📄 nbtscan.c
字号:
print_banner(); usage(); }; while ((ch = getopt(argc, argv, "vrdelqhm:s:t:b:f:")) != -1) switch (ch) { case 'v': verbose = 1; break; case 't': timeout=atoi(optarg); if(timeout==0) { printf("Bad timeout value: %s\n", optarg); usage(); }; break; case 'r':#if defined WINDOWS printf("Warning: -r option not supported under Windows. Running without it.\n\n");#else use137=1;#endif break; case 'd': dump=1; break; case 'e': etc_hosts=1; break; case 'l': lmhosts=1; break; case 'q': quiet=1; /* Global variable */ break; case 'b': bandwidth=atoi(optarg); if(bandwidth==0) err_print("Bad bandwidth value, ignoring it", quiet); break; case 'h': hr=1; /* human readable service names instead of hex codes */ break; case 's': sf=optarg; /* script-friendly output format */ break; case 'm': retransmits=atoi(optarg); if(retransmits==0) { printf("Bad number of retransmits: %s\n", optarg); usage(); }; break; case 'f': filename = optarg; break; default: print_banner(); usage(); }; if(dump && verbose) { printf("Cannot be used with both dump (-d) and verbose (-v) options.\n"); usage(); }; if(dump && sf) { printf("Cannot be used with both dump (-d) and script-friendly (-s) options.\n"); usage(); }; if(dump && lmhosts) { printf("Cannot be used with both dump (-d) and lmhosts (-l) options.\n"); usage; }; if(dump && etc_hosts) { printf("Cannot be used with both dump (-d) and /etc/hosts (-e) options.\n"); usage; }; if(verbose && lmhosts){ printf("Cannot be used with both verbose (-v) and lmhosts (-l) options.\n"); usage; }; if(verbose && etc_hosts){ printf("Cannot be used with both verbose (-v) and /etc/hosts (-e) options.\n"); usage; }; if(lmhosts && etc_hosts){ printf("Cannot be used with both lmhosts (-l) and /etc/hosts (-e) options.\n"); usage; }; if(dump && hr) { printf("Cannot be used with both dump (-d) and \"human-readable service names\" (-h) options.\n"); usage(); }; if(hr && !verbose) { printf("\"Human-readable service names\" (-h) option cannot be used without verbose (-v) option.\n"); usage(); }; if(filename) { if(strcmp(filename, "-") == 0) { /* Get IP addresses from stdin */ targetlist = stdin; target_string = "STDIN"; } else { targetlist=fopen(filename,"r"); target_string = filename; }; if(!targetlist) { snprintf(errmsg, 80, "Cannot open file %s", filename); err_die(errmsg, quiet); } } else { argc -= optind; argv += optind; if(argc!=1) usage(); if((target_string=strdup(argv[0]))==NULL) err_die("Malloc failed.\n", quiet); if(!set_range(target_string, &range)) { printf("Error: %s is not an IP address or address range.\n", target_string); free(target_string); usage(); }; } if(!(quiet || sf || lmhosts || etc_hosts)) printf("Doing NBT name scan for addresses from %s\n\n", target_string); /* Finished with options */ /*************************/ /* Prepare socket and address structures */ /*****************************************/ sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); if (sock < 0) err_die("Failed to create socket", quiet); bzero((void*)&src_sockaddr, sizeof(src_sockaddr)); src_sockaddr.sin_family = AF_INET; if(use137) src_sockaddr.sin_port = htons(NB_DGRAM); if (bind(sock, (struct sockaddr *)&src_sockaddr, sizeof(src_sockaddr)) == -1) err_die("Failed to bind", quiet); fdsr=malloc(sizeof(fd_set)); if(!fdsr) err_die("Malloc failed", quiet); FD_ZERO(fdsr); FD_SET(sock, fdsr); fdsw=malloc(sizeof(fd_set)); if(!fdsw) err_die("Malloc failed", quiet); FD_ZERO(fdsw); FD_SET(sock, fdsw); /* timeout is in milliseconds */ select_timeout.tv_sec = timeout / 1000; select_timeout.tv_usec = (timeout % 1000) * 1000; /* Microseconds */ addr_size = sizeof(struct sockaddr_in); next_in_addr = malloc(sizeof(struct in_addr)); if(!next_in_addr) err_die("Malloc failed", quiet); buff=malloc(BUFFSIZE); if(!buff) err_die("Malloc failed", quiet); /* Calculate interval between subsequent sends */ timerclear(&send_interval); if(bandwidth) send_interval.tv_usec = (NBNAME_REQUEST_SIZE + UDP_HEADER_SIZE + IP_HEADER_SIZE)*8*1000000 / bandwidth; /* Send interval in microseconds */ else /* Assuming 10baseT bandwidth */ send_interval.tv_usec = 1; /* for 10baseT interval should be about 1 ms */ if (send_interval.tv_usec >= 1000000) { send_interval.tv_sec = send_interval.tv_usec / 1000000; send_interval.tv_usec = send_interval.tv_usec % 1000000; } gettimeofday(&last_send_time, NULL); /* Get current time */ rtt_base = last_send_time.tv_sec; /* Send queries, receive answers and print results */ /***************************************************/ scanned = new_list(); if(!(quiet || verbose || dump || sf || lmhosts || etc_hosts)) print_header(); for(i=0; i <= retransmits; i++) { gettimeofday(&transmit_started, NULL); while ( (select(sock+1, fdsr, fdsw, NULL, &select_timeout)) > 0) { if(FD_ISSET(sock, fdsr)) { if ( (size = recvfrom(sock, buff, BUFFSIZE, 0, (struct sockaddr*)&dest_sockaddr, &addr_size)) <= 0 ) { snprintf(errmsg, 80, "%s\tRecvfrom failed", inet_ntoa(dest_sockaddr.sin_addr)); err_print(errmsg, quiet); continue; }; gettimeofday(&recv_time, NULL); hostinfo = (struct nb_host_info*)parse_response(buff, size); if(!hostinfo) { err_print("parse_response returned NULL", quiet); continue; }; /* If this packet isn't a duplicate */ if(insert(scanned, ntohl(dest_sockaddr.sin_addr.s_addr))) { rtt = recv_time.tv_sec + recv_time.tv_usec/1000000 - rtt_base - hostinfo->header->transaction_id/1000; /* Using algorithm described in Stevens' Unix Network Programming */ delta = rtt - srtt; srtt += delta / 8; if(delta < 0.0) delta = - delta; rttvar += (delta - rttvar) / 4 ; if (verbose) v_print_hostinfo(dest_sockaddr.sin_addr, hostinfo, sf, hr); else if (dump) d_print_hostinfo(dest_sockaddr.sin_addr, hostinfo); else if (etc_hosts) l_print_hostinfo(dest_sockaddr.sin_addr, hostinfo, 0); else if (lmhosts) l_print_hostinfo(dest_sockaddr.sin_addr, hostinfo, 1); else print_hostinfo(dest_sockaddr.sin_addr, hostinfo,sf); }; free(hostinfo); }; FD_ZERO(fdsr); FD_SET(sock, fdsr); /* check if send_interval time passed since last send */ gettimeofday(¤t_time, NULL); timersub(¤t_time, &last_send_time, &diff_time); send_ok = timercmp(&diff_time, &send_interval, >=); if(more_to_send && FD_ISSET(sock, fdsw) && send_ok) { if(targetlist) { if(fgets(str, 80, targetlist)) { if(!inet_aton(str, next_in_addr)) { /* if(!inet_pton(AF_INET, str, next_in_addr)) { */ fprintf(stderr,"%s - bad IP address\n", str); } else { if(!in_list(scanned, ntohl(next_in_addr->s_addr))) send_query(sock, *next_in_addr, rtt_base); } } else { if(feof(targetlist)) { more_to_send=0; FD_ZERO(fdsw); /* timeout is in milliseconds */ select_timeout.tv_sec = timeout / 1000; select_timeout.tv_usec = (timeout % 1000) * 1000; /* Microseconds */ continue; } else { snprintf(errmsg, 80, "Read failed from file %s", filename); err_die(errmsg, quiet); } } } else if(next_address(&range, prev_in_addr, next_in_addr) ) { if(!in_list(scanned, ntohl(next_in_addr->s_addr))) send_query(sock, *next_in_addr, rtt_base); prev_in_addr=next_in_addr; /* Update last send time */ gettimeofday(&last_send_time, NULL); } else { /* No more queries to send */ more_to_send=0; FD_ZERO(fdsw); /* timeout is in milliseconds */ select_timeout.tv_sec = timeout / 1000; select_timeout.tv_usec = (timeout % 1000) * 1000; /* Microseconds */ continue; }; }; if(more_to_send) { FD_ZERO(fdsw); FD_SET(sock, fdsw); }; }; if (i>=retransmits) break; /* If we are not going to retransmit we can finish right now without waiting */ rto = (srtt + 4 * rttvar) * (i+1); if ( rto < 2.0 ) rto = 2.0; if ( rto > 60.0 ) rto = 60.0; gettimeofday(&now, NULL); if(now.tv_sec < (transmit_started.tv_sec+rto)) sleep((transmit_started.tv_sec+rto)-now.tv_sec); prev_in_addr = NULL ; more_to_send=1; FD_ZERO(fdsw); FD_SET(sock, fdsw); FD_ZERO(fdsr); FD_SET(sock, fdsr); }; delete_list(scanned); exit(0);};⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -