Overview of telnet_func.inc

Public Function Summary

Public functions are intended to be called by the code that imports this library.

Name Summary
get_telnet_banner
get_telnet_port
set_telnet_banner
telnet_negotiate

Public Function Details

get_telnet_banner

Named Parameters

port

Code

function get_telnet_banner( port ) {

  local_var sb, banner, soc;

  if( ! port ) set_kb_item( name: "nvt_debug_empty/" + get_script_oid(), value:get_script_oid() + "#-#port#-#get_telnet_banner" );

  sb = "telnet/banner/" + port;
  banner = get_kb_item( sb );
  if( banner ) return( banner );

  soc = open_sock_tcp( port );
  if( ! soc ) return( 0 );
  banner = telnet_negotiate( socket:soc );
  close( soc );
  if( strlen( banner ) )
    replace_kb_item( name:sb, value:str_replace( find:raw_string(0), replace:'', string:banner ) );
  return( banner );
}


function telnet_negotiate( socket ) {

		
top

get_telnet_port

Named Parameters

default

Code

function get_telnet_port( default ) {

  local_var default, port;

  if( ! default ) set_kb_item( name: "nvt_debug_empty/" + get_script_oid(), value:get_script_oid() + "#-#default#-#get_telnet_port" );

  port = get_kb_item( "Services/telnet" );
  if( port ) default = port;

  if( ! get_port_state( default ) ) exit( 0 );

  return default;
}

		
top

set_telnet_banner

Named Parameters

banner
port

Code

function set_telnet_banner( port, banner ) {

  local_var sb;

  if( ! port ) set_kb_item( name: "nvt_debug_empty/" + get_script_oid(), value:get_script_oid() + "#-#port#-#set_telnet_banner" );
  if( ! banner ) set_kb_item( name: "nvt_debug_empty/" + get_script_oid(), value:get_script_oid() + "#-#banner#-#set_telnet_banner" );

  sb = "telnet/banner/" + port;
  replace_kb_item( name:sb, value:str_replace( find:raw_string(0), replace:'', string:banner ) );
}

function get_telnet_port( default ) {

		
top

telnet_negotiate

Named Parameters

socket

Code

function telnet_negotiate( socket ) {

  local_var opt, code, s, counter, counter2, buf, prev;

  if( ! socket ) set_kb_item( name: "nvt_debug_empty/" + get_script_oid(), value:get_script_oid() + "#-#socket#-#telnet_negotiate" );

  counter = 0;

  while( TRUE ) {
    s = recv( socket:socket, length:1, timeout:3 );
    if( ! strlen( s ) ) break;
    if( ord( s[0] ) != 0xff ) buf += s;
    else {
      counter++;
    s  = recv( socket:socket, length:2 );

    if( ord( s[0] ) == OPT_DO ) send( socket:socket, data:raw_string( 0xff, OPT_WONT ) + s[1] );
    if( ord( s[0] ) == OPT_WILL ) send( socket:socket, data:raw_string( 0xff, OPT_DONT ) + s[1] );
    if( ord( s[0] ) == OPT_SUBOPT ) {
      # The remote telnet server is autistic :/
      prev = recv(socket:socket, length:1);
      counter2 = 0;
      while( ord( prev ) != 0xff && ord( s[0] ) != OPT_ENDSUBOPT ) {
        prev = s;
        # No timeout - the answer is supposed to be cached
        s = recv( socket:socket, length:1, timeout:0 );
        if ( ! strlen( s ) ) return buf;
        counter2++;
	if( counter2 >= 100 ) return buf;
      }
    }
    # Not necessary and may introduce endless loops
    #if ( ord(s[0]) == OPT_DONT ) send( socket:socket, data:raw_string( 0xff, OPT_WONT ) + s[1] );
    #if ( ord(s[0]) == OPT_WONT ) send( socket:socket, data:raw_string( 0xff, OPT_DONT ) + s[1] );
    }
    if( counter >= 100 || strlen( buf ) >= 4096 ) break;
  }
  return buf;
}

function set_telnet_banner( port, banner ) {

		
top