1 2 /*************************************************************************** 3 * nmap_ftp.h -- Nmap's FTP routines used for FTP bounce scan (-b) 4 * * 5 ***********************IMPORTANT NMAP LICENSE TERMS************************ 6 * * 7 * The Nmap Security Scanner is (C) 1996-2020 Insecure.Com LLC ("The Nmap * 8 * Project"). Nmap is also a registered trademark of the Nmap Project. * 9 * * 10 * This program is distributed under the terms of the Nmap Public Source * 11 * License (NPSL). The exact license text applying to a particular Nmap * 12 * release or source code control revision is contained in the LICENSE * 13 * file distributed with that version of Nmap or source code control * 14 * revision. More Nmap copyright/legal information is available from * 15 * https://nmap.org/book/man-legal.html, and further information on the * 16 * NPSL license itself can be found at https://nmap.org/npsl. This header * 17 * summarizes some key points from the Nmap license, but is no substitute * 18 * for the actual license text. * 19 * * 20 * Nmap is generally free for end users to download and use themselves, * 21 * including commercial use. It is available from https://nmap.org. * 22 * * 23 * The Nmap license generally prohibits companies from using and * 24 * redistributing Nmap in commercial products, but we sell a special Nmap * 25 * OEM Edition with a more permissive license and special features for * 26 * this purpose. See https://nmap.org/oem * 27 * * 28 * If you have received a written Nmap license agreement or contract * 29 * stating terms other than these (such as an Nmap OEM license), you may * 30 * choose to use and redistribute Nmap under those terms instead. * 31 * * 32 * The official Nmap Windows builds include the Npcap software * 33 * (https://npcap.org) for packet capture and transmission. It is under * 34 * separate license terms which forbid redistribution without special * 35 * permission. So the official Nmap Windows builds may not be * 36 * redistributed without special permission (such as an Nmap OEM * 37 * license). * 38 * * 39 * Source is provided to this software because we believe users have a * 40 * right to know exactly what a program is going to do before they run it. * 41 * This also allows you to audit the software for security holes. * 42 * * 43 * Source code also allows you to port Nmap to new platforms, fix bugs, * 44 * and add new features. You are highly encouraged to submit your * 45 * changes as a Github PR or by email to the dev@nmap.org mailing list * 46 * for possible incorporation into the main distribution. Unless you * 47 * specify otherwise, it is understood that you are offering us very * 48 * broad rights to use your submissions as described in the Nmap Public * 49 * Source License Contributor Agreement. This is important because we * 50 * fund the project by selling licenses with various terms, and also * 51 * because the inability to relicense code has caused devastating * 52 * problems for other Free Software projects (such as KDE and NASM). * 53 * * 54 * The free version of Nmap is distributed in the hope that it will be * 55 * useful, but WITHOUT ANY WARRANTY; without even the implied warranty of * 56 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Warranties, * 57 * indemnification and commercial support are all available through the * 58 * Npcap OEM program--see https://nmap.org/oem. * 59 * * 60 ***************************************************************************/ 61 62 /* $Id: nmap_ftp.h 38078 2020-10-02 16:12:22Z dmiller $ */ 63 64 #ifndef NMAP_FTP_H 65 #define NMAP_FTP_H 66 67 #include "scan_lists.h" 68 #include "nbase.h" /* u16 */ 69 class Target; 70 71 /* How do we want to log into ftp sites for */ 72 #define FTPUSER "anonymous" 73 #define FTPPASS "-wwwuser@" 74 #define FTP_RETRIES 2 /* How many times should we relogin if we lose control 75 connection? */ 76 77 struct ftpinfo { 78 char user[64]; 79 char pass[256]; /* methinks you're paranoid if you need this much space */ 80 char server_name[FQDN_LEN + 1]; 81 struct in_addr server; 82 u16 port; 83 int sd; /* socket descriptor */ 84 }; 85 86 struct ftpinfo get_default_ftpinfo(void); 87 int ftp_anon_connect(struct ftpinfo *ftp); 88 89 /* parse a URL stype ftp string of the form user:pass@server:portno */ 90 int parse_bounce_argument(struct ftpinfo *ftp, char *url); 91 92 /* FTP bounce attack scan. This function is rather lame and should be 93 rewritten. But I don't think it is used much anyway. If I'm going to 94 allow FTP bounce scan, I should really allow SOCKS proxy scan. */ 95 void bounce_scan(Target *target, u16 *portarray, int numports, 96 struct ftpinfo *ftp); 97 98 #endif /* NMAP_FTP_H */ 99 100