Fix endianness in unpacking IP addresses, since ipOps.fromdword is fixed. Fixes #750

scripts/broadcast-igmp-discovery.nse

@@ -120,7 +120,7 @@ local igmpParse = function(data)
     -- Checksum
     index, response.checksum = bin.unpack(">S", data, index)
     -- Multicast group
-    index, response.group = bin.unpack("<I", data, index)
+    index, response.group = bin.unpack(">I", data, index)
     response.group = ipOps.fromdword(response.group)
     return response
   elseif response.type == 0x22 and #data >= 12 then
@@ -141,12 +141,12 @@ local igmpParse = function(data)
       index, group.auxdlen = bin.unpack(">C", data, index)
       -- Number of source addresses
       index, group.nsrc = bin.unpack(">S", data, index)
-      index, group.address = bin.unpack("<I", data, index)
+      index, group.address = bin.unpack(">I", data, index)
       group.address = ipOps.fromdword(group.address)
       group.src = {}
       if group.nsrc > 0 then
         for i=1,group.nsrc do
-          index, source = bin.unpack("<I", data, index)
+          index, source = bin.unpack(">I", data, index)
           table.insert(group.src, ipOps.fromdword(source))
         end
       end

scripts/broadcast-novell-locate.nse

@@ -55,7 +55,7 @@ function action()
   for _, attr in ipairs(attribs) do
     local addr = attr:match("^%d*%-%d*%-%d*%-(........)")
     if ( addr ) then
-      local pos, dw_addr = bin.unpack( "<I", bin.pack("H", addr) )
+      local pos, dw_addr = bin.unpack( ">I", bin.pack("H", addr) )
       local ip = ipOps.fromdword(dw_addr)
 
       if ( not(ips[ip]) ) then

scripts/broadcast-rip-discover.nse

@@ -124,7 +124,7 @@ RIPv2 = {
       while( #data - pos >= 20 ) do
         local family, address, metric, _, netmask, nexthop
         pos, family, _, address, netmask, nexthop,
-          metric = bin.unpack(">SS<III>I", data, pos)
+          metric = bin.unpack(">SSIIII", data, pos)
 
         if ( family == RIPv2.AddressFamily.IP ) then
           local ip = ipOps.fromdword(address)

scripts/dns-client-subnet-scan.nse

@@ -317,8 +317,6 @@ local get_addresses = function(address, mask, domain, nameserver, port)
   -- DNS library expects
   if ( "number" == type(address) ) then
     address = ipOps.fromdword(address)
-    local a, b, c, d = address:match("(%d+)%.(%d+)%.(%d+)%.(%d+)")
-    address = ("%d.%d.%d.%d"):format(d,c,b,a)
   end
 
   local subnet = { family = nmap.address_family(), address = address, mask = mask }

scripts/enip-info.nse

@@ -1429,7 +1429,7 @@ action = function(host,port)
       output["Revision"] = char1 .. "." .. char2
       -- Device IP, this could be the same, as the IP scanning, or may be actual IP behind NAT
       local dword
-      pos, dword = bin.unpack("<I", response, 37)
+      pos, dword = bin.unpack(">I", response, 37)
       output["Device IP"] = ipOps.fromdword(dword)
       -- set Nmap output
       set_nmap(host, port)

scripts/llmnr-resolve.nse

@@ -127,7 +127,7 @@ local llmnrListen = function(interface, timeout, result)
 
         -- skip null byte, type, class, ttl, dlen
         index = index + 1 + 2 + 2 + 4 + 2
-        index, response.address = bin.unpack("<I", llmnr, index)
+        index, response.address = bin.unpack(">I", llmnr, index)
         response.address = ipOps.fromdword(response.address)
         table.insert(result, response)
       else

scripts/mrinfo.nse

@@ -107,7 +107,7 @@ local mrinfoParse = function(data)
     if data:byte(index) == 0x00 then break end
     address = {}
     -- Local address
-    index, address.ip = bin.unpack("<I", data, index)
+    index, address.ip = bin.unpack(">I", data, index)
     address.ip = ipOps.fromdword(address.ip)
     -- Link metric
     index, address.metric = bin.unpack(">C", data, index)
@@ -121,7 +121,7 @@ local mrinfoParse = function(data)
     address.neighbors = {}
     -- Iterate over neighbors
     for i = 1, address.ncount do
-      index, neighbor = bin.unpack("<I", data, index)
+      index, neighbor = bin.unpack(">I", data, index)
       table.insert(address.neighbors, ipOps.fromdword(neighbor))
     end
     table.insert(response.addresses, address)

scripts/mtrace.nse

@@ -186,19 +186,19 @@ local traceParse = function(data)
   index, response.checksum = bin.unpack(">S", data, index)
 
   -- Group
-  index, response.group = bin.unpack("<I", data, index)
+  index, response.group = bin.unpack(">I", data, index)
   response.group = ipOps.fromdword(response.group)
 
   -- Source address
-  index, response.source = bin.unpack("<I", data, index)
+  index, response.source = bin.unpack(">I", data, index)
   response.source = ipOps.fromdword(response.source)
 
   -- Destination address
-  index, response.destination = bin.unpack("<I", data, index)
+  index, response.destination = bin.unpack(">I", data, index)
   response.receiver = ipOps.fromdword(response.destination)
 
   -- Response address
-  index, response.response = bin.unpack("<I", data, index)
+  index, response.response = bin.unpack(">I", data, index)
   response.response = ipOps.fromdword(response.response)
 
   -- Response TTL
@@ -225,15 +225,15 @@ local traceParse = function(data)
     index, block.query = bin.unpack(">I", data, index)
 
     -- In itf address
-    index, block.inaddr = bin.unpack("<I", data, index)
+    index, block.inaddr = bin.unpack(">I", data, index)
     block.inaddr = ipOps.fromdword(block.inaddr)
 
     -- Out itf address
-    index, block.outaddr = bin.unpack("<I", data, index)
+    index, block.outaddr = bin.unpack(">I", data, index)
     block.outaddr = ipOps.fromdword(block.outaddr)
 
     -- Previous rtr address
-    index, block.prevaddr = bin.unpack("<I", data, index)
+    index, block.prevaddr = bin.unpack(">I", data, index)
     block.prevaddr = ipOps.fromdword(block.prevaddr)
 
     -- In packets