PageRenderTime 48ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/nselib/rpcap.lua

https://github.com/prakashgamit/nmap
Lua | 441 lines | 291 code | 79 blank | 71 comment | 18 complexity | c5c2305d6d2488690abc678390bf3b68 MD5 | raw file
Possible License(s): BSD-3-Clause, GPL-2.0, LGPL-2.0, LGPL-2.1 
    

  1. ---
    2. 

  2. -- This library implements the fundamentals needed to communicate with the
    3. 

  3. -- WinPcap Remote Capture Deamon. It currently supports authenticating to
    4. 

  4. -- the service using either NULL-, or Password-based authentication.
    5. 

  5. -- In addition it has the capabilities to list the interfaces that may be
    6. 

  6. -- used for sniffing.
    7. 

  7. --
    8. 

  8. -- The library consist of classes handling <code>Request</code> and classes
    9. 

  9. -- handling <code>Response</code>. The communication with the service is
    10. 

  10. -- handled by the <code>Comm</code> class, and the main interface for script
    11. 

  11. -- writers is kept under the <code>Helper</code> class.
    12. 

  12. --
    13. 

  13. -- The following code snipplet illustrates how to connect to the service and
    14. 

  14. -- extract information about network interfaces:
    15. 

  15. -- <code>
    16. 

  16. --   local helper = rpcap.Helper:new(host, port)
    17. 

  17. --   helper:connect()
    18. 

  18. --   helper:login()
    19. 

  19. --   helper:findAllInterfaces()
    20. 

  20. --   helper:close()
    21. 

  21. -- </code>
    22. 

  22. --
    23. 

  23. -- For a more complete example, consult the rpcap-info.nse script.
    24. 

  24. --
    25. 

  25. -- @author "Patrik Karlsson <patrik@cqure.net>"
    26. 

  26. 

  27. 

  28. local bin = require "bin"
    29. 

  29. local ipOps = require "ipOps"
    30. 

  30. local match = require "match"
    31. 

  31. local nmap = require "nmap"
    32. 

  32. local stdnse = require "stdnse"
    33. 

  33. local table = require "table"
    34. 

  34. _ENV = stdnse.module("rpcap", stdnse.seeall)
    35. 

  35. 

  36. RPCAP = {
    37. 

  37. 	
    38. 

  38. 	MessageType = {
    39. 

  39. 		ERROR				= 1,
    40. 

  40. 		FIND_ALL_INTERFACES	= 2,
    41. 

  41. 		AUTH_REQUEST		= 8,
    42. 

  42. 	},
    43. 

  43. 	
    44. 

  44. 	-- Holds the two supported authentication mechanisms PWD and NULL
    45. 

  45. 	Authentication = {
    46. 

  46. 

  47. 		PWD = {
    48. 

  48. 

  49. 			new = function(self, username, password)
    50. 

  50. 				local o = { 
    51. 

  51. 					type = 1,
    52. 

  52. 					username = username,
    53. 

  53. 					password = password,
    54. 

  54. 				}
    55. 

  55. 				setmetatable(o, self)
    56. 

  56. 				self.__index = self
    57. 

  57. 				return o
    58. 

  58. 	  		end,
    59. 

  59. 	
    60. 

  60. 			__tostring = function(self)
    61. 

  61. 				local DUMMY = 0
    62. 

  62. 				return bin.pack(">SSSSAA", self.type, DUMMY, #self.username, #self.password, self.username, self.password)
    63. 

  63. 			end,
    64. 

  64. 			
    65. 

  65. 		},
    66. 

  66. 		
    67. 

  67. 		NULL = {
    68. 

  68. 	
    69. 

  69. 			new = function(self)
    70. 

  70. 				local o = { 
    71. 

  71. 					type = 0,
    72. 

  72. 				}
    73. 

  73. 				setmetatable(o, self)
    74. 

  74. 				self.__index = self
    75. 

  75. 				return o
    76. 

  76. 	  		end,
    77. 

  77. 	
    78. 

  78. 			__tostring = function(self)
    79. 

  79. 				local DUMMY = 0
    80. 

  80. 				return bin.pack(">SSSS", self.type, DUMMY, 0, 0)
    81. 

  81. 			end,
    82. 

  82. 						
    83. 

  83. 		}	
    84. 

  84. 		
    85. 

  85. 	},
    86. 

  86. 	
    87. 

  87. 	-- The common request and response header
    88. 

  88. 	Header = {
    89. 

  89. 		size = 8,		
    90. 

  90. 		new = function(self, type, value, length)
    91. 

  91. 			local o = {
    92. 

  92. 				version = 0,
    93. 

  93. 				type = type,
    94. 

  94. 				value= value or 0,
    95. 

  95. 				length = length or 0
    96. 

  96. 			}
    97. 

  97. 			setmetatable(o, self)
    98. 

  98. 			self.__index = self
    99. 

  99. 			return o
    100. 

  100. 	  	end,
    101. 

  101. 	
    102. 

  102. 		parse = function(data)
    103. 

  103. 			local header = RPCAP.Header:new()
    104. 

  104. 			local pos
    105. 

  105. 			pos, header.version, header.type, header.value, header.length = bin.unpack(">CCSI", data)
    106. 

  106. 			return header
    107. 

  107. 		end,
    108. 

  108. 		
    109. 

  109. 		__tostring = function(self)
    110. 

  110. 			return bin.pack(">CCSI", self.version, self.type, self.value, self.length)
    111. 

  111. 		end,
    112. 

  112. 

  113. 	},
    114. 

  114. 	
    115. 

  115. 	-- The implemented request types are kept here	
    116. 

  116. 	Request = {
    117. 

  117. 				
    118. 

  118. 		Authentication = {
    119. 

  119. 			
    120. 

  120. 			new = function(self, data)
    121. 

  121. 				local o = {
    122. 

  122. 					header = RPCAP.Header:new(RPCAP.MessageType.AUTH_REQUEST, nil, #data),
    123. 

  123. 					data = data,
    124. 

  124. 				}
    125. 

  125. 				setmetatable(o, self)
    126. 

  126. 				self.__index = self
    127. 

  127. 				return o
    128. 

  128. 		  	end,
    129. 

  129. 			
    130. 

  130. 			__tostring = function(self)
    131. 

  131. 				return tostring(self.header) .. tostring(self.data)
    132. 

  132. 			end,
    133. 

  133. 			
    134. 

  134. 		},
    135. 

  135. 		
    136. 

  136. 		FindAllInterfaces = {
    137. 

  137. 			
    138. 

  138. 			new = function(self)
    139. 

  139. 				local o = {
    140. 

  140. 					header = RPCAP.Header:new(RPCAP.MessageType.FIND_ALL_INTERFACES)
    141. 

  141. 				}
    142. 

  142. 				setmetatable(o, self)
    143. 

  143. 				self.__index = self
    144. 

  144. 				return o
    145. 

  145. 		  	end,
    146. 

  146. 			
    147. 

  147. 			__tostring = function(self)
    148. 

  148. 				return tostring(self.header)
    149. 

  149. 			end,
    150. 

  150. 			
    151. 

  151. 			
    152. 

  152. 		}
    153. 

  153. 		
    154. 

  154. 	},	
    155. 

  155. 	
    156. 

  156. 	-- Parsers for responses are kept here
    157. 

  157. 	Response = {
    158. 

  158. 		
    159. 

  159. 		Authentication = {		
    160. 

  160. 			new = function(self)
    161. 

  161. 				local o = { }
    162. 

  162. 				setmetatable(o, self)
    163. 

  163. 				self.__index = self
    164. 

  164. 				return o
    165. 

  165. 		  	end,
    166. 

  166. 			
    167. 

  167. 			parse = function(data)
    168. 

  168. 				local resp = RPCAP.Response.Authentication:new()
    169. 

  169. 				local pos = RPCAP.Header.size + 1
    170. 

  170. 				resp.header = RPCAP.Header.parse(data)
    171. 

  171. 				return resp
    172. 

  172. 			end
    173. 

  173. 		},
    174. 

  174. 		
    175. 

  175. 		Error = {
    176. 

  176. 			new = function(self)
    177. 

  177. 				local o = { }
    178. 

  178. 				setmetatable(o, self)
    179. 

  179. 				self.__index = self
    180. 

  180. 				return o
    181. 

  181. 		  	end,
    182. 

  182. 

  183. 			parse = function(data)
    184. 

  184. 				local err = RPCAP.Response.Error:new()
    185. 

  185. 				local pos = RPCAP.Header.size + 1
    186. 

  186. 				err.header = RPCAP.Header.parse(data)
    187. 

  187. 				pos, err.error = bin.unpack("A" .. err.header.length, data, pos)
    188. 

  188. 				return err
    189. 

  189. 			end
    190. 

  190. 			
    191. 

  191. 		},
    192. 

  192. 		
    193. 

  193. 		FindAllInterfaces = {
    194. 

  194. 			new = function(self)
    195. 

  195. 				local o = { }
    196. 

  196. 				setmetatable(o, self)
    197. 

  197. 				self.__index = self
    198. 

  198. 				return o
    199. 

  199. 			end,
    200. 

  200. 			
    201. 

  201. 			parse = function(data)
    202. 

  202. 

  203. 				-- Each address is made up of 4 128 byte fields, this function
    204. 

  204. 				-- parses these fields and return the response, if it
    205. 

  205. 				-- understands it. Otherwise it simply increases the pos by the
    206. 

  206. 				-- correct offset, to get us to the next field.
    207. 

  207. 				local function parseField(data, pos)
    208. 

  208. 					local offset = pos
    209. 

  209. 					local family, port
    210. 

  210. 					pos, family, port = bin.unpack(">SS", data, pos)
    211. 

  211. 					
    212. 

  212. 					if ( family == 0x0017 ) then
    213. 

  213. 						-- not sure why...
    214. 

  214. 						pos = pos + 4
    215. 

  215. 						
    216. 

  216. 						local ipv6
    217. 

  217. 						pos, ipv6 = bin.unpack("B16", data, pos)
    218. 

  218. 						return offset + 128, ipOps.bin_to_ip(ipv6)
    219. 

  219. 					elseif ( family == 0x0002 ) then
    220. 

  220. 						local ipv4
    221. 

  221. 						pos, ipv4 = bin.unpack("B4", data, pos)
    222. 

  222. 						return offset + 128, ipOps.bin_to_ip(ipv4)
    223. 

  223. 					end
    224. 

  224. 						
    225. 

  225. 					return offset + 128, nil
    226. 

  226. 				end
    227. 

  227. 				
    228. 

  228. 				-- Parses one of X addresses returned for an interface
    229. 

  229. 				local function parseAddress(data, pos)
    230. 

  230. 					local fields = {"ip", "netmask", "bcast", "p2p"}
    231. 

  231. 					local addr = {}
    232. 

  232. 					
    233. 

  233. 					for _, f in ipairs(fields) do
    234. 

  234. 						pos, addr[f] = parseField(data, pos)
    235. 

  235. 					end
    236. 

  236. 

  237. 					return pos, addr
    238. 

  238. 				end
    239. 

  239. 			
    240. 

  240. 				local resp = RPCAP.Response.FindAllInterfaces:new()
    241. 

  241. 				local pos = RPCAP.Header.size + 1
    242. 

  242. 				resp.header = RPCAP.Header.parse(data)
    243. 

  243. 				resp.ifaces = {}
    244. 

  244. 				
    245. 

  245. 				for i=1, resp.header.value do
    246. 

  246. 					local name_len, desc_len, iface_flags, addr_count, dummy
    247. 

  247. 					pos, name_len, desc_len, iface_flags, addr_count, dummy = bin.unpack(">SSISS", data, pos)
    248. 

  248. 

  249. 					local name, desc
    250. 

  250. 					pos, name, desc = bin.unpack("A" .. name_len .. "A" .. desc_len, data, pos)
    251. 

  251. 

  252. 					local addrs = {}
    253. 

  253. 					for j=1, addr_count do
    254. 

  254. 						local addr
    255. 

  255. 						pos, addr = parseAddress(data, pos)
    256. 

  256. 						local cidr
    257. 

  257. 						if ( addr.netmask ) then
    258. 

  258. 							local bits = ipOps.ip_to_bin(addr.netmask)
    259. 

  259. 							local ones = bits:match("^(1*)")
    260. 

  260. 							cidr = #ones
    261. 

  261. 							table.insert(addrs, ("%s/%d"):format(addr.ip,cidr))
    262. 

  262. 						else
    263. 

  263. 							table.insert(addrs, addr.ip)
    264. 

  264. 						end
    265. 

  265. 					end
    266. 

  266. 					table.insert(resp.ifaces, { name = name, desc = desc, addrs = addrs })
    267. 

  267. 				end
    268. 

  268. 				return resp
    269. 

  269. 			end,
    270. 

  270. 		}
    271. 

  271. 		
    272. 

  272. 		
    273. 

  273. 	}
    274. 

  274. 	
    275. 

  275. }
    276. 

  276. 

  277. -- Maps packet types to classes
    278. 

  278. RPCAP.TypeToClass = {
    279. 

  279. 	[1] 	= RPCAP.Response.Error,
    280. 

  280. 	[130]	= RPCAP.Response.FindAllInterfaces,
    281. 

  281. 	[136]	= RPCAP.Response.Authentication,
    282. 

  282. }
    283. 

  283. 

  284. 

  285. -- The communication class
    286. 

  286. Comm = {
    287. 

  287. 	
    288. 

  288. 	-- Creates a new instance of the Comm class
    289. 

  289. 	-- @param host table
    290. 

  290. 	-- @param port table
    291. 

  291. 	-- @return o instance of Comm
    292. 

  292. 	new = function(self, host, port)
    293. 

  293. 		local o = { host = host, port = port, socket = nmap.new_socket() }
    294. 

  294. 		setmetatable(o, self)
    295. 

  295. 		self.__index = self
    296. 

  296. 		return o
    297. 

  297. 	end,
    298. 

  298. 	
    299. 

  299. 	-- Connects the socket to the server
    300. 

  300. 	connect = function(self)
    301. 

  301. 		return self.socket:connect(self.host, self.port)
    302. 

  302. 	end,
    303. 

  303. 	
    304. 

  304. 	-- Sends an instance of the request class to the server
    305. 

  305. 	-- @param req class instance
    306. 

  306. 	-- @return status true on success, false on failure
    307. 

  307. 	-- @return err string containing error message if status is false
    308. 

  308. 	send = function(self, req)
    309. 

  309. 		return self.socket:send(req)
    310. 

  310. 	end,
    311. 

  311. 

  312. 	-- receives a packet and attempts to parse it if it has a supported parser
    313. 

  313. 	-- in RPCAP.TypeToClass
    314. 

  314. 	-- @return status true on success, false on failure
    315. 

  315. 	-- @return resp instance of a Response class or
    316. 

  316. 	--         err string containing the error message	
    317. 

  317. 	recv = function(self)
    318. 

  318. 		local status, hdr_data = self.socket:receive_buf(match.numbytes(RPCAP.Header.size), true)
    319. 

  319. 		if ( not(status) ) then
    320. 

  320. 			return status, hdr_data
    321. 

  321. 		end
    322. 

  322. 

  323. 		local header = RPCAP.Header.parse(hdr_data)
    324. 

  324. 		if ( not(header) ) then
    325. 

  325. 			return false, "rpcap: Failed to parse header"
    326. 

  326. 		end
    327. 

  327. 		
    328. 

  328. 		local status, data = self.socket:receive_buf(match.numbytes(header.length), true)
    329. 

  329. 		if ( not(status) ) then
    330. 

  330. 			return false, "rpcap: Failed to read packet data"
    331. 

  331. 		end
    332. 

  332. 

  333. 		if ( RPCAP.TypeToClass[header.type] ) then
    334. 

  334. 			local resp = RPCAP.TypeToClass[header.type].parse(hdr_data .. data)
    335. 

  335. 			if ( resp ) then
    336. 

  336. 				return true, resp
    337. 

  337. 			end
    338. 

  338. 		end
    339. 

  339. 		
    340. 

  340. 		return false, "Failed to receive response from server"
    341. 

  341. 	end,
    342. 

  342. 	
    343. 

  343. 	-- Sends and request and receives the response
    344. 

  344. 	-- @param req the instance of the Request class to send
    345. 

  345. 	-- @return status true on success, false on failure
    346. 

  346. 	-- @return resp instance of a Response class or
    347. 

  347. 	--         err string containing the error message
    348. 

  348. 	exch = function(self, req)
    349. 

  349. 		local status, data = self:send(tostring(req))
    350. 

  350. 		if ( not(status) ) then
    351. 

  351. 			return status, data
    352. 

  352. 		end
    353. 

  353. 		return self:recv()
    354. 

  354. 	end,
    355. 

  355. 	
    356. 

  356. 	-- closes the socket
    357. 

  357. 	close = function(self)
    358. 

  358. 		return self.socket:close()
    359. 

  359. 	end,
    360. 

  360. 	
    361. 

  361. }
    362. 

  362. 

  363. 

  364. Helper = {
    365. 

  365. 	
    366. 

  366. 	-- Creates a new instance of the Helper class
    367. 

  367. 	-- @param host table
    368. 

  368. 	-- @param port table
    369. 

  369. 	-- @return o instance of Helper
    370. 

  370. 	new = function(self, host, port)
    371. 

  371. 		local o = { 
    372. 

  372. 			host = host,
    373. 

  373. 			port = port,
    374. 

  374. 			comm = Comm:new(host, port)
    375. 

  375. 		}
    376. 

  376. 		setmetatable(o, self)
    377. 

  377. 		self.__index = self
    378. 

  378. 		return o
    379. 

  379.   	end,
    380. 

  380. 

  381. 	-- Connects to the server
    382. 

  382. 	connect = function(self)
    383. 

  383. 		return self.comm:connect(self.host, self.port)
    384. 

  384. 	end,
    385. 

  385. 	
    386. 

  386. 	-- Authenticates to the service, in case no username or password is given
    387. 

  387. 	-- NULL authentication is assumed.
    388. 

  388. 	-- @param username [optional]
    389. 

  389. 	-- @param password [optional]
    390. 

  390. 	-- @return status true on success, false on failure
    391. 

  391. 	-- @return err string containing error mesage on failure
    392. 

  392. 	login = function(self, username, password)
    393. 

  393. 		local auth
    394. 

  394. 		
    395. 

  395. 		if ( username and password ) then
    396. 

  396. 			auth = RPCAP.Authentication.PWD:new(username, password)
    397. 

  397. 		else
    398. 

  398. 			auth = RPCAP.Authentication.NULL:new()
    399. 

  399. 		end
    400. 

  400. 	
    401. 

  401. 		local req = RPCAP.Request.Authentication:new(tostring(auth))
    402. 

  402. 		local status, resp = self.comm:exch(req)
    403. 

  403. 	
    404. 

  404. 		if ( not(status) ) then
    405. 

  405. 			return false, resp
    406. 

  406. 		end
    407. 

  407. 		
    408. 

  408. 		if ( status and resp.error ) then
    409. 

  409. 			return false, resp.error
    410. 

  410. 		end
    411. 

  411. 		return true
    412. 

  412.  	end,
    413. 

  413. 

  414. 	-- Requests a list of all interfaces
    415. 

  415. 	-- @return table containing interfaces and addresses
    416. 

  416. 	findAllInterfaces = function(self)
    417. 

  417. 		local req = RPCAP.Request.FindAllInterfaces:new()
    418. 

  418. 		local status, resp = self.comm:exch(req)
    419. 

  419. 	
    420. 

  420. 		if ( not(status) ) then
    421. 

  421. 			return false, resp
    422. 

  422. 		end
    423. 

  423. 		
    424. 

  424. 		local results = {}
    425. 

  425. 		for _, iface in ipairs(resp.ifaces) do
    426. 

  426. 			local entry = {}
    427. 

  427. 			entry.name = iface.name
    428. 

  428. 			table.insert(entry, iface.desc)
    429. 

  429. 			table.insert(entry, { name = "Addresses", iface.addrs })
    430. 

  430. 			table.insert(results, entry)
    431. 

  431. 		end
    432. 

  432. 		return true, results
    433. 

  433. 	end,
    434. 

  434. 	
    435. 

  435. 	-- Closes the connection to the server
    436. 

  436. 	close = function(self)
    437. 

  437. 		return self.comm:close()
    438. 

  438. 	end,
    439. 

  439. }
    440. 

  440. 

  441. return _ENV;
    442. 

  442.