forked from robertdavidgraham/masscan
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathoutput.h
181 lines (159 loc) · 5.22 KB
/
output.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
#ifndef OUTPUT_H
#define OUTPUT_H
#include <stddef.h>
#include <stdio.h>
#include <stdint.h>
#include <time.h>
#include "main-src.h"
#include "unusedparm.h"
#include "masscan-app.h"
struct Masscan;
struct Output;
enum ApplicationProtocol;
enum PortStatus;
/**
* Output plugins
*
* The various means for writing output are essentially plugins. As new methods
* are created, we just fill in a structure of function pointers.
* TODO: this needs to be a loadable DLL, but in the meantime, it's just
* internal structures.
*/
struct OutputType {
const char *file_extension;
void *(*create)(struct Output *out);
void (*open)(struct Output *out, FILE *fp);
void (*close)(struct Output *out, FILE *fp);
void (*status)(struct Output *out, FILE *fp,
time_t timestamp, int status,
unsigned ip, unsigned ip_proto, unsigned port,
unsigned reason, unsigned ttl);
void (*banner)(struct Output *out, FILE *fp,
time_t timestamp, unsigned ip, unsigned ip_proto,
unsigned port, enum ApplicationProtocol proto,
unsigned ttl,
const unsigned char *px, unsigned length);
};
/**
* Masscan creates one "output" structure per thread.
*/
struct Output
{
const struct Masscan *masscan;
char *filename;
struct Source src[8];
FILE *fp;
const struct OutputType *funcs;
unsigned format;
/**
* The timestamp when this scan started. This is preserved in output files
* because that's what nmap does, and a lot of tools parse this.
*/
time_t when_scan_started;
/**
* Whether we've started writing to a file yet. We are lazy writing the
* the file header until we've actually go something to write
*/
unsigned is_virgin_file:1;
struct {
time_t next;
time_t last;
unsigned period;
unsigned offset;
uint64_t filesize;
uint64_t bytes_written;
unsigned filecount; /* filesize rotates */
char *directory;
} rotate;
unsigned is_banner:1;
unsigned is_gmt:1; /* --gmt */
unsigned is_interactive:1; /* echo to command line */
unsigned is_show_open:1; /* show open ports (default) */
unsigned is_show_closed:1; /* show closed ports */
unsigned is_show_host:1; /* show host status info, like up/down */
unsigned is_append:1; /* append to file */
struct {
struct {
uint64_t open;
uint64_t closed;
uint64_t banner;
} tcp;
struct {
uint64_t open;
uint64_t closed;
} udp;
struct {
uint64_t open;
uint64_t closed;
} sctp;
struct {
uint64_t echo;
uint64_t timestamp;
} icmp;
struct {
uint64_t open;
} arp;
} counts;
struct {
unsigned ip;
unsigned port;
ptrdiff_t fd;
uint64_t outstanding;
unsigned state;
} redis;
struct {
char *stylesheet;
} xml;
};
const char *name_from_ip_proto(unsigned ip_proto);
const char *status_string(enum PortStatus x);
const char *reason_string(int x, char *buffer, size_t sizeof_buffer);
const char *normalize_string(const unsigned char *px, size_t length,
char *buf, size_t buf_len);
extern const struct OutputType text_output;
extern const struct OutputType unicornscan_output;
extern const struct OutputType xml_output;
extern const struct OutputType json_output;
extern const struct OutputType certs_output;
extern const struct OutputType binary_output;
extern const struct OutputType null_output;
extern const struct OutputType redis_output;
extern const struct OutputType grepable_output;
/**
* Creates an "output" object. This is called by the receive thread in order
* to send "status" information (open/closed ports) and "banners" to either
* the command-line or to files in specific formats, such as XML or Redis
* @param masscan
* The master configuration.
* @param thread_index
* When there are more than one receive threads, they are differentiated
* by this index number.
* @return
* an output object that must eventually be destroyed by output_destroy().
*/
struct Output *
output_create(const struct Masscan *masscan, unsigned thread_index);
void output_destroy(struct Output *output);
void output_report_status(struct Output *output, time_t timestamp,
int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl,
const unsigned char mac[6]);
typedef void (*OUTPUT_REPORT_BANNER)(
struct Output *output, time_t timestamp,
unsigned ip, unsigned ip_proto, unsigned port,
unsigned proto, unsigned ttl,
const unsigned char *px, unsigned length);
void output_report_banner(
struct Output *output,
time_t timestamp,
unsigned ip, unsigned ip_proto, unsigned port,
unsigned proto,
unsigned ttl,
const unsigned char *px, unsigned length);
/**
* Regression tests this unit.
* @return
* 0 on success, or positive integer on failure
*/
int
output_selftest(void);
#endif