source:
npl/overig/netcat_openbsd/patches/0011-misc-failures-and-features.patch
@
4e011a4
| Last change on this file since 4e011a4 was c5c522c, checked in by , 8 years ago | |
|---|---|
|
|
| File size: 12.6 KB | |
-
nc.1
From: Aron Xu <aron@debian.org> Date: Mon, 13 Feb 2012 19:06:52 +0800 Subject: misc connection failures --- nc.1 | 76 ++++++++++++++++++++++++++++++++++++--- netcat.c | 119 ++++++++++++++++++++++++++++++++++++++++++-------------------- 2 files changed, 153 insertions(+), 42 deletions(-) diff --git a/nc.1 b/nc.1 index 60e3668..477cb1b 100644
a b 34 34 .Sh SYNOPSIS 35 35 .Nm nc 36 36 .Bk -words 37 .Op Fl 46 CDdhklnrStUuvZz37 .Op Fl 46bCDdhklnrStUuvZz 38 38 .Op Fl I Ar length 39 39 .Op Fl i Ar interval 40 40 .Op Fl O Ar length … … to use IPv4 addresses only. 99 99 Forces 100 100 .Nm 101 101 to use IPv6 addresses only. 102 .It Fl b 103 Allow broadcast. 102 104 .It Fl C 103 105 Send CRLF as line-ending. 104 106 .It Fl D … … and which side is being used as a 323 325 The connection may be terminated using an 324 326 .Dv EOF 325 327 .Pq Sq ^D . 328 .Pp 329 There is no 330 .Fl c 331 or 332 .Fl e 333 option in this netcat, but you still can execute a command after connection 334 being established by redirecting file descriptors. Be cautious here because 335 opening a port and let anyone connected execute arbitrary command on your 336 site is DANGEROUS. If you really need to do this, here is an example: 337 .Pp 338 On 339 .Sq server 340 side: 341 .Pp 342 .Dl $ rm -f /tmp/f; mkfifo /tmp/f 343 .Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f 344 .Pp 345 On 346 .Sq client 347 side: 348 .Pp 349 .Dl $ nc host.example.com 1234 350 .Dl $ (shell prompt from host.example.com) 351 .Pp 352 By doing this, you create a fifo at /tmp/f and make nc listen at port 1234 353 of address 127.0.0.1 on 354 .Sq server 355 side, when a 356 .Sq client 357 establishes a connection successfully to that port, /bin/sh gets executed 358 on 359 .Sq server 360 side and the shell prompt is given to 361 .Sq client 362 side. 363 .Pp 364 When connection is terminated, 365 .Nm 366 quits as well. Use 367 .Fl k 368 if you want it keep listening, but if the command quits this option won't 369 restart it or keep 370 .Nm 371 running. Also don't forget to remove the file descriptor once you don't need 372 it anymore: 373 .Pp 374 .Dl $ rm -f /tmp/f 375 .Pp 326 376 .Sh DATA TRANSFER 327 377 The example in the previous section can be expanded to build a 328 378 basic data transfer model. … … The 382 432 flag can be used to tell 383 433 .Nm 384 434 to report open ports, 385 rather than initiate a connection. 435 rather than initiate a connection. Usually it's useful to turn on verbose 436 output to stderr by use this option in conjunction with 437 .Fl v 438 option. 439 .Pp 386 440 For example: 387 441 .Bd -literal -offset indent 388 $ nc -zhost.example.com 20-30442 $ nc \-zv host.example.com 20-30 389 443 Connection to host.example.com 22 port [tcp/ssh] succeeded! 390 444 Connection to host.example.com 25 port [tcp/smtp] succeeded! 391 445 .Ed 392 446 .Pp 393 The port range was specified to limit the search to ports 20 \- 30. 447 The port range was specified to limit the search to ports 20 \- 30, and is 448 scanned by increasing order. 449 .Pp 450 You can also specify a list of ports to scan, for example: 451 .Bd -literal -offset indent 452 $ nc \-zv host.example.com 80 20 22 453 nc: connect to host.example.com 80 (tcp) failed: Connection refused 454 nc: connect to host.example.com 20 (tcp) failed: Connection refused 455 Connection to host.example.com port [tcp/ssh] succeeded! 456 .Ed 457 .Pp 458 The ports are scanned by the order you given. 394 459 .Pp 395 460 Alternatively, it might be useful to know which server software 396 461 is running, and which versions. … … Original implementation by *Hobbit* 455 520 .br 456 521 Rewritten with IPv6 support by 457 522 .An Eric Jackson Aq ericj@monkey.org . 523 .br 524 Modified for Debian port by Aron Xu 525 .Aq aron@debian.org . 458 526 .Sh CAVEATS 459 527 UDP port scans using the 460 528 .Fl uz -
netcat.c
diff --git a/netcat.c b/netcat.c index bf9940f..c938d11 100644
a b 88 88 #include <netdb.h> 89 89 #include <poll.h> 90 90 #include <signal.h> 91 #include <stddef.h> 91 92 #include <stdarg.h> 92 93 #include <stdio.h> 93 94 #include <stdlib.h> … … 115 116 #define UDP_SCAN_TIMEOUT 3 /* Seconds */ 116 117 117 118 /* Command Line Options */ 119 int bflag; /* Allow Broadcast */ 118 120 int Cflag = 0; /* CRLF line-ending */ 119 121 int dflag; /* detached, no stdin */ 120 122 unsigned int iflag; /* Interval Flag */ … … char *portlist[PORT_MAX+1]; 146 148 char *unix_dg_tmp_socket; 147 149 148 150 void atelnet(int, unsigned char *, unsigned int); 149 void build_ports(char * );151 void build_ports(char **); 150 152 void help(void); 151 153 int local_listen(char *, char *, struct addrinfo); 152 154 void readwrite(int); … … int 171 173 main(int argc, char *argv[]) 172 174 { 173 175 int ch, s, ret, socksv; 174 char *host, * uport;176 char *host, **uport; 175 177 struct addrinfo hints; 176 178 struct servent *sv; 177 179 socklen_t len; 178 struct sockaddr_storage cliaddr; 180 union { 181 struct sockaddr_storage storage; 182 struct sockaddr_un forunix; 183 } cliaddr; 179 184 char *proxy = NULL; 180 185 const char *errstr, *proxyhost = "", *proxyport = NULL; 181 186 struct addrinfo proxyhints; … … main(int argc, char *argv[]) 189 194 sv = NULL; 190 195 191 196 while ((ch = getopt(argc, argv, 192 "46 CDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {197 "46bCDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) { 193 198 switch (ch) { 194 199 case '4': 195 200 family = AF_INET; … … main(int argc, char *argv[]) 197 202 case '6': 198 203 family = AF_INET6; 199 204 break; 205 case 'b': 206 # if defined(SO_BROADCAST) 207 bflag = 1; 208 # else 209 errx(1, "no broadcast frame support available"); 210 # endif 211 break; 200 212 case 'U': 201 213 family = AF_UNIX; 202 214 break; … … main(int argc, char *argv[]) 342 354 343 355 /* Cruft to make sure options are clean, and used properly. */ 344 356 if (argv[0] && !argv[1] && family == AF_UNIX) { 345 if (uflag)346 errx(1, "cannot use -u and -U");347 357 # if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) 348 358 if (dccpflag) 349 359 errx(1, "cannot use -Z and -U"); 350 360 # endif 351 361 host = argv[0]; 352 362 uport = NULL; 353 } else if (!argv[0] && lflag) { 354 if (sflag) 355 errx(1, "cannot use -s and -l"); 356 if (zflag) 357 errx(1, "cannot use -z and -l"); 358 if (pflag) 359 uport=pflag; 360 } else if (!lflag && kflag) { 361 errx(1, "cannot use -k without -l"); 362 } else if (argv[0] && !argv[1]) { 363 if (!lflag) 364 usage(1); 365 uport = argv[0]; 363 } else if (argv[0] && !argv[1] && lflag) { 364 if (pflag) { 365 uport = &pflag; 366 host = argv[0]; 367 } else { 368 uport = argv; 369 host = NULL; 370 } 371 } else if (!argv[0] && lflag && pflag) { 372 uport = &pflag; 366 373 host = NULL; 367 374 } else if (argv[0] && argv[1]) { 368 375 host = argv[0]; 369 uport = argv[1];376 uport = &argv[1]; 370 377 } else 371 378 usage(1); 372 379 373 380 if (lflag) { 381 if (sflag) 382 errx(1, "cannot use -s and -l"); 383 if (zflag) 384 errx(1, "cannot use -z and -l"); 385 if (pflag) 386 /* This still does not work well because of getopt mess 387 errx(1, "cannot use -p and -l"); */ 388 uport = &pflag; 389 } else if (!lflag && kflag) 390 errx(1, "cannot use -k without -l"); 374 391 375 392 /* Get name of temporary socket for unix datagram client */ 376 393 if ((family == AF_UNIX) && uflag && !lflag) { … … main(int argc, char *argv[]) 448 465 else 449 466 s = unix_listen(host); 450 467 } else 451 s = local_listen(host, uport, hints);468 s = local_listen(host, *uport, hints); 452 469 if (s < 0) 453 470 err(1, NULL); 454 471 … … main(int argc, char *argv[]) 457 474 local = ":::"; 458 475 else 459 476 local = "0.0.0.0"; 460 fprintf(stderr, "Listening on [%s] (family %d, port %d)\n", 477 if (vflag && (family != AF_UNIX)) 478 fprintf(stderr, "Listening on [%s] (family %d, port %s)\n", 461 479 host ?: local, 462 480 family, 463 481 *uport); … … main(int argc, char *argv[]) 490 508 len = sizeof(cliaddr); 491 509 connfd = accept(s, (struct sockaddr *)&cliaddr, 492 510 &len); 493 if(vflag) { 511 if(vflag && family == AF_UNIX) { 512 fprintf(stderr, "Connection from \"%.*s\" accepted\n", 513 (len - (int)offsetof(struct sockaddr_un, sun_path)), 514 ((struct sockaddr_un*)&cliaddr)->sun_path); 515 } else if(vflag) { 494 516 char *proto = proto_name(uflag, dccpflag); 495 517 /* Don't look up port if -n. */ 496 518 if (nflag) 497 519 sv = NULL; 498 520 else 499 sv = getservbyport(ntohs(atoi( uport)),521 sv = getservbyport(ntohs(atoi(*uport)), 500 522 proto); 501 523 502 524 if (((struct sockaddr *)&cliaddr)->sa_family == AF_INET) { … … main(int argc, char *argv[]) 504 526 inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in *)&cliaddr)->sin_addr),dst,INET_ADDRSTRLEN); 505 527 fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n", 506 528 dst, 507 uport,529 *uport, 508 530 proto, 509 531 sv ? sv->s_name : "*", 510 532 ((struct sockaddr *)(&cliaddr))->sa_family, … … main(int argc, char *argv[]) 515 537 inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in6 *)&cliaddr)->sin6_addr),dst,INET6_ADDRSTRLEN); 516 538 fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n", 517 539 dst, 518 uport,540 *uport, 519 541 proto, 520 542 sv ? sv->s_name : "*", 521 543 ((struct sockaddr *)&cliaddr)->sa_family, … … main(int argc, char *argv[]) 523 545 } 524 546 else { 525 547 fprintf(stderr, "Connection from unknown port %s [%s/%s] accepted (family %d, sport %d)\n", 526 uport,548 *uport, 527 549 proto, 528 550 sv ? sv->s_name : "*", 529 551 ((struct sockaddr *)(&cliaddr))->sa_family, 530 552 ntohs(((struct sockaddr_in *)&cliaddr)->sin_port)); 531 553 } 532 554 } 555 if(!kflag) 556 close(s); 533 557 readwrite(connfd); 534 558 close(connfd); 535 559 } 536 560 561 if (vflag && kflag) 562 fprintf(stderr, "Connection closed, listening again.\n"); 537 563 if (kflag) 538 564 continue; 539 565 if (family != AF_UNIX) { … … unix_bind(char *path) 641 667 return (-1); 642 668 } 643 669 670 unlink(path); 671 644 672 if (bind(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) { 645 673 close(s); 646 674 return (-1); … … unix_connect(char *path) 662 690 if ((s = unix_bind(unix_dg_tmp_socket)) < 0) 663 691 return (-1); 664 692 } else { 665 if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) 693 if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { 694 errx(1,"create unix socket failed"); 666 695 return (-1); 696 } 667 697 } 668 698 (void)fcntl(s, F_SETFD, 1); 669 699 … … unix_connect(char *path) 674 704 sizeof(sun.sun_path)) { 675 705 close(s); 676 706 errno = ENAMETOOLONG; 707 warn("unix connect abandoned"); 677 708 return (-1); 678 709 } 679 710 if (connect(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) { 711 warn("unix connect failed"); 680 712 close(s); 681 713 return (-1); 682 714 } … … atelnet(int nfd, unsigned char *buf, unsigned int size) 1105 1137 * that we should try to connect to. 1106 1138 */ 1107 1139 void 1108 build_ports(char * p)1140 build_ports(char **p) 1109 1141 { 1110 1142 struct servent *sv; 1111 1143 const char *errstr; 1112 1144 char *n; 1113 1145 int hi, lo, cp; 1114 1146 int x = 0; 1147 int i; 1115 1148 1116 1149 char *proto = proto_name(uflag, dccpflag); 1117 sv = getservbyname( p, proto);1150 sv = getservbyname(*p, proto); 1118 1151 if (sv) { 1119 1152 portlist[0] = calloc(1, PORT_MAX_LEN); 1120 1153 if (portlist[0] == NULL) 1121 1154 err(1, NULL); 1122 1155 snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port)); 1123 } else if ((n = strchr( p, '-')) != NULL) {1156 } else if ((n = strchr(*p, '-')) != NULL) { 1124 1157 *n = '\0'; 1125 1158 n++; 1126 1159 … … build_ports(char *p) 1128 1161 hi = strtonum(n, 1, PORT_MAX, &errstr); 1129 1162 if (errstr) 1130 1163 errx(1, "port number %s: %s", errstr, n); 1131 lo = strtonum( p, 1, PORT_MAX, &errstr);1164 lo = strtonum(*p, 1, PORT_MAX, &errstr); 1132 1165 if (errstr) 1133 errx(1, "port number %s: %s", errstr, p);1166 errx(1, "port number %s: %s", errstr, *p); 1134 1167 1135 1168 if (lo > hi) { 1136 1169 cp = hi; … … build_ports(char *p) 1160 1193 } 1161 1194 } 1162 1195 } else { 1163 hi = strtonum( p, 1, PORT_MAX, &errstr);1196 hi = strtonum(*p, 1, PORT_MAX, &errstr); 1164 1197 if (errstr) 1165 errx(1, "port number %s: %s", errstr, p); 1166 portlist[0] = strdup(p); 1198 errx(1, "port number %s: %s", errstr, *p); 1199 for (i=0;p[i];i++) { 1200 portlist[i] = strdup(p[i]); 1201 } 1167 1202 if (portlist[0] == NULL) 1168 1203 err(1, NULL); 1169 1204 } … … set_common_sockopts(int s) 1198 1233 { 1199 1234 int x = 1; 1200 1235 1236 # if defined(SO_BROADCAST) 1237 if (bflag) { 1238 if (setsockopt(s, IPPROTO_TCP, SO_BROADCAST, 1239 &x, sizeof(x)) == -1) 1240 err(1, NULL); 1241 } 1242 # endif 1201 1243 # if defined(TCP_MD5SIG) 1202 1244 if (Sflag) { 1203 1245 if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, … … help(void) 1293 1335 fprintf(stderr, "\tCommand Summary:\n\ 1294 1336 \t-4 Use IPv4\n\ 1295 1337 \t-6 Use IPv6\n\ 1338 \t-b Allow broadcast\n\ 1296 1339 \t-C Send CRLF as line-ending\n\ 1297 1340 \t-D Enable the debug socket option\n\ 1298 1341 \t-d Detach from stdin\n\ … … void 1329 1372 usage(int ret) 1330 1373 { 1331 1374 fprintf(stderr, 1332 "usage: nc [-46 CDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]\n"1375 "usage: nc [-46bCDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]\n" 1333 1376 "\t [-P proxy_username] [-p source_port] [-q seconds] [-s source]\n" 1334 1377 "\t [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]\n" 1335 1378 "\t [-x proxy_address[:port]] [destination] [port]\n");
Note: See TracBrowser
for help on using the repository browser.
