abstracting out port validation because shared between udp and tcp.
This commit is contained in:
Zakir Durumeric
parent
37630d7325
commit
b70a2835b9
@ -26,7 +26,13 @@
|
|||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
|
||||||
probe_module_t module_tcp_synscan;
|
probe_module_t module_tcp_synscan;
|
||||||
uint32_t num_ports = 1;
|
static uint32_t num_ports;
|
||||||
|
|
||||||
|
int synscan_global_initialize(struct state_conf *state)
|
||||||
|
{
|
||||||
|
num_ports = state->source_port_last - state->source_port_first + 1;
|
||||||
|
return EXIT_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
int synscan_init_perthread(void* buf, macaddr_t *src,
|
int synscan_init_perthread(void* buf, macaddr_t *src,
|
||||||
macaddr_t *gw, port_h_t dst_port)
|
macaddr_t *gw, port_h_t dst_port)
|
||||||
@ -39,7 +45,6 @@ int synscan_init_perthread(void* buf, macaddr_t *src,
|
|||||||
make_ip_header(ip_header, IPPROTO_TCP, len);
|
make_ip_header(ip_header, IPPROTO_TCP, len);
|
||||||
struct tcphdr *tcp_header = (struct tcphdr*)(&ip_header[1]);
|
struct tcphdr *tcp_header = (struct tcphdr*)(&ip_header[1]);
|
||||||
make_tcp_header(tcp_header, dst_port);
|
make_tcp_header(tcp_header, dst_port);
|
||||||
num_ports = zconf.source_port_last - zconf.source_port_first + 1;
|
|
||||||
return EXIT_SUCCESS;
|
return EXIT_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -49,15 +54,13 @@ int synscan_make_packet(void *buf, ipaddr_n_t src_ip, ipaddr_n_t dst_ip,
|
|||||||
struct ethhdr *eth_header = (struct ethhdr *)buf;
|
struct ethhdr *eth_header = (struct ethhdr *)buf;
|
||||||
struct iphdr *ip_header = (struct iphdr*)(ð_header[1]);
|
struct iphdr *ip_header = (struct iphdr*)(ð_header[1]);
|
||||||
struct tcphdr *tcp_header = (struct tcphdr*)(&ip_header[1]);
|
struct tcphdr *tcp_header = (struct tcphdr*)(&ip_header[1]);
|
||||||
uint16_t src_port = zconf.source_port_first
|
|
||||||
+ ((validation[1] + probe_num) % num_ports);
|
|
||||||
uint32_t tcp_seq = validation[0];
|
uint32_t tcp_seq = validation[0];
|
||||||
|
|
||||||
|
|
||||||
ip_header->saddr = src_ip;
|
ip_header->saddr = src_ip;
|
||||||
ip_header->daddr = dst_ip;
|
ip_header->daddr = dst_ip;
|
||||||
|
|
||||||
tcp_header->source = htons(src_port);
|
tcp_header->source = htons(get_src_port(num_ports,
|
||||||
|
probe_num, validation));
|
||||||
tcp_header->seq = tcp_seq;
|
tcp_header->seq = tcp_seq;
|
||||||
tcp_header->check = 0;
|
tcp_header->check = 0;
|
||||||
tcp_header->check = tcp_checksum(sizeof(struct tcphdr),
|
tcp_header->check = tcp_checksum(sizeof(struct tcphdr),
|
||||||
@ -121,19 +124,7 @@ response_type_t* synscan_classify_packet(const u_char *packet, uint32_t len)
|
|||||||
return &(module_tcp_synscan.responses[0]);
|
return &(module_tcp_synscan.responses[0]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Returns 0 if dst_port is outside the expected valid range, non-zero otherwise
|
|
||||||
static inline int check_dst_port(uint16_t port, uint32_t *validation)
|
|
||||||
{
|
|
||||||
if (port > zconf.source_port_last
|
|
||||||
|| port < zconf.source_port_first) {
|
|
||||||
return EXIT_FAILURE;
|
|
||||||
}
|
|
||||||
int32_t to_validate = port - zconf.source_port_first;
|
|
||||||
int32_t min = validation[1] % num_ports;
|
|
||||||
int32_t max = (validation[1] + zconf.packet_streams - 1) % num_ports;
|
|
||||||
|
|
||||||
return (((max - min) % num_ports) >= ((to_validate - min) % num_ports));
|
|
||||||
}
|
|
||||||
|
|
||||||
int synscan_validate_packet(const struct iphdr *ip_hdr, uint32_t len,
|
int synscan_validate_packet(const struct iphdr *ip_hdr, uint32_t len,
|
||||||
__attribute__((unused))uint32_t *src_ip, uint32_t *validation)
|
__attribute__((unused))uint32_t *src_ip, uint32_t *validation)
|
||||||
@ -156,7 +147,7 @@ int synscan_validate_packet(const struct iphdr *ip_hdr, uint32_t len,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// validate destination port
|
// validate destination port
|
||||||
if (!check_dst_port(ntohs(dport), validation)) {
|
if (!check_dst_port(ntohs(dport), num_ports, validation)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -185,6 +176,7 @@ probe_module_t module_tcp_synscan = {
|
|||||||
.pcap_filter = "tcp && tcp[13] & 4 != 0 || tcp[13] == 18",
|
.pcap_filter = "tcp && tcp[13] & 4 != 0 || tcp[13] == 18",
|
||||||
.pcap_snaplen = 96,
|
.pcap_snaplen = 96,
|
||||||
.port_args = 1,
|
.port_args = 1,
|
||||||
|
.global_initialize = &synscan_global_initialize,
|
||||||
.thread_initialize = &synscan_init_perthread,
|
.thread_initialize = &synscan_init_perthread,
|
||||||
.make_packet = &synscan_make_packet,
|
.make_packet = &synscan_make_packet,
|
||||||
.print_packet = &synscan_print_packet,
|
.print_packet = &synscan_print_packet,
|
||||||
|
|||||||
@ -34,25 +34,26 @@ int udp_send_msg_len = 0;
|
|||||||
|
|
||||||
const char *udp_send_msg_default = "GET / HTTP/1.1\r\nHost: www\r\n\r\n";
|
const char *udp_send_msg_default = "GET / HTTP/1.1\r\nHost: www\r\n\r\n";
|
||||||
|
|
||||||
static int num_ports = 1;
|
static int num_ports;
|
||||||
|
|
||||||
probe_module_t module_udp;
|
probe_module_t module_udp;
|
||||||
|
|
||||||
|
int udp_global_initialize(struct state_conf *conf) {
|
||||||
int udp_global_initialize(struct state_conf * zconf) {
|
|
||||||
char *args, *c;
|
char *args, *c;
|
||||||
int i;
|
int i;
|
||||||
unsigned int n;
|
unsigned int n;
|
||||||
|
|
||||||
FILE *inp;
|
FILE *inp;
|
||||||
|
|
||||||
|
num_ports = conf->source_port_last - conf->source_port_first + 1;
|
||||||
|
|
||||||
udp_send_msg = strdup(udp_send_msg_default);
|
udp_send_msg = strdup(udp_send_msg_default);
|
||||||
udp_send_msg_len = strlen(udp_send_msg);
|
udp_send_msg_len = strlen(udp_send_msg);
|
||||||
|
|
||||||
if (! (zconf->probe_args && strlen(zconf->probe_args) > 0))
|
if (!(conf->probe_args && strlen(conf->probe_args) > 0))
|
||||||
return(0);
|
return(0);
|
||||||
|
|
||||||
args = strdup(zconf->probe_args);
|
args = strdup(conf->probe_args);
|
||||||
if (! args) exit(1);
|
if (! args) exit(1);
|
||||||
|
|
||||||
c = strchr(args, ':');
|
c = strchr(args, ':');
|
||||||
@ -154,23 +155,23 @@ int udp_init_perthread(void* buf, macaddr_t *src,
|
|||||||
|
|
||||||
memcpy(payload, udp_send_msg, udp_send_msg_len);
|
memcpy(payload, udp_send_msg, udp_send_msg_len);
|
||||||
|
|
||||||
num_ports = zconf.source_port_last - zconf.source_port_first + 1;
|
|
||||||
|
|
||||||
return EXIT_SUCCESS;
|
return EXIT_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
int udp_make_packet(void *buf, ipaddr_n_t src_ip, ipaddr_n_t dst_ip,
|
int udp_make_packet(void *buf, ipaddr_n_t src_ip, ipaddr_n_t dst_ip,
|
||||||
uint32_t *validation, int probe_num)
|
uint32_t *validation, int probe_num)
|
||||||
{
|
{
|
||||||
struct ethhdr *eth_header = (struct ethhdr *)buf;
|
struct ethhdr *eth_header = (struct ethhdr *)buf;
|
||||||
struct iphdr *ip_header = (struct iphdr*)(ð_header[1]);
|
struct iphdr *ip_header = (struct iphdr*)(ð_header[1]);
|
||||||
struct udphdr *udp_header = (struct udphdr*)(&ip_header[1]);
|
struct udphdr *udp_header = (struct udphdr*)(&ip_header[1]);
|
||||||
uint16_t src_port = zconf.source_port_first
|
|
||||||
+ ((validation[1] + probe_num) % num_ports);
|
|
||||||
|
|
||||||
ip_header->saddr = src_ip;
|
ip_header->saddr = src_ip;
|
||||||
ip_header->daddr = dst_ip;
|
ip_header->daddr = dst_ip;
|
||||||
udp_header->source = src_port;
|
udp_header->source = get_src_port(num_ports, probe_num,
|
||||||
|
validation);
|
||||||
|
|
||||||
ip_header->check = 0;
|
ip_header->check = 0;
|
||||||
ip_header->check = ip_checksum((unsigned short *) ip_header);
|
ip_header->check = ip_checksum((unsigned short *) ip_header);
|
||||||
@ -218,7 +219,6 @@ void udp_print_packet(FILE *fp, void* packet)
|
|||||||
fprintf(fp, "------------------------------------------------------\n");
|
fprintf(fp, "------------------------------------------------------\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
response_type_t* udp_classify_packet(const u_char *packet, uint32_t len)
|
response_type_t* udp_classify_packet(const u_char *packet, uint32_t len)
|
||||||
{
|
{
|
||||||
(void)len;
|
(void)len;
|
||||||
@ -232,20 +232,6 @@ response_type_t* udp_classify_packet(const u_char *packet, uint32_t len)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Returns 0 if dst_port is outside the expected valid range, non-zero otherwise
|
|
||||||
static inline int check_dst_port(uint16_t port, uint32_t *validation)
|
|
||||||
{
|
|
||||||
if (port > zconf.source_port_last
|
|
||||||
|| port < zconf.source_port_first) {
|
|
||||||
return EXIT_FAILURE;
|
|
||||||
}
|
|
||||||
int32_t to_validate = port - zconf.source_port_first;
|
|
||||||
int32_t min = validation[1] % num_ports;
|
|
||||||
int32_t max = (validation[1] + zconf.packet_streams - 1) % num_ports;
|
|
||||||
|
|
||||||
return (((max - min) % num_ports) >= ((to_validate - min) % num_ports));
|
|
||||||
}
|
|
||||||
|
|
||||||
int udp_validate_packet(const struct iphdr *ip_hdr, uint32_t len,
|
int udp_validate_packet(const struct iphdr *ip_hdr, uint32_t len,
|
||||||
__attribute__((unused))uint32_t *src_ip, uint32_t *validation)
|
__attribute__((unused))uint32_t *src_ip, uint32_t *validation)
|
||||||
{
|
{
|
||||||
@ -290,7 +276,7 @@ int udp_validate_packet(const struct iphdr *ip_hdr, uint32_t len,
|
|||||||
if (dport != zconf.target_port) {
|
if (dport != zconf.target_port) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!check_dst_port(sport, validation)) {
|
if (!check_dst_port(sport, num_ports, validation)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
|
|||||||
@ -79,4 +79,25 @@ static __attribute__((unused)) uint16_t tcp_checksum(unsigned short len_tcp,
|
|||||||
return (unsigned short) (~sum);
|
return (unsigned short) (~sum);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Returns 0 if dst_port is outside the expected valid range, non-zero otherwise
|
||||||
|
static __attribute__((unused)) inline int check_dst_port(uint16_t port,
|
||||||
|
int num_ports, uint32_t *validation)
|
||||||
|
{
|
||||||
|
if (port > zconf.source_port_last
|
||||||
|
|| port < zconf.source_port_first) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
int32_t to_validate = port - zconf.source_port_first;
|
||||||
|
int32_t min = validation[1] % num_ports;
|
||||||
|
int32_t max = (validation[1] + zconf.packet_streams - 1) % num_ports;
|
||||||
|
|
||||||
|
return (((max - min) % num_ports) >= ((to_validate - min) % num_ports));
|
||||||
|
}
|
||||||
|
|
||||||
|
static __attribute__((unused)) inline uint16_t get_src_port(int num_ports,
|
||||||
|
int probe_num, uint32_t *validation)
|
||||||
|
{
|
||||||
|
return zconf.source_port_first + ((validation[1] + probe_num) % num_ports);
|
||||||
|
}
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user