static Boolean hex_string_to_data(char *str,
unsigned char **data,
size_t *data_len)
{
size_t str_len, buf_len;
unsigned char *buf;
int i, ch, cl;
str_len = strlen(str);
if ((str_len == 0) || ((str_len % 2) != 0))
return FALSE;
buf_len = str_len / 2;
buf = ssh_xmalloc(buf_len);
for (i = 0; i < buf_len; i++)
{
ch = hex_char_to_int(str[i * 2]);
cl = hex_char_to_int(str[(i * 2) + 1]);
if ((ch >= 0) && (cl >= 0))
{
buf[i] = (unsigned char)(ch * 16 + cl);
}
else
{
ssh_xfree(buf);
return FALSE;
}
}
if (data)
*data = buf;
else
ssh_xfree(buf);
if (data_len)
*data_len = buf_len;
return TRUE;
}
static int prevent_xss_str(t_session *session, char *input) {
int result = 0;
short low, high;
char *str, value;
char tag[22];
str = input;
while (*str != '\0') {
if ((value = *str) == '%') {
if ((high = hex_char_to_int(*(str + 1))) != -1) {
if ((low = hex_char_to_int(*(str + 2))) != -1) {
value = (char)(high<<4) + low;
str += 2;
}
}
}
if (value == '<') {
str++;
strncpy(tag, str, 21);
tag[21] = '\0';
url_decode(tag);
strlower(tag);
if ((memcmp(tag, "script", 6) == 0) && ((tag[6] == ' ') || (tag[6] == '>'))) {
log_exploit_attempt(session, "XSS", input);
#ifdef ENABLE_TOMAHAWK
increment_counter(COUNTER_EXPLOIT);
#endif
#ifdef ENABLE_MONITOR
if (session->config->monitor_enabled) {
monitor_count_exploit_attempt(session);
monitor_event("XSS attempt for %s%s", session->host->hostname.item[0], session->uri);
}
#endif
if (session->host->prevent_xss == p_prevent) {
*str = '_';
}
result = 1;
break;
}
}
str++;
}
return result;
}
int parseImage(char* input_file,int nImages,float** data) {
if (nImages>10000) {
printf("mnist_image_parser: parseImage(%s,%d)\n",input_file,nImages);
return 1;
}
FILE* input_file_pointer = fopen(input_file, "r");
CHECK_NOTNULL(input_file_pointer);
char magic_number_bytes[4];
CHECK(fread(magic_number_bytes, sizeof(char), 4, input_file_pointer));
// If MSB is first then magic_number_bytes will be 0x00000803
if (magic_number_bytes[2] == 0x08 && magic_number_bytes[3] == 0x03) {
LOG_INFO("Little Endian : MSB first");
} else if (magic_number_bytes[0] == 0x01 && magic_number_bytes[1] == 0x08) {
// I haven't taken into account big indian-ness, yet.
LOG_FATAL("Big Endian : MSB last");
} else {
LOG_FATAL("This doesn't correspond to a MNIST Label file.");
}
LOG_INFO("magic number: %d", hex_array_to_int(magic_number_bytes, 4));
char number_of_images_bytes[4];
CHECK(fread(number_of_images_bytes, sizeof(char), 4, input_file_pointer));
int32_t number_of_images = hex_array_to_int(number_of_images_bytes, 4);
LOG_INFO("number of images: %d", number_of_images);
int32_t num_rows = 0, num_cols = 0;
char num_row_cols[4];
CHECK(fread(num_row_cols, sizeof(char), 4, input_file_pointer));
num_rows = hex_array_to_int(num_row_cols, 4);
CHECK(fread(num_row_cols, sizeof(char), 4, input_file_pointer));
num_cols = hex_array_to_int(num_row_cols, 4);
LOG_INFO("pixel rows: %d and pixel columns: %d", num_rows, num_cols);
int32_t num_pixles_in_image = num_cols * num_rows;
//char images_pixels_bytes[num_pixles_in_image];
char* images_pixels_bytes = malloc(num_pixles_in_image);
for(int images_done = 0; images_done<nImages;images_done++){
//printf("parse image %d\n",images_done);
CHECK(fread(images_pixels_bytes, sizeof(char), num_pixles_in_image, input_file_pointer));
for (int32_t idx = 0; idx < num_pixles_in_image; ++idx) {
//printf("image %d at pixel %d\n",images_done,idx);
int32_t image_pixel_value = hex_char_to_int(images_pixels_bytes[idx]);
// printf("%d \n",image_pixel_value);
// A graphic of the number this represents.
data[images_done][idx] = (float)image_pixel_value;
}
}
printf("Images parsed.\n");
free(images_pixels_bytes);
fclose(input_file_pointer);
return 0;
}
uint64_t mix_hashed_nums(uint8_t *hashed_nums, const uint8_t *unhashedData, size_t unhashed_sz,
uint8_t **mixed_hash, uint8_t *hash_digest)
{
uint32_t i, index = 0;
const uint32_t hashed_nums_len = SHA256_LEN;
uint64_t count;
uint8_t tmp_val, tmp_array[SHA256_LEN + 2];
//initialize the class for the extend hash
Extend_Array new_hash;
Extend_Array_init(&new_hash);
//set the first hash length in the temp array to all 0xff
memset(tmp_array, 0xff, SHA256_LEN);
//set the last two bytes to \000
*(tmp_array + SHA256_LEN) = *(tmp_array + SHA256_LEN + 1) = 0;
for(count = 0;; count++)
{
//+1 to keeps a 0 value of *(hashed_nums + index) moving on
i = hex_char_to_int(*(hashed_nums + index)) + 1;
index += i;
//if we hit the end of the hash, rehash it
if(index >= hashed_nums_len)
{
index = index % hashed_nums_len;
sha256_to_str(hashed_nums, hashed_nums_len, hashed_nums, hash_digest); //rescramble
}
tmp_val = *(hashed_nums + index);
join_to_array(tmp_array, tmp_val); //plop tmp_val at the end of tmp_array
sha256_to_str(tmp_array, SHA256_LEN + 1, tmp_array, hash_digest);
//extend the expanded hash to the array
extend_array(&new_hash, count * SHA256_LEN, tmp_array, SHA256_LEN, false);
//check if the last value of hashed_nums is the same as the last value in tmp_array
if(index == hashed_nums_len - 1)
if(tmp_val == *(tmp_array + SHA256_LEN - 1))
{
//add to count since we extended the array, but break will exit the for loop and count
// will not get incremenented by the for loop
count++;
break;
}
}
//extend the unhashed data to the end and add the \000 to the end
extend_array(&new_hash, count * SHA256_LEN, (unsigned char*)unhashedData, unhashed_sz, true);
//assign the address of new_hash's array to mixed_hash
*mixed_hash = new_hash.array;
return count * SHA256_LEN + unhashed_sz;
}
/* Prevent cross-site scripting.
*/
int prevent_xss(t_session *session) {
int result = 0;
bool logged = false;
short low, high;
char *str, value;
if ((str = session->vars) == NULL) {
return 0;
}
while (*str != '\0') {
if ((value = *str) == '%') {
if ((high = hex_char_to_int(*(str + 1))) != -1) {
if ((low = hex_char_to_int(*(str + 2))) != -1) {
value = (char)(high<<4) + low;
}
}
}
if ((value == '\"') || (value == '<') || (value == '>') || (value == '\'')) {
if (logged == false) {
log_exploit_attempt(session, "XSS", session->vars);
#ifdef ENABLE_TOMAHAWK
increment_counter(COUNTER_EXPLOIT);
#endif
#ifdef ENABLE_MONITOR
if (session->config->monitor_enabled) {
monitor_count_exploit(session);
monitor_event("XSS attempt for %s", session->file_on_disk);
}
#endif
logged = true;
}
*str = '_';
result = 1;
}
str++;
}
return result;
}
static int arc4_seed_proc_sys_kernel_random_uuid( void )
{
/*
* Occasionally, somebody will make /proc/sys accessible in a chroot,
* but not /dev/urandom. Let's try /proc/sys/kernel/random/uuid.
* Its format is stupid, so we need to decode it from hex.
*/
char buf[ 128 ];
HB_U8 entropy[ 64 ];
int bytes, i, nybbles;
for( bytes = 0; bytes < ADD_ENTROPY; )
{
int fd = open( "/proc/sys/kernel/random/uuid", O_RDONLY, 0 );
int n;
if( fd < 0 )
return -1;
n = read( fd, buf, sizeof( buf ) );
close( fd );
if( n <= 0 )
return -1;
memset( entropy, 0, sizeof( entropy ) );
for( i = nybbles = 0; i < n; ++i )
{
if( HB_ISXDIGIT( buf[ i ] ) )
{
int nyb = hex_char_to_int( buf[ i ] );
if( nybbles & 1 )
entropy[ nybbles / 2 ] |= nyb;
else
entropy[ nybbles / 2 ] |= nyb << 4;
++nybbles;
}
}
if( nybbles < 2 )
return -1;
arc4_addrandom( entropy, nybbles / 2 );
bytes += nybbles / 2;
}
memset( entropy, 0, sizeof( entropy ) );
memset( buf, 0, sizeof( buf ) );
return 0;
}
typename boost::enable_if<boost::is_integral<typename hex_iterator_traits<OutputIterator>::value_type>, OutputIterator>::type
decode_one ( InputIterator &first, InputIterator last, OutputIterator out, EndPred pred ) {
typedef typename hex_iterator_traits<OutputIterator>::value_type T;
T res (0);
// Need to make sure that we get can read that many chars here.
for ( std::size_t i = 0; i < 2 * sizeof ( T ); ++i, ++first ) {
if ( pred ( first, last ))
BOOST_THROW_EXCEPTION (not_enough_input ());
res = ( 16 * res ) + hex_char_to_int (*first);
}
*out = res;
return ++out;
}
int* parseLabel(char* fileDir) {
int* labels;
FILE* input_file_pointer = fopen(fileDir, "r");
CHECK_NOTNULL(input_file_pointer);
char magic_number_bytes[4];
CHECK(fread(magic_number_bytes, sizeof(char), 4, input_file_pointer));
// If MSB is first then magic_number_bytes will be 0x00000801
if (magic_number_bytes[2] == 0x08 && magic_number_bytes[3] == 0x01) {
LOG_INFO("Little Endian : MSB first");
} else if (magic_number_bytes[0] == 0x01 && magic_number_bytes[1] == 0x08) {
// I haven't taken into account big indian-ness, yet.
LOG_FATAL("Big Endian : MSB last");
} else {
LOG_FATAL("This doesn't correspond to a MNIST Label file.");
}
LOG_INFO("magic number: %d", hex_array_to_int(magic_number_bytes, 4));
char number_of_images_bytes[4];
CHECK(fread(number_of_images_bytes, sizeof(char), 4, input_file_pointer));
LOG_INFO("number of labels: %d", hex_array_to_int(number_of_images_bytes, 4));
labels = malloc(sizeof(int)*hex_array_to_int(number_of_images_bytes,4));
assert(labels!=NULL);
char label_byte;
int nlabels= hex_array_to_int(number_of_images_bytes,4);
for (int i=0;i<nlabels && fread(&label_byte, sizeof(char), 1, input_file_pointer);i++) {
labels[i] = hex_char_to_int(label_byte);
}
fclose(input_file_pointer);
return labels;
}
