services.cc

Ubuntu packages of security software。 相当不错的源码

    current->servent->s_port = portno;
    current->servent->s_proto = cp_strdup(proto);
    current->servent->s_aliases = NULL;

    sp = (struct service_list *) cp_alloc(sizeof(struct service_list));
    sp->servent = current->servent;
    sp->ratio = current->ratio;
    sp->next = NULL;

    if (sorted_services == NULL || sorted_services->ratio < sp->ratio) {
      sp->next = sorted_services;
      sorted_services = sp;
    } else
      for (current=sorted_services;;current=current->next) {
        if (current->next == NULL) {
          current->next = sp;
          break;
        } else if (current->next->ratio < sp->ratio) {
          sp->next = current->next;
          current->next = sp;
          break;
        }
      }

  }

  fclose(fp);
  services_initialized = 1;
  return 0;
}


  
/* Adds ports whose names match mask and one or more protocols
 * specified by range_type to porttbl. Increases the respective
 * protocol counts in ports.
 * Returns the number of ports added in total.
 */

int addportsfromservmask(char *mask, u8 *porttbl, int range_type) {
  struct service_list *current;
  int bucket,t=0;

  if (!services_initialized && nmap_services_init() == -1)
    fatal("%s: Couldn't get port numbers", __func__);
  
  for(bucket = 0; bucket < SERVICE_TABLE_SIZE; bucket++) {
    for(current = service_table[bucket % SERVICE_TABLE_SIZE]; current; current = current->next) {
      if (wildtest(mask, current->servent->s_name)) {

        if ((range_type & SCAN_TCP_PORT) && strcmp(current->servent->s_proto, "tcp") == 0) {
          porttbl[ntohs(current->servent->s_port)] |= SCAN_TCP_PORT;
          t++;
        }

        if ((range_type & SCAN_UDP_PORT) && strcmp(current->servent->s_proto, "udp") == 0) {
          porttbl[ntohs(current->servent->s_port)] |= SCAN_UDP_PORT;
          t++;
        }

      }
    }
  }

  return t;

}



struct servent *nmap_getservbyport(int port, const char *proto) {
  struct service_list *current;

  if (nmap_services_init() == -1)
    return NULL;

  for(current = service_table[port % SERVICE_TABLE_SIZE];
	current; current = current->next) {
    if (((u16) port == (u16) current->servent->s_port) &&
	strcmp(proto, current->servent->s_proto) == 0)
      return current->servent;
  }

  /* Couldn't find it ... oh well. */
  return NULL;

}



static int port_compare(const void *a, const void *b) {
  unsigned short ua = *((unsigned short *) a), ub = *((unsigned short *) b);
  if (ua > ub) return 1;
  else return -1;
}



// is_port_member() returns true if serv is an element of ptsdata.
// This could be implemented MUCH more efficiently but it should only be
// called when you use a non-default top-ports or port-ratio value TOGETHER WITH
// a -p portlist.

static int is_port_member(struct scan_lists *ptsdata, struct service_list *serv) {
  int i;

  if (serv->servent->s_proto[0] == 't') {
    for (i=0; i<ptsdata->tcp_count; i++)
      if (ntohs(serv->servent->s_port) == ptsdata->tcp_ports[i]) return 1;
  } else {
    for (i=0; i<ptsdata->udp_count; i++)
      if (ntohs(serv->servent->s_port) == ptsdata->udp_ports[i]) return 1;
  }

  return 0;
}

// gettoppts() returns a scan_list with the most common ports scanned by
// Nmap according to the ratios specified in the nmap-services file.
//
// If level is below 1.0 then we treat it as a minimum ratio and we
// add all ports with ratios above level.
//
// If level is 1 or above, we treat it as a "top ports" directive
// and return the N highest ratio ports (where N==level).
//
// This function doesn't support IP protocol scan so only call this
// function if o.TCPScan() || o.UDPScan()

struct scan_lists *gettoppts(double level, char *portlist) {
  int ti=0, ui=0;
  struct scan_lists *sl, *ptsdata=NULL;
  struct service_list *current;

  if (!services_initialized && nmap_services_init() == -1)
    fatal("%s: Couldn't get port numbers", __func__);

  if (ratio_format == 0) {
    if (level != -1)
      fatal("Unable to use --top-ports or --port-ratio with an old style (no-ratio) services file");

    if (portlist)
      return getpts(portlist);
    else if (o.fastscan)
      return getpts("[-]");
    else
      return getpts("1-1024,[1025-]");
  }

  // TOP PORT DEFAULTS
  if (level == -1) {
    if (portlist)
      return getpts(portlist);

    if (o.fastscan) level = 100;
    else level = 0.01;
  }

  sl = (struct scan_lists *) safe_zalloc(sizeof(struct scan_lists));
  if (portlist) ptsdata = getpts(portlist);

  if (level < 1) {
    for (current=sorted_services; current; current=current->next) {
      if (ptsdata && !is_port_member(ptsdata, current)) continue;

      if (current->ratio >= level) {
        if (o.TCPScan() && current->servent->s_proto[0] == 't') sl->tcp_count++;
        else if (o.UDPScan() && current->servent->s_proto[0] == 'u') sl->udp_count++;
      } else break;
    }

    if (sl->tcp_count)
      sl->tcp_ports = (unsigned short *)safe_zalloc(sl->tcp_count * sizeof(unsigned short));

    if (sl->udp_count)
      sl->udp_ports = (unsigned short *)safe_zalloc(sl->udp_count * sizeof(unsigned short));

    sl->prots = NULL;

    for (current=sorted_services;current;current=current->next) {
      if (ptsdata && !is_port_member(ptsdata, current)) continue;

      if (current->ratio >= level) {
        if (o.TCPScan() && current->servent->s_proto[0] == 't')
          sl->tcp_ports[ti++] = ntohs(current->servent->s_port);
        else if (o.UDPScan() && current->servent->s_proto[0] == 'u')
          sl->udp_ports[ui++] = ntohs(current->servent->s_port);
      } else break;
    }
  } else if (level >= 1) {
    if (level > 65536)
      fatal("Level argument to gettoppts (%g) is too large", level);

    if (o.TCPScan()) {
      sl->tcp_count = MIN((int) level, numtcpports);
      sl->tcp_ports = (unsigned short *)safe_zalloc(sl->tcp_count * sizeof(unsigned short));
    }

    if (o.UDPScan()) {
      sl->udp_count = MIN((int) level, numudpports);
      sl->udp_ports = (unsigned short *)safe_zalloc(sl->udp_count * sizeof(unsigned short));
    }

    sl->prots = NULL;

    for (current=sorted_services;current && (ti < sl->tcp_count || ui < sl->udp_count);current=current->next) {
      if (ptsdata && !is_port_member(ptsdata, current)) continue;

      if (o.TCPScan() && current->servent->s_proto[0] == 't' && ti < sl->tcp_count)
        sl->tcp_ports[ti++] = ntohs(current->servent->s_port);
      else if (o.UDPScan() && current->servent->s_proto[0] == 'u' && ui < sl->udp_count)
        sl->udp_ports[ui++] = ntohs(current->servent->s_port);
    }

    if (ti < sl->tcp_count) sl->tcp_count = ti;
    if (ui < sl->udp_count) sl->udp_count = ui;
  } else
    fatal("Argument to gettoppts (%g) should be a positive ratio below 1 or an integer of 1 or higher", level);

  if (ptsdata) free_scan_lists(ptsdata);

  if (sl->tcp_count > 1)
    qsort(sl->tcp_ports, sl->tcp_count, sizeof(unsigned short), &port_compare);

  if (sl->udp_count > 1)
    qsort(sl->udp_ports, sl->udp_count, sizeof(unsigned short), &port_compare);

  if (o.debugging && level < 1)
    log_write(LOG_STDOUT, "PORTS: Using ports open on %g%% or more average hosts (TCP:%d, UDP:%d)\n", level*100, sl->tcp_count, sl->udp_count);
  else if (o.debugging && level >= 1)
    log_write(LOG_STDOUT, "PORTS: Using top %d ports found open (TCP:%d, UDP:%d)\n", (int) level, sl->tcp_count, sl->udp_count);

  return sl;
}