
363  post_log (oid, desc, port, "A pop3 server is running on this port");
364  }
365  g_free (buffer2);
366 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38

◆ mark_postgresql()

void mark_postgresql ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 395 of file nasl_builtin_find_service.c.

396 {
397  register_service (desc, port, "postgresql");
398  /* if (port != 5432) */
399  post_log (oid, desc, port, "A PostgreSQL server is running on this port");
400 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_remote_nc_server()

void mark_remote_nc_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 1136 of file nasl_builtin_find_service.c.

1137 {
1138  char ban[255];
1139  register_service (desc, port, "RemoteNC");
1140  {
1141  snprintf (ban, sizeof (ban),
1142  "A RemoteNC backdoor seems to be running on this port%s",
1143  get_encaps_through (trp));
1144  post_log (oid, desc, port, ban);
1145  }
1146 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_rmserver()

void mark_rmserver ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 223 of file nasl_builtin_find_service.c.

224 {
225  char ban[512];
226  register_service (desc, port, "realserver");
227  snprintf (ban, sizeof (ban), "realserver/banner/%d", port);
228  plug_replace_key (desc, ban, ARG_STRING, buffer);
229 
230  snprintf (ban, sizeof (ban), "A RealMedia server is running on this port%s",
231  get_encaps_through (trp));
232  post_log (oid, desc, port, ban);
233 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_rsync()

void mark_rsync ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 436 of file nasl_builtin_find_service.c.

437 {
438  register_service (desc, port, "rsync");
439  post_log (oid, desc, port, "A rsync server is running on this port");
440 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_smtp_server()

void mark_smtp_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 236 of file nasl_builtin_find_service.c.

237 {
238  char ban[512];
239  register_service (desc, port, "smtp");
240  snprintf (ban, sizeof (ban), "smtp/banner/%d", port);
241  plug_replace_key (desc, ban, ARG_STRING, buffer);
242 
243  if (strstr (buffer, " postfix"))
244  plug_replace_key (desc, "smtp/postfix", ARG_INT, (void *) 1);
245 
246  {
247  char *report = g_malloc0 (255 + strlen (buffer));
248  char *t = strchr (buffer, '\n');
249  if (t)
250  t[0] = 0;
251  snprintf (report, 255 + strlen (buffer), "An SMTP server is running on this port%s\n\
252 Here is its banner : \n%s",
253  get_encaps_through (trp), buffer);
254  post_log (oid, desc, port, report);
255  g_free (report);
256  }
257 }
#define ARG_INT
Definition: arglists.h:40
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_snpp_server()

void mark_snpp_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 260 of file nasl_builtin_find_service.c.

261 {
262  char ban[512], *report, *t;
263  register_service (desc, port, "snpp");
264  snprintf (ban, sizeof (ban), "snpp/banner/%d", port);
265  plug_replace_key (desc, ban, ARG_STRING, buffer);
266 
267  report = g_malloc0 (255 + strlen (buffer));
268  t = strchr (buffer, '\n');
269  if (t != NULL)
270  *t = '\0';
271  snprintf (report, 255 + strlen (buffer),
272  "An SNPP server is running on this port%s\n\
273 Here is its banner : \n%s", get_encaps_through (trp), buffer);
274  post_log (oid, desc, port, report);
275  g_free (report);
276 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
#define ARG_STRING
Definition: arglists.h:38
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_ssh_server()

void mark_ssh_server ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 313 of file nasl_builtin_find_service.c.

314 {
315  register_service (desc, port, "ssh");
316  while ((buffer[strlen (buffer) - 1] == '\n') ||
317  (buffer[strlen (buffer) - 1] == '\r'))
318  buffer[strlen (buffer) - 1] = '\0';
319  post_log (oid, desc, port, "An ssh server is running on this port");
320 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445

◆ mark_swat_server()

void mark_swat_server ( struct arglist desc,
int  port,
unsigned char *  buffer 
)

Definition at line 149 of file nasl_builtin_find_service.c.

150 {
151  register_service (desc, port, "swat");
152 }

◆ mark_telnet_server()

void mark_telnet_server ( struct arglist desc,
int  port,
char *  buffer,
int  trp 
)

Definition at line 454 of file nasl_builtin_find_service.c.

455 {
456  char ban[255];
457  register_service (desc, port, "telnet");
458  {
459  snprintf (ban, sizeof (ban),
460  "A telnet server seems to be running on this port%s",
461  get_encaps_through (trp));
462  post_log (oid, desc, port, ban);
463  }
464 }
const char * oid
void post_log(const char *oid, struct arglist *desc, int port, const char *action)
Post a log message about a tcp port.
Definition: plugutils.c:445
const char * get_encaps_through(openvas_encaps_t code)
Definition: network.c:1759

◆ mark_vnc_server()

void mark_vnc_server ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 127 of file nasl_builtin_find_service.c.

128 {
129  char ban[512];
130  register_service (desc, port, "vnc");
131  snprintf (ban, sizeof (ban), "vnc/banner/%d", port);
132  plug_replace_key (desc, ban, ARG_STRING, buffer);
133 }
void plug_replace_key(struct arglist *args, char *name, int type, void *value)
Definition: plugutils.c:681
#define ARG_STRING
Definition: arglists.h:38

◆ mark_vqserver()

void mark_vqserver ( struct arglist desc,
int  port,
unsigned char *  buffer 
)

Definition at line 155 of file nasl_builtin_find_service.c.

156 {
157  register_service (desc, port, "vqServer-admin");
158 }

◆ mark_wild_shell()

void mark_wild_shell ( struct arglist desc,
int  port,
char *  buffer 
)

Definition at line 444 of file nasl_builtin_find_service.c.

445 {
446 
447  register_service (desc, port, "wild_shell");
448 
449  post_alarm (oid, desc, port,
450  "A shell seems to be running on this port ! (this is a possible backdoor)");
451 }
const char * oid
void post_alarm(const char *oid, struct arglist *desc, int port, const char *action)
Definition: plugutils.c:425

◆ plugin_run_find_service()

tree_cell* plugin_run_find_service ( lex_ctxt lexic)

Definition at line 2509 of file nasl_builtin_find_service.c.

2510 {
2511  struct arglist *desc = lexic->script_infos;
2512 
2513  oid = lexic->oid;
2514 
2515  kb_t kb = plug_get_kb (desc);
2516  struct kb_item *kbitem, *kbitem_tmp;
2517 
2518  struct arglist *sons_args[MAX_SONS];
2519  int sons_pipe[MAX_SONS][2];
2520  int num_ports = 0;
2521  char *num_sons_s = get_plugin_preference (oid, NUM_CHILDREN);
2522  int num_sons = 6;
2523  int port_per_son;
2524  int i;
2525  struct arglist *globals = arg_get_value (desc, "globals");
2526  int unix_sock = arg_get_value_int (globals, "global_socket");
2527  int test_ssl = 1;
2528  char *key = get_plugin_preference (oid, KEY_FILE);
2529  char *cert = get_plugin_preference (oid, CERT_FILE);
2530  char *pempass = get_plugin_preference (oid, PEM_PASS);
2531  char *cafile = get_plugin_preference (oid, CA_FILE);
2532  char *test_ssl_s = get_plugin_preference (oid, TEST_SSL_PREF);
2533 
2534  if (key && key[0] != '\0')
2535  key = (char *) get_plugin_preference_fname (desc, key);
2536  else
2537  key = NULL;
2538 
2539  if (cert && cert[0] != '\0')
2540  cert = (char *) get_plugin_preference_fname (desc, cert);
2541  else
2542  cert = NULL;
2543 
2544  if (cafile && cafile[0] != '\0')
2545  cafile = (char *) get_plugin_preference_fname (desc, cafile);
2546  else
2547  cafile = NULL;
2548 
2549  if (test_ssl_s != NULL)
2550  {
2551  if (strcmp (test_ssl_s, "None") == 0)
2552  test_ssl = 0;
2553  }
2554  if (key || cert)
2555  {
2556  if (!key)
2557  key = cert;
2558  if (!cert)
2559  cert = key;
2560  plug_set_ssl_cert (desc, cert);
2561  plug_set_ssl_key (desc, key);
2562  }
2563  if (pempass != NULL)
2564  plug_set_ssl_pem_password (desc, pempass);
2565  if (cafile != NULL)
2566  plug_set_ssl_CA_file (desc, cafile);
2567 
2568 
2569  signal (SIGTERM, sigterm);
2570  signal (SIGCHLD, sigchld);
2571  if (num_sons_s != NULL)
2572  num_sons = atoi (num_sons_s);
2573 
2574  if (num_sons <= 0)
2575  num_sons = 6;
2576 
2577  if (num_sons > MAX_SONS)
2578  num_sons = MAX_SONS;
2579 
2580 
2581 
2582 
2583  for (i = 0; i < num_sons; i++)
2584  {
2585  sons[i] = 0;
2586  sons_args[i] = NULL;
2587  }
2588 
2589  if (kb == NULL)
2590  return NULL; // TODO: in old days returned "1". Still relevant?
2591 
2592  kbitem = kb_item_get_pattern (kb, "Ports/tcp/*");
2593 
2594  /* count the number of open TCP ports */
2595  kbitem_tmp = kbitem;
2596  while (kbitem_tmp != NULL)
2597  {
2598  num_ports++;
2599  kbitem_tmp = kbitem_tmp->next;
2600  }
2601 
2602  port_per_son = num_ports / num_sons;
2603 
2604  /* The next two loops distribute the ports across a number of 'sons'.
2605  */
2606 
2607  kbitem_tmp = kbitem;
2608 
2609  for (i = 0; i < num_sons; i = i + 1)
2610  {
2611  int j;
2612 
2613  if (kbitem_tmp != NULL)
2614  {
2615  for (j = 0; j < port_per_son && kbitem_tmp != NULL;)
2616  {
2617  if (sons_args[i] == NULL)
2618  sons_args[i] = g_malloc0 (sizeof (struct arglist));
2619  arg_add_value (sons_args[i], kbitem_tmp->name, kbitem_tmp->type,
2620  NULL);
2621  j++;
2622  kbitem_tmp = kbitem_tmp->next;
2623  }
2624  }
2625  else
2626  break;
2627  }
2628 
2629 
2630  for (i = 0; (i < num_ports % num_sons) && kbitem_tmp != NULL;)
2631  {
2632  if (sons_args[i] == NULL)
2633  sons_args[i] = g_malloc0 (sizeof (struct arglist));
2634  arg_add_value (sons_args[i], kbitem_tmp->name, kbitem_tmp->type, NULL);
2635  i++;
2636  kbitem_tmp = kbitem_tmp->next;
2637  }
2638 
2639  kb_item_free (kbitem);
2640 
2641 
2642  for (i = 0; i < num_sons; i++)
2643  if (sons_args[i] == NULL)
2644  break;
2645 
2646 
2647  num_sons = i;
2648 
2649 
2650  for (i = 0; i < num_sons; i++)
2651  {
2652  usleep (5000);
2653  if (sons_args[i] != NULL)
2654  {
2655  if (socketpair (AF_UNIX, SOCK_STREAM, 0, sons_pipe[i]) < 0)
2656  {
2657  perror ("socketpair ");
2658  break;
2659  }
2660  sons[i] = fork ();
2661  if (sons[i] == 0)
2662  {
2663  int soc;
2664 
2665  kb_lnk_reset (kb);
2666  nvticache_reset ();
2667  soc = arg_get_value_int (globals, "global_socket");
2668  close (sons_pipe[i][1]);
2669  close (soc);
2670  soc = sons_pipe[i][0];
2671  arg_set_value (globals, "global_socket", GSIZE_TO_POINTER (soc));
2672  signal (SIGTERM, _exit);
2673  plugin_do_run (desc, sons_args[i], test_ssl);
2674  exit (0);
2675  }
2676  else
2677  {
2678  close (sons_pipe[i][0]);
2679  if (sons[i] < 0)
2680  sons[i] = 0; /* Fork failed */
2681  }
2682  arg_free (sons_args[i]);
2683  }
2684  }
2685 
2686 
2687 
2688  for (;;)
2689  {
2690  int flag = 0;
2691  fd_set rd;
2692  struct timeval tv;
2693  int max = -1;
2694  int e;
2695 
2696 
2697  FD_ZERO (&rd);
2698  for (i = 0; i < num_sons; i++)
2699  {
2700  if (sons[i] != 0 && (sons_pipe[i][1] >= 0))
2701  {
2702  FD_SET (sons_pipe[i][1], &rd);
2703  if (sons_pipe[i][1] > max)
2704  max = sons_pipe[i][1];
2705  }
2706  }
2707 
2708  again:
2709  tv.tv_usec = 100000;
2710  tv.tv_sec = 0;
2711  e = select (max + 1, &rd, NULL, NULL, &tv);
2712  if (e < 0 && errno == EINTR)
2713  goto again;
2714 
2715  if (e > 0)
2716  {
2717  for (i = 0; i < num_sons; i++)
2718  {
2719  if (sons[i] != 0 && sons_pipe[i][1] >= 0
2720  && FD_ISSET (sons_pipe[i][1], &rd) != 0)
2721  {
2722  if (fwd_data (sons_pipe[i][1], unix_sock, sons[i]) < 0)
2723  {
2724  close (sons_pipe[i][1]);
2725  sons_pipe[i][1] = -1;
2726  while (waitpid (sons[i], NULL, WNOHANG)
2727  && errno == EINTR);
2728  sons[i] = 0;
2729  }
2730  }
2731  }
2732  }
2733  for (i = 0; i < num_sons; i++)
2734  {
2735  if (sons[i] != 0)
2736  {
2737  while (waitpid (sons[i], NULL, WNOHANG) && errno == EINTR);
2738 
2739  if (kill (sons[i], 0) < 0)
2740  {
2741  fwd_data (sons_pipe[i][1], unix_sock, sons[i]);
2742  close (sons_pipe[i][1]);
2743  sons_pipe[i][1] = -1;
2744  sons[i] = 0;
2745  }
2746  else
2747  flag++;
2748  }
2749  }
2750 
2751 
2752  if (flag == 0)
2753  break;
2754  }
2755 
2756  return NULL;
2757 }
void kb_item_free(struct kb_item *)
Release a KB item (or a list).
Definition: kb_redis.c:501
void nvticache_reset()
Reset connection to KB. To be called after a fork().
Definition: nvticache.c:138
#define TEST_SSL_PREF
int arg_set_value(struct arglist *arglst, const char *name, void *value)
Definition: arglists.c:225
#define max
Definition: nasl_wmi.c:61
Knowledge base item (defined by name, type (int/char*) and value). Implemented as a singly linked lis...
Definition: kb.h:81
void plug_set_ssl_CA_file(struct arglist *args, char *key)
Definition: plugutils.c:1035
struct kb_item * next
Definition: kb.h:91
void arg_free(struct arglist *arg)
Definition: arglists.c:322
const char * oid
enum kb_item_type type
Definition: kb.h:83
#define MAX_SONS
#define KEY_FILE
const char * get_plugin_preference_fname(struct arglist *desc, const char *filename)
Get the file name of a plugins preference that is of type "file".
Definition: plugutils.c:551
void plug_set_ssl_pem_password(struct arglist *args, char *key)
Definition: plugutils.c:1025
kb_t plug_get_kb(struct arglist *args)
Definition: plugutils.c:710
#define NUM_CHILDREN
#define CA_FILE
void arg_add_value(struct arglist *arglst, const char *name, int type, void *value)
Definition: arglists.c:170
Top-level KB. This is to be inherited by KB implementations.
Definition: kb.h:102
#define CERT_FILE
struct timeval timeval(unsigned long val)
int arg_get_value_int(struct arglist *args, const char *name)
Definition: arglists.c:246
void plug_set_ssl_cert(struct arglist *args, char *cert)
Definition: plugutils.c:1013
void plug_set_ssl_key(struct arglist *args, char *key)
Definition: plugutils.c:1019
const char * oid
Definition: nasl_lex_ctxt.h:40
struct arglist * script_infos
Definition: nasl_lex_ctxt.h:39
char name[0]
Definition: kb.h:94
void * arg_get_value(struct arglist *args, const char *name)
Definition: arglists.c:252
#define PEM_PASS
char * get_plugin_preference(const char *oid, const char *name)
Definition: plugutils.c:476

References arg_get_value(), arg_get_value_int(), CA_FILE, CERT_FILE, get_plugin_preference(), get_plugin_preference_fname(), KEY_FILE, MAX_SONS, NUM_CHILDREN, struct_lex_ctxt::oid, oid, PEM_PASS, plug_get_kb(), plug_set_ssl_CA_file(), plug_set_ssl_cert(), plug_set_ssl_key(), plug_set_ssl_pem_password(), struct_lex_ctxt::script_infos, and TEST_SSL_PREF.

Here is the call graph for this function:

Variable Documentation

◆ oid