diff -ruw nmap-3.55-orig/mswin32/winip/iphlpapi.c nmap-3.55/mswin32/winip/iphlpapi.c --- nmap-3.55-orig/mswin32/winip/iphlpapi.c 2000-11-07 01:00:56.000000000 -0800 +++ nmap-3.55/mswin32/winip/iphlpapi.c 2004-08-12 18:53:27.000000000 -0700 @@ -21,9 +21,13 @@ License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +Update: 12/08/04 = Added hook to support SendARP for XP SP2 + - Dana Epp (dana@vulscan.com) + */ void __declspec(dllexport) __stdcall GetIpAddrTable(int p1, int p2, int p3) {} void __declspec(dllexport) __stdcall GetIpForwardTable(int p1, int p2, int p3) {} void __declspec(dllexport) __stdcall GetIfTable(int p1, int p2, int p3) {} void __declspec(dllexport) __stdcall GetIpNetTable(int p1, int p2, int p3) {} \ No newline at end of file +void __declspec(dllexport) __stdcall SendARP( int p1, int p2, int p3, int p4) {} \ No newline at end of file diff -ruw nmap-3.55-orig/mswin32/winip/iphlpapi.def nmap-3.55/mswin32/winip/iphlpapi.def --- nmap-3.55-orig/mswin32/winip/iphlpapi.def 2001-09-08 10:13:08.000000000 -0700 +++ nmap-3.55/mswin32/winip/iphlpapi.def 2004-08-12 17:58:10.000000000 -0700 @@ -19,6 +19,9 @@ ;License along with this library; if not, write to the Free Software ;Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +;Update: 12/08/04 = Added hook to support SendARP for XP SP2 +; - Dana Epp (dana@vulscan.com) + LIBRARY iphlpapi.dll EXPORTS @@ -26,3 +29,4 @@ GetIpForwardTable GetIfTable GetIpNetTable \ No newline at end of file +SendARP \ No newline at end of file diff -ruw nmap-3.55-orig/mswin32/winip/iphlpapi.h nmap-3.55/mswin32/winip/iphlpapi.h --- nmap-3.55-orig/mswin32/winip/iphlpapi.h 2000-11-07 01:00:56.000000000 -0800 +++ nmap-3.55/mswin32/winip/iphlpapi.h 2004-08-12 19:41:15.000000000 -0700 @@ -41,6 +41,7 @@ DWORD __declspec(dllimport) __stdcall GetIpNetTable(PMIB_IPNETTABLE, DWORD*, BOOL); DWORD __declspec(dllimport) __stdcall GetIpForwardTable(PMIB_IPFORWARDTABLE, DWORD*, BOOL); DWORD __declspec(dllimport) __stdcall GetIfEntry(PMIB_IFROW); +DWORD __declspec(dllimport) __stdcall SendARP( int, int, PULONG, PULONG ); #ifdef __cplusplus diff -ruw nmap-3.55-orig/mswin32/winip/pcapsend.c nmap-3.55/mswin32/winip/pcapsend.c --- nmap-3.55-orig/mswin32/winip/pcapsend.c 2003-04-19 20:26:26.000000000 -0700 +++ nmap-3.55/mswin32/winip/pcapsend.c 2004-08-12 19:47:49.000000000 -0700 @@ -96,6 +96,8 @@ static void releaseadapter(); static void send_arp(DWORD ifi, DWORD ip); +static void send_arp_iphlpapi( DWORD ifi, DWORD ip ); +static void send_arp_raw( DWORD ifi, DWORD ip ); static int lookupip(DWORD ip, DWORD ifi); // ARP cache @@ -512,9 +514,52 @@ return; } -// this needs to change for non-Ethernet +// Function added to support XP SP2 properly for arp cache static void send_arp(DWORD ifi, DWORD ip) { + OSVERSIONINFOEX ver; + ver.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX); + if(!GetVersionEx((LPOSVERSIONINFO)&ver)) + { + ver.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); + if(!GetVersionEx((LPOSVERSIONINFO)&ver)) + fatal("GetVersionEx failed\n"); + + ver.wServicePackMajor = 0; + ver.wServicePackMinor = 0; + } + + if( ver.dwMajorVersion >= 5 && ver.dwMinorVersion == 1 && ver.wServicePackMajor == 2 ) + { + send_arp_iphlpapi( ifi, ip ); + } + else + { + send_arp_raw( ifi, ip ); + } +} + +static void send_arp_iphlpapi( DWORD ifi, DWORD ip ) +{ + HRESULT ret; + ULONG uMACAddr[2]; + ULONG uSize = 6; + PBYTE pBuffer; + struct in_addr myip; + + ret = SendARP( ip, 0, uMACAddr, &uSize ); + + if( NO_ERROR == ret ) + { + pBuffer = (PBYTE)uMACAddr; + AddToARPCache( ip, ifi, pBuffer, (int)uSize ); + } + +} + +// this needs to change for non-Ethernet +static void send_arp_raw(DWORD ifi, DWORD ip) +{ struct arp_hdr arp_h; LPADAPTER pAdap; BYTE mymac[6]; @@ -525,7 +570,7 @@ memset(bcastmac, 0xFF, 6); if(0 != ifi2ipaddr(ifi, &myip)) - fatal("sendarp: failed to find my ip ?!?\n"); + fatal("send_arp_raw: failed to find my ip ?!?\n"); // get the MAC et al len = 6; @@ -534,7 +579,7 @@ { // do nothing for localhost scan if(myip.s_addr == 0x0100007f) return; - else fatal("send_arp: can't send on this interface\n"); + else fatal("send_arp_raw: can't send on this interface\n"); } arp_h.ar_hrd=0x0100; diff -ruw nmap-3.55-orig/mswin32/winip/winip.c nmap-3.55/mswin32/winip/winip.c --- nmap-3.55-orig/mswin32/winip/winip.c 2004-02-22 14:15:58.000000000 -0800 +++ nmap-3.55/mswin32/winip/winip.c 2004-08-12 16:04:56.000000000 -0700 @@ -379,6 +379,13 @@ rawsock_avail = 0; } + // Disable rawsock support if its XP SP2 + if( ver.dwMajorVersion >= 5 && ver.dwMinorVersion == 1 && ver.wServicePackMajor == 2 ) + { + winbug = 1; + rawsock_avail = 0; + } + if(pcap_avail) { if(wo.trace) printf("***WinIP*** reading winpcap interface list\n");