forked from ossec/ossec-hids
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcheck_open_ports.c
153 lines (120 loc) · 3.68 KB
/
check_open_ports.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
/* Copyright (C) 2009 Trend Micro Inc.
* All right reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
* License (version 2) as published by the FSF - Free Software
* Foundation
*/
#include "shared.h"
#include "headers/debug_op.h"
#include "headers/defs.h"
#include "rootcheck.h"
#ifndef OSSECHIDS
/* Prototypes */
static int connect_to_port(int proto, int port);
static void try_to_access_ports(void);
/* Global variables */
static int _ports_open;
static int open_ports_size;
static char open_ports_str[OS_SIZE_1024 + 1];
static int connect_to_port(int proto, int port)
{
int rc = 0;
int ossock;
struct sockaddr_in server;
struct sockaddr_in6 server6;
#ifdef WIN32
int salen = sizeof(struct sockaddr_in6);
#endif
if (proto == IPPROTO_UDP) {
if ((ossock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
return (0);
}
} else if (proto == IPPROTO_TCP) {
if ((ossock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
return (0);
}
} else {
return (0);
}
memset(&server, 0, sizeof(server));
server.sin_family = AF_INET;
server.sin_port = htons(port);
server.sin_addr.s_addr = inet_addr("127.0.0.1");
if (connect(ossock, (struct sockaddr *)&server, sizeof(server)) == 0) {
rc = 1;
}
close(ossock);
/* repeat for IPv6 */
if (proto == IPPROTO_UDP) {
if ((ossock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
return(0);
}
} else if (proto == IPPROTO_TCP) {
if ((ossock = socket(PF_INET6, SOCK_STREAM, IPPROTO_TCP)) < 0) {
return(0);
}
}
memset(&server6, 0, sizeof(server6));
#ifdef WIN32
WSAStringToAddress("::1", AF_INET6, NULL, (LPSOCKADDR) &server6,
(LPINT) &salen);
#else
server6.sin6_family = AF_INET6;
inet_pton(AF_INET6, "::1", &server6.sin6_addr.s6_addr);
#endif
server6.sin6_port = htons( port );
if(connect(ossock, (struct sockaddr *)&server6, sizeof(server6)) == 0) {
rc = 1;
}
close(ossock);
return (rc);
}
static void try_to_access_ports()
{
int i;
for (i = 0; i <= 65535; i++) {
if (total_ports_tcp[i] && connect_to_port(IPPROTO_TCP, i)) {
char port_proto[64];
if (_ports_open == 0) {
snprintf(port_proto, 64, "\n %d (tcp),", i);
} else {
snprintf(port_proto, 64, "%d (tcp),", i);
}
strncat(open_ports_str, port_proto, open_ports_size);
open_ports_size -= strlen(port_proto) + 1;
_ports_open++;
}
if (total_ports_udp[i] && connect_to_port(IPPROTO_UDP, i)) {
char port_proto[64];
if (_ports_open == 0) {
snprintf(port_proto, 64, "\n %d (udp),", i);
} else {
snprintf(port_proto, 64, "%d (udp),", i);
}
strncat(open_ports_str, port_proto, open_ports_size);
open_ports_size -= strlen(port_proto) + 1;
_ports_open++;
}
if (_ports_open >= 4) {
_ports_open = 0;
}
}
}
#endif
void check_open_ports()
{
#ifndef OSSECHIDS
memset(open_ports_str, '\0', OS_SIZE_1024 + 1);
open_ports_size = OS_SIZE_1024 - 1;
_ports_open = 0;
snprintf(open_ports_str, OS_SIZE_1024, "The following ports are open:");
open_ports_size -= strlen(open_ports_str) + 1;
/* Testing All ports */
try_to_access_ports();
open_ports_str[strlen(open_ports_str) - 1] = '\0';
notify_rk(ALERT_OK, open_ports_str);
#endif
return;
}