diff --git a/nselib/ajp.lua b/nselib/ajp.lua index 7d8c2ffcc..cc4822123 100644 --- a/nselib/ajp.lua +++ b/nselib/ajp.lua @@ -1,9 +1,9 @@ local base64 = require "base64" -local bin = require "bin" local http = require "http" local match = require "match" local nmap = require "nmap" local stdnse = require "stdnse" +local string = require "string" local table = require "table" local url = require "url" _ENV = stdnse.module("ajp", stdnse.seeall) @@ -127,9 +127,9 @@ AJP = { -- as the zero terminator should not be counted in the length local function encstr(str) if ( not(str) or #str == 0 ) then - return bin.pack(">S", 0xFFFF) + return "\xFF\xFF" end - return bin.pack(">Sz", #str, str) + return string.pack(">I2z", #str, str) end -- count the number of headers @@ -152,35 +152,37 @@ AJP = { local p_url = url.parse(self.uri) -- save the magic and data for last - local data = bin.pack(">CCAAAAASCS", self.code, self.method, + local data = { + string.pack(">BB", self.code, self.method), encstr(self.version), encstr(p_url.path), encstr(self.raddr), encstr(self.rhost), encstr(self.srv), - self.port, (self.is_ssl and 1 or 0), - headerCount()) + string.pack(">I2BI2", self.port, (self.is_ssl and 1 or 0), headerCount()), + } -- encode headers for k, v in pairs(self.headers) do local header = AJP.ForwardRequest.Header[k:lower()] or k if ( "string" == type(header) ) then - data = data .. bin.pack(">Sz", #header, header) + data[#data+1] = string.pack(">I2z", #header, header) else - data = data .. bin.pack(">S", header) + data[#data+1] = string.pack(">I2", header) end - data = data .. encstr(v) + data[#data+1] = encstr(v) end -- encode attributes if ( p_url.query ) then - data = data .. bin.pack("C", AJP.Attribute.QUERY_STRING) - data = data .. encstr(p_url.query) + data[#data+1] = string.pack("B", AJP.Attribute.QUERY_STRING) + data[#data+1] = encstr(p_url.query) end -- terminate the attribute list - data = data .. bin.pack("C", AJP.Attribute.ARE_DONE) + data[#data+1] = string.pack("B", AJP.Attribute.ARE_DONE) -- returns the AJP request as a string - return bin.pack(">SSA", AJP.Magic, #data, data) + data = table.concat(data) + return string.pack(">I2s2", AJP.Magic, data) end, }, @@ -215,12 +217,11 @@ AJP = { local pos = 6 local status_msg, hdr_count - pos, sh.status = bin.unpack(">S", data, pos) - pos, status_msg = bin.unpack(">P", data, pos) + sh.status, status_msg, pos = string.unpack(">I2s2", data, pos) pos = pos + 1 sh.status_line = ("AJP/1.3 %d %s"):format(sh.status, status_msg) - pos, hdr_count = bin.unpack(">S", data, pos) + hdr_count, pos = string.unpack(">I2", data, pos) local function headerById(id) for k, v in pairs(AJP.Response.Header) do @@ -231,16 +232,16 @@ AJP = { for i=1, hdr_count do local key, val, len - pos, len = bin.unpack(">S", data, pos) + len, pos = string.unpack(">I2", data, pos) if ( len < 0xA000 ) then - pos, key = bin.unpack("A"..len, data, pos) + key, pos = string.unpack("c"..len, data, pos) pos = pos + 1 else key = headerById(len) end - pos, val = bin.unpack(">P", data, pos) + val, pos = string.unpack(">s2", data, pos) pos = pos + 1 sh.headers[key:lower()] = val @@ -316,7 +317,7 @@ Comm = { if ( not(status) ) then return false, "Failed to receive response from server" end - local pos, magic, length = bin.unpack(">A2S", buf) + local magic, length, pos = string.unpack(">c2I2", buf) if ( magic ~= "AB" ) then return false, ("Invalid magic received from server (%s)"):format(magic) end @@ -325,12 +326,12 @@ Comm = { return false, "Failed to receive response from server" end - local pos, code = bin.unpack("C", data) + local code, pos = string.unpack("B", data) if ( AJP.Code.SEND_HEADERS == code ) then local sh = AJP.Response.SendHeaders.parse(buf .. data) response = sh elseif( AJP.Code.SEND_BODY == code ) then - response.body = select(2, bin.unpack(">P", data, pos)) + response.body = string.unpack(">s2", data, pos) elseif( AJP.Code.END_RESPONSE == code ) then break end diff --git a/nselib/natpmp.lua b/nselib/natpmp.lua index 9222c33b2..93c46478e 100644 --- a/nselib/natpmp.lua +++ b/nselib/natpmp.lua @@ -6,11 +6,11 @@ -- -- @author Patrik Karlsson -- -local bin = require "bin" local datetime = require "datetime" local ipOps = require "ipOps" local nmap = require "nmap" local stdnse = require "stdnse" +local string = require "string" _ENV = stdnse.module("natpmp", stdnse.seeall) local ResultCode = { @@ -43,7 +43,7 @@ Request = { end, __tostring = function(self) - return bin.pack(">CC", self.version, self.op) + return string.pack(">BB", self.version, self.op) end, }, @@ -65,7 +65,7 @@ Request = { end, __tostring = function(self) - return bin.pack(">CCSSSI", + return string.pack(">BBI2I2I2I4", self.version, (self.proto=="udp" and 1 or 2), 0, -- reserved @@ -96,13 +96,13 @@ Response = { end local pos - pos, self.version, self.op, self.rescode = bin.unpack(">CCS", self.data) + self.version, self.op, self.rescode, pos = string.unpack(">BBI2", self.data) if ( self.rescode ~= ResultCode.SUCCESS or self.op ~= 128 ) then return end - pos, self.time, self.ip = bin.unpack(">II", self.data, pos) + self.time, self.ip, pos = string.unpack(">I4I4", self.data, pos) self.ip = ipOps.fromdword(self.ip) self.time = datetime.format_timestamp(self.time) return true @@ -127,13 +127,13 @@ Response = { end local pos - pos, self.version, self.op, self.rescode = bin.unpack(">CCS", self.data) + self.version, self.op, self.rescode, pos = string.unpack(">BBI2", self.data) if ( self.rescode ~= ResultCode.SUCCESS ) then return end - pos, self.time, self.privport, self.pubport, self.lifetime = bin.unpack(">ISSI", self.data, pos) + self.time, self.privport, self.pubport, self.lifetime, pos = string.unpack(">I4I2I2I4", self.data, pos) return true end, } diff --git a/nselib/netbios.lua b/nselib/netbios.lua index 13d3a3d50..fabab8e5d 100644 --- a/nselib/netbios.lua +++ b/nselib/netbios.lua @@ -5,7 +5,6 @@ -- @author Ron Bowes -- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html -local bin = require "bin" local dns = require "dns" local math = require "math" local nmap = require "nmap" @@ -316,14 +315,14 @@ function do_nbstat(host) end -- Create the query header - local query = bin.pack(">SSSSSS", + local query = string.pack(">I2I2I2I2I2I2", 0x1337, -- Transaction id 0x0000, -- Flags 1, -- Questions 0, -- Answers 0, -- Authority 0 -- Extra - ) .. bin.pack(">zSS", + ) .. string.pack(">zI2I2", encoded_name, -- Encoded name 0x0021, -- Query type (0x21 = NBSTAT) 0x0001 -- Class = IN @@ -354,7 +353,7 @@ function do_nbstat(host) local pos, TRN_ID, FLAGS, QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT, rr_name, rr_type, rr_class, rr_ttl local rrlength, name_count - pos, TRN_ID, FLAGS, QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT = bin.unpack(">SSSSSS", result) + TRN_ID, FLAGS, QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT, pos = string.unpack(">I2I2I2I2I2I2", result) -- Sanity check the result (has to have the same TRN_ID, 1 answer, and proper flags) if(TRN_ID ~= 0x1337) then @@ -371,7 +370,7 @@ function do_nbstat(host) end -- Start parsing the answer field - pos, rr_name, rr_type, rr_class, rr_ttl = bin.unpack(">zSSI", result, pos) + rr_name, rr_type, rr_class, rr_ttl, pos = string.unpack(">zI2I2I4", result, pos) -- More sanity checks if(rr_name ~= encoded_name) then @@ -384,7 +383,7 @@ function do_nbstat(host) return false, "Server returned incorrect query type" end - pos, rrlength, name_count = bin.unpack(">SC", result, pos) + rrlength, name_count, pos = string.unpack(">I2B", result, pos) local names = {} for i = 1, name_count do @@ -392,7 +391,7 @@ function do_nbstat(host) -- Instead of reading the 16-byte name and pulling off the suffix, -- we read the first 15 bytes and then the 1-byte suffix. - pos, name, suffix, flags = bin.unpack(">A15CS", result, pos) + name, suffix, flags, pos = string.unpack(">c15BI2", result, pos) name = string.gsub(name, "[ ]*$", "") names[i] = {} @@ -407,7 +406,7 @@ function do_nbstat(host) if(rrlength > 0) then rrlength = rrlength - 1 end - pos, statistics = bin.unpack(string.format(">A%d", rrlength), result, pos) + statistics, pos = string.unpack(string.format(">c%d", rrlength), result, pos) -- Put it in the registry, in case anybody else needs it reg["nbstat_names"] = names diff --git a/nselib/nrpc.lua b/nselib/nrpc.lua index 0653c40ef..d5af8a63c 100644 --- a/nselib/nrpc.lua +++ b/nselib/nrpc.lua @@ -38,7 +38,6 @@ -- -local bin = require "bin" local match = require "match" local nmap = require "nmap" local stdnse = require "stdnse" @@ -67,14 +66,14 @@ DominoPacket = { -- @return Error code (if status is false). read = function( self, domsock ) local status, data = domsock:receive_buf(match.numbytes(2), true) - local pos, len = bin.unpack( "SS", OpCode.ACK, self.block) + return string.pack(">I2I2", OpCode.ACK, self.block) end, }, @@ -85,7 +85,7 @@ Packet = { end, __tostring = function( self ) - return bin.pack(">SSz", OpCode.ERROR, self.code, self.msg) + return string.pack(">I2I2z", OpCode.ERROR, self.code, self.msg) end, } @@ -168,7 +168,7 @@ end -- @param port containing the port of the initiating host -- @param data string containing the initial data passed to the server local function processConnection( host, port, data ) - local pos, op = bin.unpack(">S", data) + local op, pos = string.unpack(">I2", data) local socket = nmap.new_socket("udp") socket:set_timeout(1000) @@ -183,7 +183,7 @@ local function processConnection( host, port, data ) socket:send( tostring(Packet.ERROR:new(0, "TFTP server has write-only support"))) end - local pos, filename, enctype = bin.unpack("zz", data, pos) + local filename, enctype, pos = string.unpack("zz", data, pos) status, err = socket:send( tostring( Packet.ACK:new(0) ) ) local blocks = {} @@ -201,13 +201,13 @@ local function processConnection( host, port, data ) else -- record last time we had a successful read lastread = os.time() - pos, op = bin.unpack(">S", pdata) + op, pos = string.unpack(">I2", pdata) if ( OpCode.DATA ~= op ) then stdnse.debug1("Expected a data packet, terminating TFTP transfer") end local block, data - pos, block, data = bin.unpack(">SA" .. #pdata - 4, pdata, pos ) + block, data, pos = string.unpack(">I2 c" .. #pdata - 4, pdata, pos ) blocks[block] = data