forked from robertdavidgraham/masscan
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathproto-udp.c
66 lines (56 loc) · 1.87 KB
/
proto-udp.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#include "proto-udp.h"
#include "proto-dns.h"
#include "proto-netbios.h"
#include "proto-snmp.h"
#include "proto-ntp.h"
#include "proto-zeroaccess.h"
#include "proto-preprocess.h"
#include "syn-cookie.h"
#include "logger.h"
#include "output.h"
#include "masscan-status.h"
#include "unusedparm.h"
/****************************************************************************
****************************************************************************/
void
handle_udp(struct Output *out, time_t timestamp,
const unsigned char *px, unsigned length,
struct PreprocessedInfo *parsed, uint64_t entropy)
{
unsigned ip_them;
unsigned port_them = parsed->port_src;
unsigned status = 0;
ip_them = parsed->ip_src[0]<<24 | parsed->ip_src[1]<<16
| parsed->ip_src[2]<< 8 | parsed->ip_src[3]<<0;
switch (port_them) {
case 53:
status = handle_dns(out, timestamp, px, length, parsed, entropy);
break;
case 123:
status = ntp_handle_response(out, timestamp, px, length, parsed, entropy);
break;
case 137:
status = handle_nbtstat(out, timestamp, px, length, parsed, entropy);
break;
case 161:
status = handle_snmp(out, timestamp, px, length, parsed, entropy);
break;
case 16464:
case 16465:
case 16470:
case 16471:
status = handle_zeroaccess(out, timestamp, px, length, parsed, entropy);
break;
}
if (status == 0)
output_report_status(
out,
timestamp,
PortStatus_Open,
ip_them,
17, /* ip proto = udp */
port_them,
0,
0,
parsed->mac_src);
}