Nmap Development mailing list archives

Re: payload file prototype

From: David Fifield <david () bamsoftware com>
Date: Fri, 12 Feb 2010 17:05:44 -0700

On Thu, Feb 11, 2010 at 09:43:57PM -0500, Jay Fink wrote:

On Wed, Feb 10, 2010 at 12:23 AM, David Fifield <david () bamsoftware com> wrote:

I was thinking to use an std::map<proto_port, Payload> for the global
list of payloads, where proto_port would be like

struct proto_port {
       u8 proto;
       u16 port;
};


Okay so that would be mapped into the global list or are you referring
when were looking it up?


When looking it up. That's the key and the payload struct is the value.

Right now, for the actual list itself, following is what I banged out
last weekend. It is missing search and init but here is the header
file for it, I trimmed out everything else, the functions listed
(including constructor) work, some of them are just for practice at
this point and might get tossed. My current test program initializes 3
payloads inside the calling test itself. I am planning on using
something similar to services to load up the file in the init portion.
The next steps are load, then search (map):

struct Payload {
    char *proto; // number?
    int dport; // dest port
    char *data; // Payload data
    int sport; // source port if we care
    Payload* next; // next payload
};
class AllPayloads {
    public:
        AllPayloads();
        ~AllPayloads();
        int Count();
        Payload* head;
        int Add(Payload* Item);
        Payload *Retrieve(int pos);
        bool Find(Payload* Item);
    private:
        int size;
};


I don't think you need to store the proto and dport for each payload;
the caller already has that information. You could do that if you needed
it for your data structure, but with a std::map you don't need that.

If you have a good idea for a data structure to use other than std::map,
that's cool. I just suggested it because this is exactly what it's
designed for, and it won't take a lot of extra work. You also wouldn't
need a special AllPayloads struct.

The worst part is just dealing with the C++ ugliness. Think of it in
pseudocode first. The algorithm will be something like this:

        loop:
                proto, ports, payload = parse_payload()
                for port in ports:
                        all_payloads[proto, port] = payload

Then lookup is just

        lookup(proto, port):
                return all_payloads[proto, port]

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

payload file prototype Jay Fink (Jan 18)
- Re: payload file prototype David Fifield (Jan 29)
  - Re: payload file prototype Jay Fink (Jan 29)
  - Re: payload file prototype Jay Fink (Jan 31)
    - Re: payload file prototype David Fifield (Feb 01)
    - Re: payload file prototype Jay Fink (Feb 01)
    - Re: payload file prototype Jay Fink (Feb 04)
- <Possible follow-ups>
- Re: payload file prototype David Fifield (Feb 09)
  - Re: payload file prototype Jay Fink (Feb 11)
    - Re: payload file prototype David Fifield (Feb 12)
    - Re: payload file prototype Jay Fink (Feb 12)
    - Re: payload file prototype Jay Fink (Feb 14)
    - Re: payload file prototype David Fifield (Feb 15)
    - Re: payload file prototype Jay Fink (Feb 16)
    - Re: payload file prototype Jay Fink (Feb 18)
    - Re: payload file prototype David Fifield (Feb 19)