void cmd_sendbinq(ip_header_t * ip, udp_header_t * udp, command_t * command) { int numpackets, i; unsigned char *ptr; unsigned int bytes_left; unsigned int bytes_thistime; bytes_left = ntohl(command->size); numpackets = (ntohl(command->size)+1023) / 1024; ptr = (unsigned char *)ntohl(command->address); memcpy(response->id, CMD_SENDBIN, 4); for(i = 0; i < numpackets; i++) { if (bytes_left >= 1024) bytes_thistime = 1024; else bytes_thistime = bytes_left; bytes_left -= bytes_thistime; response->address = htonl((unsigned int)ptr); memcpy(response->data, ptr, bytes_thistime); response->size = htonl(bytes_thistime); make_ip(ntohl(ip->src), ntohl(ip->dest), UDP_H_LEN + COMMAND_LEN + bytes_thistime, 17, (ip_header_t *)(pkt_buf + ETHER_H_LEN)); make_udp(ntohs(udp->src), ntohs(udp->dest),(unsigned char *) response, COMMAND_LEN + bytes_thistime, (ip_header_t *)(pkt_buf + ETHER_H_LEN), (udp_header_t *)(pkt_buf + ETHER_H_LEN + IP_H_LEN)); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + COMMAND_LEN + bytes_thistime); ptr += bytes_thistime; } memcpy(response->id, CMD_DONEBIN, 4); response->address = htonl(0); response->size = htonl(0); make_ip(ntohl(ip->src), ntohl(ip->dest), UDP_H_LEN + COMMAND_LEN, 17, (ip_header_t *)(pkt_buf + ETHER_H_LEN)); make_udp(ntohs(udp->src), ntohs(udp->dest),(unsigned char *) response, COMMAND_LEN, (ip_header_t *)(pkt_buf + ETHER_H_LEN), (udp_header_t *)(pkt_buf + ETHER_H_LEN + IP_H_LEN)); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + COMMAND_LEN); }
void IpGuard::updateRange(int aId, const string& aName, const string& aStart, const string& aEnd) { Lock l(cs); unsigned int sa, sb, sc, sd, ea, eb, ec, ed; // Validate parameters if (sscanf(aStart.c_str(), "%u.%u.%u.%u", &sa, &sb, &sc, &sd) != 4 || sa > 255 || sb > 255 || sc > 255 || sd > 255) throw Exception(STRING(IPGUARD_INVALID_START)); if (sscanf(aEnd.c_str(), "%u.%u.%u.%u", &ea, &eb, &ec, &ed) != 4 || ea > 255 || eb > 255 || ec > 255 || ed > 255) throw Exception(STRING(IPGUARD_INVALID_END)); uint32_t start = make_ip(sa, sb, sc, sd); uint32_t end = make_ip(ea, eb, ec, ed); if (start == 0 || end == 0) throw Exception(STRING(IPGUARD_INVALID_RANGE)); for (RangeList::iterator i = ranges.begin(); i != ranges.end(); ++i) { if (i->id == aId) { (*i).copy(aName, ip(std::min(start, end)), ip(std::max(start, end))); break; } } // Optimize ranges ranges.sort(); ranges.unique(merger); }
void list::_load_p2p(istream &stream) { string line; while(getline(stream, line)) { string::size_type i=line.rfind(':'); if(i==string::npos) continue; string name(line.c_str(), i); line.erase(0, i+1); unsigned int sa, sb, sc, sd; unsigned int ea, eb, ec, ed; if(sscanf(line.c_str(), "%u.%u.%u.%u-%u.%u.%u.%u", &sa, &sb, &sc, &sd, &ea, &eb, &ec, &ed)!=8 || sa>255 || sb>255 || sc>255 || sd>255 || ea>255 || eb>255 || ec>255 || ed>255) continue; boost::trim(name); range r; // P2P format is expected to be ISO-8859-1 encoded. r.name.reserve(name.size()); copy(name.begin(), name.end(), back_inserter(r.name)); unsigned int start=make_ip(sa, sb, sc, sd); unsigned int end=make_ip(ea, eb, ec, ed); r.start=min(start,end); r.end=max(start,end); this->insert(r); } }
bool IpGuard::check(const string& aIP, string& reason) { Lock l(cs); if (aIP.empty() || ranges.size() == 0) return false; unsigned int a, b, c, d; if (sscanf(aIP.c_str(), "%u.%u.%u.%u", &a, &b, &c, &d) != 4 || a > 255 || b > 255 || c > 255 || d > 255) return false; uint32_t iIP = make_ip(a, b, c, d); if (iIP == 0) return false; RangeIter find; if ((find = range_search(ranges.begin(), ranges.end(), ip(iIP))) != ranges.end()) { reason = find->name; return BOOLSETTING(DEFAULT_POLICY); } reason = STRING(IPGUARD_DEFAULT_POLICY); return !BOOLSETTING(DEFAULT_POLICY); }
void cmd_execute(ether_header_t * ether, ip_header_t * ip, udp_header_t * udp, command_t * command) { if (!running) { tool_ip = ntohl(ip->src); tool_port = ntohs(udp->src); memcpy(tool_mac, ether->src, 6); our_ip = ntohl(ip->dest); make_ip(ntohl(ip->src), ntohl(ip->dest), UDP_H_LEN + COMMAND_LEN, 17, (ip_header_t *)(pkt_buf + ETHER_H_LEN)); make_udp(ntohs(udp->src), ntohs(udp->dest),(unsigned char *) command, COMMAND_LEN, (ip_header_t *)(pkt_buf + ETHER_H_LEN), (udp_header_t *)(pkt_buf + ETHER_H_LEN + IP_H_LEN)); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + COMMAND_LEN); #if 0 printf("executing %p ...", ntohl(command->address)); if (ntohl(command->size)&1) *(unsigned int *)0x8c004004 = 0xdeadbeef; /* enable console */ else *(unsigned int *)0x8c004004 = 0xfeedface; /* disable console */ irq_disable(); disable_cache(); go(ntohl(command->address)); #endif } }
const char * mysocket::get_remote_name() { // strncpy(client_ip,inet_ntoa(addr.sin_addr),16); make_ip(addr.sin_addr.s_addr,client_ip); return client_ip; }
void cmd_donebin(ip_header_t * ip, udp_header_t * udp, command_t * command) { int i; for(i = 0; i < (bin_info.load_size + 1023)/1024; i++) if (!bin_info.map[i]) break; if ( i == (bin_info.load_size + 1023)/1024 ) { command->address = htonl(0); command->size = htonl(0); } else { command->address = htonl( bin_info.load_address + i * 1024); command->size = htonl(min(bin_info.load_size - i * 1024, 1024)); } make_ip(ntohl(ip->src), ntohl(ip->dest), UDP_H_LEN + COMMAND_LEN, 17, (ip_header_t *)(pkt_buf + ETHER_H_LEN)); make_udp(ntohs(udp->src), ntohs(udp->dest),(unsigned char *) command, COMMAND_LEN, (ip_header_t *)(pkt_buf + ETHER_H_LEN), (udp_header_t *)(pkt_buf + ETHER_H_LEN + IP_H_LEN)); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + COMMAND_LEN); /* if (!running) { */ /* if (!booted) */ /* disp_info(); */ /* disp_status("idle..."); */ /* } */ }
const char * mysocket::get_self_name() { struct sockaddr_in s_sockaddr; socklen_t addr_len=sizeof(s_sockaddr); ::getsockname(new_socket,(struct sockaddr *)&s_sockaddr,&addr_len); make_ip(s_sockaddr.sin_addr.s_addr,client_ip); return client_ip; }
void sntp_send_request( void ) { sntp_t request = { 0x61, 0 }; udp_send( sock, make_ip( timeserver[0], timeserver[1], timeserver[2], timeserver[3] ), SNTP_PORT, (u08 const *)&request, sizeof( sntp_t ) ); log_printf( "sntp: request sent\n" ); }
static void build_send_packet(int dport, int sport, int command_len) { unsigned char * command = udp->data; make_ether(broadcast, eth_mac, ether); make_ip(0xffffffff, /*our_ip*/ 0, UDP_H_LEN + command_len, /*UDP*/ 17, ip); make_udp(dport, sport, command, command_len, ip, udp); eth_txts((uint8 *) ether, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + command_len); }
void cmd_version(ip_header_t * ip, udp_header_t * udp, command_t * command) { int i; i = strlen("DCLOAD-IP " DCLOAD_VERSION) + 1; memcpy(response, command, COMMAND_LEN); strcpy(response->data, "DCLOAD-IP " DCLOAD_VERSION); make_ip(ntohl(ip->src), ntohl(ip->dest), UDP_H_LEN + COMMAND_LEN + i, 17, (ip_header_t *)(pkt_buf + ETHER_H_LEN)); make_udp(ntohs(udp->src), ntohs(udp->dest),(unsigned char *) response, COMMAND_LEN + i, (ip_header_t *)(pkt_buf + ETHER_H_LEN), (udp_header_t *)(pkt_buf + ETHER_H_LEN + IP_H_LEN)); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + COMMAND_LEN + i); }
void cmd_retval(ip_header_t * ip, udp_header_t * udp, command_t * command) { make_ip(ntohl(ip->src), ntohl(ip->dest), UDP_H_LEN + COMMAND_LEN, 17, (ip_header_t *)(pkt_buf + ETHER_H_LEN)); make_udp(ntohs(udp->src), ntohs(udp->dest),(unsigned char *) command, COMMAND_LEN, (ip_header_t *)(pkt_buf + ETHER_H_LEN), (udp_header_t *)(pkt_buf + ETHER_H_LEN + IP_H_LEN)); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + COMMAND_LEN); syscall_retval = ntohl(command->address); escape_loop = 1; sem_signal(result_sema); if (waiting_thd) { thd_schedule_next(waiting_thd); waiting_thd = NULL; } else thd_schedule(1, 0); }
void IpGuard::addRange(const string& aName, const string& aStart, const string& aEnd) { Lock l(cs); unsigned int sa, sb, sc, sd, ea, eb, ec, ed; // Validate parameters if (sscanf(aStart.c_str(), "%u.%u.%u.%u", &sa, &sb, &sc, &sd) != 4 || sa > 255 || sb > 255 || sc > 255 || sd > 255) throw Exception(STRING(IPGUARD_INVALID_START)); if (sscanf(aEnd.c_str(), "%u.%u.%u.%u", &ea, &eb, &ec, &ed) != 4 || ea > 255 || eb > 255 || ec > 255 || ed > 255) throw Exception(STRING(IPGUARD_INVALID_END)); uint32_t start = make_ip(sa, sb, sc, sd); uint32_t end = make_ip(ea, eb, ec, ed); if (start == 0 || end == 0) throw Exception(STRING(IPGUARD_INVALID_RANGE)); ranges.push_front(range(++lastRange, aName, ip(std::min(start, end)), ip(std::max(start, end)))); // Optimize ranges ranges.sort(); ranges.unique(merger); }
void cmd_loadbin(ip_header_t * ip, udp_header_t * udp, command_t * command) { bin_info.load_address = ntohl(command->address); bin_info.load_size = ntohl(command->size); //memset(bin_info.map, 0, 16384); memset(bin_info.map, 0, (bin_info.load_size + 1023)/1024); our_ip = ntohl(ip->dest); make_ip(ntohl(ip->src), ntohl(ip->dest), UDP_H_LEN + COMMAND_LEN, 17, (ip_header_t *)(pkt_buf + ETHER_H_LEN)); make_udp(ntohs(udp->src), ntohs(udp->dest),(unsigned char *) command, COMMAND_LEN, (ip_header_t *)(pkt_buf + ETHER_H_LEN), (udp_header_t *)(pkt_buf + ETHER_H_LEN + IP_H_LEN)); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + COMMAND_LEN); /* if (!running) { */ /* if (!booted) */ /* disp_info(); */ /* disp_status("receiving data..."); */ /* } */ }
uint16_t send(SOCKET s, const uint8_t *bufferToSend, uint16_t length) { uint8_t destinationPortH = 0; uint8_t destinationPortL = 0; uint32_t seq=0, ack=0; // Hack to wait for the ACK every 2 packets sent while(_SOCKETS[s].packets >= 2) { flushSockets(); if(_SOCKETS[s].packets == 0) { make_eth_ip_new(buffer, _SOCKETS[s].destinationMac); make_ip(buffer); //TODO: Change to _SOCKETS destinationPortH = buffer[TCP_DST_PORT_H_P]; destinationPortL = buffer[TCP_DST_PORT_L_P]; buffer[TCP_DST_PORT_H_P] = buffer[TCP_SRC_PORT_H_P]; buffer[TCP_DST_PORT_L_P] = buffer[TCP_SRC_PORT_L_P]; buffer[TCP_SRC_PORT_H_P] = destinationPortH; buffer[TCP_SRC_PORT_L_P] = destinationPortL; seq = (uint32_t)buffer[TCP_SEQ_H_P] << 24 | (uint32_t)buffer[TCP_SEQ_H_P + 1] << 16 | (uint16_t)buffer[TCP_SEQ_L_P] << 8 | (uint8_t)buffer[TCP_SEQ_L_P + 1]; ack = (uint32_t)buffer[TCP_SEQACK_H_P] << 24 | (uint32_t)buffer[TCP_SEQACK_H_P + 1] << 16 | (uint16_t)buffer[TCP_SEQACK_L_P] << 8 | (uint8_t)buffer[TCP_SEQACK_L_P + 1]; buffer[TCP_SEQACK_H_P] = (uint8_t)((seq >> 24) & 0xFF); buffer[TCP_SEQACK_H_P+1] = (uint8_t)((seq >> 16) & 0xFF); buffer[TCP_SEQACK_L_P] = (uint8_t)((seq >> 8) & 0xFF); buffer[TCP_SEQACK_L_P+1] = (uint8_t)(seq & 0xFF); buffer[TCP_SEQ_H_P] = (uint8_t)((ack >> 24) & 0xFF); buffer[TCP_SEQ_H_P+1] = (uint8_t)((ack >> 16) & 0xFF); buffer[TCP_SEQ_L_P] = (uint8_t)((ack >> 8) & 0xFF); buffer[TCP_SEQ_L_P+1] = (uint8_t)(ack & 0xFF); make_tcphead3(buffer,0); head = 0; _SOCKETS[s].sentData = 0; } }
static void build_send_packet(int command_len) { unsigned char * command = pkt_buf + ETHER_H_LEN + IP_H_LEN + UDP_H_LEN; /* scif_puts("build_send_packet\n"); scif_putchar(command[0]); scif_putchar(command[1]); scif_putchar(command[2]); scif_putchar(command[3]); scif_puts("\n"); */ if (!tool_ip) { printf("Calling BBA syscall without dc-load client attached !\n"); return; } make_ether(tool_mac, eth_mac, ether); make_ip(tool_ip, our_ip, UDP_H_LEN + command_len, 17, ip); make_udp(tool_port, 31313, command, command_len, ip, udp); //bb->start(); eth_txts(pkt_buf, ETHER_H_LEN + IP_H_LEN + UDP_H_LEN + command_len); }
static int make_connection_real(const char *soname, conn_t *conn) { int s; struct timeval tv; char *port=NULL; char *name, *pt = strdup(soname); const char *host = pt; struct addrinfo hints, *res=NULL, *p; int err; conn->tcp = 0; #ifndef _WIN32 if(cli_is_abspath(soname) || (access(soname, F_OK) == 0)) { struct sockaddr_un addr; s = socket(AF_UNIX, SOCK_STREAM, 0); if(s < 0) { perror("socket"); return -1; } memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; strncpy(addr.sun_path, soname, sizeof(addr.sun_path)); addr.sun_path[sizeof(addr.sun_path) - 1] = 0x0; print_con_info(conn, "Connecting to: %s\n", soname); if (connect(s, (struct sockaddr *)&addr, sizeof(addr))) { perror("connect"); close(s); return -1; } goto end; } #endif memset(&hints, 0x00, sizeof(struct addrinfo)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_PASSIVE; host = get_ip(soname); if (!(host)) return -1; port = get_port(soname); conn->tcp=1; print_con_info(conn, "Looking up: %s:%s\n", host, port ? port : "3310"); if ((err = getaddrinfo(host, (port != NULL) ? port : "3310", &hints, &res))) { print_con_info(conn, "Could not look up %s:%s, getaddrinfo returned: %s\n", host, port ? port : "3310", gai_strerror(err)); return -1; } for (p = res; p != NULL; p = p->ai_next) { if ((s = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) < 0) { perror("socket"); continue; } print_con_info(conn, "Connecting to: %s\n", soname); if (connect(s, p->ai_addr, p->ai_addrlen)) { perror("connect"); close(s); continue; } break; } free(pt); if (res) freeaddrinfo(res); if (p == NULL) return -1; end: if (conn->remote != soname) { /* when we reconnect, they are the same */ if (conn->remote) free(conn->remote); conn->remote = make_ip(host, (port != NULL) ? port : "3310"); } if (port) free(port); conn->sd = s; gettimeofday(&conn->tv_conn, NULL); tv.tv_sec = 30; tv.tv_usec = 0; setsockopt(conn->sd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)); return 0; }
/* -------------------------- Initialization ---------------- */ static void setup_connections(int argc, char *argv[]) { struct optstruct *opts; struct optstruct *clamd_opts; unsigned i; char *conn = NULL; opts = optparse(NULL, argc, argv, 1, OPT_CLAMDTOP, 0, NULL); if (!opts) { fprintf(stderr, "ERROR: Can't parse command line options\n"); EXIT_PROGRAM(FAIL_CMDLINE); } if(optget(opts, "help")->enabled) { optfree(opts); help(); normal_exit = 1; exit(0); } if(optget(opts, "version")->enabled) { printf("Clam AntiVirus Monitoring Tool %s\n", get_version()); optfree(opts); normal_exit = 1; exit(0); } if(optget(opts, "defaultcolors")->enabled) default_colors = 1; memset(&global, 0, sizeof(global)); if (!opts->filename || !opts->filename[0]) { const struct optstruct *opt; const char *clamd_conf = optget(opts, "config-file")->strarg; if ((clamd_opts = optparse(clamd_conf, 0, NULL, 1, OPT_CLAMD, 0, NULL)) == NULL) { fprintf(stderr, "Can't parse clamd configuration file %s\n", clamd_conf); EXIT_PROGRAM(FAIL_CMDLINE); } if((opt = optget(clamd_opts, "LocalSocket"))->enabled) { conn = strdup(opt->strarg); if (!conn) { fprintf(stderr, "Can't strdup LocalSocket value\n"); EXIT_PROGRAM(FAIL_INITIAL_CONN); } } else if ((opt = optget(clamd_opts, "TCPSocket"))->enabled) { char buf[512]; const struct optstruct *opt_addr; const char *host = "localhost"; if ((opt_addr = optget(clamd_opts, "TCPAddr"))->enabled) { host = opt_addr->strarg; } snprintf(buf, sizeof(buf), "%lld", opt->numarg); conn = make_ip(host, buf); } else { fprintf(stderr, "Can't find how to connect to clamd\n"); EXIT_PROGRAM(FAIL_INITIAL_CONN); } optfree(clamd_opts); global.num_clamd = 1; } else { unsigned i = 0; while (opts->filename[i]) { i++; } global.num_clamd = i; } #ifdef _WIN32 WSADATA wsaData; if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR) { fprintf(stderr, "Error at WSAStartup(): %d\n", WSAGetLastError()); EXIT_PROGRAM(FAIL_INITIAL_CONN); } #endif /* clamdtop */ puts( " __ ____"); puts(" _____/ /___ _____ ___ ____/ / /_____ ____"); puts(" / ___/ / __ `/ __ `__ \\/ __ / __/ __ \\/ __ \\"); puts("/ /__/ / /_/ / / / / / / /_/ / /_/ /_/ / /_/ /"); puts("\\___/_/\\__,_/_/ /_/ /_/\\__,_/\\__/\\____/ .___/"); puts(" /_/"); global.all_stats = calloc(global.num_clamd, sizeof(*global.all_stats)); OOM_CHECK(global.all_stats); global.conn = calloc(global.num_clamd, sizeof(*global.conn)); OOM_CHECK(global.conn); for (i=0;i < global.num_clamd;i++) { const char *soname = conn ? conn : opts->filename[i]; global.conn[i].line = i+1; if (make_connection(soname, &global.conn[i]) < 0) { EXIT_PROGRAM(FAIL_INITIAL_CONN); } } optfree(opts); free(conn); #ifndef _WIN32 signal(SIGPIPE, SIG_IGN); signal(SIGINT, sigint); #endif }