diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c9681f5..e21296e 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -58,7 +58,7 @@ tde_install_icons( ) ##### other data install( - FILES knmapui.rc nmap_manpage.html nmap_manpage.html.diff + FILES knmapui.rc nmap_manpage.html DESTINATION ${DATA_INSTALL_DIR}/${PROJECT_NAME} ) diff --git a/src/htmlwidget.cpp b/src/htmlwidget.cpp index 306bf95..bc48fed 100644 --- a/src/htmlwidget.cpp +++ b/src/htmlwidget.cpp @@ -311,11 +311,7 @@ void HTMLWidget::slotStylesheetRemoved( ) bool HTMLWidget::tryKnmapFile( ) { -#ifdef _DEBUG - TQString path = "/home/c/knmap/src/nmap_manpage.html"; -#else TQString path = locate( "data", "knmap/nmap_manpage.html" ); -#endif if( !TQFile::exists( path )) return false; diff --git a/src/knmap.cpp b/src/knmap.cpp index fae0b1e..c5e1cd5 100644 --- a/src/knmap.cpp +++ b/src/knmap.cpp @@ -244,11 +244,7 @@ void Knmap::createMenu( ) createStandardStatusBarAction( ); setStandardToolBarMenuEnabled( true ); -#ifdef _DEBUG - createGUI( TQDir::homeDirPath( ) + "/.trinity/share/apps/knmap/knmapui.rc" ); -#else createGUI( ); -#endif } // findNmap @@ -363,11 +359,7 @@ void Knmap::slotConfigureToolbars( ) void Knmap::slotNewToolbarConfig( ) { -#ifdef _DEBUG - createGUI( TQDir::homeDirPath( ) + "/.trinity/share/apps/knmap/knmapui.rc" ); -#else createGUI( ); -#endif applyMainWindowSettings( TDEGlobal::config( ), autoSaveGroup( )); } diff --git a/src/nmap_manpage.html.diff b/src/nmap_manpage.html.diff deleted file mode 100644 index bcdf5a6..0000000 --- a/src/nmap_manpage.html.diff +++ /dev/null @@ -1,557 +0,0 @@ ---- /usr/share/doc/nmap-3.93/nmap_manpage.html 2005-09-12 20:11:41.000000000 +0930 -+++ /home/c/knmap/src/nmap_manpage.html 2005-11-09 09:35:59.000000000 +0930 -@@ -78,7 +78,7 @@ - - SCAN TYPES - -- -sS TCP SYN scan: This technique is often referred to as "half-open" -+ -sS TCP SYN scan: This technique is often referred to as "half-open" - scanning, because you don’t open a full TCP connection. You send - a SYN packet, as if you are going to open a real connection and - you wait for a response. A SYN|ACK indicates the port is listen- -@@ -89,7 +89,7 @@ - Unfortunately you need root privileges to build these custom SYN - packets. This is the default scan type for privileged users. - -- -sT TCP connect() scan: This is the most basic form of TCP scanning. -+ -sT TCP connect() scan: This is the most basic form of TCP scanning. - The connect() system call provided by your operating system is - used to open a connection to every interesting port on the - machine. If the port is listening, connect() will succeed, oth- -@@ -102,7 +102,7 @@ - which accept() the connection just to have it immediately shut- - down. This is the default scan type for unprivileged users. - -- -sF -sX -sN -+ -sF -sX -sN - Stealth FIN, Xmas Tree, or Null scan modes: There are times when - even SYN scanning isn’t clandestine enough. Some firewalls and - packet filters watch for SYNs to restricted ports, and programs -@@ -133,7 +133,7 @@ - HP/UX, MVS, and IRIX. All of the above send resets from the - open ports when they should just drop the packet. - -- -sP Ping scanning: Sometimes you only want to know which hosts on a -+ -sP Ping scanning: Sometimes you only want to know which hosts on a - network are up. Nmap can do this by sending ICMP echo request - packets to every IP address on the networks you specify. Hosts - that respond are up. Unfortunately, some sites such as -@@ -151,7 +151,7 @@ - respond are scanned. Only use this option if you wish to ping - sweep without doing any actual port scans. - -- -sV Version detection: After TCP and/or UDP ports are discovered -+ -sV Version detection: After TCP and/or UDP ports are discovered - using one of the other scan methods, version detection communi- - cates with those ports to try and determine more about what is - actually running. A file called nmap-service-probes is used to -@@ -177,7 +177,7 @@ - version scanning is doing (this is a subset of what you would - get with --packet_trace). - -- -sU UDP scans: This method is used to determine which UDP (User -+ -sU UDP scans: This method is used to determine which UDP (User - Datagram Protocol, RFC 768) ports are open on a host. The tech- - nique is to send 0 byte UDP packets to each port on the target - machine. If we receive an ICMP port unreachable message, then -@@ -215,7 +215,7 @@ - very quickly. Whoop! - - -- -sO IP protocol scans: This method is used to determine which IP -+ -sO IP protocol scans: This method is used to determine which IP - protocols are supported on a host. The technique is to send raw - IP packets without any further protocol header to each specified - protocol on the target machine. If we receive an ICMP protocol -@@ -229,7 +229,7 @@ - field has only 8 bits, so at most 256 protocols can be probed - which should be possible in reasonable time anyway. - -- -sI <zombie host[:probeport]> -+ -sI <zombie host[:probeport]> - Idlescan: This advanced scan method allows for a truly blind TCP - port scan of the target (meaning no packets are sent to the tar- - get from your real IP address). Instead, a unique side-channel -@@ -257,7 +257,7 @@ - Otherwise Nmap will use the port it uses by default for "tcp - pings". - -- -sA ACK scan: This advanced method is usually used to map out fire- -+ -sA ACK scan: This advanced method is usually used to map out fire- - wall rulesets. In particular, it can help determine whether a - firewall is stateful or just a simple packet filter that blocks - incoming SYN packets. -@@ -272,7 +272,7 @@ - RSTs). This scan will obviously never show ports in the "open" - state. - -- -sW Window scan: This advanced scan is very similar to the ACK scan, -+ -sW Window scan: This advanced scan is very similar to the ACK scan, - except that it can sometimes detect open ports as well as fil- - tered/unfiltered due to an anomaly in the TCP window size - reporting by some operating systems. Systems vulnerable to this -@@ -282,7 +282,7 @@ - 4.X, Ultrix, VAX, and VxWorks. See the nmap-hackers mailing - list archive for a full list. - -- -sR RPC scan. This method works in combination with the various -+ -sR RPC scan. This method works in combination with the various - port scan methods of Nmap. It takes all the TCP/UDP ports found - open and then floods them with SunRPC program NULL commands in - an attempt to determine whether they are RPC ports, and if so, -@@ -294,11 +294,11 @@ - matically enabled as part of version scan (-sV) if you request - that. - -- -sL List scan. This method simply generates and prints a list of IP -+ -sL List scan. This method simply generates and prints a list of IP - addresses or hostnames without actually pinging or port scanning - them. DNS name resolution will be performed unless you use -n. - -- -b <ftp relay host> -+ -b <ftp relay host> - FTP bounce attack: An interesting "feature" of the ftp protocol - (RFC 959) is support for "proxy" ftp connections. In other - words, I should be able to connect from evil.com to the FTP -@@ -332,7 +332,7 @@ - odds of penetrating strict firewalls by sending many probe types - using different TCP ports/flags and ICMP codes. - -- -P0 Do not try to ping hosts at all before scanning them. This -+ -P0 Do not try to ping hosts at all before scanning them. This - allows the scanning of networks that don’t allow ICMP echo - requests (or responses) through their firewall. microsoft.com - is an example of such a network, and thus you should always use -@@ -342,7 +342,7 @@ - trary combinations of TCP, UDP, and ICMP probes. By default, - Nmap sends an ICMP echo request and a TCP ACK packet to port 80. - -- -PA [portlist] -+ -PA [portlist] - Use TCP ACK "ping" to determine what hosts are up. Instead of - sending ICMP echo request packets and waiting for a response, we - spew out TCP ACK packets throughout the target network (or to a -@@ -356,13 +356,13 @@ - 80, since this port is often not filtered out. Note that this - option now accepts multiple, comma-separated port numbers. - -- -PS [portlist] -+ -PS [portlist] - This option uses SYN (connection request) packets instead of ACK - packets for root users. Hosts that are up should respond with a - RST (or, rarely, a SYN|ACK). You can set the destination ports - in the same manner as -PA above. - -- -PR This option specifies a raw ethernet ARP ping. It cannot be -+ -PR This option specifies a raw ethernet ARP ping. It cannot be - used in combination with any of the other ping types. When the - target machines are on the same network you are scanning from, - this is the fastest and most reliable (because it goes below IP- -@@ -374,7 +374,7 @@ - UDP services won’t reply to an empty packet, your best bet might - be to send this to expected-closed ports rather than open ones. - -- -PE This option uses a true ping (ICMP echo request) packet. It -+ -PE This option uses a true ping (ICMP echo request) packet. It - finds hosts that are up and also looks for subnet-directed - broadcast addresses on your network. These are IP addresses - which are externally reachable and translate to a broadcast of -@@ -382,10 +382,10 @@ - eliminated if found as they allow for numerous denial of service - attacks (Smurf is the most common). - -- -PP Uses an ICMP timestamp request (type 13) packet to find listen- -+ -PP Uses an ICMP timestamp request (type 13) packet to find listen- - ing hosts. - -- -PM Same as -PE and -PP except uses a netmask request (ICMP type -+ -PM Same as -PE and -PP except uses a netmask request (ICMP type - 17). - - -PB This is the default ping type. It uses both the ACK ( -PA ) and -@@ -397,7 +397,7 @@ - "PA" (or rely on the default behavior) to achieve this same - effect. - -- -O This option activates remote host identification via TCP/IP fin- -+ -O This option activates remote host identification via TCP/IP fin- - gerprinting. In other words, it uses a bunch of techniques to - detect subtleties in the underlying operating system network - stack of the computers you are scanning. It uses this informa- -@@ -436,7 +436,7 @@ - for each packet they send. This makes them vulnerable to sev- - eral advanced information gathering and spoofing attacks. - -- --osscan_limit -+ --osscan_limit - OS detection is far more effective if at least one open and one - closed TCP port are found. Set this option and Nmap will not - even try OS detection against hosts that do not meet this crite- -@@ -444,7 +444,7 @@ - against many hosts. It only matters when OS detection is - requested (-O or -A options). - -- -A This option enables _a_dditional _a_dvanced and _a_ggressive -+ -A This option enables _a_dditional _a_dvanced and _a_ggressive - options. I haven’t decided exactly which it stands for yet :). - Presently this enables OS Detection (-O) and version scanning - (-sV). More features may be added in the future. The point is -@@ -453,7 +453,7 @@ - enables features, and not timing options (such as -T4) or ver- - bosity options (-v) that you might wan’t as well. - -- -6 This options enables IPv6 support. All targets must be IPv6 if -+ -6 This options enables IPv6 support. All targets must be IPv6 if - this option is used, and they can be specified via normal DNS - name (AAAA record) or as a literal IP address such as - 3ffe:501:4819:2000:210:f3ff:fe03:4d0 . Currently, connect() TCP -@@ -461,7 +461,7 @@ - or other scan types, have a look at http://nmap6.source- - forge.net/ . - -- --send_eth -+ --send_eth - Asks Nmap to send packets at the raw ethernet (data link) layer - rather than the higher IP (network) layer. By default, Nmap - chooses the one which is generally best for the platform it is -@@ -471,12 +471,12 @@ - port. Nmap still uses raw IP packets when there is no other - choice (such as non-ethernet connections). - -- --send_ip -+ --send_ip - Asks Nmap to send packets via raw IP sockets rather than sending - lower level ethernet frames. It is the complement to the - --send-eth option.discussed previously. - -- --spoof_mac [mac, prefix, or vendor substring] -+ --spoof_mac [mac, prefix, or vendor substring] - Ask Nmap to use the given MAC address for all of the raw ether- - net frames it sends. The MAC given can take several formats. - If it is simply the string "0", Nmap chooses a completely random -@@ -492,7 +492,7 @@ - are "Apple", "0", "01:02:03:04:05:06", "deadbeefcafe", "0020F2", - and "Cisco". - -- -f This option causes the requested scan (including ping scans) to -+ -f This option causes the requested scan (including ping scans) to - use tiny fragmented IP packets. The idea is to split up the TCP - header over several packets to make it harder for packet fil- - ters, intrusion detection systems, and other annoyances to -@@ -521,7 +521,7 @@ - It works fine for my Linux, FreeBSD, and OpenBSD boxes and some - people have reported success with other *NIX variants. - -- -v Verbose mode. This is a highly recommended option and it gives -+ -v Verbose mode. This is a highly recommended option and it gives - out more information about what is going on. You can use it - twice for greater effect. You can also use -d a few times if - you really want to get crazy with scrolling the screen! -@@ -530,11 +530,11 @@ - options. As you may have noticed, this man page is not exactly - a "quick reference" :) - -- -oN <logfilename> -+ -oN <logfilename> - This logs the results of your scans in a normal human readable - form into the file you specify as an argument. - -- -oX <logfilename> -+ -oX <logfilename> - This logs the results of your scans in XML form into the file - you specify as an argument. This allows programs to easily cap- - ture and interpret Nmap results. You can give the argument "-" -@@ -546,7 +546,7 @@ - the XML output structure is available at http://www.inse- - cure.org/nmap/data/nmap.dtd . - -- --stylesheet <filename> -+ --stylesheet <filename> - Nmap ships with an XSL stylesheet named nmap.xsl for viewing or - translating XML output to HTML. The XML output includes an xml- - stylesheet directive which points to nmap.xml where it was ini- -@@ -563,12 +563,12 @@ - URL is often more useful, but the local filesystem locaton of - nmap.xsl is used by default for privacy reasons. - -- --no_stylesheet -+ --no_stylesheet - Specify this option to prevent Nmap from associating any XSL - stylesheet with its XML output. The xml-stylesheet directive is - omitted. - -- -oG <logfilename> -+ -oG <logfilename> - This logs the results of your scans in a grepable form into the - file you specify as an argument. This simple format provides - all the information on one line (so you can easily grep for port -@@ -582,17 +582,17 @@ - will still go to stderr). Also note that "-v" will cause some - extra information to be printed. - -- -oA <basefilename> -+ -oA <basefilename> - This tells Nmap to log in ALL the major formats (normal, - grepable, and XML). You give a base for the filename, and the - output files will be base.nmap, base.gnmap, and base.xml. - -- -oS <logfilename> -+ -oS <logfilename> - thIs l0gz th3 r3suLtS of YouR ScanZ iN a s|<ipT kiDd|3 f0rM iNto - THe fiL3 U sPecfy 4s an arGuMEnT! U kAn gIv3 the 4rgument "-" - (wItHOUt qUOteZ) to sh00t output iNT0 stDouT!@!! - -- --resume <logfilename> -+ --resume <logfilename> - A network scan that is canceled due to control-C, network out- - age, etc. can be resumed using this option. The logfilename - must be either a normal (-oN) or grepable (-oG) log from the -@@ -600,7 +600,7 @@ - same as the aborted scan). Nmap will start on the machine after - the last one successfully scanned in the log file. - -- --exclude <host1 [,host2][,host3],..."> -+ --exclude <host1 [,host2][,host3],..."> - Specifies a list of targets (hosts, ranges, netblocks) that - should be excluded from a scan. Useful to keep from scanning - yourself, your ISP, particularly sensitive hosts, etc. -@@ -610,16 +610,16 @@ - targets are provided in an newline-delimited exclude_file rather - than on the command line. - -- --allports -+ --allports - Causes version detection (-sV) to scan all open ports found, - including those excluded as dangerous (likely to cause crashes - or other problems) in nmap-service-probes. - -- --append_output -+ --append_output - Tells Nmap to append scan results to any output files you have - specified rather than overwriting those files. - -- -iL <inputfilename> -+ -iL <inputfilename> - Reads target specifications from the file specified RATHER than - from the command line. The file should contain a list of host - or network expressions separated by spaces, tabs, or newlines. -@@ -628,7 +628,7 @@ - section target specification for more information on the expres- - sions you fill the file with. - -- -iR <num hosts> -+ -iR <num hosts> - This option tells Nmap to generate its own hosts to scan by sim- - ply picking random numbers :). It will never end after the - given number of IPs has been scanned -- use 0 for a never-ending -@@ -637,7 +637,7 @@ - bored, try nmap -sS -PS80 -iR 0 -p 80 to find some web servers - to look at. - -- -p <port ranges> -+ -p <port ranges> - This option specifies what ports you want to specify. For exam- - ple "-p 23" will only try port 23 of the target host(s). "-p - 20-30,139,60000-" scans ports between 20 and 30, port 139, and -@@ -656,13 +656,13 @@ - tocol qualifier is given, the port numbers are added to all pro- - tocol lists. - -- -F Fast scan mode. -+ -F Fast scan mode. - Specifies that you only wish to scan for ports listed in the - services file which comes with nmap (or the protocols file for - -sO). This is obviously much faster than scanning all 65535 - ports on a host. - -- -D <decoy1 [,decoy2][,ME],...> -+ -D <decoy1 [,decoy2][,ME],...> - Causes a decoy scan to be performed which makes it appear to the - remote host that the host(s) you specify as decoys are scanning - the target network too. Thus their IDS might report 5-10 port -@@ -708,7 +708,7 @@ - will filter out your spoofed packets, although many (currently - most) do not restrict spoofed IP packets at all. - -- -S <IP_Address> -+ -S <IP_Address> - In some circumstances, nmap may not be able to determine your - source address ( nmap will tell you if this is the case). In - this situation, use -S with your IP address (of the interface -@@ -723,11 +723,11 @@ - ning them. -e would generally be required for this sort of - usage. - -- -e <interface> -+ -e <interface> - Tells nmap what interface to send and receive packets on. Nmap - should be able to detect this but it will tell you if it cannot. - -- --source_port <portnumber> -+ --source_port <portnumber> - Sets the source port number used in scans. Many naive firewall - and packet filter installations make an exception in their rule- - set to allow DNS (53) or FTP-DATA (20) packets to come through -@@ -746,7 +746,7 @@ - for using this option, because I sometimes store useful informa- - tion in the source port number. - -- --data_length <number> -+ --data_length <number> - Normally Nmap sends minimalistic packets that only contain a - header. So its TCP packets are generally 40 bytes and ICMP echo - requests are just 28. This option tells Nmap to append the -@@ -755,22 +755,22 @@ - portscan packets are. This slows things down, but can be - slightly less conspicuous. - -- -n Tells Nmap to NEVER do reverse DNS resolution on the active IP -+ -n Tells Nmap to NEVER do reverse DNS resolution on the active IP - addresses it finds. Since DNS is often slow, this can help - speed things up. - -- -R Tells Nmap to ALWAYS do reverse DNS resolution on the target IP -+ -R Tells Nmap to ALWAYS do reverse DNS resolution on the target IP - addresses. Normally this is only done when a machine is found - to be alive. - -- -r Tells Nmap NOT to randomize the order in which ports are -+ -r Tells Nmap NOT to randomize the order in which ports are - scanned. - -- --ttl <value> -+ --ttl <value> - Sets the IPv4 time to live field in sent packets to the given - value. - -- --privileged -+ --privileged - Tells Nmap to simply assume that it is privileged enough to per- - form raw socket sends, packet sniffing, and similar operations - that usually require root privileges on UNIX systems. By -@@ -792,25 +792,25 @@ - activate this mode and then type usually more familiar and fea- - ture-complete. - -- --randomize_hosts -+ --randomize_hosts - Tells Nmap to shuffle each group of up to 2048 hosts before it - scans them. This can make the scans less obvious to various - network monitoring systems, especially when you combine it with - slow timing options (see below). - -- -M <max sockets> -+ -M <max sockets> - Sets the maximum number of sockets that will be used in parallel - for a TCP connect() scan (the default). This is useful to slow - down the scan a little bit and avoid crashing remote machines. - Another approach is to use -sS, which is generally easier for - machines to handle. - -- --packet_trace -+ --packet_trace - Tells Nmap to show all the packets it sends and receives in a - tcpdump-like format. This can be tremendously useful for debug- - ging, and is also a good learning tool. - -- --datadir [directoryname] -+ --datadir [directoryname] - Nmap obtains some special data at runtime in files named nmap- - service-probes, nmap-services, nmap-protocols, nmap-rpc, nmap- - mac-prefixes, and nmap-os-fingerprints. Nmap first searches -@@ -830,7 +830,7 @@ - meet your objectives. The following options provide a fine - level of control over the scan timing: - -- -T <Paranoid|Sneaky|Polite|Normal|Aggressive|Insane> -+ -T <Paranoid|Sneaky|Polite|Normal|Aggressive|Insane> - These are canned timing policies for conveniently expressing - your priorities to Nmap. Paranoid mode scans very slowly in the - hopes of avoiding detection by IDS systems. It serializes all -@@ -859,17 +859,17 @@ - line. Otherwise the defaults for the selected timing mode will - override your choices. - -- --host_timeout <milliseconds> -+ --host_timeout <milliseconds> - Specifies the amount of time Nmap is allowed to spend scanning a - single host before giving up on that IP. The default timing - mode has no host timeout. - -- --max_rtt_timeout <milliseconds> -+ --max_rtt_timeout <milliseconds> - Specifies the maximum amount of time Nmap is allowed to wait for - a probe response before retransmitting or timing out that par- - ticular probe. The default mode sets this to about 9000. - -- --min_rtt_timeout <milliseconds> -+ --min_rtt_timeout <milliseconds> - When the target hosts start to establish a pattern of responding - very quickly, Nmap will shrink the amount of time given per - probe. This speeds up the scan, but can lead to missed packets -@@ -877,13 +877,13 @@ - you can guarantee that Nmap will wait at least the given amount - of time before giving up on a probe. - -- --initial_rtt_timeout <milliseconds> -+ --initial_rtt_timeout <milliseconds> - Specifies the initial probe timeout. This is generally only - useful when scanning firewalled hosts with -P0. Normally Nmap - can obtain good RTT estimates from the ping and the first few - probes. The default mode uses 6000. - -- --max_hostgroup <numhosts> -+ --max_hostgroup <numhosts> - Specifies the maximum number of hosts that Nmap is allowed to - scan in parallel. Most of the port scan techniques support - multi-host operation, which makes them much quicker. Spreading -@@ -894,7 +894,7 @@ - at a time) Nmap behavior. Note that the ping scanner handles - its own grouping, and ignores this value. - -- --min_hostgroup <numhosts> -+ --min_hostgroup <numhosts> - Specifies the minimum host group size (see previous entry). - Large values (such as 50) are often beneficial for unattended - scans, though they do take up more memory. Nmap may override -@@ -902,19 +902,19 @@ - the same network interface, and some scan types can only handle - one host at a time. - -- --max_parallelism <number> -+ --max_parallelism <number> - Specifies the maximum number of scans Nmap is allowed to perform - in parallel. Setting this to one means Nmap will never try to - scan more than 1 port at a time. It also effects other parallel - scans such as ping sweep, RPC scan, etc. - -- --min_parallelism <number> -+ --min_parallelism <number> - Tells Nmap to scan at least the given number of ports in paral- - lel. This can speed up scans against certain firewalled hosts - by an order of magnitude. But be careful -- results will become - unreliable if you push it too far. - -- --scan_delay <milliseconds> -+ --scan_delay <milliseconds> - Specifies the minimum amount of time Nmap must wait between - probes. This is mostly useful to reduce network load or to slow - the scan way down to sneak under IDS thresholds. Nmap will -@@ -924,7 +924,7 @@ - So Nmap will try to detect this and lower its rate of UDP probes - to one per second. - -- --max_scan_delay <milliseconds> -+ --max_scan_delay <milliseconds> - As noted above, Nmap will sometimes enforce a special delay - between sending packets. This can provide more accurate results - while reducing network congestion, but it can slow the scans -@@ -938,7 +938,7 @@ - - - --

TARGET SPECIFICATION

-+

TARGET SPECIFICATION

-        Everything that isn’t an option (or option argument) in nmap is treated
-        as  a  target  host specification.  The simplest case is listing single
-        hostnames or IP addresses on the command line.  If you want to  scan  a