Nmap Development mailing list archives
New hexdump() function for nbase/nmap
From: "Luis M." <luis.mgarc () gmail com>
Date: Tue, 25 Aug 2009 11:41:20 +0100
Hi! Nmap currently uses two functions to dump hex bytes to stdout. One of them, hdump(), just prints raw hex bytes (no ASCII equivalents) and the other one, lamont_hdump() has a bug when printing buffers where bufflen%16==3. I've just implemented a new version from scratch, hopefully bug-free, that basically produces the same output as Wireshark. Output looks like this: 0000 e8 60 65 86 d7 86 6d 30 35 97 54 87 ff 67 05 9e .`e...m05.T..g.. 0010 07 5a 98 c0 ea ad 50 d2 62 4f 7b ff e1 34 f8 fc .Z....P.bO{..4.. 0020 c4 84 0a 6a 39 ad 3c 10 63 b2 22 c4 24 40 f4 b1 ...j9.<.c.".$@.. I attach two patches. One of them includes the new function into nbase and the other one replaces calls to the old functions in nmap's code. Can some of you guys, please have a look at the patches, so I have a second opinion before applying them. Thanks. Regards, Luis MartinGarcia.
Index: nbase/nbase_misc.c =================================================================== --- nbase/nbase_misc.c (revision 15257) +++ nbase/nbase_misc.c (working copy) @@ -504,3 +504,79 @@ #undef ADLER32_BASE + + +/* This function returns a string containing the hexdump of the supplied + * buffer. It uses current locale to determine if a character is printable or + * not. It prints 73char+\n wide lines like these: + +0000 e8 60 65 86 d7 86 6d 30 35 97 54 87 ff 67 05 9e .`e...m05.T..g.. +0010 07 5a 98 c0 ea ad 50 d2 62 4f 7b ff e1 34 f8 fc .Z....P.bO{..4.. +0020 c4 84 0a 6a 39 ad 3c 10 63 b2 22 c4 24 40 f4 b1 ...j9.<.c.".$@.. + + * The lines look basically like Wireshark's hex dump. + * WARNING: This function returs a pointer to a DINAMICALLY allocated buffer + * that the caller is supposed to free(). + * */ +char *hexdump(u8 *cp, u32 length){ + static char asciify[257]; /* Stores character table */ + int asc_init=0; /* Flag to generate table only once */ + u32 i=0, hex=0, asc=0; /* Array indexes */ + u32 line_count=0; /* For byte count at line start */ + u8 current_char=0; /* Current character to print */ + char *current_line=NULL; /* Current line to write */ + char *buffer=NULL; /* Dynamic buffer we return */ + #define LINE_LEN 74 /* Lenght of printed line */ + char line2print[LINE_LEN]; /* Stores current line */ + char printbyte[16]; /* For byte conversion */ + memset(line2print, ' ', LINE_LEN); /* We fill the line with spaces */ + line2print[LINE_LEN-1]='\n'; + + /* On the first run, generate a list of nice printable characters + * (according to current locale) */ + if( asc_init==0){ + asc_init=1; + for(i=0; i<256; i++){ + if( isalnum(i) || isdigit(i) || ispunct(i) ){ asciify[i]=i; } + else{ asciify[i]='.'; } + } + } + /* Allocate enough space to print the hex dump */ + int bytes2alloc=(length%16==0)? (1 + LINE_LEN * (length/16)) : (1 + LINE_LEN * (1+(length/16))) ; + buffer=(char *)safe_zalloc(bytes2alloc); + current_line=buffer; +#define HEX_START 7 +#define ASC_START 57 +/* This is how or line looks like. +0000 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f .`e...m05.T..g..[\n] +01234567890123456789012345678901234567890123456789012345678901234567890123 +0 1 2 3 4 5 6 7 + ^ ^ ^ + | | | + HEX_START ASC_START Newline +*/ + for(i=0, hex=HEX_START, asc=ASC_START; i<length; i++){ + current_char=cp[i]; + if( hex==HEX_START+24) hex++; /* Insert space every 8 bytes */ + /* First print the hex number */ + sprintf(printbyte,"%02x", current_char); + line2print[hex++]=printbyte[0]; + line2print[hex++]=printbyte[1]; + line2print[hex++]=' '; + /* Then print its ascii equivalent */ + line2print[asc++]=asciify[ current_char ]; + /* Every 16 buffer bytes, store the line and the line number. */ + if( (((i+1)%16)==0 && i!=0) || i+1==length ){ + sprintf(line2print, "%04x", (16*line_count++) % 0xFFFF); + /* Replace the '\0' inserted by sprintf() with a space */ + line2print[4]=' '; + memcpy(current_line, line2print, LINE_LEN); + current_line += LINE_LEN; + hex=HEX_START; asc=ASC_START; + memset(line2print, ' ', LINE_LEN); + line2print[LINE_LEN-1]='\n'; + } + } + buffer[bytes2alloc-1]='\0'; + return buffer; +} /* End of hexdump() */ Index: nbase/nbase.h =================================================================== --- nbase/nbase.h (revision 15257) +++ nbase/nbase.h (working copy) @@ -431,6 +431,8 @@ int fselect(int s, fd_set *rmaster, fd_set *wmaster, fd_set *emaster, struct timeval *tv); +char *hexdump(u8 *cp, u32 length); + #ifndef STDIN_FILENO #define STDIN_FILENO 0 #endif
Index: utils.h =================================================================== --- utils.h (revision 15257) +++ utils.h (working copy) @@ -173,8 +173,7 @@ int wildtest(char *wild, char *test); -void hdump(unsigned char *packet, unsigned int len); -void lamont_hdump(char *cp, unsigned int length); +void nmap_hexdump(unsigned char *cp, unsigned int length); /* Compare a canonical option name (e.g. "max-scan-delay") with a user-generated option such as "max_scan_delay" and returns 0 if the Index: utils.cc =================================================================== --- utils.cc (revision 15257) +++ utils.cc (working copy) @@ -137,90 +137,19 @@ } +/* Wrapper for nbase function hexdump() */ +void nmap_hexdump(unsigned char *cp, unsigned int length){ - -/* Hex dump */ -void hdump(unsigned char *packet, unsigned int len) { -unsigned int i=0, j=0; - -log_write(LOG_PLAIN, "Here it is:\n"); - -for(i=0; i < len; i++){ - j = (unsigned) (packet[i]); - log_write(LOG_PLAIN, "%-2X ", j); - if (!((i+1)%16)) - log_write(LOG_PLAIN, "\n"); - else if (!((i+1)%4)) - log_write(LOG_PLAIN, " "); + char *string=NULL; + string = hexdump((u8*)cp, length); + if(string){ + log_write(LOG_PLAIN, "%s", string); + free(string); + } + return; } -log_write(LOG_PLAIN, "\n"); -} -/* A better version of hdump, from Lamont Granquist. Modified slightly - by Fyodor (fyodor () insecure org) */ -void lamont_hdump(char *cp, unsigned int length) { - /* stolen from tcpdump, then kludged extensively */ - - static const char asciify[] = "................................ !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~................................................................................................................................."; - - const u_short *sp; - const u_char *ap; - unsigned char *bp = (unsigned char *) cp; - u_int i, j; - int nshorts, nshorts2; - int padding; - - log_write(LOG_PLAIN, "\n\t"); - padding = 0; - sp = (u_short *)bp; - ap = (u_char *)bp; - nshorts = (u_int) length / sizeof(u_short); - nshorts2 = (u_int) length / sizeof(u_short); - i = 0; - j = 0; - while(1) { - while (--nshorts >= 0) { - log_write(LOG_PLAIN, " %04x", ntohs(*sp)); - sp++; - if ((++i % 8) == 0) - break; - } - if (nshorts < 0) { - if ((length & 1) && (((i-1) % 8) != 0)) { - log_write(LOG_PLAIN, " %02x ", *(u_char *)sp); - padding++; - } - nshorts = (8 - (nshorts2 - nshorts)); - while(--nshorts >= 0) { - log_write(LOG_PLAIN, " "); - } - if (!padding) log_write(LOG_PLAIN, " "); - } - log_write(LOG_PLAIN, " "); - - while (--nshorts2 >= 0) { - log_write(LOG_PLAIN, "%c%c", asciify[*ap], asciify[*(ap+1)]); - ap += 2; - if ((++j % 8) == 0) { - log_write(LOG_PLAIN, "\n\t"); - break; - } - } - if (nshorts2 < 0) { - if ((length & 1) && (((j-1) % 8) != 0)) { - log_write(LOG_PLAIN, "%c", asciify[*ap]); - } - break; - } - } - if ((length & 1) && (((i-1) % 8) == 0)) { - log_write(LOG_PLAIN, " %02x", *(u_char *)sp); - log_write(LOG_PLAIN, " %c", asciify[*ap]); - } - log_write(LOG_PLAIN, "\n"); -} - #ifndef HAVE_STRERROR char *strerror(int errnum) { static char buf[1024]; Index: tcpip.cc =================================================================== --- tcpip.cc (revision 15257) +++ tcpip.cc (working copy) @@ -2223,7 +2223,7 @@ fatal("FATAL: %s: bogus caplen from libpcap (%d) on interface type %d", __func__, head.caplen, datalink); } error("FATAL: Unknown datalink type (%d). Caplen: %d; Packet:", datalink, head.caplen); - lamont_hdump(p, head.caplen); + nmap_hexdump((unsigned char*)p, head.caplen); exit(1); } @@ -3097,6 +3097,7 @@ ifaces = getinterfaces(&numifaces); for(ifnum=0; ifnum < numifaces; ifnum++) { + printf("getInterfaceByName(): %s\n", ifaces[ifnum].devfullname); if (strcmp(ifaces[ifnum].devfullname, iname) == 0 || strcmp(ifaces[ifnum].devname, iname) == 0) return &ifaces[ifnum]; Index: nmap_rpc.cc =================================================================== --- nmap_rpc.cc (revision 15257) +++ nmap_rpc.cc (working copy) @@ -317,7 +317,7 @@ /* Simply send this sucker we have created ... */ do { if (o.debugging > 1) - hdump((unsigned char *) rpch, sizeof(struct rpc_hdr)); + nmap_hexdump((unsigned char *) rpch, sizeof(struct rpc_hdr)); res = sendto(udp_rpc_socket, (char *)rpch, sizeof(struct rpc_hdr), 0, (struct sockaddr *) &sock, socklen); if (res == -1) Index: scan_engine.cc =================================================================== --- scan_engine.cc (revision 15257) +++ scan_engine.cc (working copy) @@ -4264,9 +4264,9 @@ break; default: - error("Unexpected ICMP type/code 3/%d unreachable packet:", + error("Unexpected ICMP type/code 3/%d unreachable packet:\n", icmp->icmp_code); - hdump((unsigned char *)icmp, ntohs(ip->ip_len) - + nmap_hexdump((unsigned char *)icmp, ntohs(ip->ip_len) - sizeof(struct ip)); break; }
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- New hexdump() function for nbase/nmap Luis M. (Aug 25)
- Re: New hexdump() function for nbase/nmap David Fifield (Aug 25)
- Re: New hexdump() function for nbase/nmap Luis M. (Aug 25)
- Re: New hexdump() function for nbase/nmap David Fifield (Aug 25)
- Re: New hexdump() function for nbase/nmap Luis M. (Aug 25)
- Re: New hexdump() function for nbase/nmap Luis M. (Aug 25)
- Re: New hexdump() function for nbase/nmap David Fifield (Aug 25)