nmap.cc

来自「Ubuntu packages of security software。 相」· CC 代码 · 共 1,539 行 · 第 1/5 页

      {"log_errors", no_argument, 0, 0},
      {"log-errors", no_argument, 0, 0},
      {"dns_servers", required_argument, 0, 0},
      {"dns-servers", required_argument, 0, 0},
      {"port-ratio", required_argument, 0, 0},
      {"port_ratio", required_argument, 0, 0},
      {"top-ports", required_argument, 0, 0},
      {"top_ports", required_argument, 0, 0},
#ifndef NOLUA
      {"script", required_argument, 0, 0},
      {"script-trace", no_argument, 0, 0},
      {"script_trace", no_argument, 0, 0},
      {"script-updatedb", no_argument, 0, 0},
      {"script_updatedb", no_argument, 0, 0},
      {"script-args",required_argument,0,0},
      {"script_args",required_argument,0,0},
#endif
      {"ip_options", required_argument, 0, 0},
      {"ip-options", required_argument, 0, 0},
      {0, 0, 0, 0}
    };

  /* argv faking silliness */
  fakeargv = (char **) safe_malloc(sizeof(char *) * (argc + 1));
  for(i=0; i < argc; i++) {
    fakeargv[i] = strdup(argv[i]);
  }
  fakeargv[argc] = NULL;

  if (argc < 2 ) printusage(argv[0], -1);
  Targets.reserve(100);
#ifdef WIN32
  win_pre_init();
#endif

  now = time(NULL);
  tm = localtime(&now);

  /* OK, lets parse these args! */
  optind = 1; /* so it can be called multiple times */
  while((arg = getopt_long_only(argc,fakeargv,"6Ab:D:d::e:Ffg:hIi:M:m:nO::o:P:p:qRrS:s:T:Vv", long_options, &option_index)) != EOF) {
    switch(arg) {
    case 0:
#ifndef NOLUA
	if (strcmp(long_options[option_index].name, "script") == 0) {
		o.script = 1;
		o.chooseScripts(optarg);
	} else if(optcmp(long_options[option_index].name,"script-args")==0){
		o.scriptargs=strdup(optarg);
		if(script_check_args()!=0)
			fatal("Error parsing --script-args\n");
	}else if (optcmp(long_options[option_index].name, "script-trace") == 0) {
		o.scripttrace = 1;
	} else if (optcmp(long_options[option_index].name, "script-updatedb") == 0){
		o.scriptupdatedb = 1;
	} else
#endif
	if (optcmp(long_options[option_index].name, "max-os-tries") == 0) {
	l = tval2msecs(optarg);
	if (l < 1 || l > 50) 
	  fatal("Bogus --max-os-tries argument specified, must be between 1 and 50 (inclusive)");
	o.setMaxOSTries(l);
      } else if (optcmp(long_options[option_index].name, "max-rtt-timeout") == 0) {
	l = tval2msecs(optarg);
	if (l < 5) fatal("Bogus --max-rtt-timeout argument specified, must be at least 5");
        if (l < 20) {
	  error("WARNING: You specified a round-trip time timeout (%ld ms) that is EXTRAORDINARILY SMALL.  Accuracy may suffer.", l);
	}
        pre_max_rtt_timeout = l;
      } else if (optcmp(long_options[option_index].name, "min-rtt-timeout") == 0) {
	l = tval2msecs(optarg);
	if (l < 0) fatal("Bogus --min-rtt-timeout argument specified");
	if (l > 50000) {
	  error("Warning:  min-rtt-timeout is given in milliseconds, your value seems pretty large.");
	}
        pre_min_rtt_timeout = l;
      } else if (optcmp(long_options[option_index].name, "initial-rtt-timeout") == 0) {
	l = tval2msecs(optarg);
	if (l <= 0) fatal("Bogus --initial-rtt-timeout argument specified.  Must be positive");
        pre_init_rtt_timeout = l;
      } else if (strcmp(long_options[option_index].name, "excludefile") == 0) {
	if (exclude_spec)
	  fatal("--excludefile and --exclude options are mutually exclusive.");
        excludefd = fopen(optarg, "r");
        if (!excludefd) {
          fatal("Failed to open exclude file %s for reading", optarg);
        }
      } else if (strcmp(long_options[option_index].name, "exclude") == 0) {
	if (excludefd)
	  fatal("--excludefile and --exclude options are mutually exclusive.");
	exclude_spec = strdup(optarg);
      } else if (optcmp(long_options[option_index].name, "max-hostgroup") == 0) {
	o.setMaxHostGroupSz(atoi(optarg));
      } else if (optcmp(long_options[option_index].name, "min-hostgroup") == 0) {
	o.setMinHostGroupSz(atoi(optarg));
	if (atoi(optarg) > 100)
	  error("Warning: You specified a highly aggressive --min-hostgroup.");
      } else if (strcmp(long_options[option_index].name, "open") == 0) {
	o.setOpenOnly(true);
      } else if (strcmp(long_options[option_index].name, "scanflags") == 0) {
	o.scanflags = parse_scanflags(optarg);
	if (o.scanflags < 0) {
	  fatal("--scanflags option must be a number between 0 and 255 (inclusive) or a string like \"URGPSHFIN\".");
	}
      } else if (strcmp(long_options[option_index].name, "iflist") == 0 ) {
	iflist = true;
      } else if (optcmp(long_options[option_index].name, "release-memory") == 0 ) {
	o.release_memory = true;
      } else if (optcmp(long_options[option_index].name, "min-parallelism") == 0 ) {
	o.min_parallelism = atoi(optarg); 
	if (o.min_parallelism < 1) fatal("Argument to --min-parallelism must be at least 1!");
	if (o.min_parallelism > 100) {
	  error("Warning: Your --min-parallelism option is pretty high!  This can hurt reliability.");
	}
      } else if (optcmp(long_options[option_index].name, "host-timeout") == 0) {
	l = tval2msecs(optarg);
	if (l <= 1500) fatal("--host-timeout is specified in milliseconds unless you qualify it by appending 's', 'm', 'h', or 'd'.  The value must be greater than 1500 milliseconds");
	pre_host_timeout = l;
	if (l < 15000) {
	  error("host-timeout is given in milliseconds, so you specified less than 15 seconds (%lims). This is allowed but not recommended.", l);
	}
      } else if (strcmp(long_options[option_index].name, "ttl") == 0) {
	o.ttl = atoi(optarg);
	if (o.ttl < 0 || o.ttl > 255) {
	  fatal("ttl option must be a number between 0 and 255 (inclusive)");
	}
      } else if (strcmp(long_options[option_index].name, "datadir") == 0) {
	o.datadir = strdup(optarg);
      } else if (strcmp(long_options[option_index].name, "servicedb") == 0) {
	o.requested_data_files["nmap-services"] = optarg;
	o.fastscan++;
      } else if (strcmp(long_options[option_index].name, "versiondb") == 0) {
	o.requested_data_files["nmap-service-probes"] = optarg;
      } else if (optcmp(long_options[option_index].name, "append-output") == 0) {
	o.append_output = 1;
      } else if (strcmp(long_options[option_index].name, "noninteractive") == 0) {
	o.noninteractive = true;
      } else if (optcmp(long_options[option_index].name, "spoof-mac") == 0) {
	/* I need to deal with this later, once I'm sure that I have output
	   files set up, --datadir, etc. */
	spoofmac = optarg;
      } else if (strcmp(long_options[option_index].name, "allports") == 0) {
        o.override_excludeports = 1;
      } else if (optcmp(long_options[option_index].name, "version-intensity") == 0) {
	o.version_intensity = atoi(optarg);
	if (o.version_intensity < 0 || o.version_intensity > 9)
		fatal("version-intensity must be between 0 and 9");
      } else if (optcmp(long_options[option_index].name, "version-light") == 0) {
        o.version_intensity = 2;
      } else if (optcmp(long_options[option_index].name, "version-all") == 0) {
        o.version_intensity = 9;
      } else if (optcmp(long_options[option_index].name, "scan-delay") == 0) {
	l = tval2msecs(optarg);
	if (l < 0) fatal("Bogus --scan-delay argument specified.");
	pre_scan_delay = l;
      } else if (optcmp(long_options[option_index].name, "defeat-rst-ratelimit") == 0) {
        o.defeat_rst_ratelimit = 1;
      } else if (optcmp(long_options[option_index].name, "max-scan-delay") == 0) {
	l = tval2msecs(optarg);
	if (l < 0) fatal("--max-scan-delay cannot be negative.");
	pre_max_scan_delay = l;
      } else if (optcmp(long_options[option_index].name, "max-retries") == 0) {
        pre_max_retries = atoi(optarg);
        if (pre_max_retries < 0)
          fatal("max-retries must be positive");
      } else if (optcmp(long_options[option_index].name, "randomize-hosts") == 0
		 || strcmp(long_options[option_index].name, "rH") == 0) {
	o.randomize_hosts = 1;
	o.ping_group_sz = PING_GROUP_SZ * 4;
      } else if (optcmp(long_options[option_index].name, "osscan-limit")  == 0) {
	o.osscan_limit = 1;
      } else if (optcmp(long_options[option_index].name, "osscan-guess")  == 0
                 || strcmp(long_options[option_index].name, "fuzzy") == 0) {
	o.osscan_guess = 1;
      } else if (optcmp(long_options[option_index].name, "packet-trace") == 0) {
	o.setPacketTrace(true);
#ifndef NOLUA
	o.scripttrace = 1;
#endif
      } else if (optcmp(long_options[option_index].name, "version-trace") == 0) {
	o.setVersionTrace(true);
	o.debugging++;
      } else if (optcmp(long_options[option_index].name, "data-length") == 0) {
	o.extra_payload_length = atoi(optarg);
	if (o.extra_payload_length < 0) {
	  fatal("data-length must be greater than 0");
	} else if (o.extra_payload_length > 0) {
	  o.extra_payload = (char *) safe_malloc(o.extra_payload_length);
	  get_random_bytes(o.extra_payload, o.extra_payload_length);
	}
      } else if (optcmp(long_options[option_index].name, "send-eth") == 0) {
	o.sendpref = PACKET_SEND_ETH_STRONG;
      } else if (optcmp(long_options[option_index].name, "send-ip") == 0) {
	o.sendpref = PACKET_SEND_IP_STRONG;
      } else if (strcmp(long_options[option_index].name, "stylesheet") == 0) {
	o.setXSLStyleSheet(optarg);
      } else if (optcmp(long_options[option_index].name, "no-stylesheet") == 0) {
	o.setXSLStyleSheet(NULL);
      } else if (optcmp(long_options[option_index].name, "system-dns") == 0) {
        o.mass_dns = false;
      } else if (optcmp(long_options[option_index].name, "dns-servers") == 0) {
        o.dns_servers = strdup(optarg);
      } else if (optcmp(long_options[option_index].name, "log-errors") == 0) {
        o.log_errors = 1;
      } else if (strcmp(long_options[option_index].name, "webxml") == 0) {
	o.setXSLStyleSheet("http://www.insecure.org/nmap/data/nmap.xsl");
      } else if (strcmp(long_options[option_index].name, "oN") == 0) {
	normalfilename = logfilename(optarg, tm);
      } else if (strcmp(long_options[option_index].name, "oG") == 0 ||
		 strcmp(long_options[option_index].name, "oM") == 0) {
	machinefilename = logfilename(optarg, tm);
      } else if (strcmp(long_options[option_index].name, "oS") == 0) {
	kiddiefilename = logfilename(optarg, tm);
      } else if (strcmp(long_options[option_index].name, "oH") == 0) {
	fatal("HTML output is not directly supported, though Nmap includes an XSL for transforming XML output into HTML.  See the man page.");
      } else if (strcmp(long_options[option_index].name, "oX") == 0) {
	xmlfilename = logfilename(optarg, tm);
      } else if (strcmp(long_options[option_index].name, "oA") == 0) {
	char buf[MAXPATHLEN];
	Snprintf(buf, sizeof(buf), "%s.nmap", logfilename(optarg, tm));
	normalfilename = strdup(buf);
	Snprintf(buf, sizeof(buf), "%s.gnmap", logfilename(optarg, tm));
	machinefilename = strdup(buf);
	Snprintf(buf, sizeof(buf), "%s.xml", logfilename(optarg, tm));
	xmlfilename = strdup(buf);
      } else if (strcmp(long_options[option_index].name, "thc") == 0) {
	printf("!!Greets to Van Hauser, Plasmoid, Skyper and the rest of THC!!\n");
	exit(0);
      } else if (strcmp(long_options[option_index].name, "badsum") == 0) {
	o.badsum = 1;
      } else if (strcmp(long_options[option_index].name, "iR") == 0) {
	o.generate_random_ips = 1;
	o.max_ips_to_scan = strtoul(optarg, &endptr, 10);
	if (*endptr != '\0') {
	  fatal("ERROR: -iR argument must be the maximum number of random IPs you wish to scan (use 0 for unlimited)");
	}
      } else if (strcmp(long_options[option_index].name, "sI") == 0) {
	o.idlescan = 1;
	idleProxy = optarg;
      } else if (strcmp(long_options[option_index].name, "vv") == 0) {
	/* Compatability hack ... ugly */
	o.verbose += 2;
      } else if (strcmp(long_options[option_index].name, "ff") == 0) {
	o.fragscan += 16; 
      } else if (strcmp(long_options[option_index].name, "privileged") == 0) {
	o.isr00t = 1;
      } else if (strcmp(long_options[option_index].name, "unprivileged") == 0) {
	o.isr00t = 0;
      } else if (strcmp(long_options[option_index].name, "mtu") == 0) {
        o.fragscan = atoi(optarg);
        if (o.fragscan <= 0 || o.fragscan % 8 != 0)
            fatal("Data payload MTU must be >0 and multiple of 8");
      } else if (optcmp(long_options[option_index].name, "port-ratio") == 0) {
        char *ptr;
        o.topportlevel = strtod(optarg, &ptr);
        if (!ptr || o.topportlevel < 0 || o.topportlevel >= 1)
          fatal("--port-ratio should be between [0 and 1)");
      } else if (optcmp(long_options[option_index].name, "top-ports") == 0) {
        char *ptr;
        o.topportlevel = strtod(optarg, &ptr);
        if (!ptr || o.topportlevel < 1 || ((double)((int)o.topportlevel)) != o.topportlevel)
          fatal("--top-ports should be an integer 1 or greater");
      } else if (optcmp(long_options[option_index].name, "ip-options") == 0){
        o.ipoptions    = (u8*) safe_malloc(4*10+1);
        o.ipoptionslen = parse_ip_options(optarg, o.ipoptions, 4*10+1, &o.ipopt_firsthop, &o.ipopt_lasthop);
        if(o.ipoptionslen > 4*10)
          fatal("Ip options can't be more than 40 bytes long");
        if(o.ipoptionslen %4 != 0)
          fatal("Ip options must be multiple of 4 (read length is %i bytes)", o.ipoptionslen);
      } else if(strcmp(long_options[option_index].name, "traceroute") == 0) {
	o.traceroute = true;
      } else if(strcmp(long_options[option_index].name, "reason") == 0) {
     o.reason = true;
      } else {
	fatal("Unknown long option (%s) given@#!$#$", long_options[option_index].name);
      }
      break;
    case '6':
#if !HAVE_IPV6
      fatal("I am afraid IPv6 is not available because your host doesn't support it or you chose to compile Nmap w/o IPv6 support.");
#else
      o.setaf(AF_INET6);
#endif /* !HAVE_IPV6 */
      break;
    case 'A':
      o.servicescan = true;
#ifndef NOLUA
      o.script = 1;
#endif
      if (o.isr00t) {
		o.osscan = OS_SCAN_DEFAULT;
		o.traceroute = true;
      }		
      break;
    case 'b': 
      o.bouncescan++;
      if (parse_bounce_argument(&ftp, optarg) < 0 ) {
	error("Your argument to -b is b0rked. Use the normal url style:  user:pass@server:port or just use server and use default anon login\n  Use -h for help");
      }
      break;
    case 'D':
      p = optarg;
      do {    
	q = strchr(p, ',');
	if (q) *q = '\0';
	if (!strcasecmp(p, "me")) {
	  if (o.decoyturn != -1) 
	    fatal("Can only use 'ME' as a decoy once.\n");