Nmap Development mailing list archives

Re: payload file prototype

From: Jay Fink <jay.fink () gmail com>
Date: Sun, 31 Jan 2010 14:46:48 -0500

On Fri, Jan 29, 2010 at 4:40 PM, David Fifield <david () bamsoftware com> wrote:


First, the getpayload function should not be doing any file I/O.
Instead, parse the whole file in advance and then retrieve values from a
data structure you build. Take the example in service_scan.cc. There's a
function parse_nmap_service_probe_file that stores the service probes in
a global AllProbes structure.

I'm thinking of something like an std::map mapping (proto, port) pairs
to structs like
       struct Payload {
               char *data;
               ssize_t len;
               int sourceport;
       };


Started writing in skeleton code for this; basically in my separate test files:

const char *get_udp_payload(u16 dport, size_t *length) {
 if (o.extra_payload != NULL) {
    *length = o.extra_payload_length;
    return o.extra_payload;
  } else {
    return udp_port2payload(getPayload("udp",dport));
  }
}


Then inside of getPayload there is a data structure filled in:
struct Payload {
    char *data;  // Payload data
    ssize_t len; // Len of the payload
    int sport;   // Source Port *if* we are interested
};

and return the payload to get_udp_payload.

So far so good, my question - if I follow your logic from the previous email is:

Assuming I call the global payload something like AllPayloads *APL

if AllPayloads exists
    find our payload and send back the payload itself
else
   load up all AllPayloads
          parse_nmap_payload_file
   find our payload and send it back the payload itself.

After rereading the current method - this makes more sense now - later
if we wish we can always add another wrapper function for
get_someother_payload - for some reason I was thinking we wanted to
parse *any* prot/port,port,...

This way we read in the file once. Of course, after reading over the
service parser it is a lot more work than that but I want to get the
concept down before I blow it again like I did with pass 2.

It has been a long time since I have written anything in c++ so might
take me a bit - looks like things are busy enough with the latest
release though :D

Thanks!
  j
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

payload file prototype Jay Fink (Jan 18)
- Re: payload file prototype David Fifield (Jan 29)
  - Re: payload file prototype Jay Fink (Jan 29)
  - Re: payload file prototype Jay Fink (Jan 31)
    - Re: payload file prototype David Fifield (Feb 01)
    - Re: payload file prototype Jay Fink (Feb 01)
    - Re: payload file prototype Jay Fink (Feb 04)
- <Possible follow-ups>
- Re: payload file prototype David Fifield (Feb 09)
  - Re: payload file prototype Jay Fink (Feb 11)
    - Re: payload file prototype David Fifield (Feb 12)
    - Re: payload file prototype Jay Fink (Feb 12)
    - Re: payload file prototype Jay Fink (Feb 14)
    - Re: payload file prototype David Fifield (Feb 15)
    - Re: payload file prototype Jay Fink (Feb 16)

(Thread continues...)