/* * Paglo Crawler * Copyright (C) 2006-2008 Paglo Labs Inc. All rights reserved. * www.paglo.com * * This program is free software; you can redistribute it and/or modify * it under the terms of version 2 of the GNU General Public License as * published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ //--------------------------------------------------------------------------- #include "ScanIPProtocol.h" #include "SniffThread.h" #include "ScanThread.h" #include "Debug.h" //--------------------------------------------------------------------------- string TScanIPProtocol::Description() { return "Scanning IP protocols for " + TargetIP.Print(); } //--------------------------------------------------------------------------- TScanResult *TScanIPProtocol::PerformScan(TPThread *Thread) { TIPv4Header IPHdr; int Proto; /* * Go through all possible values for the IP protocol field * and send a datagram for each one to the target IP. */ DEBUG_MESSAGE(DEBUG_SCANTHREAD, ("Initiating an IP protocol scan against %s.", TargetIP.Print().c_str())); for (Proto = 0; Proto < 256; Proto++) { if (Thread->IsTerminate()) { return NULL; } /* * Setup the IP header. */ memset(&IPHdr, 0x00, sizeof(IPHdr)); IPHdr.HeaderLen = sizeof(TIPv4Header) >> 2; IPHdr.Version = 4; IPHdr.Length = sizeof(TIPv4Header); IPHdr.ID = rand(); IPHdr.TTL = 255; IPHdr.Protocol = Proto; IPHdr.Checksum = 0; IPHdr.Source = htonl(_GlobalConfig.GetInterfaceIPAddress().IPv4Value()); IPHdr.Dest = htonl(TargetIP.IPv4Value()); IPHdr.Checksum = CompleteChecksum(PartialChecksum((unsigned char *)&IPHdr, sizeof(TIPv4Header), 0)); /* * Send the malformed packet along its merry way. */ SendRawIP((unsigned char *)&IPHdr, sizeof(IPHdr)); /* * Sleep for a second, otherwise the target system seems to get overwhelmed and won't * respond to each packet -- sometimes stopping altogether. * * This causes a protocol scan to take ~255 seconds per target. * */ #ifdef WIN32 Sleep(1000); #else sleep(1); #endif } return new TScanResult(TargetIP); } //---------------------------------------------------------------------------