network/unicornscan: Added (flexible and efficient network probing).

Signed-off-by: Matteo Bernardini <ponce@slackbuilds.org>
2024-11-18 22:06:04 +01:00 · 2013-01-05 20:23:11 +01:00 · 2013-01-05 20:23:11 +01:00 · 5fd657a3af
commit 5fd657a3af
parent fdb29e7815
10 changed files with 430 additions and 0 deletions
--- a/network/unicornscan/README
+++ b/network/unicornscan/README
@ -0,0 +1,9 @@
+unicornscan (flexible and efficient network probing)
+
+Unicornscan is an attempt at a user-land distributed TCP/IP
+stack. It is intended to provide a researcher a superior
+interface for introducing a stimulus into and measuring a
+response from a TCP/IP enabled device or network.
+
+libdnet is an optional dependency: this will build an
+internal version if not available.
--- a/network/unicornscan/README.slackware
+++ b/network/unicornscan/README.slackware
@ -0,0 +1,78 @@
+Unicornscan and PostgreSQL
+--------------------------
+
+1.  The PostgreSQL service has to be up and running. Depending on the exact
+    version of Slackware, on the first PostgreSQL startup, a "initdb -D \
+    /var/lib/pgsql/data" is maybe required for initializing.
+
+    bash-4.2# /etc/rc.d/rc.postgresql start
+
+2.  Switch to the PostgreSQL user.
+
+    bash-4.2# su - postgres
+    postgres@darkstar:~$
+
+3.  Create an own PostgreSQL database user for unicornscan. Don't forget to set
+    a password, e.g. "scanit!" as it is used in all examples.
+
+    postgres@darkstar:~$ createuser --no-superuser --no-createrole --no-createdb --pwprompt unicornscan
+    Enter password for new role:
+    Enter it again:
+
+4.  Create an own PostgreSQL database for unicornscan linked with the previous
+    generated database user for unicornscan.
+
+    postgres@darkstar:~$ createdb --owner unicornscan unicornscan
+
+5.  Switch back to the root user.
+
+    postgres@darkstar:~$ exit
+    bash-4.2#
+
+6.  Edit PostgreSQL client authentication file /var/lib/pgsql/data/pg_hba.conf
+    file with a text editor, insert the following lines before the other already
+    existing rules.
+
+    # TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD
+    local   unicornscan unicornscan                       md5
+    host    unicornscan unicornscan 127.0.0.1/32          md5
+    host    unicornscan unicornscan ::1/128               md5
+
+7.  Edit PostgreSQL server configuration in /var/lib/pgsql/data/postgresql.conf
+    and set the configuration variable as follows:
+
+    escape_string_warning = off
+
+8.  Restart the PostgreSQL service to enable the previous performed changes.
+
+    bash-4.2# /etc/rc.d/rc.postgresql restart
+    Restarting PostgreSQL...
+    waiting for server to shut down.... done
+    server stopped
+    server starting
+
+9.  Create the required tables for unicornscan inside of PostgreSQL database,
+    there will be some error messages displayed after entering the password for
+    psql. These error messages are normal and expected, because the SQL dump
+    contains a SQL DROP of all tables before the SQL CREATE is performed.
+
+    bash-4.2# psql --username unicornscan --password unicornscan < /usr/doc/unicornscan-0.*/pgsql_schema.sql
+    Password for user unicornscan:
+    [...]
+    bash-4.2# psql --username unicornscan --password unicornscan < /usr/doc/unicornscan-0.*/session.sql
+    Password for user unicornscan:
+    [...]
+
+10. Edit the unicornscan configuration file /etc/unicornscan/modules.conf and
+    check or correct the PostgreSQL database connection settings.
+
+    module "pgsqldb" {
+            dbconf:         "user=unicornscan password=scanit! host=localhost dbname=unicornscan";
+            logpacket:      "true";
+    };
+
+11. Perform a small sample scan and write the output to PostgreSQL database.
+
+    bash-4.2# unicornscan www.google.com -e pgsqldb
+    TCP open                    http[   80]         from 209.85.129.104  ttl 52
+    TCP open                   https[  443]         from 209.85.129.104  ttl 52
--- a/network/unicornscan/README.slackware.unicornscan-web
+++ b/network/unicornscan/README.slackware.unicornscan-web
@ -0,0 +1,37 @@
+Unicornscan and PostgreSQL
+--------------------------
+
+1.  Follow the /usr/doc/unicornscan-0.*/unicornscan-README.slackware file, so that the
+    PostgreSQL service is up and running already.
+
+2.  Ensure PHP is enabled by uncommenting the following line in /etc/httpd/httpd.conf
+    Include /etc/httpd/mod_php.conf
+
+3.  Ensure PHP supports postgresql
+    http://diantokam.blogspot.com/2012/10/solved-getting-postgresql-914-module.html
+
+4.  Start (or restart) the Apache HTTP webserver, to ensure that configuration
+    file for Apache gets active.
+
+    bash-4.2# /etc/rc.d/rc.httpd start
+
+5.  Move the www-front-end directory to /var/www/unicornscan
+
+    bash-4.2# mv /usr/doc/unicornscan-0.*/www-front-end /var/www/htdocs/unicornscan
+
+6.  Edit the unicornscan configuration file /var/www/htdocs/unicornscan/config.php and check
+    for correct the PostgreSQL database connection settings.
+
+    $PHPLIB["database_name"]="unicornscan";
+    $PHPLIB["database_username"]="unicornscan";
+    $PHPLIB["database_password"]="scanit!";
+    $PHPLIB["database_host"]="127.0.0.1";
+
+
+7.  Perform a small sample scan and write the output to PostgreSQL database.
+
+    bash-4.2# unicornscan www.google.com -e pgsqldb
+    TCP open                    http[   80]         from 209.85.129.104  ttl 52
+    TCP open                   https[  443]         from 209.85.129.104  ttl 52
+
+8.  Open a webbrowser and switch to: http://localhost/unicornscan/
--- a/network/unicornscan/patches/unicornscan-0.4.7-config.patch
+++ b/network/unicornscan/patches/unicornscan-0.4.7-config.patch
@ -0,0 +1,56 @@
+--- unicornscan-0.4.7/etc/modules.conf			2006-10-18 18:57:05.000000000 +0200
+++ unicornscan-0.4.7/etc/modules.conf.config		2009-12-05 20:34:31.000000000 +0100
+@@ -1,16 +1,9 @@
+ 
+ module "pgsqldb" {
+-	dbconf:		"user=scan password=scanit! host=localhost dbname=scan";
+	dbconf:		"user=unicornscan password=scanit! host=localhost dbname=unicornscan";
+ 	logpacket:	"true";
+ };
+ 
+-module "mysqldb" {
+-	username:	"scan";
+-	password:	"scanit!";
+-	hostname:	"localhost";
+-	dbname:		"foo";
+-};
+-
+ module "osdetect" {
+ 	/*	Stim	TCPFLG	TTL	DF	WS	TOS	Misc	*/
+ 	/* tcpopts		type	desc				*/
+--- unicornscan-0.4.7/www-front-end/config.php		2007-11-27 11:23:35.000000000 +0100
+++ unicornscan-0.4.7/www-front-end/config.php.config	2009-12-05 20:35:13.000000000 +0100
+@@ -4,16 +4,16 @@
+ 	define("config_master_include", 1);
+ 
+ 	// Web Server location stuff
+-	$PHPLIB["uri_base"]="http://localhost/unicornscan/";		// http://vhost.domain.tld/something/
+	$PHPLIB["uri_base"]="/unicornscan/";				// http://vhost.domain.tld/something/
+ 
+-	$PHPLIB["filesystem_base"]="/var/www/htdocs/unicornscan/";		// Base directory content is in
+-	$PHPLIB["filesystem_phplib"]="/var/www/htdocs/unicornscan/lib/";	// Where phplib is
+-	$PHPLIB["filesystem_temporary"]="/tmp/";			// Where can i write files to?
+	$PHPLIB["filesystem_base"]="/var/www/htdocs/unicornscan/";	// Base directory content is in
+	$PHPLIB["filesystem_phplib"]="/var/www/htdocs/unicornscan/lib/";// Where phplib is
+	$PHPLIB["filesystem_temporary"]="/tmp/";			// Where can i write files to?
+ 
+ 	// DataBase Variables
+-	$PHPLIB["database_name"]="scan"; 		// change this for sure , its the database name
+-	$PHPLIB["database_type"]="pgsql";		// pgsql, mysql, youll need the right class though
+-	$PHPLIB["database_username"]="scan";
+	$PHPLIB["database_name"]="unicornscan";		// change this for sure , its the database name
+	$PHPLIB["database_type"]="pgsql";		// and something else isn't supported right now
+	$PHPLIB["database_username"]="unicornscan";
+ 	$PHPLIB["database_password"]="scanit!";
+ 	$PHPLIB["database_host"]="127.0.0.1";
+ 	$PHPLIB["database_db"]["default"]="";
+@@ -24,6 +24,9 @@
+ 	// formclass2.php stuff
+ 	$PHPLIB["formclass_warnimage"]="exl.gif";			// warning image for invalid forms
+ 
+	// No PHP error reporting
+	error_reporting(0);
+
+ } // Double Inclusion detection
+ 
+ require("./lib/connect_todb.php");
--- a/network/unicornscan/patches/unicornscan-0.4.7-geoip.patch
+++ b/network/unicornscan/patches/unicornscan-0.4.7-geoip.patch
@ -0,0 +1,31 @@
+Patch by Robert Scheck <robert@fedoraproject.org> for unicornscan >= 0.4.7, which adds the
+standard location of GeoIP data at Fedora in front of the original opening try. Unicornscan
+upstream is expecting /etc/unicornscan/GeoIP.dat instead of /usr/share/GeoIP/GeoIP.dat by
+default. This patch is looking for the existence of /usr/share/GeoIP/GeoIP.dat, otherwise
+/etc/unicornscan/GeoIP.dat will be used to not break the standards from upstream, if patch
+gets applied for a future unicornscan release.
+
+--- unicornscan-0.4.7/src/scan_progs/report.c		2006-10-18 18:57:05.000000000 +0200
+++ unicornscan-0.4.7/src/scan_progs/report.c.geoip	2009-11-17 13:16:04.000000000 +0100
+@@ -68,9 +68,18 @@
+ 	report_t=rbinit(123);
+ 
+ #ifdef HAVE_LIBGEOIP
+-	gi=GeoIP_open(CONF_DIR "/GeoIP.dat", GEOIP_MEMORY_CACHE);
+-	if (gi == NULL) {
+-		ERR("error opening geoip database `%s/%s': %s", CONF_DIR, "/GeoIP.dat", strerror(errno));
+
+	if (access("/usr/share/GeoIP/GeoIP.dat", F_OK) == 0) {
+		gi=GeoIP_open("/usr/share/GeoIP/GeoIP.dat", GEOIP_MEMORY_CACHE);
+		if (gi == NULL) {
+			ERR("error opening geoip standard database `/usr/share/GeoIP/GeoIP.dat': %s", strerror(errno));
+		}
+	}
+	else {
+		gi=GeoIP_open(CONF_DIR "/GeoIP.dat", GEOIP_MEMORY_CACHE);
+		if (gi == NULL) {
+			ERR("error opening geoip database `%s/%s': %s", CONF_DIR, "/GeoIP.dat", strerror(errno));
+		}
+ 	}
+ 
+ #endif
--- a/network/unicornscan/patches/unicornscan-0.4.7-lib64.patch
+++ b/network/unicornscan/patches/unicornscan-0.4.7-lib64.patch
@ -0,0 +1,47 @@
+Patch by Robert Scheck <robert@fedoraproject.org> for unicornscan >= 0.4.7, which
+adds support for x86_64, ppc64 or other 64 bit architectures using /usr/lib64 for
+their libraries. Having lib64 in front of lib is mandatory, as 64 bit systems are
+likely to run with multi-lib, that means 32 bit libraries are parallel in use. If
+you apply this patch, don't run autoconf > 2.6.3, as it will break, because whole
+autotools stuff from upstream is unfortunately a bit broken.
+
+--- unicornscan-0.4.7/configure.ac		2007-11-29 15:51:20.000000000 +0100
+++ unicornscan-0.4.7/configure.ac.lib64	2009-11-16 23:32:27.000000000 +0100
+@@ -269,7 +269,7 @@
+       AC_MSG_RESULT(no)
+     fi
+   else
+-    for i in lib lib/mysql; do
+    for i in lib64 lib lib64/mysql lib/mysql; do
+       str="$MYSQL_DIR/$i/libmysqlclient.*"
+       for j in `echo $str`; do
+         if test -r $j; then
+@@ -331,7 +331,7 @@
+       AC_MSG_RESULT(no)
+     fi
+   else
+-    for i in lib lib/postgresql; do
+    for i in lib64 lib lib64/postgresql lib/postgresql; do
+       str="$PGSQL_DIR/$i/libpq.*"
+       for j in `echo $str`; do
+         if test -r $j; then
+--- unicornscan-0.4.7/configure			2007-12-18 16:26:12.000000000 +0100
+++ unicornscan-0.4.7/configure.lib64		2009-12-05 12:04:32.000000000 +0100
+@@ -26275,7 +26275,7 @@
+ echo "${ECHO_T}no" >&6; }
+     fi
+   else
+-    for i in lib lib/mysql; do
+    for i in lib64 lib lib64/mysql lib/mysql; do
+       str="$MYSQL_DIR/$i/libmysqlclient.*"
+       for j in `echo $str`; do
+         if test -r $j; then
+@@ -26438,7 +26438,7 @@
+ echo "${ECHO_T}no" >&6; }
+     fi
+   else
+-    for i in lib lib/postgresql; do
+    for i in lib64 lib lib64/postgresql lib/postgresql; do
+       str="$PGSQL_DIR/$i/libpq.*"
+       for j in `echo $str`; do
+         if test -r $j; then
--- a/network/unicornscan/patches/unicornscan-0.4.7-man.patch
+++ b/network/unicornscan/patches/unicornscan-0.4.7-man.patch
@ -0,0 +1,29 @@
+*** unicornscan-0.4.7/docs/unicornscan.1.orig	2006-10-18 09:57:05.000000000 -0700
+--- unicornscan-0.4.7/docs/unicornscan.1	2013-01-04 07:33:46.281014368 -0700
+***************
+*** 10,21 ****
+  
+  .fi
+  ..
+! .TH "UNICORNSCAN" "1" "03/30/05" "Network Tools " "Network Tools "
+  .SH NAME
+  
+  .PP
+  unicornscan
+! Version 0.4.6b is a asynchronous network stimulus delivery/response recoring 
+  tool. 
+  .PP
+  .SH SYNOPSIS
+--- 10,21 ----
+  
+  .fi
+  ..
+! .TH "UNICORNSCAN" "1" "01/05/13" "Network Tools " "Network Tools "
+  .SH NAME
+  
+  .PP
+  unicornscan
+! Version 0.4.7 is a asynchronous network stimulus delivery/response recoring 
+  tool. 
+  .PP
+  .SH SYNOPSIS
--- a/network/unicornscan/slack-desc
+++ b/network/unicornscan/slack-desc
@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct.  It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+           |-----handy-ruler------------------------------------------------------|
+unicornscan: unicornscan (flexible and efficient network probing)
+unicornscan:
+unicornscan: Unicornscan is an attempt at a user-land distributed TCP/IP
+unicornscan: stack. It is intended to provide a researcher a superior
+unicornscan: interface for introducing a stimulus into and measuring a
+unicornscan: response from a TCP/IP enabled device or network.
+unicornscan:
+unicornscan: homepage: http://unicornscan.org
+unicornscan:
+unicornscan:
+unicornscan:
--- a/network/unicornscan/unicornscan.SlackBuild
+++ b/network/unicornscan/unicornscan.SlackBuild
@ -0,0 +1,114 @@
+#!/bin/sh
+
+# Slackware build script for unicornscan
+# Happy Birthday Jack! :)
+
+# Copyright Jan 5, 2013 Robert E. Lee, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+PRGNAM=unicornscan
+VERSION=${VERSION:-0.4.7}
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) ARCH=i486 ;;
+    arm*) ARCH=arm ;;
+       *) ARCH=$( uname -m ) ;;
+  esac
+fi
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+  LIBDIRSUFFIX="64"
+else
+  SLKCFLAGS="-O2"
+  LIBDIRSUFFIX=""
+fi
+
+set -e
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PRGNAM-$VERSION
+tar xvf $CWD/$PRGNAM-$VERSION-2.tar.bz2
+cd $PRGNAM-$VERSION
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+# Apply patches, these are very minor
+patch -p1 -b < $CWD/patches/unicornscan-0.4.7-lib64.patch
+patch -p1 -b < $CWD/patches/unicornscan-0.4.7-geoip.patch
+patch -p1 -b < $CWD/patches/unicornscan-0.4.7-config.patch
+patch -p1 -b < $CWD/patches/unicornscan-0.4.7-man.patch
+
+CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS" \
+./configure \
+  CFLAGS=-D_GNU_SOURCE \
+  --prefix=/usr \
+  --libdir=/usr/lib${LIBDIRSUFFIX} \
+  --sysconfdir=/etc \
+  --localstatedir=/var \
+  --mandir=/usr/man \
+  --docdir=/usr/doc/$PRGNAM-$VERSION \
+  --build=$ARCH-slackware-linux \
+  --with-pgsql
+
+make
+make install DESTDIR=$PKG
+
+find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
+  | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
+
+find $PKG/usr/man -type f -exec gzip -9 {} \;
+for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cp -a \
+  www-front-end \
+  src/output_modules/database/sql/pgsql_schema.sql \
+  www-front-end/lib/session.sql \
+  $CWD/README.* \
+  $PKG/usr/doc/$PRGNAM-$VERSION
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
--- a/network/unicornscan/unicornscan.info
+++ b/network/unicornscan/unicornscan.info
@ -0,0 +1,10 @@
+PRGNAM="unicornscan"
+VERSION="0.4.7-2"
+HOMEPAGE="http://unicornscan.org"
+DOWNLOAD="http://unicornscan.org/releases/unicornscan-0.4.7-2.tar.bz2"
+MD5SUM="4c5f272eb38c333c0094c32317edf758"
+DOWNLOAD_x86_64=""
+MD5SUM_x86_64=""
+REQUIRES="postgresql GeoIP php-pgsql"
+MAINTAINER="Robert E. Lee"
+EMAIL="robert_at_loveathome.us"