From ab5d8a35c1c111f64137f76939c68365cf4d22fb Mon Sep 17 00:00:00 2001
From: "Steinar H. Gunderson" <sgunderson@bigfoot.com>
Date: Thu, 18 Apr 2019 17:25:55 +0200
Subject: [PATCH] Import nbtscanner 0.1.1.

---
 Makefile          |  4 ++--
 configfile.c      | 32 +++++++++++++++++++++-----------
 configfile.h      | 18 +++++++++++++++---
 init.sql          |  7 ++++---
 mysql_interface.c | 16 ++++++++++++----
 nbtscanner.c      | 21 ++++++++++++---------
 nbtscanner.conf   | 24 ++++++++++++++++++++----
 7 files changed, 86 insertions(+), 36 deletions(-)

diff --git a/Makefile b/Makefile
index 4d7b6a1..b3031fd 100644
--- a/Makefile
+++ b/Makefile
@@ -2,9 +2,9 @@
 
 # note that mysql_config is braindamaged ;-)
 CC=gcc
-CFLAGS=-g -Wall "`mysql_config --cflags | tr -d \'`"
+CFLAGS=-g -Wall -I/usr/include/mysql/
 
-LIBS=`mysql_config --libs | tr -d \'`	# '`
+LIBS=-L/usr/local/lib/mysql -lmysqlclient -lnsl -lm   -lz -lcrypt
 LDFLAGS=-lefence
 
 #
diff --git a/configfile.c b/configfile.c
index 3b15403..0faf1e5 100644
--- a/configfile.c
+++ b/configfile.c
@@ -38,12 +38,19 @@ int retry_time;
 int delay_time;
 int verbosity;
 
+int scan_interval;
+int scan_wait;
+
+struct in_addr scanrange[NUM_RANGES];
+int scanrangesize[NUM_RANGES];
+int ranges;
+
 int use_mysql;
 char mysql_host[64];
 char mysql_username[32];
 char mysql_password[32];
 
-void parse_configfile(int do_scan)
+void parse_configfile()
 {
 	FILE *configfile = fopen("nbtscanner.conf", "r");
 	int lineno = 0;
@@ -59,6 +66,8 @@ void parse_configfile(int do_scan)
 	delay_time = 100;
 	verbosity = 2;
 
+	ranges = 0;
+
 	use_mysql = 0;
 	strcpy(mysql_host, "no_host_given");
 	strcpy(mysql_username, "no_username_given");
@@ -83,13 +92,13 @@ void parse_configfile(int do_scan)
 			continue;
 		}
 		
-		parse_line(buf, lineno, do_scan);
+		parse_line(buf, lineno);
 	}
 
 	fclose(configfile);
 }
 
-void parse_line(char *buf, int lineno, int do_scan)
+void parse_line(char *buf, int lineno)
 {
 	char *ptr = strchr(buf, '=');
 
@@ -126,10 +135,10 @@ void parse_line(char *buf, int lineno, int do_scan)
 	}
 
 	/* finally pass it on to the keyword checker */
-	parse_keyword(buf, ptr, lineno, do_scan);
+	parse_keyword(buf, ptr, lineno);
 }
 
-void parse_keyword(char *keyword, char *value, int lineno, int do_scan)
+void parse_keyword(char *keyword, char *value, int lineno)
 {
 	if (strcasecmp(keyword, "num_retries") == 0) {
 		parse_int(value, &num_retries, lineno);
@@ -139,6 +148,10 @@ void parse_keyword(char *keyword, char *value, int lineno, int do_scan)
 		parse_int(value, &delay_time, lineno);
 	} else if (strcasecmp(keyword, "verbosity") == 0) {
 		parse_int(value, &verbosity, lineno);
+	} else if (strcasecmp(keyword, "scan_interval") == 0) {
+		parse_int(value, &scan_interval, lineno);
+	} else if (strcasecmp(keyword, "scan_wait") == 0) {
+		parse_int(value, &scan_wait, lineno);
 	} else if (strcasecmp(keyword, "use_mysql") == 0) {
 		parse_int(value, &use_mysql, lineno);
 	} else if (strcasecmp(keyword, "mysql_host") == 0) {
@@ -148,11 +161,7 @@ void parse_keyword(char *keyword, char *value, int lineno, int do_scan)
 	} else if (strcasecmp(keyword, "mysql_password") == 0) {
 		strcpy(mysql_password, value);
 	} else if (strcasecmp(keyword, "range") == 0) {
-	        /* really ugly to have here */
-	        if (use_mysql) {
-	                init_mysql(mysql_host, mysql_username, mysql_password);
-	        }
-		if (do_scan) parse_range(value, lineno);
+		parse_range(value, lineno);
 	} else {
 		char buf[1024];
 		sprintf(buf, "Unknown keyword `%s'", keyword);
@@ -245,7 +254,8 @@ void parse_range(char *string, int lineno)
 		}
 	}
 
-	scan_range(in, rangesize);
+	memcpy((char *)(&(scanrange[ranges])), (char *)(&in), sizeof(in));
+	scanrangesize[ranges++] = rangesize;
 }
 
 void line_error(int lineno, char *err_str)
diff --git a/configfile.h b/configfile.h
index 767d4be..759656f 100644
--- a/configfile.h
+++ b/configfile.h
@@ -25,19 +25,31 @@
 #ifndef _CONFIGFILE_H
 #define _CONFIGFILE_H 1
 
+#include <netinet/in.h>
+
+/* plenty */
+#define NUM_RANGES 1024
+
 extern int num_retries;
 extern int retry_time;
 extern int delay_time;
 extern int verbosity;
 
+extern int scan_interval;
+extern int scan_wait;
+
+extern struct in_addr scanrange[NUM_RANGES];
+extern int scanrangesize[NUM_RANGES];
+extern int ranges;
+
 extern int use_mysql;
 extern char mysql_host[64];
 extern char mysql_username[32];
 extern char mysql_password[32];
 
-void parse_configfile(int do_scan);
-void parse_line(char *buf, int lineno, int do_scan);
-void parse_keyword(char *keyword, char *value, int lineno, int do_scan);
+void parse_configfile();
+void parse_line(char *buf, int lineno);
+void parse_keyword(char *keyword, char *value, int lineno);
 void parse_int(char *string, int *retval, int lineno);
 void parse_range(char *string, int lineno);
 
diff --git a/init.sql b/init.sql
index 29b4a25..fbe16ce 100644
--- a/init.sql
+++ b/init.sql
@@ -1,6 +1,6 @@
 USE mysql;
-INSERT INTO mysql.user (Host, User, Password) VALUES('%', 'nbtscanner', PASSWORD('tg01'));
-INSERT INTO mysql.user (Host, User, Password) VALUES('localhost', 'nbtscanner', PASSWORD('tg01'));
+INSERT INTO mysql.user (Host, User, Password) VALUES('%', 'nbtscanner', PASSWORD('qugx8M!S'));
+INSERT INTO mysql.user (Host, User, Password) VALUES('localhost', 'nbtscanner', PASSWORD('qugx8M!S'));
 FLUSH PRIVILEGES;
 
 CREATE DATABASE nbtscanner;
@@ -14,4 +14,5 @@ CREATE TABLE nbtscanner (
 		ip
 	)
 );
-GRANT INSERT, UPDATE, DELETE ON nbtscanner.nbtscanner TO nbtscanner@"%" IDENTIFIED BY 'tg01';
+GRANT SELECT, INSERT, UPDATE, DELETE ON nbtscanner.nbtscanner TO nbtscanner@localhost IDENTIFIED BY 'qugx8M!S';
+GRANT SELECT, INSERT, UPDATE, DELETE ON nbtscanner.nbtscanner TO nbtscanner@"%" IDENTIFIED BY 'qugx8M!S';
diff --git a/mysql_interface.c b/mysql_interface.c
index c51633a..8baa345 100644
--- a/mysql_interface.c
+++ b/mysql_interface.c
@@ -23,6 +23,7 @@
  */
 
 #include <stdio.h>
+#include <string.h>
 #include <stdlib.h>
 #include <mysql.h>
 
@@ -56,9 +57,16 @@ void init_mysql(char *host, char *username, char *password)
 void add_record_mysql(char *ip, char *hostname, char *fileservername, char *groupname)
 {
 	char query[256];
+	char hname[256], fsname[256], gname[256];
+	int i;
+
+	mysql_real_escape_string(mysql, hname, hostname, strlen(hostname));
+	mysql_real_escape_string(mysql, fsname, fileservername, strlen(fileservername));
+	mysql_real_escape_string(mysql, gname, groupname, strlen(groupname));
+
 	snprintf(query, 256,
 		"REPLACE INTO nbtscanner.nbtscanner SET ip='%s', hostname='%s', fileservername='%s', groupname='%s';",
-		ip, hostname, fileservername, groupname);
+		ip, hname, fsname, gname);
 
 	if (mysql_query(mysql, query) != 0) {
 		if (verbosity >= 1) {
@@ -90,7 +98,7 @@ void print_all_records_mysql()
 	unsigned int num_fields;
 	int i;
 
-	if (mysql_query(mysql, "SELECT ip,fileservername,groupname,(fileservername <> '-unknown-nbtscanner-') FROM nbtscanner.nbtscanner;") != 0) {
+	if (mysql_query(mysql, "SELECT ip,(CASE WHEN fileservername='-unknown-nbtscanner-' THEN hostname ELSE fileservername END),groupname,(fileservername <> '-unknown-nbtscanner-') FROM nbtscanner.nbtscanner;") != 0) {
 		if (verbosity >= 1) {
 			fprintf(stderr, "mysql_query('SELECT ip'...) failed\n");
 		}
@@ -117,12 +125,12 @@ void print_all_records_mysql()
 
 			/* strip away CR/LFs */
 			for (j = 0; j < lengths[i]; j++) {
-				if (row[i][j] == 0 || row[i][j] == 10 || row[i][j] == 13) {
+				if (row[i][j] == 0 || row[i][j] == 10 || row[i][j] == 13 || row[i][j] == ',') {
 					row[i][j] = '?';
 				}
 			}
 			printf("%.*s", (int) lengths[i], row[i] ? row[i] : "NULL");
-			if (i != num_fields - 1) putchar(0);
+			if (i != num_fields - 1) printf(",");
 		}
 		printf("\r\n");
         }
diff --git a/nbtscanner.c b/nbtscanner.c
index a7c5e25..cbc8945 100644
--- a/nbtscanner.c
+++ b/nbtscanner.c
@@ -32,6 +32,7 @@
 #include <unistd.h>
 #include <arpa/inet.h>
 #include <stdlib.h>
+#include <malloc.h>
 
 #include "nbtscanner.h"
 #include "mysql_interface.h"
@@ -298,23 +299,25 @@ void scan_range(struct in_addr ip, int rangesize)
 
 int main(int argc, char *argv[])
 {
+	int junk = mtrace();
 	int fd = open_sockets();
+	int i;
 
 	id_list_init();
 	init_stats();
 
-	/* note that parse_configfile() will call scan_range()! */
 	server_fd = fd;
-	parse_configfile(1);
-
-/*	for (i=1;i<argc;i++) {
-		struct in_addr ip;
+	parse_configfile();
 
-		ip.s_addr = inet_addr(argv[i]); //interpret_addr2(argv[i]);
-		send_nbt_packet(fd, ip);
-		recv_nbt_packets(fd);
-	} */
+	/* really ugly to have here */
+	if (use_mysql) {
+		init_mysql(mysql_host, mysql_username, mysql_password);
+	}
 
+	for (i = 0; i < ranges; i++) {
+		scan_range(scanrange[i], scanrangesize[i]);
+	}
+	
 	/*
 	 * receive answers and resend packets until all answers have
 	 * been received, or all packets have been timed out
diff --git a/nbtscanner.conf b/nbtscanner.conf
index 06da5e7..ec0aa5b 100644
--- a/nbtscanner.conf
+++ b/nbtscanner.conf
@@ -16,8 +16,22 @@ num_retries=3
 retry_time=5000
 
 # How long nbtscanner will delay between each sent packet, in ms.
-delay_time=100
+delay_time=10
 
+# How long there will be between the _start_ of each scan, in ms.
+# The default (half an hour, or 1800 seconds) should be OK.
+scan_interval=1800000
+
+#
+# The minimum time to wait between each scan (ie. even if a scan
+# takes 24 hours, wait at least this time before the next scan
+# begins). This is to prevent flooding the network constantly.
+#
+# The default value is 5 minutes.
+#
+scan_wait=300000
+
+#
 # Verbosity level: 
 # 0: Absolutely no warnings or error messages will be printed (not
 #    recommended, it's kinda nice to know why the program failed).
@@ -39,7 +53,7 @@ verbosity=3
 # all the IPs to standard output. This is highly recommended, but
 # needs some table setup before use.
 #
-use_mysql=1
+use_mysql=0
 
 #
 # Your MySQL server information. mysql_host is the IP address (or
@@ -48,8 +62,9 @@ use_mysql=1
 # cleartext, so make sure the permissions on this file are set to
 # 0600 or similiar.
 #
-mysql_host=127.0.0.1
+mysql_host=localhost
 mysql_username=nbtscanner
+#mysql_password=qugx8M!S
 mysql_password=tg01
 
 #
@@ -67,6 +82,7 @@ mysql_password=tg01
 # Duplicate IP address _will_ be scanned twice. :-)
 #
 range=10.0.7.80/28
+#range=213.236.192.0/24
 # range=10.0.0.0/24
-range=10.0.19.0/24
+# range=10.0.19.0/24
 
-- 
2.39.2