void
Method::print_body()
{
if (!_body) {
log_parse("Method has no body.");
return;
}
std::stringstream ss("Method Body:");
for(boost::uint32_t i = 0; i < _bodyLength ; ++i) {
const boost::uint8_t opcode = _body->read_as3op();
ss << "0x" << std::uppercase << std::hex << (opcode | 0x0) << " ";
}
_body->seekTo(0);
log_parse("%s", ss.str());
}
void
SWFMovieDefinition::add_sound_sample(int id, sound_sample* sam)
{
assert(sam);
IF_VERBOSE_PARSE(
log_parse(_("Add sound sample %d assigning id %d"),
id, sam->m_sound_handler_id);
)
// Create and initialize a sprite, and add it to the movie.
void
sprite_loader(SWFStream& in, TagType tag, movie_definition& m,
const RunResources& r)
{
assert(tag == SWF::DEFINESPRITE); // 39 - DefineSprite
in.ensureBytes(2);
const boost::uint16_t id = in.read_u16();
IF_VERBOSE_PARSE(
log_parse(_(" sprite: char id = %d"), id);
);
void
DefineText2Tag::loader(SWFStream& in, TagType tag, movie_definition& m,
const RunResources& /*r*/)
{
assert(tag == DEFINETEXT2);
in.ensureBytes(2);
boost::uint16_t id = in.read_u16();
std::auto_ptr<DefineTextTag> t(new DefineTextTag(in, m, tag));
IF_VERBOSE_PARSE(
log_parse(_("Text DisplayObject, id = %d"), id);
);
bool
SWFParser::read(std::streamsize bytes)
{
// If we didn't use all the bytes given to us last time,
// we may read more than the size passed.
_endRead += bytes;
const SWF::TagLoadersTable& tagLoaders = _runResources.tagLoaders();
while (_bytesRead < _endRead) {
const size_t startPos = _stream.tell();
// If a tag hasn't been opened, open one and check
// how many bytes are needed. The size reported by the
// tag seems to be the value used, even when it's wrong.
if (!_tagOpen) {
_nextTagEnd = openTag() - startPos;
}
try {
// Check if we are now supposed to read enough bytes to get to the
// end of the tag.
if (_nextTagEnd > _endRead) {
return true;
}
// Signal that we have reached the end of a SWF or sprite when
// a SWF::END tag is encountered.
if (_tag == SWF::END) {
closeTag();
return false;
}
SWF::TagLoadersTable::TagLoader lf = nullptr;
if (_tag == SWF::SHOWFRAME) {
// show frame tag -- advance to the next frame.
IF_VERBOSE_PARSE(log_parse(_("SHOWFRAME tag")));
_md->incrementLoadedFrames();
}
else if (tagLoaders.get(_tag, lf)) {
// call the tag loader. The tag loader should add
// DisplayObjects or tags to the movie data structure.
lf(_stream, _tag, *_md, _runResources);
}
else {
// no tag loader for this tag type.
log_error(_("Encountered unknown tag %d. These usually store "
"creation tool data and do not affect playback"), _tag);
IF_VERBOSE_PARSE(
std::ostringstream ss;
dumpTagBytes(_stream, ss);
log_error(_("tag dump follows: %s"), ss.str());
);
}
}
catch (const ParserException& e) {
// If the error occurred in a tag, we continue parsing so that
// single malformed tags don't prevent reading subsequent tags.
log_error(_("Parsing exception: %s"), e.what());
}
if (_tagOpen) closeTag();
_bytesRead += (_stream.tell() - startPos);
}
return true;
}
int main(int argc, char *argv[]) {
int length, i = 0, rd, j;
int fd, wd, log;
char buffer[sizeof(struct inotify_event)];
struct inotify_event *event;
char logbuffer[LOG_BUFFER], *line;
if(argc < 2) {
fprintf(stderr, "Usage: %s log-filename\n", argv[0]);
return 1;
}
/* Grabbing system informations */
if(gethostname(global.hostname, 64) != 0) {
perror("[-] getsystem.");
return 1;
}
/* Initializing inotify */
if((fd = inotify_init()) < 0) {
perror("[-] inotify_init");
return 1;
}
/* Monitoring log change */
if((wd = inotify_add_watch(fd, argv[1], IN_MODIFY)) == -1) {
perror("[-] inotify_add_watch");
return 1;
}
/* Init syslog */
openlog("sshbanner", LOG_PID | LOG_NOWAIT, LOG_DAEMON);
syslog(LOG_INFO, "Initializing...");
/* Opening log file */
if((log = open(argv[1], O_RDONLY)) == -1) {
perror("[-] open");
return 1;
}
/* Signal Handling */
signal_intercept(SIGINT, sighandler);
signal_intercept(SIGTERM, sighandler);
signal_intercept(SIGSEGV, sighandler);
/* Modules initialization */
module_init();
/* iptables initialization */
module_chain_init(global.modules);
printf("[+] Banner: waiting message...\n");
/* Waiting */
while((length = read(fd, buffer, sizeof(struct inotify_event))) > 0) {
for(i = 0; i < length; i += sizeof(struct inotify_event) + event->len) {
event = (struct inotify_event *) &buffer[i];
/* Going near of the end of file */
if(lseek(log, -LOG_BUFFER, SEEK_END) == -1)
if(lseek(log, 0, SEEK_SET) == -1)
perror("[-] lseek");
/* Reading to buffering */
if((rd = read(log, logbuffer, LOG_BUFFER)) == -1) {
perror("[-] read");
break;
}
logbuffer[rd - 1] = '\0';
/* Gabbing last line */
line = logbuffer;
for(j = rd - 2; j > 0; j--) {
if(logbuffer[j] == '\n') {
line = logbuffer + j + 1;
break;
}
}
log_parse(line, global.modules);
}
}
perror("[-] read");
/* Cleaning */
inotify_rm_watch(fd, wd);
close(fd);
close(log);
closelog();
return 0;
}
