parse nmap traceroute hostnames

cSploitClient/cache.c

@@ -123,7 +123,7 @@ int init_csploit_events_cache(JNIEnv *env) {
     { "org/csploit/android/events/ChildEnd", "(I)V" },
     { "org/csploit/android/events/ChildDied", "(I)V" },
     { "org/csploit/android/events/StderrNewline", "(Ljava/lang/String;)V" },
-    { "org/csploit/android/events/Hop", "(IJLjava/net/InetAddress;)V" },
+    { "org/csploit/android/events/Hop", "(IJLjava/net/InetAddress;Ljava/lang/String;)V" },
     { "org/csploit/android/events/Port", "(Ljava/lang/String;ILjava/lang/String;Ljava/lang/String;)V" },
     { "org/csploit/android/events/Os", "(SLjava/lang/String;Ljava/lang/String;)V" },
     { "org/csploit/android/events/Ready", "()V" },

cSploitClient/event.c

@@ -186,32 +186,48 @@ jobject inaddr_to_inetaddress(JNIEnv *env, in_addr_t a) {
 
 /**
  * @brief create an org.csploit.android.events.Hop
- * @param arg a pointer to an ::nmap_hop_info
+ * @param m a pointer to the received message
  * @returns the jobject on success, NULL on error.
  */
-jobject create_hop_event(JNIEnv *env, void *arg) {
+jobject create_hop_event(JNIEnv *env, message *m) {
   jobject addr, res;
+  jstring jname;
   struct nmap_hop_info *hop_info;
+  char *pos;
 
-  hop_info = (struct nmap_hop_info*)arg;
+  hop_info = (struct nmap_hop_info*) m->data;
+  jname = NULL;
+  res = NULL;
 
   addr = inaddr_to_inetaddress(env, hop_info->address);
 
   if(!addr)
     return NULL;
 
+  pos = string_array_next(m, hop_info->name, NULL);
+
+  if(pos) {
+    jname = (*env)->NewStringUTF(env, pos);
+    if(!jname) goto cleanup;
+  }
+
   res = (*env)->NewObject(env,
                           cache.csploit.events.hop.class,
                           cache.csploit.events.hop.ctor,
-                          hop_info->hop, (jlong)(hop_info->usec), addr);
-
-  (*env)->DeleteLocalRef(env, addr);
+                          hop_info->hop, (jlong)(hop_info->usec), addr, jname);
+                          
+  cleanup:
 
   if(!res && (*env)->ExceptionCheck(env)) {
     (*env)->ExceptionDescribe(env);
     (*env)->ExceptionClear(env);
   }
 
+  if(jname)
+    (*env)->DeleteLocalRef(env, jname);
+
+  (*env)->DeleteLocalRef(env, addr);
+
   return res;
 }
 

cSploitClient/event.h

@@ -27,7 +27,7 @@ jobject create_newline_event(JNIEnv *, void *);
 jobject create_child_end_event(JNIEnv *, void *);
 jobject create_child_died_event(JNIEnv *, int);
 jobject create_stderrnewline_event(JNIEnv *, void *);
-jobject create_hop_event(JNIEnv *, void *);
+jobject create_hop_event(JNIEnv *, message *);
 jobject create_port_event(JNIEnv *, void *);
 jobject create_os_event(JNIEnv *, void *);
 jobject create_ready_event(JNIEnv *, void *);

cSploitClient/notifier.c

@@ -78,7 +78,7 @@ int on_nmap(JNIEnv *env, child_node *c, message *m) {
 
   switch(m->data[0]) {
     case HOP:
-      event = create_hop_event(env, m->data);
+      event = create_hop_event(env, m);
       break;
     case PORT:
     case SERVICE:

cSploitHandlers/nmap.c

@@ -51,7 +51,7 @@ __attribute__((constructor))
 void nmap_init() {
   int ret;
 
-  if((ret = regcomp(&hop_pattern, "^([0-9]+) +(\\.\\.\\.|[0-9\\.]+ m?s) +(" IPv4_REGEX "|[0-9]+)", REG_EXTENDED | REG_ICASE))) {
+  if((ret = regcomp(&hop_pattern, "^([0-9]+) +(\\.\\.\\.|\\.\\.\\. [0-9]+|--|[0-9\\.]+ m?s) +(([^ ]+) +\\()?(" IPv4_REGEX ")", REG_EXTENDED | REG_ICASE))) {
     print( ERROR, "%s: regcomp(hop_pattern): %d", ret);
   }
   if((ret = regcomp(&port_pattern, "^Discovered open port ([0-9]+)/([a-z]+)", REG_EXTENDED | REG_ICASE))) {
@@ -78,13 +78,13 @@ void nmap_fini() {
  * @returns a ::message on success, NULL on error.
  */
 message *parse_nmap_hop(char *line) {
-  regmatch_t pmatch[4];
+  regmatch_t pmatch[6];
   struct nmap_hop_info *hop_info;
   unsigned long tousec;
   float time;
   message *m;
 
-  if(regexec(&hop_pattern, line, 4, pmatch, 0))
+  if(regexec(&hop_pattern, line, 6, pmatch, 0))
     return NULL;
 
   m = create_message(0, sizeof(struct nmap_hop_info), 0);
@@ -96,26 +96,28 @@ message *parse_nmap_hop(char *line) {
   // terminate single parts
   *(line + pmatch[1].rm_eo) = '\0';
   *(line + pmatch[2].rm_eo) = '\0';
-  *(line + pmatch[3].rm_eo) = '\0';
-
-  if(*(line + pmatch[2].rm_eo - 2) == 'm') { // millisconds
-    tousec = 1000;
-    *(line + pmatch[2].rm_eo - 3) = '\0';
-  } else if(*(line + pmatch[2].rm_eo - 1) == 's'){ // seconds
-    tousec = 1000000;
-    *(line + pmatch[2].rm_eo -2) = '\0';
-  } else { // ...
-    tousec = 0;
-  }
+  *(line + pmatch[5].rm_eo) = '\0';
 
   hop_info = (struct nmap_hop_info *) m->data;
   hop_info->nmap_action = HOP;
   hop_info->hop = atoi(line);
-  if(strncmp(line + pmatch[2].rm_so, "...", 3)) {
+
+  if(*(line + pmatch[2].rm_eo - 1) == 's') {
+    tousec = *(line + pmatch[2].rm_eo - 2) == 'm' ? 1000 : 1000000;
     sscanf(line + pmatch[2].rm_so, "%f", &(time));
     hop_info->usec = (uint32_t)(tousec * time);
   }
-  hop_info->address = inet_addr(line + pmatch[3].rm_so);
+
+  hop_info->address = inet_addr(line + pmatch[5].rm_so);
+
+  if(pmatch[4].rm_so != -1) {
+    *(line + pmatch[4].rm_eo) = '\0';
+    if(string_array_add(m, offsetof(struct nmap_hop_info, name), (line + pmatch[4].rm_so))) {
+      print( ERROR, "cannot add string to message");
+      free_message(m);
+      m = NULL;
+    }
+  }
 
   return m;
 }

cSploitHandlers/nmap.h

@@ -41,7 +41,8 @@ struct nmap_hop_info {
   uint16_t        hop;            ///< the hop number
   uint32_t        usec;           ///< useconds for reach this address
   in_addr_t       address;        ///< the address
-};
+  char            name[];         ///< hostname if any
+} __attribute__ ((__packed__));
 
 struct nmap_port_info {
   char            nmap_action;    ///< must be set to ::PORT