OpenVAS Scanner 23.23.1
attack.c File Reference

Launches the plugins, and manages multithreading. More...

#include "attack.h"
#include "../misc/ipc_openvas.h"
#include "../misc/kb_cache.h"
#include "../misc/network.h"
#include "../misc/nvt_categories.h"
#include "../misc/pcap_openvas.h"
#include "../misc/plugutils.h"
#include "../misc/table_driven_lsc.h"
#include "../misc/user_agent.h"
#include "../nasl/nasl_debug.h"
#include "hosts.h"
#include "pluginlaunch.h"
#include "pluginload.h"
#include "pluginscheduler.h"
#include "plugs_req.h"
#include "processes.h"
#include "sighand.h"
#include "utils.h"
#include <arpa/inet.h>
#include <bsd/unistd.h>
#include <errno.h>
#include <fcntl.h>
#include <glib.h>
#include <gvm/base/hosts.h>
#include <gvm/base/networking.h>
#include <gvm/base/prefs.h>
#include <gvm/boreas/alivedetection.h>
#include <gvm/boreas/boreas_io.h>
#include <gvm/util/mqtt.h>
#include <gvm/util/nvticache.h>
#include <pthread.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <sys/wait.h>
#include <unistd.h>

Go to the source code of this file.

Data Structures

struct  attack_start_args

Macros

#define ERR_HOST_DEAD   -1
#define MAX_FORK_RETRIES   10
#define KB_RETRY_DELAY   3 /*In sec*/
#define INVALID_TARGET_LIST   "-1"
#define G_LOG_DOMAIN   "sd main"
 GLib log domain.

Functions

static int connect_main_kb (kb_t *main_kb)
 Connect to the main kb. Must be released with kb_lnk_reset() after use.
static void set_kb_readable (int host_kb_index)
 Add the Host KB index to the list of readable KBs used by ospd-openvas.
static void set_scan_status (char *status)
 Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly.
static int comm_send_status_host_dead (kb_t main_kb, char *ip_str)
 Send status to the client that the host is dead.
static int comm_send_status (kb_t main_kb, char *ip_str, int curr, int max)
 Sends the progress status of of a host's scan.
static void message_to_client (kb_t kb, const char *msg, const char *ip_str, const char *port, const char *type)
static void report_kb_failure (int errcode)
static void fork_sleep (int n)
static void scan_stop_cleanup (void)
static int scan_is_stopped (void)
static int nvti_category_is_safe (int category)
 Checks that an NVT category is safe.
static void append_vhost (const char *vhost, const char *source)
static void call_lsc (struct attack_start_args *args, const char *ip_str)
static int process_ipc_data (struct attack_start_args *args, const gchar *result)
static int read_ipc (struct attack_start_args *args, struct ipc_context *ctx)
static int launch_plugin (struct scan_globals *globals, struct scheduler_plugin *plugin, struct in6_addr *ip, GSList *vhosts, struct attack_start_args *args)
 Launches a nvt. Respects safe check preference (i.e. does not try.
static void attack_host (struct scan_globals *globals, struct in6_addr *ip, struct attack_start_args *args)
 Attack one host.
static char * vhosts_to_str (GSList *list)
static void check_deprecated_prefs (void)
 Check if any deprecated prefs are in pref table and print warning.
static int host_authorized (const gvm_host_t *host, const struct in6_addr *addr, const gvm_hosts_t *hosts_allow, const gvm_hosts_t *hosts_deny)
static int check_host_authorization (gvm_host_t *host, const struct in6_addr *addr)
static void attack_start (struct ipc_context *ipcc, struct attack_start_args *args)
 Set up some data and jump into attack_host()
static int apply_hosts_excluded (gvm_hosts_t *hosts)
static void apply_hosts_preferences_ordering (gvm_hosts_t *hosts)
static int apply_hosts_reverse_lookup_preferences (gvm_hosts_t *hosts)
static int check_kb_access (void)
static void set_alive_detection_tid (pthread_t tid)
static pthread_t get_alive_detection_tid ()
static gboolean ad_thread_joined (gboolean joined)
 Set and get if alive detection thread was already joined by main thread.
static void handle_scan_stop_signal ()
int attack_network (struct scan_globals *globals)
 Attack a whole network. return 0 on successes, -1 if there was a critical error.

Variables

int global_scan_stop = 0
static kb_t host_kb = NULL
static GSList * host_vhosts = NULL
static pthread_t alive_detection_tid

Detailed Description

Launches the plugins, and manages multithreading.

Macro Definition Documentation

◆ ERR_HOST_DEAD

#define ERR_HOST_DEAD   -1

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "sd main"

GLib log domain.

◆ INVALID_TARGET_LIST

#define INVALID_TARGET_LIST   "-1"

Define value to be sent to the client for invalid target list.

◆ KB_RETRY_DELAY

#define KB_RETRY_DELAY   3 /*In sec*/

Wait KB_RETRY_DELAY seconds until trying again to get a new kb.

◆ MAX_FORK_RETRIES

#define MAX_FORK_RETRIES   10

Function Documentation

◆ ad_thread_joined()

gboolean ad_thread_joined ( gboolean joined)
static

Set and get if alive detection thread was already joined by main thread.

The status can only be set to TRUE once in the lifetime of the program and retrieved as often as needed. After it is set to TRUE it can not be unset.

Parameters
joinedTRUE to set status to joined and FALSE to retrieve status of join.
Returns
Returns true if thread was already joined.

◆ append_vhost()

void append_vhost ( const char * vhost,
const char * source )
static

◆ apply_hosts_excluded()

int apply_hosts_excluded ( gvm_hosts_t * hosts)
static

◆ apply_hosts_preferences_ordering()

void apply_hosts_preferences_ordering ( gvm_hosts_t * hosts)
static

◆ apply_hosts_reverse_lookup_preferences()

int apply_hosts_reverse_lookup_preferences ( gvm_hosts_t * hosts)
static

◆ attack_host()

void attack_host ( struct scan_globals * globals,
struct in6_addr * ip,
struct attack_start_args * args )
static

Attack one host.

◆ attack_network()

int attack_network ( struct scan_globals * globals)

Attack a whole network. return 0 on successes, -1 if there was a critical error.

◆ attack_start()

void attack_start ( struct ipc_context * ipcc,
struct attack_start_args * args )
static

Set up some data and jump into attack_host()

◆ call_lsc()

void call_lsc ( struct attack_start_args * args,
const char * ip_str )
static

◆ check_deprecated_prefs()

void check_deprecated_prefs ( void )
static

Check if any deprecated prefs are in pref table and print warning.

◆ check_host_authorization()

int check_host_authorization ( gvm_host_t * host,
const struct in6_addr * addr )
static

◆ check_kb_access()

int check_kb_access ( void )
static

◆ comm_send_status()

int comm_send_status ( kb_t main_kb,
char * ip_str,
int curr,
int max )
static

Sends the progress status of of a host's scan.

Status format "current_host/launched/total". Current host is the ip_str of the current host which is vulnerability tested. Launched is the number of plguins(VTs) which got already started. Total is the total number of plugins which will be started for the current host.

Parameters
main_kbKb to use.
ip_strstr representation of host ip
currCurrently launched plugins (VTs) for the host
maxMaximum number of plugins which will be launched for the host
Returns
0 on success, -1 on error.

◆ comm_send_status_host_dead()

int comm_send_status_host_dead ( kb_t main_kb,
char * ip_str )
static

Send status to the client that the host is dead.

Originally the progress status is of the format "current_host/launched/total". Current host is the ip_str of the current host which is vulnerability tested. Launched is the number of plguins(VTs) which got already started. Total is the total number of plugins which will be started for the current host. But here we use the format "current_host/0/-1" for implicit singalling that the host is dead.

Parameters
main_kbKb to use
ip_strstr representation of host ip
Returns
0 on success, -1 on failure.

◆ connect_main_kb()

int connect_main_kb ( kb_t * main_kb)
static

Connect to the main kb. Must be released with kb_lnk_reset() after use.

Parameters
[out]main_kbThe connection to the kb.
Returns
0 on success, -1 on failure.

◆ fork_sleep()

void fork_sleep ( int n)
static

◆ get_alive_detection_tid()

pthread_t get_alive_detection_tid ( )
static

◆ handle_scan_stop_signal()

void handle_scan_stop_signal ( )
static

◆ host_authorized()

int host_authorized ( const gvm_host_t * host,
const struct in6_addr * addr,
const gvm_hosts_t * hosts_allow,
const gvm_hosts_t * hosts_deny )
static

◆ launch_plugin()

int launch_plugin ( struct scan_globals * globals,
struct scheduler_plugin * plugin,
struct in6_addr * ip,
GSList * vhosts,
struct attack_start_args * args )
static

Launches a nvt. Respects safe check preference (i.e. does not try.

destructive nvt if save_checks is yes).

Does not launch a plugin twice if !save_kb_replay.

Returns
ERR_HOST_DEAD if host died, ERR_CANT_FORK if forking failed, ERR_NO_FREE_SLOT if the process table is full, 0 otherwise.

◆ message_to_client()

void message_to_client ( kb_t kb,
const char * msg,
const char * ip_str,
const char * port,
const char * type )
static

◆ nvti_category_is_safe()

int nvti_category_is_safe ( int category)
static

Checks that an NVT category is safe.

Parameters
categoryCategory to check.
Returns
0 if category is unsafe, 1 otherwise.

◆ process_ipc_data()

int process_ipc_data ( struct attack_start_args * args,
const gchar * result )
static

◆ read_ipc()

int read_ipc ( struct attack_start_args * args,
struct ipc_context * ctx )
static

◆ report_kb_failure()

void report_kb_failure ( int errcode)
static

◆ scan_is_stopped()

int scan_is_stopped ( void )
static

◆ scan_stop_cleanup()

void scan_stop_cleanup ( void )
static

◆ set_alive_detection_tid()

void set_alive_detection_tid ( pthread_t tid)
static

◆ set_kb_readable()

void set_kb_readable ( int host_kb_index)
static

Add the Host KB index to the list of readable KBs used by ospd-openvas.

Parameters
host_kb_indexThe Kb index used for the host, to be stored in a list key in the main_kb.

◆ set_scan_status()

void set_scan_status ( char * status)
static

Set scan status. This helps ospd-openvas to identify if a scan crashed or finished cleanly.

Parameters
[in]statusStatus to set.

◆ vhosts_to_str()

char * vhosts_to_str ( GSList * list)
static

Variable Documentation

◆ alive_detection_tid

pthread_t alive_detection_tid
static

◆ global_scan_stop

int global_scan_stop = 0

◆ host_kb

kb_t host_kb = NULL
static

◆ host_vhosts

GSList* host_vhosts = NULL
static