PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Remove some more bin.lua packings

Browse Source
This commit is contained in:
dmiller
2018-09-18 04:21:19 +00:00
parent 626f10aca0
commit 6986077364
5 changed files with 50 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
nselib/ajp.lua
View File

@@ -1,9 +1,9 @@
local base64 = require "base64"
local bin = require "bin"
local http = require "http"
local match = require "match"
local nmap = require "nmap"
local stdnse = require "stdnse"
local string = require "string"
local table = require "table"
local url = require "url"
_ENV = stdnse.module("ajp", stdnse.seeall)
@@ -127,9 +127,9 @@ AJP = {
-- as the zero terminator should not be counted in the length
local function encstr(str)
if ( not(str) or #str == 0 ) then
return bin.pack(">S", 0xFFFF)
return "\xFF\xFF"
end
return bin.pack(">Sz", #str, str)
return string.pack(">I2z", #str, str)
end
-- count the number of headers
@@ -152,35 +152,37 @@ AJP = {
local p_url = url.parse(self.uri)
-- save the magic and data for last
local data = bin.pack(">CCAAAAASCS", self.code, self.method,
local data = {
string.pack(">BB", self.code, self.method),
encstr(self.version), encstr(p_url.path), encstr(self.raddr),
encstr(self.rhost), encstr(self.srv),
self.port, (self.is_ssl and 1 or 0),
headerCount())
string.pack(">I2BI2", self.port, (self.is_ssl and 1 or 0), headerCount()),
}
-- encode headers
for k, v in pairs(self.headers) do
local header = AJP.ForwardRequest.Header[k:lower()] or k
if ( "string" == type(header) ) then
data = data .. bin.pack(">Sz", #header, header)
data[#data+1] = string.pack(">I2z", #header, header)
else
data = data .. bin.pack(">S", header)
data[#data+1] = string.pack(">I2", header)
end
data = data .. encstr(v)
data[#data+1] = encstr(v)
end
-- encode attributes
if ( p_url.query ) then
data = data .. bin.pack("C", AJP.Attribute.QUERY_STRING)
data = data .. encstr(p_url.query)
data[#data+1] = string.pack("B", AJP.Attribute.QUERY_STRING)
data[#data+1] = encstr(p_url.query)
end
-- terminate the attribute list
data = data .. bin.pack("C", AJP.Attribute.ARE_DONE)
data[#data+1] = string.pack("B", AJP.Attribute.ARE_DONE)
-- returns the AJP request as a string
return bin.pack(">SSA", AJP.Magic, #data, data)
data = table.concat(data)
return string.pack(">I2s2", AJP.Magic, data)
end,
},
@@ -215,12 +217,11 @@ AJP = {
local pos = 6
local status_msg, hdr_count
pos, sh.status = bin.unpack(">S", data, pos)
pos, status_msg = bin.unpack(">P", data, pos)
sh.status, status_msg, pos = string.unpack(">I2s2", data, pos)
pos = pos + 1
sh.status_line = ("AJP/1.3 %d %s"):format(sh.status, status_msg)
pos, hdr_count = bin.unpack(">S", data, pos)
hdr_count, pos = string.unpack(">I2", data, pos)
local function headerById(id)
for k, v in pairs(AJP.Response.Header) do
@@ -231,16 +232,16 @@ AJP = {
for i=1, hdr_count do
local key, val, len
pos, len = bin.unpack(">S", data, pos)
len, pos = string.unpack(">I2", data, pos)
if ( len < 0xA000 ) then
pos, key = bin.unpack("A"..len, data, pos)
key, pos = string.unpack("c"..len, data, pos)
pos = pos + 1
else
key = headerById(len)
end
pos, val = bin.unpack(">P", data, pos)
val, pos = string.unpack(">s2", data, pos)
pos = pos + 1
sh.headers[key:lower()] = val
@@ -316,7 +317,7 @@ Comm = {
if ( not(status) ) then
return false, "Failed to receive response from server"
end
local pos, magic, length = bin.unpack(">A2S", buf)
local magic, length, pos = string.unpack(">c2I2", buf)
if ( magic ~= "AB" ) then
return false, ("Invalid magic received from server (%s)"):format(magic)
end
@@ -325,12 +326,12 @@ Comm = {
return false, "Failed to receive response from server"
end
local pos, code = bin.unpack("C", data)
local code, pos = string.unpack("B", data)
if ( AJP.Code.SEND_HEADERS == code ) then
local sh = AJP.Response.SendHeaders.parse(buf .. data)
response = sh
elseif( AJP.Code.SEND_BODY == code ) then
response.body = select(2, bin.unpack(">P", data, pos))
response.body = string.unpack(">s2", data, pos)
elseif( AJP.Code.END_RESPONSE == code ) then
break
end

14
nselib/natpmp.lua
View File

@@ -6,11 +6,11 @@
--
-- @author Patrik Karlsson <patrik@cqure.net>
--
local bin = require "bin"
local datetime = require "datetime"
local ipOps = require "ipOps"
local nmap = require "nmap"
local stdnse = require "stdnse"
local string = require "string"
_ENV = stdnse.module("natpmp", stdnse.seeall)
local ResultCode = {
@@ -43,7 +43,7 @@ Request = {
end,
__tostring = function(self)
return bin.pack(">CC", self.version, self.op)
return string.pack(">BB", self.version, self.op)
end,
},
@@ -65,7 +65,7 @@ Request = {
end,
__tostring = function(self)
return bin.pack(">CCSSSI",
return string.pack(">BBI2I2I2I4",
self.version,
(self.proto=="udp" and 1 or 2),
0, -- reserved
@@ -96,13 +96,13 @@ Response = {
end
local pos
pos, self.version, self.op, self.rescode = bin.unpack(">CCS", self.data)
self.version, self.op, self.rescode, pos = string.unpack(">BBI2", self.data)
if ( self.rescode ~= ResultCode.SUCCESS or self.op ~= 128 ) then
return
end
pos, self.time, self.ip = bin.unpack(">II", self.data, pos)
self.time, self.ip, pos = string.unpack(">I4I4", self.data, pos)
self.ip = ipOps.fromdword(self.ip)
self.time = datetime.format_timestamp(self.time)
return true
@@ -127,13 +127,13 @@ Response = {
end
local pos
pos, self.version, self.op, self.rescode = bin.unpack(">CCS", self.data)
self.version, self.op, self.rescode, pos = string.unpack(">BBI2", self.data)
if ( self.rescode ~= ResultCode.SUCCESS ) then
return
end
pos, self.time, self.privport, self.pubport, self.lifetime = bin.unpack(">ISSI", self.data, pos)
self.time, self.privport, self.pubport, self.lifetime, pos = string.unpack(">I4I2I2I4", self.data, pos)
return true
end,
}

15
nselib/netbios.lua
View File

@@ -5,7 +5,6 @@
-- @author Ron Bowes <ron@skullsecurity.net>
-- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html
local bin = require "bin"
local dns = require "dns"
local math = require "math"
local nmap = require "nmap"
@@ -316,14 +315,14 @@ function do_nbstat(host)
end
-- Create the query header
local query = bin.pack(">SSSSSS",
local query = string.pack(">I2I2I2I2I2I2",
0x1337, -- Transaction id
0x0000, -- Flags
1, -- Questions
0, -- Answers
0, -- Authority
0 -- Extra
) .. bin.pack(">zSS",
) .. string.pack(">zI2I2",
encoded_name, -- Encoded name
0x0021, -- Query type (0x21 = NBSTAT)
0x0001 -- Class = IN
@@ -354,7 +353,7 @@ function do_nbstat(host)
local pos, TRN_ID, FLAGS, QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT, rr_name, rr_type, rr_class, rr_ttl
local rrlength, name_count
pos, TRN_ID, FLAGS, QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT = bin.unpack(">SSSSSS", result)
TRN_ID, FLAGS, QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT, pos = string.unpack(">I2I2I2I2I2I2", result)
-- Sanity check the result (has to have the same TRN_ID, 1 answer, and proper flags)
if(TRN_ID ~= 0x1337) then
@@ -371,7 +370,7 @@ function do_nbstat(host)
end
-- Start parsing the answer field
pos, rr_name, rr_type, rr_class, rr_ttl = bin.unpack(">zSSI", result, pos)
rr_name, rr_type, rr_class, rr_ttl, pos = string.unpack(">zI2I2I4", result, pos)
-- More sanity checks
if(rr_name ~= encoded_name) then
@@ -384,7 +383,7 @@ function do_nbstat(host)
return false, "Server returned incorrect query type"
end
pos, rrlength, name_count = bin.unpack(">SC", result, pos)
rrlength, name_count, pos = string.unpack(">I2B", result, pos)
local names = {}
for i = 1, name_count do
@@ -392,7 +391,7 @@ function do_nbstat(host)
-- Instead of reading the 16-byte name and pulling off the suffix,
-- we read the first 15 bytes and then the 1-byte suffix.
pos, name, suffix, flags = bin.unpack(">A15CS", result, pos)
name, suffix, flags, pos = string.unpack(">c15BI2", result, pos)
name = string.gsub(name, "[ ]*$", "")
names[i] = {}
@@ -407,7 +406,7 @@ function do_nbstat(host)
if(rrlength > 0) then
rrlength = rrlength - 1
end
pos, statistics = bin.unpack(string.format(">A%d", rrlength), result, pos)
statistics, pos = string.unpack(string.format(">c%d", rrlength), result, pos)
-- Put it in the registry, in case anybody else needs it
reg["nbstat_names"] = names

13
nselib/nrpc.lua
View File

@@ -38,7 +38,6 @@
--
local bin = require "bin"
local match = require "match"
local nmap = require "nmap"
local stdnse = require "stdnse"
@@ -67,14 +66,14 @@ DominoPacket = {
-- @return Error code (if status is false).
read = function( self, domsock )
local status, data = domsock:receive_buf(match.numbytes(2), true)
local pos, len = bin.unpack( "<S", data )
local len = string.unpack( "<I2", data )
return domsock:receive_buf(match.numbytes(len), true)
end,
--- converts the packet to a string
__tostring = function(self)
return bin.pack("<SA", #self.data, self.data )
return string.pack("<s2", self.data )
end,
}
@@ -124,7 +123,7 @@ Helper = {
isValidUser = function( self, username )
local data = stdnse.fromhex("00001e00000001000080000007320000700104020000fb2b2d00281f1e000000124c010000000000")
local status, id_data
local data_len, pos, total_len, pkt_type, valid_user
local data_len, total_len, pkt_type, valid_user
self.domsock:send( tostring(DominoPacket:new( data )) )
data = DominoPacket:new():read( self.domsock )
@@ -137,9 +136,9 @@ Helper = {
self.domsock:send( tostring(DominoPacket:new( data ) ) )
status, id_data = DominoPacket:new():read( self.domsock )
pos, pkt_type = bin.unpack("C", id_data, 3)
pos, valid_user = bin.unpack("C", id_data, 11)
pos, total_len = bin.unpack("<S", id_data, 13)
pkt_type = string.unpack("B", id_data, 3)
valid_user = string.unpack("B", id_data, 11)
total_len = string.unpack("<I2", id_data, 13)
if ( pkt_type == 0x16 ) then
if ( valid_user == 0x19 ) then

14
nselib/tftp.lua
View File

@@ -27,11 +27,11 @@
--
-- 2011-01-22 - re-wrote library to use coroutines instead of new_thread code.
local bin = require "bin"
local coroutine = require "coroutine"
local nmap = require "nmap"
local os = require "os"
local stdnse = require "stdnse"
local string = require "string"
local table = require "table"
_ENV = stdnse.module("tftp", stdnse.seeall)
@@ -67,7 +67,7 @@ Packet = {
end,
__tostring = function( self )
return bin.pack(">SS", OpCode.ACK, self.block)
return string.pack(">I2I2", OpCode.ACK, self.block)
end,
},
@@ -85,7 +85,7 @@ Packet = {
end,
__tostring = function( self )
return bin.pack(">SSz", OpCode.ERROR, self.code, self.msg)
return string.pack(">I2I2z", OpCode.ERROR, self.code, self.msg)
end,
}
@@ -168,7 +168,7 @@ end
-- @param port containing the port of the initiating host
-- @param data string containing the initial data passed to the server
local function processConnection( host, port, data )
local pos, op = bin.unpack(">S", data)
local op, pos = string.unpack(">I2", data)
local socket = nmap.new_socket("udp")
socket:set_timeout(1000)
@@ -183,7 +183,7 @@ local function processConnection( host, port, data )
socket:send( tostring(Packet.ERROR:new(0, "TFTP server has write-only support")))
end
local pos, filename, enctype = bin.unpack("zz", data, pos)
local filename, enctype, pos = string.unpack("zz", data, pos)
status, err = socket:send( tostring( Packet.ACK:new(0) ) )
local blocks = {}
@@ -201,13 +201,13 @@ local function processConnection( host, port, data )
else
-- record last time we had a successful read
lastread = os.time()
pos, op = bin.unpack(">S", pdata)
op, pos = string.unpack(">I2", pdata)
if ( OpCode.DATA ~= op ) then
stdnse.debug1("Expected a data packet, terminating TFTP transfer")
end
local block, data
pos, block, data = bin.unpack(">SA" .. #pdata - 4, pdata, pos )
block, data, pos = string.unpack(">I2 c" .. #pdata - 4, pdata, pos )
blocks[block] = data