/** check EDNS at this IP and port */ static int check_edns_ip(char* ip, int port, int info) { struct sockaddr_storage addr; socklen_t len = 0; uint8_t* wire; size_t wlen; memset(&addr, 0, sizeof(addr)); if(verb) printf("%s ", ip); if(!convert_addr(ip, port, &addr, &len)) return 2; /* try to send 3 times to the IP address, test root key */ if(!get_packet(&addr, len, ".", LDNS_RR_TYPE_DNSKEY, &wire, &wlen)) return 2; if(!check_packet(wire, wlen, LDNS_RR_TYPE_DNSKEY)) return 1; /* check support for caching type DS for chains of trust */ if(!get_packet(&addr, len, "se.", LDNS_RR_TYPE_DS, &wire, &wlen)) return 2; if(!check_packet(wire, wlen, LDNS_RR_TYPE_DS)) return 1; if(verb) printf("OK\n"); if(info) printf(" %s", ip); return 0; }
bool Vm1::cmd_mov_reg_byte(DWORD reg1,DWORD addr) { //printf("mov reg,byte ptr [addr]"); DWORD real_addr=convert_addr(addr,true); BYTE real_src=*(byte*)real_addr; SetRegValue(reg1,real_src); return true; }
bool Vm1::cmd_mov_reg_ptr_reg(DWORD reg1,DWORD reg2) { //printf("mov reg,byte ptr [reg]"); DWORD real_addr=GetRegValue(reg2); if(!IsValid_VirtAddrAll(real_addr,4)) return false; real_addr=convert_addr(real_addr,true); byte real_src=*(byte*)real_addr; SetRegValue(reg1,real_src); return true; }
void* EasyHelper::easy_sync_send(easy_io_t *eio, uint64_t server_id, void *packet, void *args, easy_io_handler_pt *handler, int timeout, int retry) { easy_addr_t addr = convert_addr(server_id); return easy_sync_send(eio, addr, packet, args, handler, timeout, retry); }
bool Vm1::cmd_xor_byte_ptr_reg(DWORD reg1,DWORD reg2) { //printf("xor byte ptr [reg],reg2 DWORD real_addr=GetRegValue(reg1); if(!IsValid_VirtAddrAll(real_addr,4)) return false; real_addr=convert_addr(real_addr,true); byte real_src=*(byte*)real_addr; real_src^=(byte)GetRegValue(reg2); *(byte*)real_addr=real_src; return true; }
//нужна функция проверки адреса!! bool Vm1::cmd_mov_reg_mem(DWORD regs,DWORD addr) { //printf("mov reg,mem"); //записываем одно значение в другое if(!IsValid_VirtAddrAll(addr,4)) return false; DWORD real_addr=convert_addr(addr,true); DWORD real_src=*(DWORD*)real_addr; SetRegValue(regs,real_src); return true; }
bool Vm1::cmd_pop(DWORD regs) { //printf("pop",regs); //получим данные из стека if(IsValid_VirtAddr(reg.esp-4,4,&mem.stack)) return false; DWORD real_addr=convert_addr(reg.esp,true); if(real_addr) { DWORD value=*(DWORD*)real_addr; SetRegValue(regs,value); reg.esp-=sizeof(DWORD); return true; } return false; }
/////////////////////////////////////////////////////////// //обработчики опкодов /////////////////////////////////////////////////////////// bool Vm1::cmd_push(DWORD regs) { //printf("push",regs); //засунем в стек данные //проверим выход за пределы стека //возврат false - крушение стека! if(IsValid_VirtAddr(reg.esp,4,&mem.stack)) return false; DWORD real_addr=convert_addr(reg.esp,true); if(real_addr) { *(DWORD*)real_addr=GetRegValue(regs); reg.esp+=sizeof(DWORD); return true; } return false; }
static int configurable_checkaccess(Npfid* fid, const char* path, u8 mode) { uid_t user; struct in_addr remote_addr; /* char check_path[PATH_MAX]; if ( !fid->path ) { memcpy(check_path, path, strlen(path) + 1); } else if ( !path ) { memcpy(check_path, fid->path, strlen(fid->path) + 1); } else { int fid_path_length = strlen(fid->path) + 1; memcpy(check_path, fid->path, fid_path_length); check_path[fid_path_length] = '/'; memcpy(check_path + fid_path_length + 1, path, strlen(path) + 1); } */ user = fid->user->uid; convert_addr(fid->conn->address, &remote_addr); return check_permission(user, remote_addr, path, mode2rights(mode)) == true ? 1 : 0; // 1 if access is ok }
static int execute_openssl_auth_protocol(struct openssl_session_auth_context* ctx) { u32 client_certificate_length, server_certificate_length, private_key_length; char* client_certificate = NULL; char* server_certificate = NULL; char* private_key = NULL; int auth_result = 0; node_security_mode required_security_mode; int auth_mode = 2; uid_t user; struct in_addr remote_addr; int ret; ctx->status = AS_INPROGRESS; if ( ctx->fid->user == NULL ) { ctx->status = AS_REJECTED; pthread_cond_broadcast(&ctx->cond); return 0; } user = ctx->fid->user->uid; convert_addr(ctx->fid->conn->address, &remote_addr); required_security_mode = get_security_mode(user, remote_addr); if ( required_security_mode == REJECT ) { ctx->status = AS_REJECTED; pthread_cond_broadcast(&ctx->cond); return 0; } if ( required_security_mode == OPEN || required_security_mode == ENCRYPTED ) /* TODO: only encryption with no auth is not supported yet */ auth_mode= 0; else if ( required_security_mode == AUTHENTICATED ) auth_mode = 1; else if ( required_security_mode == SECURED ) auth_mode = 2; if ( write_u32(ctx, auth_mode) != 4 ) { printf("Failed to send required mode to the client\n"); ctx->status = AS_REJECTED; pthread_cond_broadcast(&ctx->cond); return 0; } if ( !auth_mode ) { /* Authentication is not required => we are done */ ctx->status = AS_ACCEPTED; pthread_cond_broadcast(&ctx->cond); printf("Auth is not required for uid %d from host %s\n", user, ctx->fid->conn->address); return 1; } ret = exchange_certificates(ctx, &client_certificate, &client_certificate_length, &server_certificate, &server_certificate_length, &remote_addr); if ( ret ) goto failed; if ( load_private_key(module_context->path_to_privatekey, module_context->privatekey_password, &private_key, &private_key_length) ) { printf("Failed to load private key\n"); goto failed; } ret = verify_private_key_ownership(ctx, private_key, private_key_length, client_certificate, client_certificate_length); if ( ret ) goto failed; if ( auth_mode == 2 ) { // If encryption is required ret = establish_symmetric_cipher(ctx, client_certificate, client_certificate_length); if ( ret ) goto failed; } ctx->status = AS_ACCEPTED; failed: free(private_key); free(server_certificate); free(client_certificate); if ( ctx->status == AS_INPROGRESS ) ctx->status = AS_REJECTED; pthread_cond_broadcast(&ctx->cond); return auth_result; }
bool EasyHelper::is_alive(uint64_t server_id, easy_io_t *eio) { easy_addr_t addr = convert_addr(server_id); addr.cidx = 0; return is_alive(addr, eio); }
//дизассемблер байт-кода bool Vm1::parse_command() { //проверим выход за пределы секции кода if(reg.eip+max_opcode_size>(mem.code.virt_addr+mem.code.size)){return false;} //распарсим по параметрам. DWORD real_addr=convert_addr(reg.eip,true); opcode opc; opc.opcodes=*(byte*)real_addr; opc.param1.byte=*(byte*)(real_addr+1); opc.param2.byte=*(byte*)(real_addr+2); //dword не может стоять на первом месте opc.param2.dword=*(DWORD*)(real_addr+2); switch (opc.opcodes) { case halt: cmd.id=halt; cmd.len=1; break; case push_reg: cmd.id=push_reg; cmd.len=2; cmd.operand=opc.param1.byte; break; case pop_reg: cmd.id=pop_reg; cmd.len=2; cmd.operand=opc.param1.byte; break; case cmp_reg_reg: cmd.id=cmp_reg_reg; cmd.len=3; cmd.operand=opc.param1.byte; cmd.operand2=opc.param2.byte; break; case mov_reg_reg: cmd.id=mov_reg_reg; cmd.len=3; cmd.operand=opc.param1.byte; cmd.operand2=opc.param2.byte; break; case mov_reg_mem: cmd.id=mov_reg_mem; cmd.len=6; cmd.operand=opc.param1.byte; cmd.operand2=opc.param2.dword; break; case jmp: cmd.id=jmp; cmd.len=6; cmd.operand=opc.param1.byte; //условие перехода cmd.operand2=opc.param2.dword; // дельта break; case add_reg_reg: cmd.id=add_reg_reg; cmd.len=3; cmd.operand=opc.param1.byte; cmd.operand2=opc.param2.byte; break; case mod_reg_imm: cmd.id=mod_reg_imm; cmd.len=6; cmd.operand=opc.param1.byte; cmd.operand2=opc.param2.dword; break; case shl_reg_reg: cmd.id=shl_reg_reg; cmd.len=6; cmd.operand=opc.param1.byte; cmd.operand2=opc.param2.dword; break; case mov_reg_byte: cmd.id=mov_reg_byte; cmd.len=6; cmd.operand=opc.param1.byte; //регистр cmd.operand2=opc.param2.dword; //адрес break; case mov_reg_imm: cmd.id=mov_reg_imm; cmd.len=6; cmd.operand=opc.param1.byte; //регистр cmd.operand2=opc.param2.dword; //значение break; case mov_reg_ptr_reg: cmd.id=mov_reg_ptr_reg; cmd.len=3; cmd.operand=opc.param1.byte; //регистр cmd.operand2=opc.param2.byte; //регистр break; case add_reg_imm: cmd.id=add_reg_imm; cmd.len=6; cmd.operand=opc.param1.byte; //регистр cmd.operand2=opc.param2.dword; //регистр break; case xor_byte_ptr_reg: cmd.id=xor_byte_ptr_reg; cmd.len=3; cmd.operand=opc.param1.byte; //регистр cmd.operand2=opc.param2.byte; //параметр break; case antidebug_1: cmd.id=antidebug_1; cmd.len=6; cmd.operand=opc.param1.byte; cmd.operand2=opc.param2.dword; break; default: cmd.id=INVALID_OPCODE; cmd.len=0; return false; } return true; }