PageRenderTime 48ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/src/pentest/voiper/protocol_logic/sip_parser.py

https://github.com/sullivanmatt/Raspberry-Pwn
Python | 192 lines | 111 code | 23 blank | 58 comment | 21 complexity | f0e1204c1e505c242353cdbeae36035e MD5 | raw file
Possible License(s): BSD-3-Clause, AGPL-1.0, MPL-2.0-no-copyleft-exception, GPL-2.0, GPL-3.0 
    

  1. '''
    2. 

  2. This file is part of VoIPER.
    3. 

  3. 

  4. VoIPER is free software: you can redistribute it and/or modify
    5. 

  5. it under the terms of the GNU General Public License as published by
    6. 

  6. the Free Software Foundation, either version 2 of the License, or
    7. 

  7. (at your option) any later version.
    8. 

  8. 

  9. VoIPER is distributed in the hope that it will be useful,
    10. 

  10. but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12. GNU General Public License for more details.
    13. 

  13. 

  14. You should have received a copy of the GNU General Public License
    15. 

  15. along with VoIPER.  If not, see <http://www.gnu.org/licenses/>.
    16. 

  16. 

  17. Copyright 2008, http://www.unprotectedhex.com
    18. 

  18. Contact: nnp@unprotectedhex.com
    19. 

  19. '''
    20. 

    21. 

  21. import re
    22. 

  22. 

  23. BRANCH = 1
    24. 

  24. FROM = 2
    25. 

  25. TO = 3
    26. 

  26. RCODE = 4
    27. 

  27. TOTAG = 5
    28. 

  28. CALLID = 6
    29. 

  29. CSEQNUM = 7
    30. 

  30. FROMTAG = 8
    31. 

  31. RURI = 9
    32. 

  32. VIA = 10
    33. 

  33. WWW_AUTHEN_NONCE = 11
    34. 

  34. WWW_AUTHEN_REALM = 12
    35. 

  35. CONTACT = 13
    36. 

  36. 

  37. r_1XX = 99
    38. 

  38. r_2XX = 98
    39. 

  39. r_3XX = 97
    40. 

  40. r_4XX = 96
    41. 

  41. r_5XX = 95
    42. 

  42. r_6XX = 94
    43. 

  43. 

  44. r_ACK = 89
    45. 

  45. r_INVITE = 88
    46. 

  46. r_REGISTER = 87
    47. 

  47. r_OPTIONS = 86
    48. 

  48. r_CANCEL = 85
    49. 

  49. 

  50. r_UNKNOWN = 69
    51. 

  51. r_SEND = 68
    52. 

  52. 

  53. r_401 = 59
    54. 

  54. r_180 = 58
    55. 

  55. 

  56. class SIPParser:
    57. 

  57.     def __init__(self):
    58. 

  58.         '''
    59. 

  59.         A class to implement all the functionality required to parse the
    60. 

  60.         relevant fields from a SIP message
    61. 

  61.         '''
    62. 

  62.                 
    63. 

  63.         self.regex_dict = {BRANCH : r'^Via.*?branch\s*?=\s*?(?P<target>[\d\w-]+)',
    64. 

  64.                     FROMTAG : r'^From.*?;tag=(?P<target>[\w\d-]+)',
    65. 

  65.                     CALLID : r'^Call-ID\s*?:\s*(?P<target>\S+)',
    66. 

  66.                     CSEQNUM : r'^CSeq\s*?:\s*(?P<target>\d+)',                    
    67. 

  67.                     TO : r'^To\s*?:\s*(?P<target>.+)\r\n',                    
    68. 

  68.                     FROM : r'^From\s*?:\s*(?P<target>.+)\r\n',
    69. 

  69.                     RCODE : r'^(?P<target>INVITE|CANCEL|OPTIONS|REGISTER|SIP/2\.0 \d{3}|ACK)',
    70. 

  70.                     RURI : r'(INVITE|CANCEL|OPTIONS|REGISTER)\s+(?P<target>.+?)\s+SIP/2.0',
    71. 

  71.                     VIA : r'^Via\s*?:\s*(?P<target>.+)\r\n',
    72. 

  72.                     WWW_AUTHEN_NONCE : r'^WWW-Authenticate\s*?:\s*Digest.+nonce="(?P<target>[\w\d\.-]+)"',
    73. 

  73.                     WWW_AUTHEN_REALM : r'^WWW-Authenticate\s*?:\s*Digest.+realm="(?P<target>[\w\d\.@]+)"',
    74. 

  74.                     CONTACT : r'^Contact\s*?:\s*?(?P<target><sip:[\w\d]+@[\w\d\.]+(:[\d]+)?(;transport=(udp|tcp))?>)',
    75. 

  75.                    }
    76. 

  76.         
    77. 

  77.         self.regex_c = {}
    78. 

  78.         # compile those filthy regexs ;) 
    79. 

  79.         for r_name in self.regex_dict.keys():
    80. 

  80.             r_val = self.regex_dict[r_name]
    81. 

  81.             r = re.compile(r_val, re.IGNORECASE | re.MULTILINE)
    82. 

  82.             self.regex_c[r_name] = r
    83. 

  83. 

  84.     def parse(self, data, fields=None):
    85. 

  85.         '''
    86. 

  86.         Parses the provided data and extracts the relevant fields and their
    87. 

  87.         values into a dictionary
    88. 

  88. 

  89.         @type data: String
    90. 

  90.         @param data: The SIP message to be parsed
    91. 

  91.         @type field: List
    92. 

  92.         @param field: A list of the fields to parse identified by the constants
    93. 

  93.             defined in the __init__ of this class. If None all fields are parsed
    94. 

  94. 

  95.         @rtype: Dictionary
    96. 

  96.         @return: A dictionary of fields to and their associated values
    97. 

  97.         '''
    98. 

    99. 

  99.         if fields == None:
    100. 

  100.             fields = self.regex_c.keys()
    101. 

  101. 

  102.         res_dict = {}
    103. 

  103.         for r_name in fields:
    104. 

  104.             val = self.regex_c[r_name].search(data)
    105. 

  105.             if val and len(val.groups()) != 0:
    106. 

  106.                 res_dict[r_name] = val.group('target')
    107. 

  107. 

  108.         return self.normalise_rcodes(res_dict)
    109. 

  109. 

  110.     def normalise_rcodes(self, data_dict):
    111. 

  111.         '''
    112. 

  112.         Method to change textual response codes to one of the constants
    113. 

  113.         defined in the __init__ method
    114. 

  114. 

  115.         @type data_dict: Dictionary
    116. 

  116.         @param data_dict: A dictionary of message fields to their values
    117. 

  117.             parsed from a SIP message
    118. 

  118. 

  119.         @rtype: Dictionary
    120. 

  120.         @return: A dictionary where the response code strings have been
    121. 

  121.             converted to constants defined in this class
    122. 

  122.         '''
    123. 

    124. 

  124.         if data_dict.has_key(RCODE):
    125. 

  125.             r_code = data_dict[RCODE]
    126. 

  126.             if r_code.upper() == 'ACK':
    127. 

  127.                 r_code = r_ACK
    128. 

  128.             elif r_code.upper() == 'INVITE':
    129. 

  129.                 r_code = r_INVITE
    130. 

  130.             elif r_code.upper() == 'REGISTER':
    131. 

  131.                 r_code = r_REGISTER
    132. 

  132.             elif r_code.upper() == 'OPTIONS':
    133. 

  133.                 r_code = r_OPTIONS
    134. 

  134.             elif r_code.upper() == 'CANCEL':
    135. 

  135.                 r_code = r_CANCEL       
    136. 

  136.             elif r_code.find('SIP/2.0') != -1:
    137. 

  137.                 data = r_code.split(" ")
    138. 

  138.                 r_code = data[1]
    139. 

  139.                 
    140. 

  140.                 if r_code[0] == '1':
    141. 

  141.                     r_code = r_1XX
    142. 

  142.                 elif r_code[0] == '2':
    143. 

  143.                     r_code = r_2XX
    144. 

  144.                 elif r_code[0] == '3':
    145. 

  145.                     r_code = r_3XX                    
    146. 

  146.                 elif r_code[0] == '4':
    147. 

  147.                     r_code = r_4XX
    148. 

  148.                 elif r_code[0] == '5':
    149. 

  149.                     r_code = r_5XX                    
    150. 

  150.                 elif r_code[0] == '6':
    151. 

  151.                     r_code = r_6XX
    152. 

  152.                 elif r_code == '401':
    153. 

  153.                     r_code = r_401
    154. 

  154.                 elif r_code == '180':
    155. 

  155.                     r_code = r_180                    
    156. 

  156.             else:
    157. 

  157.                 r_code = r_UNKNOWN
    158. 

  158.                 
    159. 

  159.             data_dict[RCODE] = r_code
    160. 

  160. 

  161.         return data_dict
    162. 

  162. 

  163.     def denormalise_rcode(self, r_code):
    164. 

  164.         '''
    165. 

  165.         Convert the int representation of a rcode to its textual value
    166. 

  166. 

  167.         @type r_code: Integer
    168. 

  168.         @param r_code: The rcode to convert
    169. 

  169. 

  170.         @rtype: String
    171. 

  171.         @return: The textual value corresponding to the given rcode
    172. 

  172.         '''
    173. 

    174. 

  174.         r_dict = { 99 : 'r_1XX',
    175. 

  175.             98 : 'r_2XX',
    176. 

  176.             97 : 'r_3XX',
    177. 

  177.             96 : 'r_4XX',                   
    178. 

  178.             95 : 'r_5XX',
    179. 

  179.             94 : 'r_6XX',
    180. 

  180.                    
    181. 

  181.             89 : 'r_ACK',            
    182. 

  182.             88 : 'r_INVITE',
    183. 

  183.             87 : 'r_REGISTER',
    184. 

  184.             86 : 'r_OPTIONS',
    185. 

  185.             85 : 'r_CANCEL',
    186. 

  186. 

  187.             68 : 'r_UNKNOWN',
    188. 

  188.             59 : 'r_401',
    189. 

  189.             58 : 'r_180',
    190. 

  190.         }
    191. 

  191. 

  192.         return r_dict[r_code]
    193. 

  193.