From 883075fc3485406d0f509496703d909550665eec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anton=20Luka=20=C5=A0ijanec?= <anton@sijanec.eu>
Date: Wed, 9 Feb 2022 22:57:26 +0100
Subject: 0.0.3

---
 .gitignore       |  1 +
 README           |  4 +--
 debian/changelog |  7 +++++
 main.c           | 85 +++++++++++++++++++++++++++++++++-----------------------
 4 files changed, 61 insertions(+), 36 deletions(-)

diff --git a/.gitignore b/.gitignore
index f641316..35a6d9e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@ a.out
 dnsfind
 .gdb_history
 out.pcap
+ž
diff --git a/README b/README
index 66e0094..be6a12a 100644
--- a/README
+++ b/README
@@ -26,8 +26,8 @@ stikala za razne opcije je treba navesti pred domeno in omrežji in so sledeča:
 	-f Ne vključi poslanih paketov, ki so itak vedno isti, v PCAP datoteko, nastavljeno z -e
 	-h Pokaže vgrajeno besedilo pomoči
 	-k Večaj IP naslov v "obratnem" vrstnem redu (b000, b100, b010, b110, b001, b101, b011, b111)
-	-m Podan je en naslov računalnika namesto omrežij, išče strežnike okoli njega /32, /31, ...
-	-n Ko je najdenih toliko delujočih strežnikov, kot je podana številka kot argument, prenehajmo
+	-m Podan je en naslov računalnika namesto omrežij, program išče strežnike okoli v "spirali"
+	-n Ko je najdenih toliko delujočih strežnikov, kot je podana številka kot argument, ustavimo
 	-p Nastavi številko izvornih UDP vrat. Če ni navedena, jedro izbere eno prosto.
 	-t Zamik pred pošiljanjem naslednjega paketa v mikrosekundah (privzeto in minimalno 1000)
 	-w Končaj toliko mikrosek. po prejemu zadnjega paketa po koncu pošiljanja (privzeto 1000000)
diff --git a/debian/changelog b/debian/changelog
index b032805..a5f7fc3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+dnsfind (0.0.3-1) stable; urgency=low
+
+  * added option -n to limit searching after num working servers're found
+  * added option -m to search computers in a 1D spiral around provided IP
+
+ -- Anton Luka Šijanec <anton@sijanec.eu>  Wed, 09 Feb 2022 23:00:00 +0100
+
 dnsfind (0.0.2-1) stable; urgency=low
 
   * removed default domain. domain must be now provided before networks
diff --git a/main.c b/main.c
index 2546712..bdcc30b 100644
--- a/main.c
+++ b/main.c
@@ -28,7 +28,7 @@
 "	-f Exclude sent packets from -e PCAP output They're all the same with different dst IPs.\n" \
 "	-h Show this help and exit.\n" \
 "	-k Increment IP addresses in reverse bit endianness (000 100 010 110 001 101 011 111).\n" \
-"	-m Scans increasingly larger networks. Input networks are treated as /31. Use with -n.\n" \
+"	-m Spiral-search around a single host given instead of networks. Use with -n.\n" \
 "	-n Stops scanning after provided number of working servers is found and reported.\n" \
 "	-p Set the source port number to use instead of a dynamically asigned one.\n" \
 "	-t Number of microseconds to wait between sent packets. (default & min. 1000 - 64 KB/s)\n" \
@@ -360,7 +360,9 @@ int main (int argc, char ** argv) {
 	int k = 0; /* little bitendian IP address inc: 10.0.0.0, 10.128.0.0, 10.64.0.0, 10.192.0.0 */
 	int targetnum = 0;
 	int workingnum = 0;
-	int increasinglylarger = 0;
+	unsigned int spiralsearch = 0;
+	unsigned int spiralsearch_up = 0;
+	unsigned int spiralsearch_down = 0;
 	int t = 1000;
 	int w = 1000000;
 	int e = 0; /* whether to exclude sent packets in PCAP - they're all the same */
@@ -408,7 +410,7 @@ int main (int argc, char ** argv) {
 				k++;
 				break;
 			case 'm':
-				increasinglylarger++;
+				spiralsearch++;
 				break;
 			case 'n':
 				targetnum = atoi(optarg);
@@ -435,8 +437,8 @@ int main (int argc, char ** argv) {
 					r = 5;
 					goto r;
 				}
-				if (increasinglylarger && l != 1) {
-					fprintf(stderr, "-m option is set, max one network. :: " HELP, argv[0]);
+				if (spiralsearch && l != 1) {
+					fprintf(stderr, "-m option is set, max one host :: " HELP, argv[0]);
 					r = 6;
 					goto r;
 				}
@@ -444,8 +446,10 @@ int main (int argc, char ** argv) {
 				for (int i = e; i < argc; i++) {
 					int w = i-e;
 					n[w] = str2net(argv[i]);
-					if (increasinglylarger)
-						n[w].mask.s_addr = htonl(ntohl(INADDR_BROADCAST)&~1);
+					if (spiralsearch) {
+						n[w].mask.s_addr = INADDR_BROADCAST;
+						h = n[w];
+					}
 				}
 				goto o;
 			case '?':
@@ -504,10 +508,31 @@ o:
 			notfirst++;
 		if (getenv("DF_DEBUG"))
 			fprintf(stderr, "j = %lld, scanuntilhost = %ld\n", j, scanuntilhost);
-		if ((h = host(n[i], j)).mask.s_addr != INADDR_BROADCAST ||
-				(increasinglylarger && scanuntilhost != -1 && j >= scanuntilhost)) {
+		if (spiralsearch || (h = host(n[i], j)).mask.s_addr != INADDR_BROADCAST) {
 k:
-			if (increasinglylarger ? (n[0].mask.s_addr == INADDR_ANY) : (++i >= l)) {
+			if (spiralsearch) {
+				if (spiralsearch < 10) /* this indicates we haven't yet */
+					spiralsearch = 10; /* scanned given ip itself */
+				else {
+					if (spiralsearch_down == UINT32_MAX
+							&& spiralsearch_up == UINT32_MAX)
+						goto finished_sending;
+					if ((spiralsearch_up <= spiralsearch_down
+							&& spiralsearch_up != UINT32_MAX)
+							|| spiralsearch_down == UINT32_MAX) {
+						h.addr.s_addr = htonl(ntohl(n[i].addr.s_addr)
+								+ ++spiralsearch_up);
+						if (h.addr.s_addr == INADDR_BROADCAST)
+							spiralsearch_up = UINT32_MAX;
+					} else {
+						h.addr.s_addr = htonl(ntohl(n[i].addr.s_addr)
+								- ++spiralsearch_down);
+						if (!h.addr.s_addr)
+							spiralsearch_down = UINT32_MAX;
+					}
+				}
+			} else if (++i >= l) {
+finished_sending:
 				fprintf(stderr, "finished sending, waiting for last replies\n");
 				if (clock_gettime(CLOCK_MONOTONIC, &lp) == -1) {
 					perror("clock_gettime(CLOCK_MONOTONIC, &z)");
@@ -516,20 +541,6 @@ k:
 				}
 				goto i;
 			} else {
-				for (int ž = 0; increasinglylarger && ž < 31; ž++)
-					if (ntohl(n[i].mask.s_addr) & 1 << ž) {
-						n[i].mask.s_addr &= htonl(~(1 << ž));
-						if (ntohl(n[i].addr.s_addr) & 1 << (ž)) {
-							scanuntilhost = 1 << ž;
-							n[i].addr.s_addr &= n[i].mask.s_addr; /* 0 */
-						} else {
-							n[i].addr.s_addr |= htonl((1 << (ž))-1);
-							scanuntilhost = -1; /* until end */
-						}
-						break;
-					}
-				fprintf(stderr, "increasing scanning net: %s", inet_ntoa(n[i].addr));
-				fprintf(stderr, "/%s t: %ld\n", inet_ntoa(n[i].mask), scanuntilhost);
 				j = localnumber(n[i]);
 				h = host(n[i], j);
 			}
@@ -660,16 +671,22 @@ i:
 r:
 	if (!r && notfirst) { /* TODO: tell EXACT packets that were sent before termination. */
 		char * x = alloca(l*31+strlen("SCANNED  \n0")+strlen("WORKINGNUM aaaaaaaaaaaaaaaa"));
-		strcpy(x, "SCANNED ");				/* if scan term, only networks be4 */
-		for (int m = 0; m < (finish ? i : l); m++) {	/* network at which scan was */
-			strcat(x, inet_ntoa(n[m].addr));	/* terminated are reported to be */
-			strcat(x, "/");				/* scanned, not mentioning the */
-			strcat(x, inet_ntoa(n[m].mask));	/* part of the last not mentioned */
-			strcat(x, " ");				/* network that was scanned. */
-		}						/* this may lead to statistical */
-		sprintf(x+strlen(x), "\nWORKINGNUM %d\n", workingnum); /* issues cause it'd appear */
-		write(STDIN_FILENO, x, strlen(x));		/* as if we received packets from */
-	}							/* hosts we haven't queried yet. */
+		if (spiralsearch) {
+			strcpy(x, "SPIRALSEARCH ");
+			strcat(x, inet_ntoa(n[0].addr));
+			strcat(x, " ");
+		} else {
+			strcpy(x, "SCANNED ");
+			for (int m = 0; m < (finish ? i : l); m++) {
+				strcat(x, inet_ntoa(n[m].addr));
+				strcat(x, "/");
+				strcat(x, inet_ntoa(n[m].mask));
+				strcat(x, " ");
+			}
+		}
+		sprintf(x+strlen(x), "\nWORKINGNUM %d\n", workingnum);
+		write(STDIN_FILENO, x, strlen(x));
+	}
 	if (s != -1)
 		if (close(s))
 			perror("close(s)");
-- 
cgit v1.2.3