static void
display_socks_v5(tvbuff_t *tvb, int offset, packet_info *pinfo,
	proto_tree *tree, socks_hash_entry_t *hash_info) {

/* Display the protocol tree for the version. This routine uses the	*/
/* stored conversation information to decide what to do with the row.	*/
/* Per packet information would have been better to do this, but we	*/
/* didn't have that when I wrote this. And I didn't expect this to get	*/
/* so messy.								*/

	unsigned int i, command;
	guint temp;
	const char *AuthMethodStr;
	guint8 auth_status;

	proto_tree_add_item( tree, hf_socks_ver, tvb, offset, 1, FALSE);
	++offset;

	if (compare_packet( hash_info->connect_row)){

		proto_tree      *AuthTree;
		proto_item      *ti;

		temp = tvb_get_guint8(tvb, offset);	/* Get Auth method count */
							/* build auth tree */
		ti = proto_tree_add_text( tree, tvb, offset, -1,
				"Client Authentication Methods");

		AuthTree = proto_item_add_subtree(ti, ett_socks_auth);

		proto_tree_add_text( AuthTree, tvb, offset, 1,
				"Count: %u", temp);
		++offset;

		for( i = 0; i  < temp; ++i) {

			AuthMethodStr = get_auth_method_name(
				tvb_get_guint8( tvb, offset));
			proto_tree_add_text( AuthTree, tvb, offset, 1,
				"Method[%u]: %u (%s)", i,
				tvb_get_guint8( tvb, offset), AuthMethodStr);
			++offset;
		}
		proto_item_set_end( ti, tvb, offset);
		return;
	}					/* Get accepted auth method */
	else if (compare_packet( hash_info->auth_method_row)) {

		proto_tree_add_text( tree, tvb, offset, 1,
			"Accepted Auth Method: 0x%0x (%s)", tvb_get_guint8( tvb, offset),
				get_auth_method_name( tvb_get_guint8( tvb, offset)));

		return;
	}					/* handle user/password auth */
	else if (compare_packet( hash_info->user_name_auth_row)) {

						/* process user name	*/
		offset += display_string( tvb, offset, tree,
				"User name");
						/* process password	*/
		offset += display_string( tvb, offset, tree,
				"Password");
	}
					/* command to the server */
					/* command response from server */
	else if (compare_packet( hash_info->auth_version)) {
		auth_status = tvb_get_guint8(tvb, offset);
		if(auth_status != 0)
			proto_tree_add_text( tree, tvb, offset, 1, "Status: %u (failure)", auth_status);
		else
			proto_tree_add_text( tree, tvb, offset, 1, "Status: success");
		offset ++;
	}
	else if (compare_packet( hash_info->gssapi_auth_row)) {
		guint16 len;
		proto_tree_add_item( tree, hf_gssapi_command, tvb, offset, 1, FALSE);
		proto_tree_add_item( tree, hf_gssapi_length, tvb, offset+1, 2, FALSE);
		len = tvb_get_ntohs(tvb, offset+1);
		if (len > 0)
			proto_tree_add_item( tree, hf_gssapi_payload, tvb, offset+3, len, FALSE);
	}
	else if (compare_packet( hash_info->gssapi_auth_failure_row)) {
		proto_tree_add_item( tree, hf_gssapi_command, tvb, offset, 1, FALSE);
	}
	else if (compare_packet( hash_info->gssapi_auth_reply_row)) {
		guint16 len;
		proto_tree_add_item( tree, hf_gssapi_command, tvb, offset, 1, FALSE);
		proto_tree_add_item( tree, hf_gssapi_length, tvb, offset+1, 2, FALSE);
		len = tvb_get_ntohs(tvb, offset+1);
		if (len > 0)
			proto_tree_add_item( tree, hf_gssapi_payload, tvb, offset+3, len, FALSE);
	}
	else if ((compare_packet( hash_info->command_row)) ||
	         (compare_packet( hash_info->cmd_reply_row)) ||
	         (compare_packet( hash_info->bind_reply_row))){

		command = tvb_get_guint8(tvb, offset);

		if (compare_packet( hash_info->command_row))
			proto_tree_add_uint( tree, hf_socks_cmd, tvb, offset, 1,
			    command);

		else {
			proto_item *hidden_item;
			proto_tree_add_item( tree, hf_socks_results_5, tvb, offset, 1, FALSE);
			hidden_item = proto_tree_add_item(tree, hf_socks_results, tvb, offset, 1, FALSE);
			PROTO_ITEM_SET_HIDDEN(hidden_item);
		}

		++offset;

		proto_tree_add_text( tree, tvb, offset, 1,
			"Reserved: 0x%0x (should = 0x00)", tvb_get_guint8(tvb, offset));
		++offset;

		offset = display_address(tvb, offset, tree);
/*XXX Add remote port for search somehow */
						/* Do remote port	*/
		proto_tree_add_text( tree, tvb, offset, 2,
				"%sPort: %u",
				(compare_packet( hash_info->bind_reply_row) ?
					"Remote Host " : ""),
				 tvb_get_ntohs(tvb, offset));
	}
}
示例#2
0
/**
 * returns the status of the execution
 *  0 = normal end
 *  1 = expect mismatch
 */
int execute_script(int sockfd, registry_t *script) {

	// current "pc" pointer to script line
	int curpos = 0;	
	line_t *line = NULL;
	int lineno = 0;

	int err = 0;
	ssize_t size = 0;
	line_t *errmsg = NULL;
	scriptlet_t *scr = NULL;

	while ( (err == 0) && (line = reg_get(script, curpos)) != NULL) {

		lineno = line->num;

		switch (line->cmd) {
		case CMD_COMMENT:
			if (!trace) {
				break;
			}
			// fall-through
		case CMD_MESSAGE:
			log_info("> %s\n", line->buffer);
			break;
		case CMD_ERRMSG:
			errmsg = line;
			break;
		case CMD_SEND:
			for (int i = 0; (scr = reg_get(&line->scriptlets, i)) != NULL; i++) {
				if (scr->exec != NULL) {
					scr->exec(line, scr);
				}
			}
			if (trace) {
				log_hexdump2(line->buffer, line->length, 0, "Send  : ");
			}

			size = write(sockfd, line->buffer, line->length);
			if (size < 0) {
				log_errno("Error writing to socket at line %d\n", lineno);
				err = -1;
			}
			break;
		case CMD_EXPECT:
			line->mask = mem_alloc_c(line->length, "line_mask");
			memset(line->mask, 0xff, line->length);
			for (int i = 0; (scr = reg_get(&line->scriptlets, i)) != NULL; i++) {
				if (scr->exec != NULL) {
					scr->exec(line, scr);
				}
			}
			err = compare_packet(sockfd, line->buffer, line->mask, line->length, lineno);
			mem_free(line->mask);
			line->mask = NULL;

			if (err != 0) {
				if (errmsg != NULL) {
					log_error("> %d: %s -> %d\n", lineno, errmsg->buffer, err);
				}
				return err;
			}
			break;
		case CMD_INIT:
			send_sync(sockfd);
			err = compare_packet(sockfd, line->buffer, NULL, line->length, lineno);
			if (err != 0) {
				if (errmsg != NULL) {
					log_error("> %d: %s -> %d\n", lineno, errmsg->buffer, err);
				}
				return err;
			}
			break;
		}
		curpos++;
	}

	return 0;
}
static void
display_socks_v4(tvbuff_t *tvb, int offset, packet_info *pinfo,
	proto_tree *tree, socks_hash_entry_t *hash_info) {


/* Display the protocol tree for the V4 version. This routine uses the	*/
/* stored conversation information to decide what to do with the row.	*/
/* Per packet information would have been better to do this, but we	*/
/* didn't have that when I wrote this. And I didn't expect this to get	*/
/* so messy.								*/


	proto_item *hidden_item;
	guint command;
	unsigned char ipaddr[4];
	guint username_len, domainname_len;

					/* Display command from client */
	if (compare_packet( hash_info->connect_row)){

		proto_tree_add_text( tree, tvb, offset, 1,
				"Version: %u", hash_info->version);
		++offset;
		command = tvb_get_guint8(tvb, offset);

		proto_tree_add_text( tree, tvb, offset, 1,
			"Command: %u (%s)", command,
				get_command_name( command));
		++offset;

						/* Do remote port	*/
		proto_tree_add_item( tree, hf_socks_dstport, tvb, offset, 2,
				FALSE);
		offset += 2;

						/* Do destination address */
		tvb_memcpy(tvb, ipaddr, offset, 4);
		proto_tree_add_item( tree, hf_socks_ip_dst, tvb, offset,
				4, FALSE);

		offset += 4;

/*XXX check this, needs to do length checking	 */
/* Should perhaps do TCP reassembly as well */
		if ( tvb_offset_exists(tvb, offset)) {
						/* display user name 	*/
			username_len = tvb_strsize(tvb, offset);
			proto_tree_add_item( tree, hf_user_name, tvb, offset,
				username_len, FALSE);
			offset += username_len;
			if ( ipaddr[0] == 0 && ipaddr[1] == 0 &&
			     ipaddr[2] == 0 && ipaddr[3] != 0) {
			     	/* 0.0.0.x , where x!=0 means v4a support */
			     	domainname_len = tvb_strsize(tvb, offset);
				proto_tree_add_item( tree, hf_v4a_dns_name,
					tvb, offset, domainname_len,
					FALSE);
			}
		}

	}
				/*Display command response from server*/

	else if ( compare_packet( hash_info->cmd_reply_row)){

		proto_tree_add_item( tree, hf_socks_ver, tvb, offset, 1,
				FALSE);
		++offset;
						/* Do results code	*/
		proto_tree_add_item( tree, hf_socks_results_4, tvb, offset, 1, FALSE);
		hidden_item = proto_tree_add_item(tree, hf_socks_results, tvb, offset, 1, FALSE);
		PROTO_ITEM_SET_HIDDEN(hidden_item);

		++offset;

						/* Do remote port	*/
		proto_tree_add_item( tree, hf_socks_dstport, tvb, offset, 2,
				FALSE);
		offset += 2;
						/* Do remote address	*/
		proto_tree_add_item( tree, hf_socks_ip_dst, tvb, offset, 4,
			FALSE);
	}

	else if ( compare_packet( hash_info->v4_user_name_row)){

/*XXX check this, needs to do length checking	 */
/* Should perhaps do TCP reassembly as well */
		if ( tvb_offset_exists(tvb, offset)) {
			proto_tree_add_text( tree, tvb, offset,
				tvb_strsize(tvb, offset),
				"User Name: %s", tvb_get_ptr(tvb, offset, -1));
		}
	}
}
示例#4
0
文件: pcrunner.c 项目: fachat/XD2031
/**
 * returns the status of the execution
 *  0 = normal end
 *  1 = expect mismatch
 */
int execute_script(int sockfd, int toolsfd, registry_t *script) {

	// current "pc" pointer to script line
	int curpos = 0;	
	line_t *line = NULL;
	int lineno = 0;

	int err = 0;
	ssize_t size = 0;
	line_t *errmsg = NULL;
	scriptlet_t *scr = NULL;

	// guaranteed to be valid; toolsfd may be not set (<0)
	int curfd = sockfd;

	while ( (err == 0) && (line = reg_get(script, curpos)) != NULL) {

		lineno = line->num;

		switch (line->cmd) {
		case CMD_COMMENT:
			if (!trace) {
				break;
			}
			// fall-through
		case CMD_MESSAGE:
			log_info("> %s\n", line->buffer);
			break;
		case CMD_ERRMSG:
			errmsg = line;
			break;
		case CMD_SEND:
			for (int i = 0; (scr = reg_get(&line->scriptlets, i)) != NULL; i++) {
				if (scr->exec != NULL) {
					scr->exec(line, scr);
				}
			}
			if (trace) {
				log_hexdump2(line->buffer, line->length, 0, "Send  : ");
			}

			size = write(curfd, line->buffer, line->length);
			if (size < 0) {
				log_errno("Error writing to socket at line %d\n", lineno);
				err = -1;
			}
			break;
		case CMD_EXPECT:
			line->mask = mem_alloc_c(line->length, "line_mask");
			memset(line->mask, 0xff, line->length);
			for (int i = 0; (scr = reg_get(&line->scriptlets, i)) != NULL; i++) {
				if (scr->exec != NULL) {
					scr->exec(line, scr);
				}
			}
			err = compare_packet(curfd, line->buffer, line->mask, line->length, lineno);
			mem_free(line->mask);
			line->mask = NULL;

			if (err != 0) {
				if (errmsg != NULL) {
					log_error("> %d: %s -> %d\n", lineno, errmsg->buffer, err);
				}
				return 1;
			}
			break;
		case CMD_INIT:
			send_sync(curfd);
			err = compare_packet(curfd, line->buffer, NULL, line->length, lineno);
			if (err != 0) {
				if (errmsg != NULL) {
					log_error("> %d: %s -> %d\n", lineno, errmsg->buffer, err);
				}
				return 1;
			}
			break;
		case CMD_CHANNEL:
			if ((!strcmp("tools", line->buffer)) && toolsfd >= 0) {
				curfd = toolsfd;
			} else
			if ((!strcmp("device", line->buffer)) && sockfd >= 0) {
				curfd = sockfd;
			} else {
				log_error("> %d: -> unknown channel name %s\n", lineno, line->buffer);
				return 1;
			}
			break;
		}
		curpos++;
	}

	return 0;
}