Mitigate routing errors with default settings (#1289)

* moving to root + with-discovery

* .

* .

* paths fix

* flag

* paths 2

* deprecation

* updating readme

* Update README.md

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

.github/dependabot.yml

@@ -8,7 +8,7 @@ updates:
 
   # Maintain dependencies for go modules
   - package-ecosystem: "gomod"
-    directory: "v2/"
+    directory: "/"
     schedule:
       interval: "weekly"
     target-branch: "dev"

.github/workflows/build-test.yml

@@ -27,11 +27,10 @@ jobs:
 
       - name: Build
         run: go build .
-        working-directory: v2/cmd/naabu/
+        working-directory: cmd/naabu/
 
       - name: Test
         run: go test -race ./...
-        working-directory: v2/
 
       - name: Integration Tests
         env:
@@ -42,12 +41,12 @@ jobs:
       - name: Race Condition Tests - Standard User
         run: |
           go run -race . -host scanme.sh
-        working-directory: v2/cmd/naabu/
+        working-directory: cmd/naabu/
 
       - name: Race Condition Tests - Root User
         run: |
-          sudo go run -race . -host scanme.sh -Pn
-        working-directory: v2/cmd/naabu/
+          sudo go run -race . -host scanme.sh
+        working-directory: cmd/naabu/
 
   build-mac:
     runs-on: macos-latest
@@ -68,11 +67,10 @@ jobs:
 
       - name: Build
         run: go build .
-        working-directory: v2/cmd/naabu/
+        working-directory: cmd/naabu/
 
       - name: Test
         run: go test -race ./...
-        working-directory: v2/
 
       - name: Integration Tests
         env:
@@ -83,12 +81,12 @@ jobs:
       - name: Race Condition Tests - Standard User
         run: |
           go run -race . -host scanme.sh
-        working-directory: v2/cmd/naabu/
+        working-directory: cmd/naabu/
 
       - name: Race Condition Tests - Root User
         run: |
-          sudo go run -race . -host scanme.sh -Pn
-        working-directory: v2/cmd/naabu/
+          sudo go run -race . -host scanme.sh
+        working-directory: cmd/naabu/
 
   build-windows:
     runs-on: windows-latest
@@ -103,15 +101,14 @@ jobs:
 
       - name: Build
         run: go build .
-        working-directory: v2/cmd/naabu/
+        working-directory: cmd/naabu/
 
       - name: Test
         run: go test -race ./...
-        working-directory: v2/
 
       - name: Race Condition Tests
         # Known issue: /~https://github.com/golang/go/issues/46099
         run: |
           # go run -race . -host scanme.sh
           # sudo go run -race . -host scanme.sh
-        working-directory: v2/cmd/naabu/
+        working-directory: cmd/naabu/

.github/workflows/functional-test.yml

@@ -39,4 +39,4 @@ jobs:
         run: |
           chmod +x run.sh
           bash run.sh
-        working-directory: v2/cmd/functional-test
+        working-directory: cmd/functional-test

.github/workflows/lint-test.yml

@@ -27,5 +27,4 @@ jobs:
         uses: golangci/golangci-lint-action@v6.1.1
         with:
           version: latest
-          args: --timeout 5m
-          working-directory: v2/
+          args: --timeout 5m

.github/workflows/release-binary.yml

@@ -25,7 +25,7 @@ jobs:
         with:
           version: latest
           args: release -f .goreleaser/mac.yml --clean
-          workdir: v2
+          workdir: /
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
@@ -48,7 +48,7 @@ jobs:
         with:
           version: latest
           args: release -f .goreleaser/linux.yml --clean
-          workdir: v2
+          workdir: /
         env: 
           GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
           SLACK_WEBHOOK: "${{ secrets.RELEASE_SLACK_WEBHOOK }}"
@@ -71,6 +71,6 @@ jobs:
         with:
           version: latest
           args: release -f .goreleaser/windows.yml --clean
-          workdir: v2
+          workdir: /
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release-test.yml

@@ -30,7 +30,6 @@ jobs:
         with:
           args: "release --clean --snapshot -f .goreleaser/mac.yml"
           version: latest
-          workdir: v2
 
   release-test-linux:
     runs-on: ubuntu-latest-16-cores
@@ -53,7 +52,6 @@ jobs:
         with:
           args: "release --clean --snapshot -f .goreleaser/linux.yml"
           version: latest
-          workdir: v2
 
   release-test-windows:
     runs-on: windows-latest-8-cores
@@ -72,5 +70,4 @@ jobs:
         uses: goreleaser/goreleaser-action@v6
         with:
           args: "release --clean --snapshot -f .goreleaser/windows.yml"
-          version: latest
-          workdir: v2
+          version: latest

.gitignore

@@ -1,11 +1,10 @@
 cmd/naabu/naabu*
-v2/cmd/naabu/naabu*
 vendor
 integration_tests/naabu
 integration_tests/integration-test
-v2/cmd/functional-test/naabu_dev
-v2/cmd/functional-test/functional-test
-v2/cmd/functional-test/naabu
-v2/cmd/functional-test/*.cfg
+cmd/functional-test/naabu_dev
+cmd/functional-test/functional-test
+cmd/functional-test/naabu
+cmd/functional-test/*.cfg
 .vscode
 dist

Dockerfile

@@ -1,14 +1,14 @@
 # Build
-FROM golang:1.23.3-alpine AS builder
+FROM golang:1.23.3-alpine AS build-env
 RUN apk add --no-cache build-base libpcap-dev
 WORKDIR /app
 COPY . /app
-WORKDIR /app/v2
 RUN go mod download
 RUN go build ./cmd/naabu
 
 # Release
 FROM alpine:3.20.3
-RUN apk add --no-cache nmap libpcap-dev bind-tools ca-certificates nmap-scripts
-COPY --from=builder /app/v2/naabu /usr/local/bin/
-ENTRYPOINT ["naabu"]
+RUN apk upgrade --no-cache \
+    && apk add --no-cache nmap libpcap-dev bind-tools ca-certificates nmap-scripts
+COPY --from=build-env /app/naabu /usr/local/bin/
+ENTRYPOINT ["naabu"]

README.md

@@ -54,8 +54,9 @@ This will display help for the tool. Here are all the switches it supports.
 
 ```yaml
 Usage:
-  ./naabu [flags]
+  naabu [flags]
 
+Flags:
 INPUT:
    -host string[]              hosts to scan ports for (comma-separated)
    -list, -l string            list of hosts to scan ports (file)
@@ -88,8 +89,8 @@ CONFIGURATION:
    -config string                   path to the naabu configuration file (default $HOME/.config/naabu/config.yaml)
    -scan-all-ips, -sa               scan all the IP's associated with DNS record
    -ip-version, -iv string[]        ip version to scan of hostname (4,6) - (default 4) (default ["4"])
-   -scan-type, -s string            type of port scan (SYN/CONNECT) (default "s")
-   -source-ip string                source ip and port (x.x.x.x:yyy)
+   -scan-type, -s string            type of port scan (SYN/CONNECT) (default "c")
+   -source-ip string                source ip and port (x.x.x.x:yyy - might not work on OSX) 
    -interface-list, -il             list available interfaces and public ip
    -interface, -i string            network Interface to use for port scan
    -nmap                            invoke nmap scan on targets (nmap must be installed) - Deprecated
@@ -105,7 +106,8 @@ CONFIGURATION:
 
 HOST-DISCOVERY:
    -sn, -host-discovery           Perform Only Host Discovery
-   -Pn, -skip-host-discovery      Skip Host discovery
+   -Pn, -skip-host-discovery      Skip Host discovery (Deprecated: use -wn/-with-host-discovery instead)
+   -wn, -with-host-discovery      Enable Host discovery
    -ps, -probe-tcp-syn string[]   TCP SYN Ping (host discovery needs to be enabled)
    -pa, -probe-tcp-ack string[]   TCP ACK Ping (host discovery needs to be enabled)
    -pe, -probe-icmp-echo          ICMP echo request Ping (host discovery needs to be enabled)
@@ -291,7 +293,7 @@ hackerone.com:80
 
 # Host Discovery
 
-Naabu optionally supports multiple options to perform host discovery, as outlined below. Host discovery is completed automatically before beginning a connect/syn scan if the process has enough privileges. `-sn` flag instructs the toll to perform host discovery only. `-Pn` flag skips the host discovery phase. Host discovery is completed using multiple internal methods; one can specify the desired approach to perform host discovery by setting available options.
+Naabu optionally supports multiple options to perform host discovery. Host discovery is optional and can be enabled with the `-wn` flag. `-sn` flag instructs the tool to perform host discovery only.
 
 Available options to perform host discovery:
 

v2/cmd/functional-test/testcases.txt → cmd/functional-test/testcases.txt

@@ -3,7 +3,7 @@
 127.0.0.1 {{binary}} -tp 100
 127.0.0.1 {{binary}} -ep 80 -p 8000
 127.0.0.1 {{binary}} -c 25 -p 8000
-127.0.0.1 {{binary}} -nmap-cli '-Pn -sT' -p 8000
+127.0.0.1 {{binary}} -nmap-cli '-sT' -p 8000
 127.0.0.1 {{binary}} -json
 127.0.0.1 {{binary}} -nmap-cli '-sT'
 scanme.sh {{binary}} -stream -passive

v2/cmd/integration-test/library.go → cmd/integration-test/library.go

@@ -32,11 +32,10 @@ func (h *naabuPassiveSingleLibrary) Execute() error {
 	defer os.RemoveAll(testFile)
 
 	options := runner.Options{
-		HostsFile:         testFile,
-		Ports:             "80",
-		Passive:           true,
-		SkipHostDiscovery: true,
-		OnResult:          func(hr *result.HostResult) {},
+		HostsFile: testFile,
+		Ports:     "80",
+		Passive:   true,
+		OnResult:  func(hr *result.HostResult) {},
 	}
 
 	naabuRunner, err := runner.NewRunner(&options)
@@ -68,10 +67,9 @@ func (h *naabuSingleLibrary) Execute() error {
 	var got bool
 
 	options := runner.Options{
-		HostsFile:         testFile,
-		Ports:             "80",
-		SkipHostDiscovery: true,
-		ScanType:          h.scanType,
+		HostsFile: testFile,
+		Ports:     "80",
+		ScanType:  h.scanType,
 		OnResult: func(hr *result.HostResult) {
 			got = true
 		},
@@ -114,10 +112,9 @@ func (h *naabuMultipleExecLibrary) Execute() error {
 	var got bool
 
 	options := runner.Options{
-		HostsFile:         testFile,
-		Ports:             "80",
-		ScanType:          h.scanType,
-		SkipHostDiscovery: true,
+		HostsFile: testFile,
+		Ports:     "80",
+		ScanType:  h.scanType,
 		OnResult: func(hr *result.HostResult) {
 			got = true
 		},

integration_tests/run.sh

@@ -2,16 +2,16 @@
 
 echo "::group::Build naabu"
 rm integration-test naabu 2>/dev/null
-cd ../v2/cmd/naabu
+cd ../cmd/naabu
 go build
-mv naabu ../../../integration_tests/naabu
+mv naabu ../../integration_tests/naabu
 echo "::endgroup::"
 
 echo "::group::Build naabu integration-test"
 cd ../integration-test
 go build
-mv integration-test ../../../integration_tests/integration-test 
-cd ../../../integration_tests
+mv integration-test ../../integration_tests/integration-test 
+cd ../../integration_tests
 echo "::endgroup::"
 
 sudo ./integration-test

v2/pkg/runner/options.go → pkg/runner/options.go

@@ -73,7 +73,9 @@ type Options struct {
 	OutputCDN         bool // display cdn in use
 	HealthCheck       bool
 	OnlyHostDiscovery bool // Perform only host discovery
-	SkipHostDiscovery bool // Skip host discovery
+	// Deprecated: use WithHostDiscovery instead
+	SkipHostDiscovery bool // Skip Host discovery
+	WithHostDiscovery bool // Enable Host discovery
 	TcpSynPingProbes  goflags.StringSlice
 	TcpAckPingProbes  goflags.StringSlice
 	// UdpPingProbes               goflags.StringSlice - planned
@@ -144,7 +146,7 @@ func ParseOptions() *Options {
 		flagSet.StringVar(&cfgFile, "config", "", "path to the naabu configuration file (default $HOME/.config/naabu/config.yaml)"),
 		flagSet.BoolVarP(&options.ScanAllIPS, "sa", "scan-all-ips", false, "scan all the IP's associated with DNS record"),
 		flagSet.StringSliceVarP(&options.IPVersion, "iv", "ip-version", []string{scan.IPv4}, "ip version to scan of hostname (4,6) - (default 4)", goflags.NormalizedStringSliceOptions),
-		flagSet.StringVarP(&options.ScanType, "s", "scan-type", SynScan, "type of port scan (SYN/CONNECT)"),
+		flagSet.StringVarP(&options.ScanType, "s", "scan-type", ConnectScan, "type of port scan (SYN/CONNECT)"),
 		flagSet.StringVar(&options.SourceIP, "source-ip", "", "source ip and port (x.x.x.x:yyy - might not work on OSX) "),
 		flagSet.BoolVarP(&options.InterfacesList, "il", "interface-list", false, "list available interfaces and public ip"),
 		flagSet.StringVarP(&options.Interface, "i", "interface", "", "network Interface to use for port scan"),
@@ -162,7 +164,9 @@ func ParseOptions() *Options {
 
 	flagSet.CreateGroup("host-discovery", "Host-Discovery",
 		flagSet.BoolVarP(&options.OnlyHostDiscovery, "host-discovery", "sn", false, "Perform Only Host Discovery"),
+		// Deprecated: use WithHostDiscovery instead
 		flagSet.BoolVarP(&options.SkipHostDiscovery, "skip-host-discovery", "Pn", false, "Skip Host discovery"),
+		flagSet.BoolVarP(&options.WithHostDiscovery, "with-host-discovery", "wn", false, "Enable Host discovery"),
 		flagSet.StringSliceVarP(&options.TcpSynPingProbes, "probe-tcp-syn", "ps", nil, "TCP SYN Ping (host discovery needs to be enabled)", goflags.StringSliceOptions),
 		flagSet.StringSliceVarP(&options.TcpAckPingProbes, "probe-tcp-ack", "pa", nil, "TCP ACK Ping (host discovery needs to be enabled)", goflags.StringSliceOptions),
 		flagSet.BoolVarP(&options.IcmpEchoRequestProbe, "probe-icmp-echo", "pe", false, "ICMP echo request Ping (host discovery needs to be enabled)"),
@@ -272,7 +276,7 @@ func (options *Options) ShouldLoadResume() bool {
 }
 
 func (options *Options) shouldDiscoverHosts() bool {
-	return (options.OnlyHostDiscovery || !options.SkipHostDiscovery) && !options.Passive && scan.PkgRouter != nil
+	return (options.OnlyHostDiscovery || options.WithHostDiscovery) && !options.Passive && scan.PkgRouter != nil
 }
 
 func (options *Options) hasProbes() bool {

v2/pkg/runner/validate.go → pkg/runner/validate.go

@@ -119,7 +119,7 @@ func (options *Options) ValidateOptions() error {
 		return errors.New("IP Version must be 4 and/or 6")
 	}
 	// Return error if any host discovery releated option is provided but host discovery is disabled
-	if options.SkipHostDiscovery && options.hasProbes() {
+	if !options.WithHostDiscovery && options.hasProbes() {
 		return errors.New("discovery probes were provided but host discovery is disabled")
 	}
 
@@ -174,7 +174,7 @@ func (options *Options) configureHostDiscovery(ports []*port.Port) {
 	// if less than two ports are specified as input, reduce time and scan directly
 	if len(ports) <= 2 {
 		gologger.Info().Msgf("Host discovery disabled: less than two ports were specified")
-		options.SkipHostDiscovery = true
+		options.WithHostDiscovery = false
 	}
 	if options.shouldDiscoverHosts() && !options.hasProbes() {
 		// if no options were defined enable

v2/pkg/scan/scan_unix.go → pkg/scan/scan_unix.go

@@ -51,12 +51,12 @@ func init() {
 	var err error
 	icmpConn4, err = icmp.ListenPacket("ip4:icmp", "0.0.0.0")
 	if err != nil {
-		gologger.Error().Msgf("could not setup ip4:icmp: %s", err)
+		gologger.Debug().Msgf("could not setup ip4:icmp: %s", err)
 	}
 
 	icmpConn6, err = icmp.ListenPacket("ip6:icmp", "::")
 	if err != nil {
-		gologger.Error().Msgf("could not setup ip6:icmp: %s", err)
+		gologger.Debug().Msgf("could not setup ip6:icmp: %s", err)
 	}
 
 	icmpPacketSend = make(chan *PkgSend, packetSendSize)