OpenVAS Scanner 21.4.1
Data Structures | Macros | Functions | Variables
attack.c File Reference

Launches the plugins, and manages multithreading. More...

#include "attack.h"
#include "../misc/network.h"
#include "../misc/nvt_categories.h"
#include "../misc/pcap_openvas.h"
#include "../nasl/nasl_debug.h"
#include "hosts.h"
#include "pluginlaunch.h"
#include "pluginload.h"
#include "pluginscheduler.h"
#include "plugs_req.h"
#include "processes.h"
#include "sighand.h"
#include "utils.h"
#include <arpa/inet.h>
#include <errno.h>
#include <fcntl.h>
#include <glib.h>
#include <gvm/base/hosts.h>
#include <gvm/base/networking.h>
#include <gvm/base/prefs.h>
#include <gvm/base/proctitle.h>
#include <gvm/boreas/alivedetection.h>
#include <gvm/boreas/boreas_io.h>
#include <gvm/util/nvticache.h>
#include <pthread.h>
#include <stdlib.h>
#include <string.h>
#include <sys/wait.h>
#include <unistd.h>

Data Structures

struct  attack_start_args
 

Macros

#define ERR_HOST_DEAD   -1
 
#define ERR_CANT_FORK   -2
 
#define MAX_FORK_RETRIES   10
 
#define KB_RETRY_DELAY   3 /*In sec*/
 
#define PROGRESS_BAR_STYLE   1
 
#define INVALID_TARGET_LIST   "-1"
 
#define G_LOG_DOMAIN   "sd main"
 GLib log domain. More...
 

Functions

static int connect_main_kb (kb_t *main_kb)
 Connect to the main kb. Must be released with kb_lnk_reset() after use. More...
 
static void set_kb_readable (int host_kb_index)
 Add the Host KB index to the list of readable KBs used by ospd-openvas. More...
 
static void set_scan_status (char *status)
 Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly. More...
 
static int comm_send_status (kb_t main_kb, char *hostname, int curr, int max)
 Sends the status of a host's scan. More...
 
static void message_to_client (kb_t kb, const char *msg, const char *ip_str, const char *port, const char *type)
 
static void report_kb_failure (int errcode)
 
static void fork_sleep (int n)
 
static void scan_stop_cleanup (void)
 
static int scan_is_stopped (void)
 
static int nvti_category_is_safe (int category)
 Checks that an NVT category is safe. More...
 
static int get_check_new_vhosts_flag (void)
 Return check_new_vhosts_flag. After reading must be clean with unset_check_new_vhosts_flag(), to avoid fetching unnecessarily. More...
 
static void set_check_new_vhosts_flag ()
 Set global check_new_vhosts_flag to indicate that new vhosts must be fetched. More...
 
static void unset_check_new_vhosts_flag (void)
 Unset global check_new_vhosts_flag. Must be called once the vhosts have been fetched. More...
 
static void check_new_vhosts (void)
 Check if a plugin process pushed a new vhost value. More...
 
static int launch_plugin (struct scan_globals *globals, struct scheduler_plugin *plugin, struct in6_addr *ip, GSList *vhosts, kb_t kb, kb_t main_kb)
 Launches a nvt. Respects safe check preference (i.e. does not try. More...
 
static void attack_host (struct scan_globals *globals, struct in6_addr *ip, GSList *vhosts, plugins_scheduler_t sched, kb_t kb, kb_t main_kb)
 Attack one host. More...
 
static int host_authorized (const gvm_host_t *host, const struct in6_addr *addr, const gvm_hosts_t *hosts_allow, const gvm_hosts_t *hosts_deny)
 
static char * vhosts_to_str (GSList *list)
 
static void check_deprecated_prefs ()
 Check if any deprecated prefs are in pref table and print warning. More...
 
static int check_host_authorization (gvm_host_t *host, const struct in6_addr *addr)
 
static void attack_start (struct attack_start_args *args)
 Set up some data and jump into attack_host() More...
 
static void apply_hosts_excluded (gvm_hosts_t *hosts)
 
static void apply_hosts_preferences_ordering (gvm_hosts_t *hosts)
 
static void apply_hosts_reverse_lookup_preferences (gvm_hosts_t *hosts)
 
static int str_in_comma_list (const char *str, const char *comma_list)
 
static int iface_authorized (const char *iface)
 
static int apply_source_iface_preference (void)
 
static int check_kb_access (void)
 
static void set_alive_detection_tid (pthread_t tid)
 
static pthread_t get_alive_detection_tid ()
 
static gboolean ad_thread_joined (gboolean joined)
 Set and get if alive detection thread was already joined by main thread. More...
 
static void handle_scan_stop_signal ()
 
void attack_network (struct scan_globals *globals)
 Attack a whole network. More...
 

Variables

int global_scan_stop = 0
 
static kb_t host_kb = NULL
 
static GSList * host_vhosts = NULL
 
static int check_new_vhosts_flag = 0
 
static pthread_t alive_detection_tid
 

Detailed Description

Launches the plugins, and manages multithreading.

Macro Definition Documentation

◆ ERR_CANT_FORK

#define ERR_CANT_FORK   -2

◆ ERR_HOST_DEAD

#define ERR_HOST_DEAD   -1

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "sd main"

GLib log domain.

◆ INVALID_TARGET_LIST

#define INVALID_TARGET_LIST   "-1"

Define value to be sent to the client for invalid target list.

◆ KB_RETRY_DELAY

#define KB_RETRY_DELAY   3 /*In sec*/

Wait KB_RETRY_DELAY seconds until trying again to get a new kb.

◆ MAX_FORK_RETRIES

#define MAX_FORK_RETRIES   10

◆ PROGRESS_BAR_STYLE

#define PROGRESS_BAR_STYLE   1

It switches progress bar styles. If set to 1, time oriented style and it take into account only alive host. If set to 0, it not reflect progress adequately in case of dead host, which will take into account with 0% processed, producing jumps in the process bar.

Function Documentation

◆ ad_thread_joined()

static gboolean ad_thread_joined ( gboolean  joined)
static

Set and get if alive detection thread was already joined by main thread.

The status can only be set to TRUE once in the lifetime of the program and retrieved as often as needed. After it is set to TRUE it can not be unset.

Parameters
joinedTRUE to set status to joined and FALSE to retrieve status of join.
Returns
Returns true if thread was already joined.

◆ apply_hosts_excluded()

static void apply_hosts_excluded ( gvm_hosts_t *  hosts)
static

◆ apply_hosts_preferences_ordering()

static void apply_hosts_preferences_ordering ( gvm_hosts_t *  hosts)
static

◆ apply_hosts_reverse_lookup_preferences()

static void apply_hosts_reverse_lookup_preferences ( gvm_hosts_t *  hosts)
static

◆ apply_source_iface_preference()

static int apply_source_iface_preference ( void  )
static

◆ attack_host()

static void attack_host ( struct scan_globals globals,
struct in6_addr *  ip,
GSList *  vhosts,
plugins_scheduler_t  sched,
kb_t  kb,
kb_t  main_kb 
)
static

Attack one host.

◆ attack_network()

void attack_network ( struct scan_globals globals)

Attack a whole network.

◆ attack_start()

static void attack_start ( struct attack_start_args args)
static

Set up some data and jump into attack_host()

◆ check_deprecated_prefs()

static void check_deprecated_prefs ( )
static

Check if any deprecated prefs are in pref table and print warning.

◆ check_host_authorization()

static int check_host_authorization ( gvm_host_t *  host,
const struct in6_addr *  addr 
)
static

◆ check_kb_access()

static int check_kb_access ( void  )
static

◆ check_new_vhosts()

static void check_new_vhosts ( void  )
static

Check if a plugin process pushed a new vhost value.

Parameters
kbHost scan KB.
vhostsList of vhosts to add new vhosts to.
Returns
New vhosts list.

◆ comm_send_status()

static int comm_send_status ( kb_t  main_kb,
char *  hostname,
int  curr,
int  max 
)
static

Sends the status of a host's scan.

◆ connect_main_kb()

static int connect_main_kb ( kb_t *  main_kb)
static

Connect to the main kb. Must be released with kb_lnk_reset() after use.

Parameters
[out]main_kbThe connection to the kb.
Returns
0 on success, -1 on failure.

◆ fork_sleep()

static void fork_sleep ( int  n)
static

◆ get_alive_detection_tid()

static pthread_t get_alive_detection_tid ( )
static

◆ get_check_new_vhosts_flag()

static int get_check_new_vhosts_flag ( void  )
static

Return check_new_vhosts_flag. After reading must be clean with unset_check_new_vhosts_flag(), to avoid fetching unnecessarily.

Returns
1 means new vhosts must be fetched. 0 nothing to do.

◆ handle_scan_stop_signal()

static void handle_scan_stop_signal ( )
static

◆ host_authorized()

static int host_authorized ( const gvm_host_t *  host,
const struct in6_addr *  addr,
const gvm_hosts_t *  hosts_allow,
const gvm_hosts_t *  hosts_deny 
)
static

◆ iface_authorized()

static int iface_authorized ( const char *  iface)
static

◆ launch_plugin()

static int launch_plugin ( struct scan_globals globals,
struct scheduler_plugin plugin,
struct in6_addr *  ip,
GSList *  vhosts,
kb_t  kb,
kb_t  main_kb 
)
static

Launches a nvt. Respects safe check preference (i.e. does not try.

destructive nvt if save_checks is yes).

Does not launch a plugin twice if !save_kb_replay.

Returns
ERR_HOST_DEAD if host died, ERR_CANT_FORK if forking failed, 0 otherwise.

◆ message_to_client()

static void message_to_client ( kb_t  kb,
const char *  msg,
const char *  ip_str,
const char *  port,
const char *  type 
)
static

◆ nvti_category_is_safe()

static int nvti_category_is_safe ( int  category)
static

Checks that an NVT category is safe.

Parameters
categoryCategory to check.
Returns
0 if category is unsafe, 1 otherwise.

◆ report_kb_failure()

static void report_kb_failure ( int  errcode)
static

◆ scan_is_stopped()

static int scan_is_stopped ( void  )
static

◆ scan_stop_cleanup()

static void scan_stop_cleanup ( void  )
static

◆ set_alive_detection_tid()

static void set_alive_detection_tid ( pthread_t  tid)
static

◆ set_check_new_vhosts_flag()

static void set_check_new_vhosts_flag ( )
static

Set global check_new_vhosts_flag to indicate that new vhosts must be fetched.

◆ set_kb_readable()

static void set_kb_readable ( int  host_kb_index)
static

Add the Host KB index to the list of readable KBs used by ospd-openvas.

◆ set_scan_status()

static void set_scan_status ( char *  status)
static

Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly.

Parameters
[in]statusStatus to set.

◆ str_in_comma_list()

static int str_in_comma_list ( const char *  str,
const char *  comma_list 
)
static

◆ unset_check_new_vhosts_flag()

static void unset_check_new_vhosts_flag ( void  )
static

Unset global check_new_vhosts_flag. Must be called once the vhosts have been fetched.

◆ vhosts_to_str()

static char * vhosts_to_str ( GSList *  list)
static

Variable Documentation

◆ alive_detection_tid

pthread_t alive_detection_tid
static

◆ check_new_vhosts_flag

int check_new_vhosts_flag = 0
static

◆ global_scan_stop

int global_scan_stop = 0

◆ host_kb

kb_t host_kb = NULL
static

◆ host_vhosts

GSList* host_vhosts = NULL
static