Beispiel #1
0
void cfg_parser_init(void)
{
    size_t i;

    statement_names = smack_create("confload", SMACK_CASE_SENSITIVE);

    for (i=0; tokens[i].name; i++) {
        smack_add_pattern(
                    statement_names,
                    tokens[i].name,
                    (unsigned)strlen(tokens[i].name) + 1,
                    tokens[i].id,
                    SMACK_ANCHOR_BEGIN
                    );
    }

    for (i=0; tsigkeys[i].name; i++) {
        char *foo;
        size_t len;
        smack_add_pattern(
                    statement_names,
                    tsigkeys[i].name,
                    (unsigned)strlen(tsigkeys[i].name) + 1,
                    tsigkeys[i].id,
                    SMACK_ANCHOR_BEGIN
                    );
        
        /* for truncation, where an algorithm might
         * appear as "hmac-md5-80" instead of simply
         * "hmac-md5" */
        len = strlen(tsigkeys[i].name);
        foo = malloc(len + 2);
        memcpy(foo, tsigkeys[i].name, len+1);
        foo[len] = '-';
        foo[len+1] = '\0';

        smack_add_pattern(
                    statement_names,
                    foo,
                    (unsigned)len,
                    tsigkeys[i].id,
                    SMACK_ANCHOR_BEGIN
                    );
        free(foo);
    }

    smack_compile(statement_names);

}
Beispiel #2
0
struct Banner1 *
banner1_create(void)
{
    struct Banner1 *b;
    unsigned i;

    b = (struct Banner1 *)malloc(sizeof(*b));
    memset(b, 0, sizeof(*b));

    /*
     * These patterns match the start of the TCP stream
     */
    b->smack = smack_create("banner1", SMACK_CASE_INSENSITIVE);
    for (i=0; patterns[i].pattern; i++)
        smack_add_pattern(
                    b->smack,
                    patterns[i].pattern,
                    patterns[i].pattern_length,
                    patterns[i].id,
                    patterns[i].is_anchored);
    smack_compile(b->smack);


    banner_http.init(b);

    return b;
}
Beispiel #3
0
/***************************************************************************
 * Create the --banners systems
 ***************************************************************************/
struct Banner1 *
banner1_create(void)
{
    struct Banner1 *b;
    unsigned i;

    b = (struct Banner1 *)malloc(sizeof(*b));
    if (b == NULL)
        exit(1);
    memset(b, 0, sizeof(*b));

    /*
     * These patterns match the start of the TCP stream
     */
    b->smack = smack_create("banner1", SMACK_CASE_INSENSITIVE);
    for (i=0; patterns[i].pattern; i++)
        smack_add_pattern(
                    b->smack,
                    patterns[i].pattern,
                    patterns[i].pattern_length,
                    i,
                    patterns[i].is_anchored);
    smack_compile(b->smack);


    banner_http.init(b);

    b->tcp_payloads[80] = &banner_http;
    b->tcp_payloads[8080] = &banner_http;
    
    b->tcp_payloads[443] = (void*)&banner_ssl;   /* HTTP/s */
    b->tcp_payloads[465] = (void*)&banner_ssl;   /* SMTP/s */
    b->tcp_payloads[990] = (void*)&banner_ssl;   /* FTP/s */
    b->tcp_payloads[991] = (void*)&banner_ssl;  
    b->tcp_payloads[992] = (void*)&banner_ssl;   /* Telnet/s */
    b->tcp_payloads[993] = (void*)&banner_ssl;   /* IMAP4/s */
    b->tcp_payloads[994] = (void*)&banner_ssl;  
    b->tcp_payloads[995] = (void*)&banner_ssl;   /* POP3/s */
    b->tcp_payloads[2083] = (void*)&banner_ssl;  /* cPanel - SSL */
    b->tcp_payloads[2087] = (void*)&banner_ssl;  /* WHM - SSL */
    b->tcp_payloads[2096] = (void*)&banner_ssl;  /* cPanel webmail - SSL */
    b->tcp_payloads[8443] = (void*)&banner_ssl;  /* Plesk Control Panel - SSL */
    b->tcp_payloads[9050] = (void*)&banner_ssl;  /* Tor */
    b->tcp_payloads[8140] = (void*)&banner_ssl;  /* puppet */


    return b;
}
Beispiel #4
0
int
main(int argc, char *argv[])
{
    printf("---- SMACK/2 - benchmark program ----\n");

    {
        char dir[512];
        char *p = getcwd(dir, sizeof(dir));
	if (p == NULL)
		perror("getcwd");
	else
        	printf("directory = %s\n", p);
    }

#if WIN32
    {
        SetProcessAffinityMask(NULL, 1);
        SetPriorityClass(NULL,  REALTIME_PRIORITY_CLASS);
    }
#endif
#ifdef __linux__

    {
        cpu_set_t mask;
        int status;

        CPU_ZERO(&mask);
        CPU_SET(1, &mask);
        status = sched_setaffinity(0, sizeof(mask), &mask);
        if (status != 0)
        {
            perror("sched_setaffinity");
        }
    }

#endif

    /*
     * Print cpu info
     */
    {
        char vendor[16];
        char brand[64];
        struct CpuInfo info;
        
        pixie_cpu_vendor(vendor);
        pixie_cpu_brand(brand);
        pixie_cpu_info(&info);

        printf("CPU width = %u-bits\n", (unsigned)sizeof(void*)*8);
        printf("CPU vendor = \"%s\"\n", vendor);
        printf("CPU brand = \"%s\"\n", brand);
        printf("CPU codename = \"%s\" (0x%X" "x)\n", info.codename, info.codenumber);
        printf("CPU info = type(%u) family(%u) model(%u) stepping(%u)\n",
               info.type, info.family, info.model, info.stepping);
        
        printf("\n");
    }

    /*
     * First, do a unit-test. If the unit-test fails, then it's pointless
     * continueing with the benchmarks
     */
    if (smack_selftest() != 0) {
        printf("selftest failed\n");
        return 1;
    }
    
    /*
     * Print help if user is confused
     */
    if (0 && ( argc <= 1 
        || get_parm("--help", argc, argv) 
        || get_parm("-h", argc, argv)
        || get_parm("-?", argc, argv))) {
        printf("usage:\n"
               " smack2 --benchmark\n"
               " smack2 --haystack kingjames.txt --needle pharoah\n"
               " smack2 --haystack kingjames.txt --needles patterns.txt\n"
               );
        return 1;
    }
    if (get_parm("--haystack", argc, argv)) {
        if (!get_parm("--needles", argc, argv) 
            && !get_parm("--needle", argc, argv)) {
            printf("FAIL: need to specify patterns to search for\n");
            printf(" hint: use \"--needles <file>\" to read patterns from file\n");
            printf(" hint: use \"--needle <pattern\" to specify one or more patterns\n");
            return 1;
        }
    }
        
    
    /*
     * If doing simple benchmarks, do them first
     */
    if (get_parm("--benchmark", argc, argv) || argc <= 1) {
        printf("--- low-level benchmarks ---\n");
        bench_c_ptr();
        bench_c_idx(0);
        bench_asm_ptr();
        //bench_asm_ptr2();
        bench_asm_idx();
        printf("\n");
        smack_benchmark();
    }
    if (!get_parm("--haystack", argc, argv))
        return 0;
    
    /*
     * Look in file for patterns
     */
    {
        const char *filename = get_parm("--haystack", argc, argv);
        char *buf;
        size_t sizeof_buf;
        struct stat s;
        int x;
        struct SMACK *smack;
        int i;
        
        fprintf(stderr, "haystack file = %s\n", filename);
        
        /*
         * Find file size
         */
        x = stat(filename, &s);
        if (x != 0) {
            perror(filename);
            return 1;
        }
        sizeof_buf = s.st_size;
        
        /*
         * Allocate memory
         */
        buf = (char*)malloc(sizeof_buf);
        if (buf == 0) {
            fprintf(stderr, "Could not allocate %u bytes for buffer\n",
                    (unsigned)sizeof_buf);
            return 1;
        }
        
        /*
         * Read in the file
         */
        {
            FILE *fp;
            size_t bytes_read;
            fp = fopen(filename, "rb");
            if (fp == NULL) {
                perror(filename);
                return 1;
            }
            bytes_read = fread(buf, 1, sizeof_buf, fp);
            if (bytes_read == 0) {
                perror(filename);
                return 1;
            }
            if (bytes_read < sizeof_buf) {
                fprintf(stderr, "ERROR: could not read entire file\n");
                fprintf(stderr, "wanted %u bytes, read %u bytes\n",
                        (unsigned)sizeof_buf, 
                        (unsigned)bytes_read);
                sizeof_buf = bytes_read;
            }
            fclose(fp);
            
            fprintf(stderr, "file-size = %u\n", (unsigned)sizeof_buf);
        }
        
        /*
         * Build the smack object
         */
        smack = smack_create("haystack", SMACK_CASE_INSENSITIVE);
        if (smack == 0) {
            fprintf(stderr, "FAIL: couldn't create test object\n");
            return 1;
        }
        
        /*
         * Add patterns
         */
        for (i=1; i<argc; i++) {
            if (strcmp(argv[i], "--needle") == 0) {
                const char *pattern = argv[i+1];
                if (i+1 >= argc) {
                    fprintf(stderr, "FAIL: expected value to parm\n");
                    return 1;
                }
                smack_add_pattern(smack, pattern, strlen(pattern), 1, 0);
            }
            if (strcmp(argv[i], "--needles") == 0) {
                const char *patterns = argv[i+1];
                FILE *fp;
                char line[80];
                if (i+1 >= argc) {
                    fprintf(stderr, "FAIL: expected value to parm\n");
                    return 1;
                }
                fp = fopen(patterns, "rt");
                if (fp == NULL) {
                    perror(patterns);
                    return 1;
                }
                
                while (fgets(line, sizeof(line), fp)) {
                    /* strip whitespace */
                    while (line[0] && isspace(line[0]&0xFF))
                        memmove(line, line+1, strlen(line));
                    while (line[0] && isspace(line[strlen(line)-1]&0xFF))
                        line[strlen(line)-1] = '\0';
                    if (line[0] == '\0' || ispunct(line[0]&0xFF))
                        continue;
                    smack_add_pattern(smack, line, strlen(line), 1, 0);
                }
            }
        }
        if (smack_count_patterns(smack) == 0) {
            fprintf(stderr, "FAIL: no patterns found\n");
            return 1;
        } else {
            fprintf(stderr, "needles = %u patterns\n", smack_count_patterns(smack));
        }
        
        smack_compile(smack);
        
        /*
         * Do the benchmark
         */
        do_haystack(smack,
                    buf, sizeof_buf,
                    10);

    }
    
    
    
    return 0;
}
Beispiel #5
0
/***************************************************************************
 * Create the --banners systems
 ***************************************************************************/
struct Banner1 *
banner1_create(void)
{
    struct Banner1 *b;
    unsigned i;

    b = (struct Banner1 *)malloc(sizeof(*b));
    if (b == NULL)
        exit(1);
    memset(b, 0, sizeof(*b));

    /*
     * This creates a pattern-matching blob for heuristically determining
     * a protocol that runs on wrong ports, such as how FTP servers
     * often respond with "220 " or VNC servers respond with "RFB".
     */
    b->smack = smack_create("banner1", SMACK_CASE_INSENSITIVE);
    for (i=0; patterns[i].pattern; i++)
        smack_add_pattern(
                    b->smack,
                    patterns[i].pattern,
                    patterns[i].pattern_length,
                    i,
                    patterns[i].is_anchored);
    smack_compile(b->smack);


    /* 
     * This goes down the list of all the TCP protocol handlers and initializes
     * them.
     */
    banner_ftp.init(b);
    banner_http.init(b);
    banner_imap4.init(b);
    banner_memcached.init(b);
    banner_pop3.init(b);
    banner_smtp.init(b);
    banner_ssh.init(b);
    banner_ssl.init(b);
    banner_vnc.init(b);

    b->tcp_payloads[80] = &banner_http;
    b->tcp_payloads[8080] = &banner_http;
    
    b->tcp_payloads[443] = (void*)&banner_ssl;   /* HTTP/s */
    b->tcp_payloads[465] = (void*)&banner_ssl;   /* SMTP/s */
    b->tcp_payloads[990] = (void*)&banner_ssl;   /* FTP/s */
    b->tcp_payloads[991] = (void*)&banner_ssl;  
    b->tcp_payloads[992] = (void*)&banner_ssl;   /* Telnet/s */
    b->tcp_payloads[993] = (void*)&banner_ssl;   /* IMAP4/s */
    b->tcp_payloads[994] = (void*)&banner_ssl;  
    b->tcp_payloads[995] = (void*)&banner_ssl;   /* POP3/s */
    b->tcp_payloads[2083] = (void*)&banner_ssl;  /* cPanel - SSL */
    b->tcp_payloads[2087] = (void*)&banner_ssl;  /* WHM - SSL */
    b->tcp_payloads[2096] = (void*)&banner_ssl;  /* cPanel webmail - SSL */
    b->tcp_payloads[8443] = (void*)&banner_ssl;  /* Plesk Control Panel - SSL */
    b->tcp_payloads[9050] = (void*)&banner_ssl;  /* Tor */
    b->tcp_payloads[8140] = (void*)&banner_ssl;  /* puppet */

    b->tcp_payloads[11211] = (void*)&banner_memcached;

    return b;
}