#!/usr/bin/env python # -*- coding: utf-8 -*- # ***********************IMPORTANT NMAP LICENSE TERMS************************ # * * # * The Nmap Security Scanner is (C) 1996-2020 Insecure.Com LLC ("The Nmap * # * Project"). Nmap is also a registered trademark of the Nmap Project. * # * * # * This program is distributed under the terms of the Nmap Public Source * # * License (NPSL). The exact license text applying to a particular Nmap * # * release or source code control revision is contained in the LICENSE * # * file distributed with that version of Nmap or source code control * # * revision. More Nmap copyright/legal information is available from * # * https://nmap.org/book/man-legal.html, and further information on the * # * NPSL license itself can be found at https://nmap.org/npsl. This header * # * summarizes some key points from the Nmap license, but is no substitute * # * for the actual license text. * # * * # * Nmap is generally free for end users to download and use themselves, * # * including commercial use. It is available from https://nmap.org. * # * * # * The Nmap license generally prohibits companies from using and * # * redistributing Nmap in commercial products, but we sell a special Nmap * # * OEM Edition with a more permissive license and special features for * # * this purpose. See https://nmap.org/oem * # * * # * If you have received a written Nmap license agreement or contract * # * stating terms other than these (such as an Nmap OEM license), you may * # * choose to use and redistribute Nmap under those terms instead. * # * * # * The official Nmap Windows builds include the Npcap software * # * (https://npcap.org) for packet capture and transmission. It is under * # * separate license terms which forbid redistribution without special * # * permission. So the official Nmap Windows builds may not be * # * redistributed without special permission (such as an Nmap OEM * # * license). * # * * # * Source is provided to this software because we believe users have a * # * right to know exactly what a program is going to do before they run it. * # * This also allows you to audit the software for security holes. * # * * # * Source code also allows you to port Nmap to new platforms, fix bugs, * # * and add new features. You are highly encouraged to submit your * # * changes as a Github PR or by email to the dev@nmap.org mailing list * # * for possible incorporation into the main distribution. Unless you * # * specify otherwise, it is understood that you are offering us very * # * broad rights to use your submissions as described in the Nmap Public * # * Source License Contributor Agreement. This is important because we * # * fund the project by selling licenses with various terms, and also * # * because the inability to relicense code has caused devastating * # * problems for other Free Software projects (such as KDE and NASM). * # * * # * The free version of Nmap is distributed in the hope that it will be * # * useful, but WITHOUT ANY WARRANTY; without even the implied warranty of * # * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Warranties, * # * indemnification and commercial support are all available through the * # * Npcap OEM program--see https://nmap.org/oem. * # * * # ***************************************************************************/ import sys # Check if the given directory, and all its parent directories, are owned and # writable only by our euid or by root. If symlinks are present, they are # recursively checked, up to a limit of SYMLINK_LIMIT. # https://www.securecoding.cert.org/confluence/display/seccode/FIO15-C.+Ensure+that+file+operations+are+performed+in+a+secure+directory SYMLINK_LIMIT = 5 def is_secure_dir(path, num_symlinks=0): import os import os.path import stat if not os.path.isabs(path): return False if num_symlinks >= SYMLINK_LIMIT: return False dirs = [] while True: dirs.append(path) dirname = os.path.dirname(path) if dirname == path: break path = dirname # Traverse root-to-leaf. dirs.reverse() for dir in dirs: if os.path.islink(dir): link = os.readlink(dir) if not is_secure_dir(link, num_symlinks + 1): return False continue if not os.path.isdir(dir): return False buf = os.stat(dir) if buf.st_uid != os.geteuid() and buf.st_uid != 0: return False if buf.st_mode & (stat.S_IWGRP | stat.S_IWOTH) != 0: return False return True # Add the install_lib directory to sys.path, the list of directories searched # for modules, but don't do it if the directory or its parents may be writable # by other users. The following line is replaced by the installation program. INSTALL_LIB = None if INSTALL_LIB is not None and is_secure_dir(INSTALL_LIB): sys.path.append(INSTALL_LIB) # lgtm[py/unreachable-statement] try: import zenmapGUI.App except ImportError, e: print >> sys.stderr, """\ Could not import the zenmapGUI.App module: %s. I checked in these directories:""" % repr(e.message) for dir in sys.path: print >> sys.stderr, " %s" % dir print >> sys.stderr, """\ If you installed Zenmap in another directory, you may have to add the modules directory to the PYTHONPATH environment variable.""" sys.exit(1) if __name__ == '__main__': try: zenmapGUI.App.run() except KeyboardInterrupt: sys.exit(1)