1 /*************************************************************************** 2 * scan_lists.h -- Structures and functions for lists of ports to scan and * 3 * scan types * 4 ***********************IMPORTANT NMAP LICENSE TERMS************************ 5 * * 6 * The Nmap Security Scanner is (C) 1996-2020 Insecure.Com LLC ("The Nmap * 7 * Project"). Nmap is also a registered trademark of the Nmap Project. * 8 * * 9 * This program is distributed under the terms of the Nmap Public Source * 10 * License (NPSL). The exact license text applying to a particular Nmap * 11 * release or source code control revision is contained in the LICENSE * 12 * file distributed with that version of Nmap or source code control * 13 * revision. More Nmap copyright/legal information is available from * 14 * https://nmap.org/book/man-legal.html, and further information on the * 15 * NPSL license itself can be found at https://nmap.org/npsl. This header * 16 * summarizes some key points from the Nmap license, but is no substitute * 17 * for the actual license text. * 18 * * 19 * Nmap is generally free for end users to download and use themselves, * 20 * including commercial use. It is available from https://nmap.org. * 21 * * 22 * The Nmap license generally prohibits companies from using and * 23 * redistributing Nmap in commercial products, but we sell a special Nmap * 24 * OEM Edition with a more permissive license and special features for * 25 * this purpose. See https://nmap.org/oem * 26 * * 27 * If you have received a written Nmap license agreement or contract * 28 * stating terms other than these (such as an Nmap OEM license), you may * 29 * choose to use and redistribute Nmap under those terms instead. * 30 * * 31 * The official Nmap Windows builds include the Npcap software * 32 * (https://npcap.org) for packet capture and transmission. It is under * 33 * separate license terms which forbid redistribution without special * 34 * permission. So the official Nmap Windows builds may not be * 35 * redistributed without special permission (such as an Nmap OEM * 36 * license). * 37 * * 38 * Source is provided to this software because we believe users have a * 39 * right to know exactly what a program is going to do before they run it. * 40 * This also allows you to audit the software for security holes. * 41 * * 42 * Source code also allows you to port Nmap to new platforms, fix bugs, * 43 * and add new features. You are highly encouraged to submit your * 44 * changes as a Github PR or by email to the dev@nmap.org mailing list * 45 * for possible incorporation into the main distribution. Unless you * 46 * specify otherwise, it is understood that you are offering us very * 47 * broad rights to use your submissions as described in the Nmap Public * 48 * Source License Contributor Agreement. This is important because we * 49 * fund the project by selling licenses with various terms, and also * 50 * because the inability to relicense code has caused devastating * 51 * problems for other Free Software projects (such as KDE and NASM). * 52 * * 53 * The free version of Nmap is distributed in the hope that it will be * 54 * useful, but WITHOUT ANY WARRANTY; without even the implied warranty of * 55 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Warranties, * 56 * indemnification and commercial support are all available through the * 57 * Npcap OEM program--see https://nmap.org/oem. * 58 * * 59 ***************************************************************************/ 60 61 #ifndef SCAN_LISTS_H 62 #define SCAN_LISTS_H 63 64 /* just flags to indicate whether a particular port number should get tcp 65 * scanned, udp scanned, or both 66 */ 67 #define SCAN_TCP_PORT (1 << 0) 68 #define SCAN_UDP_PORT (1 << 1) 69 #define SCAN_SCTP_PORT (1 << 2) 70 #define SCAN_PROTOCOLS (1 << 3) 71 72 /* The various kinds of port/protocol scans we can have 73 * Each element is to point to an array of port/protocol numbers 74 */ 75 struct scan_lists { 76 /* The "synprobes" are also used when doing a connect() ping */ 77 unsigned short *syn_ping_ports; 78 unsigned short *ack_ping_ports; 79 unsigned short *udp_ping_ports; 80 unsigned short *sctp_ping_ports; 81 unsigned short *proto_ping_ports; 82 int syn_ping_count; 83 int ack_ping_count; 84 int udp_ping_count; 85 int sctp_ping_count; 86 int proto_ping_count; 87 //the above fields are only used for host discovery 88 //the fields below are only used for port scanning 89 unsigned short *tcp_ports; 90 int tcp_count; 91 unsigned short *udp_ports; 92 int udp_count; 93 unsigned short *sctp_ports; 94 int sctp_count; 95 unsigned short *prots; 96 int prot_count; 97 }; 98 99 typedef enum { 100 STYPE_UNKNOWN, 101 HOST_DISCOVERY, 102 ACK_SCAN, 103 SYN_SCAN, 104 FIN_SCAN, 105 XMAS_SCAN, 106 UDP_SCAN, 107 CONNECT_SCAN, 108 NULL_SCAN, 109 WINDOW_SCAN, 110 SCTP_INIT_SCAN, 111 SCTP_COOKIE_ECHO_SCAN, 112 MAIMON_SCAN, 113 IPPROT_SCAN, 114 PING_SCAN, 115 PING_SCAN_ARP, 116 IDLE_SCAN, 117 BOUNCE_SCAN, 118 SERVICE_SCAN, 119 OS_SCAN, 120 SCRIPT_PRE_SCAN, 121 SCRIPT_SCAN, 122 SCRIPT_POST_SCAN, 123 TRACEROUTE, 124 PING_SCAN_ND 125 } stype; 126 127 /* port manipulators */ 128 void getpts(const char *expr, struct scan_lists * ports); /* someone stole the name getports()! */ 129 void getpts_simple(const char *origexpr, int range_type, 130 unsigned short **list, int *count); 131 void removepts(const char *expr, struct scan_lists * ports); 132 void free_scan_lists(struct scan_lists *ports); 133 134 /* general helper functions */ 135 const char *scantype2str(stype scantype); 136 137 #endif /* SCAN_LISTS_H */ 138