Nmap Development mailing list archives
Re: Payload Hexdump in --packet-trace and -d4 output
From: jrf <jay.fink () gmail com>
Date: Wed, 2 Jun 2010 16:06:01 -0400
So I took a look and I have to defer to David. The function I copied from him looks significantly different than the nbase hexdump and it takes different arguments. Perhaps I should rename it to print_udp_payload and move the function somewhere else? Also a minor correction in my last email: On Wed, Jun 02, 2010 at 03:52:33PM -0400, jrf wrote: So for instance (but not authortatively (sp?)): --packet-trace -d4 would do just UDP payload --packet-trace -d5 (or some higher number) would do the full packet
On 06/02/2010 07:24 PM, jrf wrote:All, Attached is a patch of perhaps limited interest. While testing the payloads from a file code David wrote a nice print function to dump out the UDP payload. I thought it would be cool if we could include this as part of a trace/debug output. I adapted David's function and have attached it for anyone interested. Note this should be printing all UDP payloads not just those we load up from the file. Per David's suggestion to invoke this type: nmap -sU --packet-trace -d4 [host[s] spec] For speedier test results I suggest using --top-ports<=64 Comments, suggestions, bricks all welcome. Thanks, j Index: utils.h =================================================================== --- utils.h (revision 17780) +++ utils.h (working copy) @@ -240,4 +240,5 @@ int win32_munmap(char *filestr, int filelen); #endif /* WIN32 */ +void print_hexdump(const unsigned char *data, size_t len); /* XXX jrf UDPPrint */ #endif /* UTILS_H */ Index: utils.cc =================================================================== --- utils.cc (revision 17780) +++ utils.cc (working copy) @@ -925,3 +925,32 @@ } #endif + +/* XXX jrf - UDP Printer */ +void print_hexdump (const unsigned char *data, size_t len) { + unsigned int i, j; + + i = 0; + while (i < len) { + printf("%04X ", i); + for (j = 0; j < 16; j++) { + if (j == 8) + printf(" "); + if (i + j < len) + printf(" %02X", data[i + j]); + else + printf(" "); + } + printf(" "); + for (j = 0; j < 16; j++) { + if (j == 8) + printf(" "); + if (i + j < len) + printf("%c", isprint(data[i + j]) ? data[i + j] : '.'); + else + printf(" "); + } + i += j; + printf("\n"); + } +} Index: scan_engine.cc =================================================================== --- scan_engine.cc (revision 17780) +++ scan_engine.cc (working copy) @@ -3193,6 +3193,10 @@ payload = get_udp_payload(pspec->pd.udp.dport, &payload_length); + /* XXX jrf UDP payload print */ + if ((o.packetTrace()) && (o.debugging > 3)) + print_hexdump((unsigned char *) payload, payload_length); + for(decoy = 0; decoy < o.numdecoys; decoy++) { packet = build_udp_raw(&o.decoys[decoy], hss->target->v4hostip(), o.ttl, ipid, IP_TOS_DEFAULT, false, _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Payload Hexdump in --packet-trace and -d4 output jrf (Jun 02)
- Re: Payload Hexdump in --packet-trace and -d4 output Luis MartinGarcia. (Jun 02)
- Re: Payload Hexdump in --packet-trace and -d4 output jrf (Jun 02)
- Re: Payload Hexdump in --packet-trace and -d4 output jrf (Jun 02)
- Re: Payload Hexdump in --packet-trace and -d4 output David Fifield (Jun 02)
- Re: Payload Hexdump in --packet-trace and -d4 output jrf (Jun 02)
- Re: Payload Hexdump in --packet-trace and -d4 output jrf (Jun 02)
- Re: Payload Hexdump in --packet-trace and -d4 output Luis MartinGarcia. (Jun 02)