void idev_BeginIO(IDBase *IDBase, struct IORequest *io)
{
UINT8 cmd = io->io_Command;
io->io_Flags &= (~(IOF_QUEUED|IOF_CURRENT|IOF_SERVICING|IOF_DONE))&0x0ff;
io->io_Error = 0;
if (cmd > MD_SETTRIGGER) cmd = 0; // Invalidate the command.
if (inputCmdQuick[cmd] >= 0)
{
QueueCommand((struct IOStdReq*)io, SysBase);
// Check if we are the first in Queue, if not, just return
if (!TEST_BITS(io->io_Flags, IOF_CURRENT))
{
CLEAR_BITS(io->io_Flags, IOF_QUICK);
return;
}
// If Device is stopped, just return
if (TEST_BITS(IDBase->Unit.unit_Flags, DUB_STOPPED))
{
CLEAR_BITS(io->io_Flags, IOF_QUICK);
return;
}
// we are first in Queue, now we are Quick, otherwise we come from the IS Routine
}
inputCmdVector[cmd]((struct IOStdReq*) io, IDBase);
}
LONG
CED6AsDecompiler::
DumpOneFunction(
ED6_ACTION_SCRIPT_INFO *pAsInfo,
ED6_AS_CRAFT_INFO *pFunction,
CFileDisk &file,
LPSTR Buffer
)
{
LONG Status;
ED6_INSTRUCTION *pInstruction;
pInstruction = pFunction->pInstruction;
if (pInstruction == NULL ||
TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_LINK) ||
TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_DUMPED))
{
return ASDECL_ERROR_DUMPED;
}
for (ULONG InsCount = pFunction->Count; InsCount; ++pInstruction, --InsCount)
{
Status = DumpInstrction(pAsInfo, pFunction, pInstruction, file, Buffer);
AS_IF_FAIL_BREAK(Status);
}
WriteScr("\n");
return Status;
}
Bool CSharu::GetFileData(SFileInfo *pFileInfo, const MY_FILE_ENTRY_BASE *pBaseEntry)
{
PByte pbBuffer;
UInt32 BufferSize;
SMyPackIndex *pIndex;
pIndex = (SMyPackIndex *)pBaseEntry;
BufferSize = max(pIndex->CompressedSize.LowPart, pIndex->Size.LowPart);
if (BufferSize == 0)
{
pbBuffer = NULL;
goto EMPTY_FILE;
}
pbBuffer = (PByte)Alloc(BufferSize);
if (pbBuffer == NULL)
return False;
if (file.Seek(file.FILE_SEEK_BEGIN, pIndex->Offset.LowPart, (PLong)&pIndex->Offset.HighPart) == False)
return False;
if (file.Read(pbBuffer, pIndex->CompressedSize.LowPart) == False)
return False;
if (pIndex->CompressedSize.LowPart < 0x1000000)
{
if (Hash(pbBuffer, pIndex->CompressedSize.LowPart) != pIndex->Hash)
{
Free(pbBuffer);
return False;
}
}
if (TEST_BITS(pIndex->Flags, UNPACKER_ENTRY_FLAG_ENCRYPTED))
Decrypt(pbBuffer, pIndex->CompressedSize.LowPart, m_Key);
if (TEST_BITS(pIndex->Flags, UNPACKER_ENTRY_FLAG_COMPRESSED))
{
PByte pbTemp = (PByte)Alloc(pIndex->CompressedSize.LowPart);
if (pbTemp == NULL)
{
Free(pbBuffer);
return False;
}
memcpy(pbTemp, pbBuffer, pIndex->CompressedSize.LowPart);
Uncompress(pbTemp, pIndex->CompressedSize.LowPart, pbBuffer);
Free(pbTemp);
}
EMPTY_FILE:
pFileInfo->FileType = UNPACKER_FILE_TYPE_BIN;
pFileInfo->lpExtraData = NULL;
pFileInfo->BinData.pbBuffer = pbBuffer;
pFileInfo->BinData.BufferSize = pIndex->Size.LowPart;
return True;
}
BOOL IsCharSpec(UINT uChar)
{
if (TEST_BITS(uChar, 0xFF00) == 0)
{
if (IN_RANGE('0', uChar, '9'))
return FALSE;
/*
uChar = CHAR_UPPER(uChar);
if (IN_RANGE('A', uChar, 'Z'))
return FALSE;
*/
return TRUE;
}
switch (uChar)
{
case (WCHAR)'。': // 。」
case (WCHAR)',': // 」ャ
case (WCHAR)'、': // 。「
// case (WCHAR)'(': //」ィ
// case (WCHAR)')': // 」ゥ
case (WCHAR)'…': // 。ュ
case (WCHAR)'「': // 。ク
case (WCHAR)'」': // 。ケ
case (WCHAR)' ': // '。。'
return TRUE;
}
return FALSE;
}
Bool CControllerSplitter::Open()
{
Long Status;
Int32 Flags;
TChar szPath[MAX_PATH];
if (m_pView->GetInputFileName(szPath, countof(szPath)) == 0)
return False;
Status = m_pModel->VeirfyIsFirstFile(szPath, &Flags);
if (BS_FAILED(Status))
{
m_pView->ShowErrorMessage(_T("%s"), MapModelErrorToControllerMessage(Status));
return False;
}
m_pView->HasPassword(TEST_BITS(Flags, SPLIT_FLAG_ENCRYPT));
m_pView->HasOriginalFileName(TEST_BITS(Flags, SPLIT_FLAG_SAVE_ORIG_NAME));
return True;
}
ED6_INSTRUCTION* CED6AsDecompiler::UnlinkInstruction(ED6_INSTRUCTION *pInstruction)
{
ED6_INSTRUCTION_RECORD Refer;
if (pInstruction == NULL)
return pInstruction;
while (TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_LINK))
{
if (!FindDecompiled(pInstruction->Offset, Refer))
break;
pInstruction = &Refer.pCraftInfo->pInstruction[Refer.InstructionIndex];
}
return pInstruction;
}
/* Validate options */
int checkConfigOptions(const struct config_options *o)
{
int minThreshold;
/* Check if we have root priviledges. */
if ( getuid() != 0 )
{
ERROR("you must have root privilege");
return 0;
}
/* Warning missed target. */
if (o->ip.daddr == INADDR_ANY)
{
ERROR("Need target address. Try --help for usage");
return 0;
}
/* Sanitizing the CIDR. */
if ((o->bits != 0) && ((o->bits < CIDR_MINIMUM) || (o->bits > CIDR_MAXIMUM)))
{
/* NOTE: Arbitrary array size... 48 is qword aligned on stack, i suppose! */
char errstr[48];
sprintf(errstr, "CIDR must be beewten %d and %d", CIDR_MINIMUM, CIDR_MAXIMUM);
ERROR(errstr);
return 0;
}
/* Sanitizing the TCP Options SACK_Permitted and SACK Edges. */
if (TEST_BITS(o->tcp.options, TCP_OPTION_SACK_OK) &&
TEST_BITS(o->tcp.options, TCP_OPTION_SACK_EDGE))
{
ERROR("TCP options SACK-Permitted and SACK Edges are not allowed");
return 0;
}
/* Sanitizing the TCP Options T/TCP CC and T/TCP CC.ECHO. */
if (TEST_BITS(o->tcp.options, TCP_OPTION_CC) && (o->tcp.cc_echo))
{
ERROR("TCP options T/TCP CC and T/TCP CC.ECHO are not allowed");
return 0;
}
if (!o->flood)
{
#ifdef __HAVE_TURBO__
/* Sanitizing TURBO mode. */
if (o->turbo)
{
ERROR("turbo mode is only available in flood mode");
return 0;
}
#endif /* __HAVE_TURBO__ */
/* Sanitizing the threshold. */
minThreshold = getNumberOfRegisteredModules();
if ((o->ip.protocol == IPPROTO_T50) && (o->threshold < (unsigned)minThreshold))
{
fprintf(stderr,
"%s: protocol %s cannot have threshold smaller than %d\n",
PACKAGE,
mod_table[o->ip.protoname].acronym,
minThreshold);
return 0;
}
}
else /* if (o->flood) isn't 0 */
{
/* Warning FLOOD mode. */
puts("entering in flood mode...");
#ifdef __HAVE_TURBO__
if (o->turbo)
puts("activating turbo...");
#endif /* __HAVE_TURBO__ */
/* Warning CIDR mode. */
if (o->bits != 0)
puts("performing DDoS...");
puts("hit CTRL+C to break.");
}
/* Returning. */
return 1;
}
/* Function Name: EIGRP packet header configuration.
Description: This function configures and sends the EIGRP packet header.
Targets: N/A */
int eigrp(const socket_t fd, const struct config_options *o)
{
size_t greoptlen, /* GRE options size. */
eigrp_tlv_len, /* EIGRP TLV size. */
packet_size,
offset,
counter;
in_addr_t dest; /* EIGRP Destination address */
uint32_t prefix; /* EIGRP Prefix */
/* Packet and Checksum. */
mptr_t buffer;
/* Socket address and IP header. */
struct sockaddr_in sin;
struct iphdr * ip;
/* EIGRP header. */
struct eigrp_hdr * eigrp;
assert(o != NULL);
greoptlen = gre_opt_len(o->gre.options, o->encapsulated);
prefix = __RND(o->eigrp.prefix);
eigrp_tlv_len = eigrp_hdr_len(o->eigrp.opcode, o->eigrp.type, prefix, o->eigrp.auth);
packet_size = sizeof(struct iphdr) +
greoptlen +
sizeof(struct eigrp_hdr) +
eigrp_tlv_len;
/* Try to reallocate packet, if necessary */
alloc_packet(packet_size);
/* IP Header structure making a pointer to Packet. */
ip = ip_header(packet, packet_size, o);
/* GRE Encapsulation takes place. */
gre_encapsulation(packet, o,
sizeof(struct iphdr) +
sizeof(struct eigrp_hdr) +
eigrp_tlv_len);
/*
* Please, be advised that there is no deep information about EIGRP, no
* other than EIGRP PCAP files public available. Due to that I have done
* a deep analysis using live EIGRP PCAP files to build the EIGRP Packet.
*
* There are some really good resources, such as:
* http://www.protocolbase.net/protocols/protocol_EIGRP.php
* http://packetlife.net/captures/category/cisco-proprietary/
* http://oreilly.com/catalog/iprouting/chapter/ch04.html
*
* EIGRP Header structure.
*/
eigrp = (struct eigrp_hdr *)((void *)ip + sizeof(struct iphdr) + greoptlen);
eigrp->version = o->eigrp.ver_minor ? o->eigrp.ver_minor : EIGRPVERSION;
eigrp->opcode = __RND(o->eigrp.opcode);
eigrp->flags = htonl(__RND(o->eigrp.flags));
eigrp->sequence = htonl(__RND(o->eigrp.sequence));
eigrp->acknowledge = o->eigrp.type == EIGRP_TYPE_SEQUENCE ?
htonl(__RND(o->eigrp.acknowledge)) : 0;
eigrp->as = htonl(__RND(o->eigrp.as));
eigrp->check = 0;
offset = sizeof(struct eigrp_hdr);
buffer.ptr = (void *)eigrp + offset;
/*
* Every live EIGRP PCAP file brings Authentication Data TLV first.
*
* The Authentication Data TVL must be used only in some cases:
* 1. IP Internal or External Routes TLV for Update
* 2. Software Version with Parameter TLVs for Hello
* 3. Next Multicast Sequence TLV for Hello
*/
if (o->eigrp.auth)
{
if (o->eigrp.opcode == EIGRP_OPCODE_UPDATE ||
(o->eigrp.opcode == EIGRP_OPCODE_HELLO &&
(o->eigrp.type == EIGRP_TYPE_MULTICAST ||
o->eigrp.type == EIGRP_TYPE_SOFTWARE)))
{
/* NOTE: stemp used to avoid multiple comparisons on loop below */
size_t stemp;
stemp = auth_hmac_md5_len(o->eigrp.auth);
/*
* Enhanced Interior Gateway Routing Protocol (EIGRP)
*
* Authentication Data TLV (EIGRP Type = 0x0002)
*
* 0 1 2 3 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Type | Length |
* +---------------------------------------------------------------+
* | Authentication Method | Authentication Key Size |
* +---------------------------------------------------------------+
* | Authentication Key ID |
* +---------------------------------------------------------------+
* | |
* + +
* | Padding (?) |
* + +
* | |
* +---------------------------------------------------------------+
* | |
* + +
* | Authentication Key Block |
* + (MD5 Digest) +
* | |
* + +
* | |
* +---------------------------------------------------------------+
*/
*buffer.word_ptr++ = htons(EIGRP_TYPE_AUTH);
*buffer.word_ptr++ = htons(o->eigrp.length ? o->eigrp.length : EIGRP_TLEN_AUTH);
*buffer.word_ptr++ = htons(AUTH_TYPE_HMACMD5);
*buffer.word_ptr++ = htons(stemp);
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.key_id));
for (counter = 0; counter < EIGRP_PADDING_BLOCK; counter++)
*buffer.byte_ptr++ = FIELD_MUST_BE_ZERO;
/*
* The Authentication key uses HMAC-MD5 or HMAC-SHA-1 digest.
*/
for (counter = 0; counter < stemp; counter++)
*buffer.byte_ptr++ = random();
/* FIXME: Is this correct?!
The code, above seems to use a variable size for digest (stemp)
and length (if o->eigrp_length != 0). */
offset += EIGRP_TLEN_AUTH;
}
}
/*
* AFAIK, there are differences when building the EIGRP packet for
* Update, Request, Query and Reply. Any EIGRP PCAP file I saw does
* not carry Paremeter, Software Version and/or Multicast Sequence,
* instead, it carries Authentication Data, IP Internal and External
* Routes or nothing (depends on the EIGRP Type).
*/
if (o->eigrp.opcode == EIGRP_OPCODE_UPDATE ||
o->eigrp.opcode == EIGRP_OPCODE_REQUEST ||
o->eigrp.opcode == EIGRP_OPCODE_QUERY ||
o->eigrp.opcode == EIGRP_OPCODE_REPLY)
{
if (o->eigrp.type == EIGRP_TYPE_INTERNAL ||
o->eigrp.type == EIGRP_TYPE_EXTERNAL)
{
/*
* Enhanced Interior Gateway Routing Protocol (EIGRP)
*
* IP Internal Routes TLV (EIGRP Type = 0x0102)
*
* 0 1 2 3 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Type | Length |
* +---------------------------------------------------------------+
* | Next Hop Address |
* +---------------------------------------------------------------+
* | Delay |
* +---------------------------------------------------------------+
* | Bandwidth |
* +---------------------------------------------------------------+
* | Maximum Transmission Unit (MTU) | Hop Count |
* +---------------------------------------------------------------+
* | Reliability | Load | Reserved |
* +---------------------------------------------------------------+
* | Prefix //
* +---------------+
*
* +---------------------------------------------------------------+
* // Destination IP Address(es) (1-4 octets) |
* +---------------------------------------------------------------+
*
* IP External Routes TLV (EIGRP Type = 0x0103)
*
* 0 1 2 3 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Type | Length |
* +---------------------------------------------------------------+
* | Next Hop Address |
* +---------------------------------------------------------------+
* | Originating Router |
* +---------------------------------------------------------------+
* | Originating Autonomous System |
* +---------------------------------------------------------------+
* | Arbitrary TAG |
* +---------------------------------------------------------------+
* | External Protocol Metric |
* +---------------------------------------------------------------+
* | Reserved1 | Ext. Proto ID | Flags |
* +---------------------------------------------------------------+
* | Delay |
* +---------------------------------------------------------------+
* | Bandwidth |
* +---------------------------------------------------------------+
* | Maximum Transmission Unit (MTU) | Hop Count |
* +---------------------------------------------------------------+
* | Reliability | Load | Reserved2 |
* +---------------------------------------------------------------+
* | Prefix //
* +---------------+
*
* +---------------------------------------------------------------+
* // Destination IP Address(es) (1-4 octets) |
* +---------------------------------------------------------------+
*
* The only difference between Internal and External Routes TLVs is 20
* octets.
*/
*buffer.word_ptr++ = htons(o->eigrp.type == EIGRP_TYPE_INTERNAL ?
EIGRP_TYPE_INTERNAL : EIGRP_TYPE_EXTERNAL);
/*
* For both Internal and External Routes TLV the code must perform
* an additional step to compute the EIGRP header length, because
* it depends on the the EIGRP Prefix, and it can be 1-4 octets.
*/
*buffer.word_ptr++ = htons(o->eigrp.length ?
o->eigrp.length :
(o->eigrp.type == EIGRP_TYPE_INTERNAL ?
EIGRP_TLEN_INTERNAL :
EIGRP_TLEN_EXTERNAL) +
EIGRP_DADDR_LENGTH(prefix));
*buffer.inaddr_ptr++ = INADDR_RND(o->eigrp.next_hop);
/*
* The only difference between Internal and External Routes TLVs is 20
* octets. Building 20 extra octets for IP External Routes TLV.
*/
if (o->eigrp.type == EIGRP_TYPE_EXTERNAL)
{
*buffer.inaddr_ptr++ = INADDR_RND(o->eigrp.src_router);
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.src_as));
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.tag));
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.proto_metric));
*buffer.word_ptr++ = o->eigrp.opcode == EIGRP_OPCODE_UPDATE ?
FIELD_MUST_BE_ZERO : htons(0x0004);
*buffer.byte_ptr++ = __RND(o->eigrp.proto_id);
*buffer.byte_ptr++ = __RND(o->eigrp.ext_flags);
}
dest = INADDR_RND(o->eigrp.dest);
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.delay));
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.bandwidth));
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.mtu) << 8);
*buffer.byte_ptr++ = __RND(o->eigrp.hop_count);
*buffer.byte_ptr++ = __RND(o->eigrp.reliability);
*buffer.byte_ptr++ = __RND(o->eigrp.load);
*buffer.word_ptr++ = o->eigrp.opcode == EIGRP_OPCODE_UPDATE ?
FIELD_MUST_BE_ZERO : htons(0x0004);
*buffer.byte_ptr++ = prefix;
*buffer.inaddr_ptr++ = EIGRP_DADDR_BUILD(dest, prefix);
buffer.ptr += EIGRP_DADDR_LENGTH(prefix);
offset += (o->eigrp.type == EIGRP_TYPE_INTERNAL ?
EIGRP_TLEN_INTERNAL :
EIGRP_TLEN_EXTERNAL) +
EIGRP_DADDR_LENGTH(prefix);
}
/*
* In the other hand, EIGRP Packet for Hello can carry Paremeter,
* Software Version, Multicast Sequence or nothing (Acknowledge).
*/
}
else if (o->eigrp.opcode == EIGRP_OPCODE_HELLO)
{
/*
* AFAIK, EIGRP TLVs must follow a predefined sequence in order to
* be built. I am not sure whether any TLV's precedence will impact
* in the routers' processing of EIGRP Packet, so I am following
* exactly what I saw on live EIGRP PCAP files. Read the code and
* you will understand what I am talking about.
*/
switch (o->eigrp.type)
{
case EIGRP_TYPE_PARAMETER:
case EIGRP_TYPE_SOFTWARE:
case EIGRP_TYPE_MULTICAST:
/*
* Enhanced Interior Gateway Routing Protocol (EIGRP)
*
* General Parameter TLV (EIGRP Type = 0x0001)
*
* 0 1 2 3 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Type | Length |
* +---------------------------------------------------------------+
* | K1 | K2 | K3 | K4 |
* +---------------------------------------------------------------+
* | K5 | Reserved | Hold Time |
* +---------------------------------------------------------------+
*/
*buffer.word_ptr++ = htons(EIGRP_TYPE_PARAMETER);
*buffer.word_ptr++ = htons(o->eigrp.length ?
o->eigrp.length : EIGRP_TLEN_PARAMETER);
*buffer.byte_ptr++ = TEST_BITS(o->eigrp.values, EIGRP_KVALUE_K1) ?
__RND(o->eigrp.k1) : o->eigrp.k1;
*buffer.byte_ptr++ = TEST_BITS(o->eigrp.values, EIGRP_KVALUE_K2) ?
__RND(o->eigrp.k2) : o->eigrp.k2;
*buffer.byte_ptr++ = TEST_BITS(o->eigrp.values, EIGRP_KVALUE_K3) ?
__RND(o->eigrp.k3) : o->eigrp.k3;
*buffer.byte_ptr++ = TEST_BITS(o->eigrp.values, EIGRP_KVALUE_K4) ?
__RND(o->eigrp.k4) : o->eigrp.k4;
*buffer.byte_ptr++ = TEST_BITS(o->eigrp.values, EIGRP_KVALUE_K5) ?
__RND(o->eigrp.k5) : o->eigrp.k5;
*buffer.byte_ptr++ = FIELD_MUST_BE_ZERO;
*buffer.word_ptr++ = htons(o->eigrp.hold);
offset += EIGRP_TLEN_PARAMETER;
/* Going to the next TLV, if it needs to do so-> */
if (o->eigrp.type == EIGRP_TYPE_SOFTWARE ||
o->eigrp.type == EIGRP_TYPE_MULTICAST)
{
/*
* Enhanced Interior Gateway Routing Protocol (EIGRP)
*
* Software Version TLV (EIGRP Type = 0x0004)
*
* 0 1 2 3 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Type | Length |
* +---------------------------------------------------------------+
* | IOS Major | IOS Minor | EIGRP Major | EIGRP Minor |
* +---------------------------------------------------------------+
*/
*buffer.word_ptr++ = htons(EIGRP_TYPE_SOFTWARE);
*buffer.word_ptr++ = htons(o->eigrp.length ?
o->eigrp.length : EIGRP_TLEN_SOFTWARE);
*buffer.byte_ptr++ = __RND(o->eigrp.ios_major);
*buffer.byte_ptr++ = __RND(o->eigrp.ios_minor);
*buffer.byte_ptr++ = __RND(o->eigrp.ver_major);
*buffer.byte_ptr++ = __RND(o->eigrp.ver_minor);
offset += EIGRP_TLEN_SOFTWARE;
/* Going to the next TLV, if it needs to do so-> */
if (o->eigrp.type == EIGRP_TYPE_MULTICAST)
{
/*
* Enhanced Interior Gateway Routing Protocol (EIGRP)
*
* Sequence TLV (EIGRP Type = 0x0003)
*
* 0 1 2 3 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Type | Length |
* +---------------------------------------------------------------+
* | Addr Length //
* +---------------+
*
* +---------------------------------------------------------------+
* // IP Address |
* +---------------------------------------------------------------+
*/
*buffer.word_ptr++ = htons(EIGRP_TYPE_SEQUENCE);
*buffer.word_ptr++ = htons(o->eigrp.length ?
o->eigrp.length : EIGRP_TLEN_SEQUENCE);
*buffer.byte_ptr++ = sizeof(o->eigrp.address);
*buffer.inaddr_ptr++ = INADDR_RND(o->eigrp.address);
/*
* Enhanced Interior Gateway Routing Protocol (EIGRP)
*
* Next Multicast Sequence TLV (EIGRP Type = 0x0005)
*
* 0 1 2 3 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Type | Length |
* +---------------------------------------------------------------+
* | Next Multicast Sequence |
* +---------------------------------------------------------------+
*/
*buffer.word_ptr++ = htons(EIGRP_TYPE_MULTICAST);
*buffer.word_ptr++ = htons(o->eigrp.length ?
o->eigrp.length : EIGRP_TLEN_MULTICAST);
*buffer.dword_ptr++ = htonl(__RND(o->eigrp.multicast));
offset += EIGRP_TLEN_MULTICAST +
EIGRP_TLEN_SEQUENCE;
}
}
}
}
/* Computing the checksum. */
eigrp->check = o->bogus_csum ?
random() : cksum(eigrp, offset);
/* GRE Encapsulation takes place. */
gre_checksum(packet, o, packet_size);
/* Setting SOCKADDR structure. */
sin.sin_family = AF_INET;
sin.sin_port = htons(IPPORT_RND(o->dest));
sin.sin_addr.s_addr = o->ip.daddr;
/* Sending packet. */
if (sendto(fd, packet, packet_size, MSG_NOSIGNAL, (struct sockaddr *) &sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)
return 1;
return 0;
}
/* Packet and Checksum. */
memptr_t buffer;
struct iphdr *ip;
struct ospf_hdr *ospf;
/* OSPF Auth header, LSA header and LLS TLVs. */
struct ospf_auth_hdr *ospf_auth;
struct ospf_lsa_hdr *ospf_lsa;
struct ospf_lls_hdr *ospf_lls;
assert(co != NULL);
greoptlen = gre_opt_len(co);
ospf_options = __RND(co->ospf.options);
lls = TEST_BITS(ospf_options, OSPF_OPTION_LLS) ? 1 : 0;
ospf_length = ospf_hdr_len(co->ospf.type,
co->ospf.neighbor,
co->ospf.lsa_type,
co->ospf.dd_include_lsa);
*size = sizeof(struct iphdr) +
sizeof(struct ospf_hdr) +
sizeof(struct ospf_auth_hdr) +
greoptlen +
ospf_length +
auth_hmac_md5_len(co->ospf.auth) +
ospf_tlv_len(co->ospf.type, lls, co->ospf.auth);
/* Try to reallocate packet, if necessary */
alloc_packet(*size);
LONG
CED6AsDecompiler::
DumpInstrction(
ED6_ACTION_SCRIPT_INFO *pAsInfo,
ED6_AS_CRAFT_INFO *pCraft,
ED6_INSTRUCTION *pInstruction,
CFileDisk &file,
LPSTR Buffer
)
{
LONG Status;
CHAR szParamLengthTable[] = { 'b', 's', 't', 'i' };
ED6_INSTRUCTION_PARAM *pParam;
ED6_AS_INSTRUCTION_MAP *pMap;
ED6_INSTRUCTION_RECORD Ref;
if (TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_LINK))
{
if (pInstruction != pCraft->pInstruction)
WriteScr("\n");
return ASDECL_ERROR_DUMPED;
}
pMap = FindInstrctionMapByCode(pInstruction->Code);
if (pMap == NULL)
return ASDECL_ERROR_UNKNOWN_INSTRUCTION;
pInstruction->Flags |= INSTRUCTION_FLAG_DUMPED;
if (!TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_UNLABEL))
{
if (TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_LABEL) ||
FindFunction(pInstruction->Offset, Ref))
{
pInstruction->Flags |= INSTRUCTION_FLAG_UNLABEL;
GetLabelName(pAsInfo, pInstruction->Offset, Buffer);
// if (pInstruction != pCraft->pInstruction)
WriteScr("\n");
WriteScr("#%s\n", Buffer);
}
}
if (pInstruction->Code == AS_GOTO)
{
// if (IsLabelNextInstruction(pInstruction, pInstruction->Param->Value.LowPart))
// return ASDECL_ERROR_SUCCESS;
}
if (pMap->pszName != NULL)
{
WriteScr("%s", pMap->pszName);
}
else
{
WriteScr("%s%X", NAME_DEFAULT_INSTRUCTION_PREFIX, pMap->Instruction);
}
AS_IF_FAIL_RETURN(Status);
if (pInstruction->ParamNumber == 0)
{
WriteScr("\n");
m_bLastIsNewLine = FALSE;
return ASDECL_ERROR_SUCCESS;
}
WriteScr("(");
pParam = pInstruction->Param;
for (ULONG Count = 0; Count != pInstruction->ParamNumber; ++pParam, Count++)
{
LPSTR pszParamDesc = NULL;
ED6_INSTRUCTION_PARAM_DESC *pDesc = NULL;
if (Count != 0)
{
WriteScr(", ");
}
pDesc = pMap->pParamDesc;
for (ULONG i = pMap->DescCount; i; ++pDesc, --i)
{
if (pDesc->pszDescription == NULL)
continue;
if (Count != pDesc->ParamIndex)
continue;
if (pDesc->Value != pParam->Value.LowPart)
continue;
pszParamDesc = pDesc->pszDescription;
break;
}
if (pszParamDesc != NULL)
{
WriteScr("%s", pszParamDesc);
if (pParam->Length != pDesc->Length)
WriteScr(":%c", szParamLengthTable[pParam->Length - 1]);
continue;
}
if (TEST_BITS(pParam->Flags, INSTRUCTION_FLAG_FLOAT))
{
WriteScr("%f:f", pParam->Value.LowPart);
continue;
}
if (!TEST_BITS(pParam->Flags, INSTRUCTION_PARAM_FLAG_ADDRESS))
{
if (pParam->Length <= countof(szParamLengthTable))
{
WriteScr("0x%X:%c", pParam->Value.LowPart, szParamLengthTable[pParam->Length - 1]);
}
else if (pParam->Length == INSTRUCTION_LENGTH_STRING)
{
WriteScr("\"%s\"", pParam->Value.LowPart ? (LPSTR)pParam->Value.LowPart : "");
}
else
{
PBYTE pbParam = (PBYTE)&pParam->Value;
WriteScr("[%02X", *pbParam++);
for (ULONG Length = pParam->Length - 1; Length; --Length)
WriteScr(" %02X", *pbParam++);
WriteScr("]");
}
}
else
{
GetLabelName(pAsInfo, pParam->Value.LowPart, Buffer);
WriteScr("%s:s", Buffer);
}
}
WriteScr(")\n");
return Status;
}
LONG
CED6AsDecompiler::
DumpOneCraft(
ED6_ACTION_SCRIPT_INFO *pAsInfo,
ED6_AS_CRAFT_INFO *pCraft,
CFileDisk &file,
LPSTR Buffer
)
{
LONG Status;
ULONG CraftIndex, Offset;
ED6_INSTRUCTION *pInstruction;
ED6_AS_CRAFT_INFO *pFunction;
pInstruction = pCraft->pInstruction;
if (pInstruction == NULL ||
TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_LINK) ||
TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_DUMPED))
{
/*
ED6_AS_INSTRUCTION_MAP *pMap;
pMap = FindInstrctionMapByCode(AS_JUMP);
WriteScr("%s ( %s%04X )\n", pMap->pszName, NAME_CRAFT_LABEL_PREFIX, pInstruction->Offset);
*/
return ASDECL_ERROR_DUMPED;
}
pFunction = pAsInfo->pFunctionInfo;
Offset = pCraft->Offset;
for (LONG FuncCount = pAsInfo->FunctionCount; FuncCount; ++pFunction, --FuncCount)
{
if (Offset >= pFunction->Offset)
{
Status = DumpOneFunction(pAsInfo, pFunction, file, Buffer);
AS_IF_FAIL_BREAK(Status);
// if (Status != ASDECL_ERROR_DUMPED)
WriteScr("\n");
}
}
CraftIndex = pCraft - pAsInfo->pCraftInfo;
if (!TEST_BITS(pInstruction->Flags, INSTRUCTION_FLAG_UNLABEL))
{
GetCraftName(pAsInfo, CraftIndex, Buffer);
WriteScr("\n@_MOD 16\n#%s\n", Buffer);
pInstruction->Flags |= INSTRUCTION_FLAG_UNLABEL;
}
for (ULONG InsCount = pCraft->Count; InsCount; ++pInstruction, --InsCount)
{
Offset = pInstruction->Offset;
pFunction = pAsInfo->pFunctionInfo;
for (LONG FuncCount = pAsInfo->FunctionCount; FuncCount; ++pFunction, --FuncCount)
{
if (Offset >= pFunction->Offset)
{
Status = DumpOneFunction(pAsInfo, pFunction, file, Buffer);
AS_IF_FAIL_RETURN(Status);
}
}
Status = DumpInstrction(pAsInfo, pCraft, pInstruction, file, Buffer);
AS_IF_FAIL_BREAK(Status);
}
WriteScr("\n");
return Status;
}
