bug fix: add check tcp.SYN and tcp.ACK in Scanner.synParser()

For-ACGN · Jun 8, 2020 · f4645d8 · f4645d8
1 parent e8046cf
commit f4645d8
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 45 deletions.
diff --git a/cmd/scanner.go b/cmd/scanner.go
@@ -55,7 +55,7 @@ func main() {
 		Senders: senders,
 	}
 	if save != "" {
-		file, err := os.OpenFile(save, os.O_CREATE|os.O_APPEND, 644)
+		file, err := os.OpenFile(save, os.O_CREATE|os.O_APPEND, 0644)
 		if err != nil {
 			log.Fatalln(err)
 		}

diff --git a/syn.go b/syn.go
@@ -147,59 +147,65 @@ func (s *Scanner) synParser(wg *sync.WaitGroup) {
 				sha.Write(s.salt)
 				hash = sha.Sum(nil)
 				// check port and ack
-				if uint16(tcp.DstPort) == binary.BigEndian.Uint16(hash[:2]) &&
-					tcp.Ack-1 == binary.BigEndian.Uint32(hash[2:6]) {
-					if s.addResult(ipv4.SrcIP, port) {
-						return
-					}
-					// send RST
-					// swap
-					eth.SrcMAC, eth.DstMAC = eth.DstMAC, eth.SrcMAC
-					ipv4.SrcIP, ipv4.DstIP = ipv4.DstIP, ipv4.SrcIP
-					tcp.SrcPort, tcp.DstPort = tcp.DstPort, tcp.SrcPort
-					// tcp.Seq = tcp.Ack
-					// tcp.Ack = 0
-					tcp.Seq, tcp.Ack = tcp.Ack, tcp.Seq+1
-					// set flag
-					tcp.SYN = false
-					tcp.ACK = false
-					tcp.RST = true
-					// send packet
-					_ = tcp.SetNetworkLayerForChecksum(&ipv4)
-					_ = gopacket.SerializeLayers(buf, opt, &eth, &ipv4, &tcp)
-					s.sendPacket(buf.Bytes())
+				if !(tcp.SYN && tcp.ACK) {
+					goto getNewData
+				}
+				if uint16(tcp.DstPort) != binary.BigEndian.Uint16(hash[:2]) ||
+					tcp.Ack-1 != binary.BigEndian.Uint32(hash[2:6]) {
+					goto getNewData
+				}
+				if s.addResult(ipv4.SrcIP, port) {
+					return
 				}
-				goto getNewData
+				// send RST
+				// swap
+				eth.SrcMAC, eth.DstMAC = eth.DstMAC, eth.SrcMAC
+				ipv4.SrcIP, ipv4.DstIP = ipv4.DstIP, ipv4.SrcIP
+				tcp.SrcPort, tcp.DstPort = tcp.DstPort, tcp.SrcPort
+				// tcp.Seq = tcp.Ack
+				// tcp.Ack = 0
+				tcp.Seq, tcp.Ack = tcp.Ack, tcp.Seq+1
+				// set flag
+				tcp.SYN = false
+				tcp.ACK = false
+				tcp.RST = true
+				// send packet
+				_ = tcp.SetNetworkLayerForChecksum(&ipv4)
+				_ = gopacket.SerializeLayers(buf, opt, &eth, &ipv4, &tcp)
+				s.sendPacket(buf.Bytes())
 			case layers.LayerTypeIPv6:
 				// check hash
 				sha.Reset()
 				sha.Write(ipv6.SrcIP)
 				sha.Write(s.salt)
 				hash = sha.Sum(nil)
 				// check port and ack
-				if uint16(tcp.DstPort) == binary.BigEndian.Uint16(hash[:2]) &&
-					tcp.Ack-1 == binary.BigEndian.Uint32(hash[2:6]) {
-					if s.addResult(ipv6.SrcIP, port) {
-						return
-					}
-					// send RST
-					// swap
-					eth.SrcMAC, eth.DstMAC = eth.DstMAC, eth.SrcMAC
-					ipv6.SrcIP, ipv6.DstIP = ipv6.DstIP, ipv6.SrcIP
-					tcp.SrcPort, tcp.DstPort = tcp.DstPort, tcp.SrcPort
-					// tcp.Seq = tcp.Ack
-					// tcp.Ack = 0
-					tcp.Seq, tcp.Ack = tcp.Ack, tcp.Seq+1
-					// set flag
-					tcp.SYN = false
-					tcp.ACK = false
-					tcp.RST = true
-					// send packet
-					_ = tcp.SetNetworkLayerForChecksum(&ipv6)
-					_ = gopacket.SerializeLayers(buf, opt, &eth, &ipv6, &tcp)
-					s.sendPacket(buf.Bytes())
+				if !(tcp.SYN && tcp.ACK) {
+					goto getNewData
+				}
+				if uint16(tcp.DstPort) != binary.BigEndian.Uint16(hash[:2]) ||
+					tcp.Ack-1 != binary.BigEndian.Uint32(hash[2:6]) {
+					goto getNewData
+				}
+				if s.addResult(ipv6.SrcIP, port) {
+					return
 				}
-				goto getNewData
+				// send RST
+				// swap
+				eth.SrcMAC, eth.DstMAC = eth.DstMAC, eth.SrcMAC
+				ipv6.SrcIP, ipv6.DstIP = ipv6.DstIP, ipv6.SrcIP
+				tcp.SrcPort, tcp.DstPort = tcp.DstPort, tcp.SrcPort
+				// tcp.Seq = tcp.Ack
+				// tcp.Ack = 0
+				tcp.Seq, tcp.Ack = tcp.Ack, tcp.Seq+1
+				// set flag
+				tcp.SYN = false
+				tcp.ACK = false
+				tcp.RST = true
+				// send packet
+				_ = tcp.SetNetworkLayerForChecksum(&ipv6)
+				_ = gopacket.SerializeLayers(buf, opt, &eth, &ipv6, &tcp)
+				s.sendPacket(buf.Bytes())
 			}
 		}
 	getNewData: