OpenVAS Libraries  8.0.3
Data Structures | Macros | Functions
nasl_builtin_nmap.c File Reference

Advanced wrapper for nmap. Perform comprehensive network scanning. More...

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <glib.h>
#include "../misc/arglists.h"
#include "../misc/plugutils.h"
#include "../misc/popen.h"
#include "../misc/kb.h"
#include "../misc/openvas_logging.h"
#include "../misc/prefs.h"
#include "nasl_lex_ctxt.h"

Data Structures

struct  nse_script
 Handle the results of a NSE script. More...
 
struct  traceroute_hop
 Describe a detected hop on the route. More...
 
struct  nmap_port
 Store port information. More...
 
struct  nmap_host
 Store host information. More...
 
struct  nmap_parser
 Handle states for XML parsing. More...
 
struct  nmap_t
 Main nmap execution handler. More...
 
struct  nmap_opt_t
 Describe an nmap command line option. More...
 

Macros

#define dbg(...)   do { log_legacy_write (__VA_ARGS__); } while (0)
 
#define err(x)   do { perror (x); } while (0)
 
#define CHUNK_LEN   512
 Input chunks size for the XML parser. More...
 
#define MAX_TRACE_HOPS   64
 Maximum number of hops to the target. More...
 
#define NMAP_CMD   "nmap"
 Nmap command to call. More...
 
#define PREF_TREAT_ALL_HOST_ONLINE   "Treat all hosts as online"
 Plugin parameter description: skip alive hosts discovery phase. More...
 
#define PREF_TRACEROUTE   "Trace hop path to each host"
 Plugin parameter description: perform traceroute. More...
 
#define PREF_NO_DNS   "Disable DNS resolution"
 Plugin parameter description: don't perform reverse resolution on discovered IP addresses. More...
 
#define PREF_TCP_SCANNING_TECHNIQUE   "TCP scanning technique"
 Plugin parameter description: TCP port scanning technique to use. More...
 
#define PREF_SERVICE_SCAN   "Service scan"
 Plugin parameter description: perform service/version detection scan. More...
 
#define PREF_RPC_PORT_SCAN   "RPC port scan"
 Plugin parameter description: perform RPC port scan. More...
 
#define PREF_IDENTIFY_REMOTE_OS   "Identify the remote OS"
 Plugin parameter description: perform remote OS fingerprinting. More...
 
#define PREF_AGGRESSIVE_OS_DETECT   "Aggressive OS detection"
 Plugin parameter description: guess OS from closest match if necessary. More...
 
#define PREF_FRAGMENT_IP   "Fragment IP packets (bypasses firewalls)"
 Plugin parameter description: try to evade defense by fragmenting IP packets. More...
 
#define PREF_SOURCE_PORT   "Source port"
 Plugin parameter description: set source port. More...
 
#define PREF_TIMING_POLICY   "Timing policy"
 Plugin parameter description: select timing template. More...
 
#define PREF_HOST_TIMEOUT   "Host Timeout (ms)"
 Plugin parameter description: give up on host after this time elapsed. More...
 
#define PREF_MIN_RTT_TIMEOUT   "Min RTT Timeout (ms)"
 Plugin parameter description: probe round trip time hint (minimal value) More...
 
#define PREF_MAX_RTT_TIMEOUT   "Max RTT Timeout (ms)"
 Plugin parameter description: probe round trip time hint (maximal value). More...
 
#define PREF_INITIAL_RTT_TIMEOUT   "Initial RTT timeout (ms)"
 Plugin parameter description: probe round trip time hint (initial value). More...
 
#define PREF_MIN_PARALLELISM   "Ports scanned in parallel (min)"
 Plugin parameter description: force minimum number of parallel active probes. More...
 
#define PREF_MAX_PARALLELISM   "Ports scanned in parallel (max)"
 Plugin parameter description: force maximum number of parallel active probes. More...
 
#define PREF_MIN_HOSTGROUP   "Hosts scanned in parallel (min)"
 Plugin parameter description: force minimum number of hosts to scan in parallel. More...
 
#define PREF_MAX_HOSTGROUP   "Hosts scanned in parallel (max)"
 Plugin parameter description: force maximum number of hosts to scan in parallel. More...
 
#define PREF_INTERPROBE_DELAY   "Minimum wait between probes (ms)"
 Plugin parameter description: set idle interval between probes. More...
 
#define PREF_EXCLUDE_HOSTS   "Exclude hosts"
 Plugin parameter description: comma-separated list of hosts to exclude from the scan. More...
 
#define PREF_IMPORT_XML_FILE   "File containing XML results"
 Plugin parameter description: import XML file. More...
 
#define OPT_SET   "yes"
 Checkbox value (when set). More...
 
#define OPT_UNSET   "no"
 Checkbox value (when unset). More...
 
#define list_free(list, dtor, udata)
 
#define PRINT_NOT_NULL(x)   ((x) ? (x) : "")
 

Functions

tree_cellplugin_run_nmap (lex_ctxt *lexic)
 Run the nmap_net subsystem. More...
 

Detailed Description

Advanced wrapper for nmap. Perform comprehensive network scanning.

This plugin was designed to be executed only once per network. It generates the nmap command line according to the specified options, runs nmap, parses the output and stores results for each host in the knowledge base.

Macro Definition Documentation

#define CHUNK_LEN   512

Input chunks size for the XML parser.

#define dbg (   ...)    do { log_legacy_write (__VA_ARGS__); } while (0)
#define err (   x)    do { perror (x); } while (0)
#define list_free (   list,
  dtor,
  udata 
)
Value:
do { \
if (list) \
{ \
g_slist_foreach (list, (GFunc) dtor, udata); \
g_slist_free (list); \
list = NULL; \
} \
} while (0)
Definition: nasl_builtin_synscan.c:267
#define MAX_TRACE_HOPS   64

Maximum number of hops to the target.

#define NMAP_CMD   "nmap"

Nmap command to call.

#define OPT_SET   "yes"

Checkbox value (when set).

#define OPT_UNSET   "no"

Checkbox value (when unset).

#define PREF_AGGRESSIVE_OS_DETECT   "Aggressive OS detection"

Plugin parameter description: guess OS from closest match if necessary.

#define PREF_EXCLUDE_HOSTS   "Exclude hosts"

Plugin parameter description: comma-separated list of hosts to exclude from the scan.

#define PREF_FRAGMENT_IP   "Fragment IP packets (bypasses firewalls)"

Plugin parameter description: try to evade defense by fragmenting IP packets.

#define PREF_HOST_TIMEOUT   "Host Timeout (ms)"

Plugin parameter description: give up on host after this time elapsed.

#define PREF_IDENTIFY_REMOTE_OS   "Identify the remote OS"

Plugin parameter description: perform remote OS fingerprinting.

#define PREF_IMPORT_XML_FILE   "File containing XML results"

Plugin parameter description: import XML file.

#define PREF_INITIAL_RTT_TIMEOUT   "Initial RTT timeout (ms)"

Plugin parameter description: probe round trip time hint (initial value).

#define PREF_INTERPROBE_DELAY   "Minimum wait between probes (ms)"

Plugin parameter description: set idle interval between probes.

#define PREF_MAX_HOSTGROUP   "Hosts scanned in parallel (max)"

Plugin parameter description: force maximum number of hosts to scan in parallel.

#define PREF_MAX_PARALLELISM   "Ports scanned in parallel (max)"

Plugin parameter description: force maximum number of parallel active probes.

#define PREF_MAX_RTT_TIMEOUT   "Max RTT Timeout (ms)"

Plugin parameter description: probe round trip time hint (maximal value).

#define PREF_MIN_HOSTGROUP   "Hosts scanned in parallel (min)"

Plugin parameter description: force minimum number of hosts to scan in parallel.

#define PREF_MIN_PARALLELISM   "Ports scanned in parallel (min)"

Plugin parameter description: force minimum number of parallel active probes.

#define PREF_MIN_RTT_TIMEOUT   "Min RTT Timeout (ms)"

Plugin parameter description: probe round trip time hint (minimal value)

#define PREF_NO_DNS   "Disable DNS resolution"

Plugin parameter description: don't perform reverse resolution on discovered IP addresses.

#define PREF_RPC_PORT_SCAN   "RPC port scan"

Plugin parameter description: perform RPC port scan.

#define PREF_SERVICE_SCAN   "Service scan"

Plugin parameter description: perform service/version detection scan.

#define PREF_SOURCE_PORT   "Source port"

Plugin parameter description: set source port.

#define PREF_TCP_SCANNING_TECHNIQUE   "TCP scanning technique"

Plugin parameter description: TCP port scanning technique to use.

#define PREF_TIMING_POLICY   "Timing policy"

Plugin parameter description: select timing template.

#define PREF_TRACEROUTE   "Trace hop path to each host"

Plugin parameter description: perform traceroute.

#define PREF_TREAT_ALL_HOST_ONLINE   "Treat all hosts as online"

Plugin parameter description: skip alive hosts discovery phase.

#define PRINT_NOT_NULL (   x)    ((x) ? (x) : "")

Function Documentation

tree_cell* plugin_run_nmap ( lex_ctxt lexic)

Run the nmap_net subsystem.

Parameters
[in]lexicNASL state.
Returns
NULL on error, FAKE_CELL on success.