version 1.66, 2004/01/31 21:09:15 |
version 1.67, 2004/02/20 10:53:10 |
|
|
int iflag; /* Interval Flag */ |
int iflag; /* Interval Flag */ |
int kflag; /* More than one connect */ |
int kflag; /* More than one connect */ |
int lflag; /* Bind to local port */ |
int lflag; /* Bind to local port */ |
int nflag; /* Dont do name lookup */ |
int nflag; /* Don't do name look up */ |
char *pflag; /* Localport flag */ |
char *pflag; /* Localport flag */ |
int rflag; /* Random ports flag */ |
int rflag; /* Random ports flag */ |
char *sflag; /* Source Address */ |
char *sflag; /* Source Address */ |
|
|
if (!lflag && kflag) |
if (!lflag && kflag) |
errx(1, "must use -l with -k"); |
errx(1, "must use -l with -k"); |
|
|
/* Initialize addrinfo structure */ |
/* Initialize addrinfo structure. */ |
if (family != AF_UNIX) { |
if (family != AF_UNIX) { |
memset(&hints, 0, sizeof(struct addrinfo)); |
memset(&hints, 0, sizeof(struct addrinfo)); |
hints.ai_family = family; |
hints.ai_family = family; |
|
|
if (family == AF_UNIX) |
if (family == AF_UNIX) |
s = unix_listen(host); |
s = unix_listen(host); |
|
|
/* Allow only one connection at a time, but stay alive */ |
/* Allow only one connection at a time, but stay alive. */ |
for (;;) { |
for (;;) { |
if (family != AF_UNIX) |
if (family != AF_UNIX) |
s = local_listen(host, uport, hints); |
s = local_listen(host, uport, hints); |
|
|
} else { |
} else { |
int i = 0; |
int i = 0; |
|
|
/* construct the portlist[] array */ |
/* Construct the portlist[] array. */ |
build_ports(uport); |
build_ports(uport); |
|
|
/* Cycle through portlist, connecting to each port */ |
/* Cycle through portlist, connecting to each port. */ |
for (i = 0; portlist[i] != NULL; i++) { |
for (i = 0; portlist[i] != NULL; i++) { |
if (s) |
if (s) |
close(s); |
close(s); |
|
|
|
|
ret = 0; |
ret = 0; |
if (vflag || zflag) { |
if (vflag || zflag) { |
/* For UDP, make sure we are connected */ |
/* For UDP, make sure we are connected. */ |
if (uflag) { |
if (uflag) { |
if (udptest(s) == -1) { |
if (udptest(s) == -1) { |
ret = 1; |
ret = 1; |
|
|
} |
} |
} |
} |
|
|
/* Don't lookup port if -n */ |
/* Don't look up port if -n. */ |
if (nflag) |
if (nflag) |
sv = NULL; |
sv = NULL; |
else { |
else { |
|
|
|
|
/* |
/* |
* unix_connect() |
* unix_connect() |
* Return's a socket connected to a local unix socket. Return's -1 on failure. |
* Returns a socket connected to a local unix socket. Returns -1 on failure. |
*/ |
*/ |
int |
int |
unix_connect(char *path) |
unix_connect(char *path) |
|
|
|
|
/* |
/* |
* unix_listen() |
* unix_listen() |
* create a unix domain socket, and listen on it. |
* Create a unix domain socket, and listen on it. |
*/ |
*/ |
int |
int |
unix_listen(char *path) |
unix_listen(char *path) |
|
|
struct sockaddr_un sun; |
struct sockaddr_un sun; |
int s; |
int s; |
|
|
/* create unix domain socket */ |
/* Create unix domain socket. */ |
if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) |
if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) |
return (-1); |
return (-1); |
|
|
|
|
|
|
/* |
/* |
* remote_connect() |
* remote_connect() |
* Return's a socket connected to a remote host. Properly bind's to a local |
* Returns a socket connected to a remote host. Properly binds to a local |
* port or source address if needed. Return's -1 on failure. |
* port or source address if needed. Returns -1 on failure. |
*/ |
*/ |
int |
int |
remote_connect(char *host, char *port, struct addrinfo hints) |
remote_connect(char *host, char *port, struct addrinfo hints) |
|
|
res0->ai_protocol)) < 0) |
res0->ai_protocol)) < 0) |
continue; |
continue; |
|
|
/* Bind to a local port or source address if specified */ |
/* Bind to a local port or source address if specified. */ |
if (sflag || pflag) { |
if (sflag || pflag) { |
struct addrinfo ahints, *ares; |
struct addrinfo ahints, *ares; |
|
|
|
|
|
|
/* |
/* |
* local_listen() |
* local_listen() |
* Return's a socket listening on a local port, binds to specified source |
* Returns a socket listening on a local port, binds to specified source |
* address. Return's -1 on failure. |
* address. Returns -1 on failure. |
*/ |
*/ |
int |
int |
local_listen(char *host, char *port, struct addrinfo hints) |
local_listen(char *host, char *port, struct addrinfo hints) |
|
|
int s, ret, x = 1; |
int s, ret, x = 1; |
int error; |
int error; |
|
|
/* Allow nodename to be null */ |
/* Allow nodename to be null. */ |
hints.ai_flags |= AI_PASSIVE; |
hints.ai_flags |= AI_PASSIVE; |
|
|
/* |
/* |
|
|
pfd[0].fd = nfd; |
pfd[0].fd = nfd; |
pfd[0].events = POLLIN; |
pfd[0].events = POLLIN; |
|
|
/* Setup STDIN FD */ |
/* Set up STDIN FD. */ |
pfd[1].fd = wfd; |
pfd[1].fd = wfd; |
pfd[1].events = POLLIN; |
pfd[1].events = POLLIN; |
|
|
|
|
} |
} |
} |
} |
|
|
/* Deal with RFC854 WILL/WONT DO/DONT negotiation */ |
/* Deal with RFC 854 WILL/WONT DO/DONT negotiation. */ |
void |
void |
atelnet(int nfd, unsigned char *buf, unsigned int size) |
atelnet(int nfd, unsigned char *buf, unsigned int size) |
{ |
{ |
|
|
/* |
/* |
* build_ports() |
* build_ports() |
* Build an array or ports in portlist[], listing each port |
* Build an array or ports in portlist[], listing each port |
* that we should try to connect too. |
* that we should try to connect to. |
*/ |
*/ |
void |
void |
build_ports(char *p) |
build_ports(char *p) |
|
|
*n = '\0'; |
*n = '\0'; |
n++; |
n++; |
|
|
/* Make sure the ports are in order: lowest->highest */ |
/* Make sure the ports are in order: lowest->highest. */ |
hi = (int)strtoul(n, &endp, 10); |
hi = (int)strtoul(n, &endp, 10); |
if (hi <= 0 || hi > PORT_MAX || *endp != '\0') |
if (hi <= 0 || hi > PORT_MAX || *endp != '\0') |
errx(1, "port range not valid"); |
errx(1, "port range not valid"); |
|
|
lo = cp; |
lo = cp; |
} |
} |
|
|
/* Load ports sequentially */ |
/* Load ports sequentially. */ |
for (cp = lo; cp <= hi; cp++) { |
for (cp = lo; cp <= hi; cp++) { |
portlist[x] = calloc(1, PORT_MAX_LEN); |
portlist[x] = calloc(1, PORT_MAX_LEN); |
if (portlist[x] == NULL) |
if (portlist[x] == NULL) |
|
|
x++; |
x++; |
} |
} |
|
|
/* Randomly swap ports */ |
/* Randomly swap ports. */ |
if (rflag) { |
if (rflag) { |
int y; |
int y; |
char *c; |
char *c; |
|
|
/* |
/* |
* udptest() |
* udptest() |
* Do a few writes to see if the UDP port is there. |
* Do a few writes to see if the UDP port is there. |
* XXX - Better way of doing this? Doesn't work for IPv6 |
* XXX - Better way of doing this? Doesn't work for IPv6. |
* Also fails after around 100 ports checked. |
* Also fails after around 100 ports checked. |
*/ |
*/ |
int |
int |
|
|
fprintf(stderr, "\tCommand Summary:\n\ |
fprintf(stderr, "\tCommand Summary:\n\ |
\t-4 Use IPv4\n\ |
\t-4 Use IPv4\n\ |
\t-6 Use IPv6\n\ |
\t-6 Use IPv6\n\ |
\t-S Enable the TCP MD5 signature option\n\ |
|
\t-U Use UNIX domain socket\n\ |
|
\t-X vers\t SOCKS version (4 or 5)\n\ |
|
\t-h This help text\n\ |
\t-h This help text\n\ |
\t-i secs\t Delay interval for lines sent, ports scanned\n\ |
\t-i secs\t Delay interval for lines sent, ports scanned\n\ |
\t-k Keep inbound sockets open for multiple connects\n\ |
\t-k Keep inbound sockets open for multiple connects\n\ |
|
|
\t-n Suppress name/port resolutions\n\ |
\t-n Suppress name/port resolutions\n\ |
\t-p port\t Specify local port for remote connects\n\ |
\t-p port\t Specify local port for remote connects\n\ |
\t-r Randomize remote ports\n\ |
\t-r Randomize remote ports\n\ |
|
\t-S Enable the TCP MD5 signature option\n\ |
\t-s addr\t Local source address\n\ |
\t-s addr\t Local source address\n\ |
\t-t Answer TELNET negotiation\n\ |
\t-t Answer TELNET negotiation\n\ |
|
\t-U Use UNIX domain socket\n\ |
\t-u UDP mode\n\ |
\t-u UDP mode\n\ |
\t-v Verbose\n\ |
\t-v Verbose\n\ |
\t-w secs\t Timeout for connects and final net reads\n\ |
\t-w secs\t Timeout for connects and final net reads\n\ |
|
\t-X vers\t SOCKS version (4 or 5)\n\ |
\t-x addr[:port]\tSpecify socks proxy address and port\n\ |
\t-x addr[:port]\tSpecify socks proxy address and port\n\ |
\t-z Zero-I/O mode [used for scanning]\n\ |
\t-z Zero-I/O mode [used for scanning]\n\ |
Port numbers can be individual or ranges: lo-hi [inclusive]\n"); |
Port numbers can be individual or ranges: lo-hi [inclusive]\n"); |
|
|
void |
void |
usage(int ret) |
usage(int ret) |
{ |
{ |
fprintf(stderr, "usage: nc [-46SUhklnrtuvz] [-i interval] [-p source port]\n"); |
fprintf(stderr, "usage: nc [-46hklnrStUuvz] [-i interval] [-p source_port] [-s source_ip_address]\n"); |
fprintf(stderr, "\t [-s ip address] [-w timeout] [-X vers] [-x proxy address [:port]]\n"); |
fprintf(stderr, "\t [-w timeout] [-X socks_version] [-x proxy_address[:port]] [hostname]\n"); |
fprintf(stderr, "\t [hostname] [port[s...]]\n"); |
fprintf(stderr, "\t [port[s]]\n"); |
if (ret) |
if (ret) |
exit(1); |
exit(1); |
} |
} |