mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 04:31:29 +00:00
Remove bin.lua from vuzedht.lua, support IPv6 addresses properly
This commit is contained in:
dmiller
@@ -21,7 +21,6 @@
|
|||||||
-- @author Patrik Karlsson <patrik@cqure.net>
|
-- @author Patrik Karlsson <patrik@cqure.net>
|
||||||
--
|
--
|
||||||
|
|
||||||
local bin = require "bin"
|
|
||||||
local ipOps = require "ipOps"
|
local ipOps = require "ipOps"
|
||||||
local math = require "math"
|
local math = require "math"
|
||||||
local nmap = require "nmap"
|
local nmap = require "nmap"
|
||||||
@@ -70,10 +69,10 @@ Request = {
|
|||||||
|
|
||||||
-- Converts the header to a string
|
-- Converts the header to a string
|
||||||
__tostring = function(self)
|
__tostring = function(self)
|
||||||
local lhost = ipOps.todword(self.address)
|
local lhost = ipOps.ip_to_str(self.address)
|
||||||
return bin.pack( ">AIICCICCISIL", self.conn_id, self.action, self.trans_id,
|
return self.conn_id .. string.pack( ">I4 I4 BB I4 B s1 I2 I4 I8 ", self.action, self.trans_id,
|
||||||
self.proto_version, self.vendor_id, self.network_id, self.local_proto_version,
|
self.proto_version, self.vendor_id, self.network_id, self.local_proto_version,
|
||||||
4, lhost, self.port, self.instance_id, self.time )
|
lhost, self.port, self.instance_id, self.time )
|
||||||
end,
|
end,
|
||||||
|
|
||||||
},
|
},
|
||||||
@@ -109,7 +108,6 @@ Request = {
|
|||||||
new = function(self, session)
|
new = function(self, session)
|
||||||
local o = {
|
local o = {
|
||||||
header = Request.Header:new(Request.Actions.FIND_NODE, session),
|
header = Request.Header:new(Request.Actions.FIND_NODE, session),
|
||||||
id_length = 20,
|
|
||||||
node_id = '\xA7' .. rand.random_string(19),
|
node_id = '\xA7' .. rand.random_string(19),
|
||||||
status = 0xFFFFFFFF,
|
status = 0xFFFFFFFF,
|
||||||
dht_size = 0,
|
dht_size = 0,
|
||||||
@@ -122,7 +120,7 @@ Request = {
|
|||||||
-- Converts a FindNode Request to a string
|
-- Converts a FindNode Request to a string
|
||||||
__tostring = function(self)
|
__tostring = function(self)
|
||||||
local data = tostring(self.header)
|
local data = tostring(self.header)
|
||||||
.. bin.pack(">CAII", self.id_length, self.node_id, self.status, self.dht_size)
|
.. string.pack(">s1 I4I4", self.node_id, self.status, self.dht_size)
|
||||||
return data
|
return data
|
||||||
end,
|
end,
|
||||||
}
|
}
|
||||||
@@ -142,7 +140,7 @@ Response = {
|
|||||||
-- Creates an address record based on received data
|
-- Creates an address record based on received data
|
||||||
-- @param data containing an address record [C][I|H][S] where
|
-- @param data containing an address record [C][I|H][S] where
|
||||||
-- [C] is the length of the address (4 or 16)
|
-- [C] is the length of the address (4 or 16)
|
||||||
-- [I|H] is the address as a dword or hex string
|
-- [I|H] is the binary address
|
||||||
-- [S] is the port number as a short
|
-- [S] is the port number as a short
|
||||||
-- @return o Address instance on success, nil on failure
|
-- @return o Address instance on success, nil on failure
|
||||||
Address = {
|
Address = {
|
||||||
@@ -158,19 +156,13 @@ Response = {
|
|||||||
-- Parses the received data
|
-- Parses the received data
|
||||||
-- @return true on success, false on failure
|
-- @return true on success, false on failure
|
||||||
parse = function(self)
|
parse = function(self)
|
||||||
local pos, addr_len = bin.unpack("C", self.data)
|
local ip, err
|
||||||
if ( addr_len == 4 ) then
|
ip, self.port = string.unpack(">s1 I2", self.data)
|
||||||
self.length = 4 + 2 + 1
|
self.ip, err = ipOps.str_to_ip(ip)
|
||||||
pos, self.ip = bin.unpack(">I", self.data, pos)
|
if not self.ip then
|
||||||
self.ip = ipOps.fromdword(self.ip)
|
stdnse.debug1("Unknown address type (length: %d)", #ip)
|
||||||
elseif( addr_len == 16 ) then
|
|
||||||
self.length = 16 + 2 + 1
|
|
||||||
pos, self.ip = bin.unpack("H16", self.data, pos)
|
|
||||||
else
|
|
||||||
stdnse.debug1("Unknown address type (length: %d)", addr_len)
|
|
||||||
return false, "Unknown address type"
|
return false, "Unknown address type"
|
||||||
end
|
end
|
||||||
pos, self.port = bin.unpack(">S", self.data, pos)
|
|
||||||
return true
|
return true
|
||||||
end
|
end
|
||||||
},
|
},
|
||||||
@@ -203,16 +195,16 @@ Response = {
|
|||||||
-- parses the header
|
-- parses the header
|
||||||
parse = function(self)
|
parse = function(self)
|
||||||
local pos
|
local pos
|
||||||
pos, self.action, self.trans_id, self.conn_id,
|
self.action, self.trans_id, self.conn_id,
|
||||||
self.proto_version, self.vendor_id, self.network_id,
|
self.proto_version, self.vendor_id, self.network_id,
|
||||||
self.instance_id = bin.unpack(">IIH8CCII", self.data)
|
self.instance_id, pos = string.unpack(">I4 I4 c8 BB I4 I4 ", self.data)
|
||||||
end,
|
end,
|
||||||
|
|
||||||
-- Converts the header to a suitable string representation
|
-- Converts the header to a suitable string representation
|
||||||
__tostring = function(self)
|
__tostring = function(self)
|
||||||
local result = {}
|
local result = {}
|
||||||
table.insert(result, ("Transaction id: %d"):format(self.trans_id))
|
table.insert(result, ("Transaction id: %d"):format(self.trans_id))
|
||||||
table.insert(result, ("Connection id: 0x%s"):format(self.conn_id))
|
table.insert(result, ("Connection id: 0x%s"):format(stdnse.tohex(self.conn_id)))
|
||||||
table.insert(result, ("Protocol version: %d"):format(self.proto_version))
|
table.insert(result, ("Protocol version: %d"):format(self.proto_version))
|
||||||
table.insert(result, ("Vendor id: %s (%d)"):format(
|
table.insert(result, ("Vendor id: %s (%d)"):format(
|
||||||
Response.Header.Vendors[self.vendor_id] or "Unknown", self.vendor_id))
|
Response.Header.Vendors[self.vendor_id] or "Unknown", self.vendor_id))
|
||||||
@@ -278,23 +270,19 @@ Response = {
|
|||||||
-- Parses the FIND_NODE response
|
-- Parses the FIND_NODE response
|
||||||
parse = function(self)
|
parse = function(self)
|
||||||
local pos
|
local pos
|
||||||
pos, self.spoof_id, self.node_type, self.dht_size,
|
self.spoof_id, self.node_type, self.dht_size,
|
||||||
self.network_coords = bin.unpack(">IIIH20", self.data)
|
self.network_coords, pos = string.unpack(">I4 I4 I4 c20", self.data)
|
||||||
|
|
||||||
local contact_count
|
local contact_count
|
||||||
pos, contact_count = bin.unpack("C", self.data, pos)
|
contact_count, pos = string.unpack("B", self.data, pos)
|
||||||
self.contacts = {}
|
self.contacts = {}
|
||||||
for i=1, contact_count do
|
for i=1, contact_count do
|
||||||
local contact, addr_len, address = {}
|
local contact = {}
|
||||||
pos, contact.type, contact.proto_version, addr_len = bin.unpack("CCC", self.data, pos)
|
local address
|
||||||
|
contact.type, contact.proto_version, address, contact.port, pos = string.unpack(
|
||||||
|
">BBs1I2", self.data, pos)
|
||||||
|
|
||||||
if ( addr_len == 4 ) then
|
contact.address = ipOps.str_to_ip(address)
|
||||||
pos, address = bin.unpack(">I", self.data, pos)
|
|
||||||
contact.address = ipOps.fromdword(address)
|
|
||||||
elseif ( addr_len == 16 ) then
|
|
||||||
pos, contact.address = bin.unpack("H16", self.data, pos)
|
|
||||||
end
|
|
||||||
pos, contact.port = bin.unpack(">S", self.data, pos)
|
|
||||||
table.insert(self.contacts, contact)
|
table.insert(self.contacts, contact)
|
||||||
end
|
end
|
||||||
end,
|
end,
|
||||||
@@ -323,7 +311,11 @@ Response = {
|
|||||||
|
|
||||||
local result = {}
|
local result = {}
|
||||||
for _, contact in ipairs(self.contacts) do
|
for _, contact in ipairs(self.contacts) do
|
||||||
table.insert(result, ("%s:%d"):format(contact.address, contact.port))
|
local address = contact.address
|
||||||
|
if address:find(":") then
|
||||||
|
address = ("[%s]"):format(address)
|
||||||
|
end
|
||||||
|
table.insert(result, ("%s:%d"):format(address, contact.port))
|
||||||
end
|
end
|
||||||
return stdnse.format_output(true, result)
|
return stdnse.format_output(true, result)
|
||||||
end
|
end
|
||||||
@@ -349,9 +341,9 @@ Response = {
|
|||||||
-- parses the received data and attempts to create an ERROR response
|
-- parses the received data and attempts to create an ERROR response
|
||||||
-- @return true on success, false on failure
|
-- @return true on success, false on failure
|
||||||
parse = function(self)
|
parse = function(self)
|
||||||
local pos, err_type = bin.unpack(">I", self.data)
|
local err_type, pos = string.unpack(">I4", self.data)
|
||||||
if ( 1 == err_type ) then
|
if ( 1 == err_type ) then
|
||||||
self.addr = Response.Address:new(self.data:sub(5))
|
self.addr = Response.Address:new(self.data:sub(pos))
|
||||||
return true
|
return true
|
||||||
end
|
end
|
||||||
return false
|
return false
|
||||||
@@ -380,7 +372,7 @@ Response = {
|
|||||||
-- @return response instance of suitable Response class on success,
|
-- @return response instance of suitable Response class on success,
|
||||||
-- err string error message if status is false
|
-- err string error message if status is false
|
||||||
fromString = function(data)
|
fromString = function(data)
|
||||||
local pos, action = bin.unpack(">I", data)
|
local action, pos = string.unpack(">I4", data)
|
||||||
|
|
||||||
if ( action == Response.Actions.ACTION_PING ) then
|
if ( action == Response.Actions.ACTION_PING ) then
|
||||||
return Response.PING.fromString(data)
|
return Response.PING.fromString(data)
|
||||||
@@ -475,8 +467,8 @@ Helper = {
|
|||||||
-- @return true on success, false on failure
|
-- @return true on success, false on failure
|
||||||
-- @return err string error message if status is false
|
-- @return err string error message if status is false
|
||||||
connect = function(self)
|
connect = function(self)
|
||||||
local lhost = self.lhost or stdnse.get_script_args('vuzedht.lhost')
|
local lhost = tonumber(self.lhost or stdnse.get_script_args('vuzedht.lhost'))
|
||||||
local lport = self.lport or stdnse.get_script_args('vuzedht.lport')
|
local lport = tonumber(self.lport or stdnse.get_script_args('vuzedht.lport'))
|
||||||
|
|
||||||
self.socket = nmap.new_socket()
|
self.socket = nmap.new_socket()
|
||||||
|
|
||||||
|
|||||||
@@ -6,6 +6,15 @@ local vuzedht = stdnse.silent_require "vuzedht"
|
|||||||
|
|
||||||
description = [[
|
description = [[
|
||||||
Retrieves some basic information, including protocol version from a Vuze filesharing node.
|
Retrieves some basic information, including protocol version from a Vuze filesharing node.
|
||||||
|
|
||||||
|
As Vuze doesn't have a default port for its DHT service, this script has
|
||||||
|
some difficulties in determining when to run. Most scripts are triggered by
|
||||||
|
either a default port or a fingerprinted service. To get around this, there
|
||||||
|
are two options:
|
||||||
|
1. Always run a version scan, to identify the vuze-dht service in order to
|
||||||
|
trigger the script.
|
||||||
|
2. Force the script to run against each port by setting the argument
|
||||||
|
vuze-dht-info.allports
|
||||||
]]
|
]]
|
||||||
|
|
||||||
---
|
---
|
||||||
@@ -23,15 +32,6 @@ Retrieves some basic information, including protocol version from a Vuze filesha
|
|||||||
-- | Network id: Stable (0)
|
-- | Network id: Stable (0)
|
||||||
-- |_ Instance id: 2260473691
|
-- |_ Instance id: 2260473691
|
||||||
--
|
--
|
||||||
-- As Vuze doesn't have a default port for its DHT service, this script has
|
|
||||||
-- some difficulties in determining when to run. Most scripts are triggered by
|
|
||||||
-- either a default port or a fingerprinted service. To get around this, there
|
|
||||||
-- are two options:
|
|
||||||
-- 1. Always run a version scan, to identify the vuze-dht service in order to
|
|
||||||
-- trigger the script.
|
|
||||||
-- 2. Force the script to run against each port by setting the argument
|
|
||||||
-- vuze-dht-info.allports
|
|
||||||
--
|
|
||||||
-- @args vuze-dht-info.allports if set runs this script against every open port
|
-- @args vuze-dht-info.allports if set runs this script against every open port
|
||||||
|
|
||||||
author = "Patrik Karlsson"
|
author = "Patrik Karlsson"
|
||||||
|
|||||||
Reference in New Issue
Block a user