Re: [PATCH] Add --badsum equivalent run-time option

[Kris Katterjohn <kjak () ispwest com>]

Fyodor wrote:
> On Sat, Sep 16, 2006 at 08:50:57PM -0500, Kris Katterjohn wrote:
> > The attached patch adds the run-time commands equivalent to the --badsum
> > command-line option.
>
> Thanks.  If someone needs this, now they have the patch for it.  But
> it is probably too obscure for mainstream Nmap.  I've never started an
> Nmap command and then realized "oh wait, I want Nmap to start corrupt
> the TCP checksum of every packet it sends".  But I often accidentally
> press keys while Nmap is running, and I don't want that to cause
> disasterous results.  Right not pressing 'b' accidentally will just
> show a brief status report.
>
> > It may not be a very-much used option (or it could..), but IMO nmap
> > should allow as many (reasonable) options as possible to be changed
> > during execution.
>
> As noted above, there are real costs to adding interactive commands.
> In addition to mistaken presses, it bloats the code and documentation.
> So I think we should only add interactive commands for things like
> verbosity that people often want to change at runtime.  But having
> this extra patch available could be useful for those few people who do
> need/want the extra functionality.

What about adding an option --allinteractive which enables all "extra"
runtime commands? I attached a small patch that adds this. This way when
there's an obscure option not everybody would want, we can have people
who want it just add an extra flag when they run nmap instead of finding
and applying a patch. I'll probably end up using this most of the time
if it gets applied and more commands get added.

You might want to change the way I added the extra info when '?' is
pressed and probably add something to the manpage saying it's an extra
option. I didn't know if you'd be interested in this, so I just kinda
made a rough patch :)

It's a diff against 4.20ALPHA7

Thanks,
Kris Katterjohn

--- x/NmapOps.h 2006-08-28 22:26:10.000000000 -0500
+++ y/NmapOps.h 2006-09-28 09:35:16.000000000 -0500
@@ -306,6 +306,7 @@ class NmapOps {
   int numhosts_scanning;
   stype current_scantype;
   bool noninteractive;
+  bool allinteractive;
 
   bool release_memory; /* suggest to release memory before quitting. used to find memory leaks. */
  private:

--- x/docs/nmap-man.xml 2006-09-02 20:24:55.000000000 -0500
+++ y/docs/nmap-man.xml 2006-09-28 09:29:21.000000000 -0500
@@ -3247,6 +3247,14 @@ increased.</para>
       </varlistentry>
       <varlistentry>
         <term>
+          <option>b</option> / <option>B</option>
+        </term>
+        <listitem>
+          <para>Turn on / off sending packets with bogus TCP/UDP checksum</para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>
           <option>?</option>
         </term>
         <listitem>

--- x/nmap.cc   2006-09-11 22:33:34.000000000 -0500
+++ y/nmap.cc   2006-09-28 09:28:42.000000000 -0500
@@ -566,6 +566,7 @@ int nmap_main(int argc, char *argv[]) {
       {"append_output", no_argument, 0, 0},
       {"append-output", no_argument, 0, 0},
       {"noninteractive", no_argument, 0, 0},
+      {"allinteractive", no_argument, 0, 0},
       {"spoof_mac", required_argument, 0, 0},
       {"spoof-mac", required_argument, 0, 0},
       {"thc", no_argument, 0, 0},  
@@ -671,7 +672,13 @@ int nmap_main(int argc, char *argv[]) {
       } else if (optcmp(long_options[option_index].name, "append-output") == 0) {
        o.append_output = 1;
       } else if (strcmp(long_options[option_index].name, "noninteractive") == 0) {
+       if (o.allinteractive)
+               o.allinteractive = false;
        o.noninteractive = true;
+      } else if (strcmp(long_options[option_index].name, "allinteractive") == 0) {
+       if (o.noninteractive)
+               o.noninteractive = false;
+       o.allinteractive = true;
       } else if (optcmp(long_options[option_index].name, "spoof-mac") == 0) {
        /* I need to deal with this later, once I'm sure that I have output
           files set up, --datadir, etc. */

--- x/nmap_tty.cc       2006-08-24 20:47:37.000000000 -0500
+++ y/nmap_tty.cc       2006-09-28 09:32:59.000000000 -0500
@@ -251,6 +251,12 @@ bool keyWasPressed()
     } else if (c == 'P') {
        o.setPacketTrace(false);
        log_write(LOG_STDOUT, "Packet Tracing disabled.\n");
+    } else if (c == 'b' && o.allinteractive) {
+       o.badsum = 1;
+       log_write(LOG_STDOUT, "Sending packets with bogus TCP/UDP checksum.\n");
+    } else if (c == 'B' && o.allinteractive) {
+       o.badsum = 0;
+       log_write(LOG_STDOUT, "Sending packets with correct TCP/UDP checksum.\n");
     } else if (c == '?') {
       log_write(LOG_STDOUT,
                "Interactive keyboard commands:\n"
@@ -258,6 +264,8 @@ bool keyWasPressed()
                "v/V             Increase/decrease verbosity\n"
                "d/D             Increase/decrease debugging\n"
                "p/P             Enable/disable packet tracing\n"
+               "With --allinteractive:\n"
+               "  b/B             Enable/disable sending packets with bogus TCP/UDP checksum\n"
                "anything else   Print status\n"
                 "More help: http://www.insecure.org/nmap/man/man-runtime-interaction.html\n";);
     } else {


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org