Merge remote-tracking branch 'zmap/main'

tumi8 · Jul 1, 2022 · 126877f · 126877f
2 parents 6676d65 + aa42aa8
commit 126877f
Show file tree

Hide file tree

Showing 113 changed files with 1,972 additions and 2,418 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,18 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+
+[*.{c,h}]
+indent_style = tab
+indent_size = 8
+
+[CMakeLists.txt]
+indent_style = spaces
+indent_size = 4
+
+[*.py]
+indent_style = spaces
+indent_size = 4
+
diff --git a/.github/workflows/cmake.yml b/.github/workflows/cmake.yml
@@ -0,0 +1,39 @@
+name: CMake
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+env:
+  ENABLE_DEVELOPMENT: ON
+  ENABLE_LOG_TRACE: ON
+
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    container:
+      image: zmap/builder:2021-07-31
+      volumes:
+        - ${{github.workspace}}:/zmap
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Make build directory
+        run: mkdir -p /zmap/build
+
+      - name: Configure CMake
+        working-directory: /zmap/build
+        # Configure CMake in a 'build' subdirectory.
+        run: cmake -DENABLE_DEVELOPMENT=${{env.ENABLE_DEVELOPMENT}} -DENABLE_LOG_TRACE=${{env.ENABLE_LOG_TRACE}} /zmap
+
+      - name: Build
+        working-directory: /zmap/build
+        # Build your program with the given configuration
+        run: make
+
+      - name: Check Manpages
+        working-directory: /zmap
+        run: python3 ./scripts/check_manfile.py
+
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -0,0 +1,57 @@
+name: Docker
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - v*
+env:
+  IMAGE_NAME: zmap
+
+jobs:
+  push:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v1
+      - uses: docker/setup-buildx-action@v1
+
+      - name: Generate Image Tag
+        id: image-tag
+        run: |
+          IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME
+
+          # Change all uppercase to lowercase
+          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
+
+          # Strip git ref prefix from version
+          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
+
+          # Strip "v" prefix from tag name
+          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
+
+          # Use Docker `latest` tag convention
+          [ "$VERSION" == "main" ] && VERSION=latest
+
+          echo IMAGE_ID=$IMAGE_ID
+          echo VERSION=$VERSION
+
+          echo "::set-output name=IMG_TAG::${IMAGE_ID}:${VERSION}"
+
+      - name: Log into GitHub Container Registry
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+
+      - name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          pull: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.image-tag.outputs.IMG_TAG }}
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,3 @@
-.*
 !.clang-format
 *.o
 *.a
@@ -18,7 +17,7 @@ src/topt.h
 src/ztopt.c
 src/ztopt.h
 src/*.ggo
-src/zblacklist
+src/zblocklist
 src/ztee
 src/ziterate
 lexer.c

diff --git a/.travis.yml b/.travis.yml
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -2,7 +2,6 @@ cmake_minimum_required(VERSION 2.8.12 FATAL_ERROR)
 project(ZMAP C)
 set(ZMAP_VERSION DEVELOPMENT) # Change DEVELOPMENT to version number for release
 
-option(WITH_REDIS "Build with support for Redis DB" OFF)
 option(ENABLE_DEVELOPMENT "Enable development specific compiler and linker flags" OFF)
 option(ENABLE_LOG_TRACE "Enable log trace messages" OFF)
 option(RESPECT_INSTALL_PREFIX_CONFIG "Respect CMAKE_INSTALL_PREFIX for /etc" OFF)
@@ -77,11 +76,6 @@ endif()
 string(REPLACE ";" " " JSON_CFLAGS "${JSON_CFLAGS}")
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${JSON_CFLAGS}")
 
-if(WITH_REDIS)
-    set(REDIS_LIBS hiredis)
-    add_definitions("-DREDIS")
-endif()
-
 if(WITH_PFRING)
     add_definitions("-DPFRING")
     set(PFRING_LIBRARIES pfring rt numa)
@@ -138,7 +132,7 @@ foreach(EACH_CONF ${CONF_FILES})
     if(NOT EXISTS "/etc/zmap/${CONF_BASENAME}")
         install(FILES ${EACH_CONF} DESTINATION ${CONFIG_DESTINATION})
     elseif(FORCE_CONF_INSTALL)
-        message(WARNING "FORCE_CONF_INSTALL will overwrite any exsiting configuration files")
+        message(WARNING "FORCE_CONF_INSTALL will overwrite any existing configuration files")
         install(FILES ${EACH_CONF} DESTINATION ${CONFIG_DESTINATION})
     else()
         message(WARNING "Existing configuration file detected at /etc/zmap/${CONF_BASENAME}, ${CONF_BASENAME} from sources will NOT be installed. Please check and install manually!")
@@ -152,7 +146,7 @@ set(CPACK_SET_DESTDIR "on")
 set(CPACK_PACKAGING_INSTALL_PREFIX "/tmp")
 set(CPACK_GENERATOR "DEB")
 
-set(${VERSION} CPACK_DEBIAN_PACKAGE_VERSION)
+set(CPACK_DEBIAN_PACKAGE_VERSION ${ZMAP_VERSION})
 set(CPACK_DEBIAN_PACKAGE_PRIORITY "optional")
 set(CPACK_DEBIAN_PACKAGE_SECTION "network")
 set(CPACK_DEBIAN_ARCHITECTURE ${CMAKE_SYSTEM_PROCESSOR})

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -11,7 +11,7 @@ from source.
 Developing
 ----------
 
-- ZMap code follows the [Linux kernel style guide][kernelguide]. We mantain [a
+- ZMap code follows the [Linux kernel style guide][kernelguide]. We maintain [a
   configuration file](/.clang-format) for `clang-format` that applies this
   style. You can use the [format.sh](/format.sh) script to apply this style.
 

diff --git a/Dockerfile b/Dockerfile
@@ -3,32 +3,63 @@
 #
 # To build, beware of caching and:
 #
-#   * If you wish to build current master
+#   * If you wish to build current main
 #
-#        docker build -t zmap_ubuntu -f Dockerfile .
+#        docker build -t zmap .
 #
-#   * If you wish to build a specific commit, use the ZMAP_COMMIT build argument.
+#   * If you wish to build a specific commit, git checkout to that specific commit before building
 #
-#        docker build -t zmap_ubuntu -f Dockerfile --build-arg ZMAP_COMMIT=<your commit> .
+# To run CI pre-built images, use:
 #
-# To run:
-#
-#     docker run  -it --rm --net=host zmap_ubuntu <zmap args>
+#     docker run -it --rm --net=host ghcr.io/zmap/zmap <zmap args>
 ####
 
-FROM ubuntu:16.04
+FROM ubuntu:20.04 as builder
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TZ=Etc/UTC
+
+RUN apt-get update \
+    && apt-get install -y \
+    build-essential \
+    cmake \
+    libgmp3-dev \
+    gengetopt \
+    libpcap-dev \
+    flex \
+    byacc \
+    libjson-c-dev \
+    pkg-config \
+    libunistring-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /usr/local/src
+
+COPY . .
+
+RUN cd /usr/local/src \
+    && mkdir -p /opt/zmap \
+    && cmake . -DRESPECT_INSTALL_PREFIX_CONFIG=ON  \
+    && cmake --build . --parallel "$(nproc)" \
+    && cmake --install . --prefix "/opt/zmap" 
+
+FROM ubuntu:20.04
+
+LABEL org.opencontainers.image.source="https://github.com/zmap/zmap"
+
+RUN apt-get update \
+    && apt-get install -y \
+    libpcap0.8 \
+    libjson-c4 \
+    libhiredis0.14 \
+    libgmp10 \
+    dumb-init \
+    && rm -rf /var/lib/apt/lists/*
 
-ARG ZMAP_COMMIT=master
-ENV ZMAP_COMMIT ${ZMAP_COMMIT}
+COPY --from=builder /opt/zmap /opt/zmap
 
-RUN apt-get -qq update && apt-get -qqy upgrade
-# install zmap build dependencies
-RUN apt-get -qqy install build-essential cmake libgmp3-dev gengetopt libpcap-dev flex byacc libjson-c-dev pkg-config libunistring-dev wget unzip
-# install zmap+Docker specific things, currently just dumb-init, which allows
-# us to more easily send signals to zmap, for example by allowing ctrl-c of
-# a running container and zmap will stop.
-RUN apt-get -qqy install python-dev python-pip
-RUN pip install dumb-init
-RUN wget -q https://github.com/zmap/zmap/archive/${ZMAP_COMMIT}.zip && unzip -q ${ZMAP_COMMIT}.zip && cd zmap-${ZMAP_COMMIT} && (cmake . && make -j4 && make install) 2>&1 > /dev/null
+ENV PATH="/opt/zmap/sbin:${PATH}"
 
-ENTRYPOINT ["dumb-init", "/usr/local/sbin/zmap"]
+# dumb-init allows us to more easily send signals to zmap,
+# for example by allowing ctrl-c of a running container and zmap will stop.
+ENTRYPOINT ["dumb-init", "/opt/zmap/sbin/zmap"]
diff --git a/INSTALL.md b/INSTALL.md
@@ -28,10 +28,6 @@ ZMap has the following dependencies:
   - [libunistring](https://www.gnu.org/software/libunistring/) - Unicode string library for C
   - [libdnet](https://github.com/dugsong/libdnet) - (macOS Only) Gateway and route detection
 
-In addition, the following optional packages enable optional ZMap functionality:
-
-  - [hiredis](https://github.com/redis/hiredis) - RedisDB support in C
-
 Install the required dependencies with the following commands.
 
 * On Debian-based systems (including Ubuntu):
@@ -49,6 +45,12 @@ Install the required dependencies with the following commands.
   brew install pkg-config cmake gmp gengetopt json-c byacc libdnet libunistring
   ```
 
+* To launch a shell inside a Docker container with the build dependencies
+  mounted at `/src`:
+  ```sh
+  docker run -it -v $(pwd):/src zmap/builder
+  ```
+
 ### Building and Installing ZMap
 
 Once these prerequisites are installed, ZMap can be compiled by running:
@@ -67,11 +69,6 @@ Release builds should be built with `-DENABLE_DEVELOPMENT=OFF`.
 - Enabling `log_trace` can have a major performance impact and should not be used
 except during early development. Release builds should be built with `-DENABLE_LOG_TRACE=OFF`.
 
-- Redis support is not enabled by default. If you want to use ZMap with Redis,
-you will first need to install hiredis. Then run cmake with `-DWITH_REDIS=ON`.
-Debian/Ubuntu has packaged hiredis as `libhiredis-dev`; Fedora and RHEL/CentOS
-have packaged it as `hiredis-devel`.
-
 - Building packages for some systems like Fedora and RHEL requires a user-definable
 directory (buildroot) to put files. The way to respect this prefix is to run cmake
 with `-DRESPECT_INSTALL_PREFIX_CONFIG=ON`.

diff --git a/README.md b/README.md
@@ -1,7 +1,7 @@
 ZMap: The Internet Scanner
 ==========================
 
-[![Build Status](https://travis-ci.org/zmap/zmap.svg?branch=travis-configuration)](https://travis-ci.org/zmap/zmap)
+![Build Status](https://github.com/zmap/zmap/actions/workflows/cmake.yml/badge.svg)
 
 ZMap is a fast single packet network scanner designed for Internet-wide network
 surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap
@@ -13,14 +13,15 @@ ZMap operates on GNU/Linux, Mac OS, and BSD. ZMap currently has fully implemente
 probe modules for TCP SYN scans, ICMP, DNS queries, UPnP, BACNET, and can send a
 large number of [UDP probes](https://github.com/zmap/zmap/blob/master/examples/udp-probes/README).
 If you are looking to do more involved scans, e.g.,
-banner grab or TLS handshake, take a look at [ZGrab](https://github.com/zmap/zgrab),
+banner grab or TLS handshake, take a look at [ZGrab 2](https://github.com/zmap/zgrab2),
 ZMap's sister project that performs stateful application-layer handshakes.
 
 Installation
 ------------
 
 The latest stable release of ZMap is version 2.1.1 and supports Linux, macOS, and
-BSD. We recommend installing ZMap from HEAD rather than using a distro package manager.
+BSD. However, the release was tagged in 2015, and since then quite a bit has changed. Accordingly,
+_we strongly encourage researchers to use [ZMap 3.0.0 Beta 1](https://github.com/zmap/zmap/releases/tag/v3.0.0-beta1)._
 
 **Instructions on building ZMap from source** can be found in [INSTALL](INSTALL.md).
 

diff --git a/containers/build-push-builder.sh b/containers/build-push-builder.sh
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+ZMAP_CONTAINER_TAG=${ZMAP_CONTAINER_TAG:-'latest'}
+docker build -f builder.dockerfile -t zmap/builder:$ZMAP_CONTAINER_TAG .
+docker push zmap/builder:$ZMAP_CONTAINER_TAG
diff --git a/containers/builder.dockerfile b/containers/builder.dockerfile
@@ -0,0 +1,16 @@
+FROM ubuntu:20.04
+
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update -y --quiet
+RUN apt-get install -y -qq \
+    build-essential \
+    byacc \
+    cmake \
+    flex \
+    gengetopt \
+    libgmp3-dev \
+    libjson-c-dev \
+    libpcap-dev \
+    libunistring-dev \
+    pkg-config \
+    python3
diff --git a/...probe_modules/module_tcp_cisco_backdoor.c → ...probe-modules/module_tcp_cisco_backdoor.c b/...probe_modules/module_tcp_cisco_backdoor.c → ...probe-modules/module_tcp_cisco_backdoor.c
diff --git a/examples/udp-probes/README b/examples/udp-probes/README
@@ -28,8 +28,8 @@ memcache_11211.pkt      This probe triggers a response from memcached on UDP por
 mssql_1434.pkt          This probe triggers a response from Microsoft SQL Server discovery services on UDP port 1434
 natpmp_5351.pkt         This probe triggers a response from NATPMP-enabled devices on UDP port 5351
 netbios_137.pkt         This probe triggers a status reply from NetBIOS services on UDP port 137
-ntp_123.pkt             This probe triggers a response from NTP servies on UDP port 123
-ntp_123_monlist.pkt     This probe triggers a response for command "monlist" from NTP servies on UDP port 123
+ntp_123.pkt             This probe triggers a response from NTP services on UDP port 123
+ntp_123_monlist.pkt     This probe triggers a response for command "monlist" from NTP services on UDP port 123
 pca_nq_5632.pkt         This probe triggers a response from PC Anywhere services on UDP port 5632 (network query)
 pca_st_5632.pkt         This probe triggers a response from PC Anywhere services on UDP port 5632 (status)
 portmap_111.pkt         This probe triggers a response from SunRPC portmapper services on UDP port 111

diff --git a/examples/udp-probes/ard_3283.pkt b/examples/udp-probes/ard_3283.pkt
diff --git a/examples/udp-probes/bacnet_47808.pkt b/examples/udp-probes/bacnet_47808.pkt
diff --git a/examples/udp-probes/db2_523.pkt b/examples/udp-probes/db2_523.pkt
diff --git a/examples/udp-probes/nat_port_mapping_5351.pkt b/examples/udp-probes/nat_port_mapping_5351.pkt
diff --git a/examples/udp-probes/netis_53413.pkt b/examples/udp-probes/netis_53413.pkt
diff --git a/examples/udp-probes/openvpn_1194.pkt b/examples/udp-probes/openvpn_1194.pkt
diff --git a/examples/udp-probes/pcanywhere_5632.pkt b/examples/udp-probes/pcanywhere_5632.pkt
diff --git a/examples/udp-probes/portmap_111.pkt b/examples/udp-probes/portmap_111.pkt
diff --git a/examples/udp-probes/rdp_3389.pkt b/examples/udp-probes/rdp_3389.pkt
diff --git a/examples/udp-probes/ubiquiti_10001.pkt b/examples/udp-probes/ubiquiti_10001.pkt
diff --git a/examples/udp-probes/valve_27015.pkt b/examples/udp-probes/valve_27015.pkt