diff --git a/nselib/bjnp.lua b/nselib/bjnp.lua index dc06b72f8..f1d7e6477 100644 --- a/nselib/bjnp.lua +++ b/nselib/bjnp.lua @@ -8,11 +8,11 @@ -- @author Patrik Karlsson -- -local bin = require("bin") local nmap = require("nmap") local os = require("os") local stdnse = require("stdnse") local table = require("table") +local string = require "string" _ENV = stdnse.module("bjnp", stdnse.seeall) @@ -39,15 +39,14 @@ BJNP = { parse = function(data) local hdr = BJNP.Header:new({ code = -1 }) - local pos - pos, hdr.id, hdr.type, hdr.code, - hdr.seq, hdr.session, hdr.length = bin.unpack(">A4CCISI", data) + hdr.id, hdr.type, hdr.code, + hdr.seq, hdr.session, hdr.length = string.unpack(">c4BBI4I2I4", data) return hdr end, __tostring = function(self) - return bin.pack(">ACCISI", + return string.pack(">c4BBI4I2I4", self.id, self.type, self.code, @@ -93,7 +92,7 @@ BJNP = { end, __tostring = function(self) - return tostring(self.header) .. bin.pack(">I", self.data) + return tostring(self.header) .. string.pack(">I4", self.data) end, } @@ -115,11 +114,12 @@ BJNP = { identity.header = BJNP.Header.parse(data) local pos = #tostring(identity.header) + 1 - local pos, len = bin.unpack(">S", data, pos) - if ( len ) then - pos, identity.data = bin.unpack("A" .. len - 2, data, pos) - return identity + if pos - 1 > #data - 2 then + return nil end + local len, pos = string.unpack(">I2", data, pos) + identity.data = string.unpack("c" .. len - 2, data, pos) + return identity end, @@ -184,11 +184,12 @@ BJNP = { identity.header = BJNP.Header.parse(data) local pos = #tostring(identity.header) + 1 - local pos, len = bin.unpack(">S", data, pos) - if ( len ) then - pos, identity.data = bin.unpack("A" .. len - 2, data, pos) - return identity + if pos - 1 > #data - 2 then + return nil end + local len, pos = string.unpack(">I2", data, pos) + identity.data = string.unpack("c" .. len - 2, data, pos) + return identity end, diff --git a/nselib/cassandra.lua b/nselib/cassandra.lua index 3c987576a..df67e51b4 100644 --- a/nselib/cassandra.lua +++ b/nselib/cassandra.lua @@ -7,7 +7,6 @@ -- Version 0.1 -- -local bin = require "bin" local nmap = require "nmap" local stdnse = require "stdnse" local string = require "string" @@ -36,16 +35,11 @@ LOGINACC = "\x00\x00\x00\x01\x0c" --@param password to put in format --@return str : string in cassandra format for login function loginstr (username, password) - return bin.pack("A>aAaaaaA", - CASSANDRAREQ, - "login", - CASSLOGINMAGIC, - "username", - username, - "password", - password, - "\x00\x00" -- add two null on the end - ) + return CASSANDRAREQ + .. string.pack(">s4", "login") + .. CASSLOGINMAGIC + .. string.pack(">s4s4s4s4", "username", username, "password", password) + .. "\x00\x00" -- add two null on the end end --Invokes command over socket and returns the response @@ -55,12 +49,9 @@ end --@return status : true if ok; false if bad --@return result : value if status ok, error msg if bad function cmdstr (command,cnt) - return bin.pack("A>aIA", - CASSANDRAREQ, - command, - cnt, - "\x00" -- add null on the end - ) + return CASSANDRAREQ + .. string.pack(">s4I4", command, cnt) + .. "\x00" -- add null on the end end --Invokes command over socket and returns the response @@ -73,7 +64,7 @@ function sendcmd (socket, command, cnt) local cmdstr = cmdstr (command,cnt) local response - local status, err = socket:send(bin.pack(">I",string.len(cmdstr))) + local status, err = socket:send(string.pack(">I4", #cmdstr)) if ( not(status) ) then return false, "error sending packet length" end @@ -87,19 +78,19 @@ function sendcmd (socket, command, cnt) if ( not(status) ) then return false, "error receiving length" end - local _,size = bin.unpack(">I",response,1) + local size = string.unpack(">I4", response) - if (string.len(response) < size+4 ) then + if #response < size + 4 then local resp2 - status, resp2 = socket:receive_bytes(size+4 - string.len(response)) + status, resp2 = socket:receive_bytes(size + 4 - #response) if ( not(status) ) then - return false, "error receiving payload" + return false, "error receiving payload" end response = response .. resp2 end -- magic response starts at 5th byte for 4 bytes, 4 byte for length + length of string command - if (string.sub(response,5,8+4+string.len(command)) ~= bin.pack("A>a", CASSANDRARESP, command)) then + if response:sub(5, 8 + 4 + #command) ~= CASSANDRARESP .. string.pack(">s4", command) then return false, "protocol response error" end @@ -122,11 +113,8 @@ function describe_cluster_name (socket,cnt) -- grab the size -- pktlen(4) + CASSANDRARESP(4) + lencmd(4) + lencmd(v) + params(7) + next byte position - local position = 12+string.len(cname)+7+1 - local _,size = bin.unpack(">I",resp,position) - - -- read the string after the size - local value = string.sub(resp,position+4,position+4+size-1) + local position = 12 + #cname + 7 + 1 + local value = string.unpack(">s4", resp, position) return true, value end @@ -146,11 +134,8 @@ function describe_version (socket,cnt) -- grab the size -- pktlen(4) + CASSANDRARESP(4) + lencmd(4) + lencmd(v) + params(7) + next byte position - local position = 12+string.len(cname)+7+1 - local _,size = bin.unpack(">I",resp,position) - - -- read the string after the size - local value = string.sub(resp,position+4,position+4+size-1) + local position = 12 + #cname + 7 + 1 + local value = string.unpack(">s4", resp, position) return true, value end @@ -165,7 +150,7 @@ function login (socket,username,password) local loginstr = loginstr (username, password) local combo = username..":"..password - local status, err = socket:send(bin.pack(">I",string.len(loginstr))) + local status, err = socket:send(string.pack(">I4", #loginstr)) if ( not(status) ) then stdnse.debug3("cannot send len "..combo) return false, "Failed to connect to server" @@ -183,10 +168,10 @@ function login (socket,username,password) stdnse.debug3("Receive packet for "..combo) return false, err end - local _, size = bin.unpack(">I", response, 1) + local size = string.unpack(">I4", response) local loginresp = string.sub(response,5,17) - if (loginresp ~= bin.pack("A>a", CASSANDRARESP, "login")) then + if (loginresp ~= CASSANDRARESP .. string.pack(">s4", "login")) then return false, "protocol error" end diff --git a/nselib/drda.lua b/nselib/drda.lua index dd47093e7..9ef74a0f3 100644 --- a/nselib/drda.lua +++ b/nselib/drda.lua @@ -58,7 +58,6 @@ -- x Apache Derby -- x IBM Informix Dynamic Server -local bin = require "bin" local match = require "match" local nmap = require "nmap" local stdnse = require "stdnse" @@ -229,11 +228,13 @@ DRDA = { return nil end - local data = bin.pack(">SCCSSS", self.DDM.Length, self.DDM.Magic, self.DDM.Format, self.DDM.CorelId, self.DDM.Length2, self.DDM.CodePoint ) + local data = { + string.pack(">I2BBI2I2I2", self.DDM.Length, self.DDM.Magic, self.DDM.Format, self.DDM.CorelId, self.DDM.Length2, self.DDM.CodePoint ) + } for k,v in ipairs(self.Parameters) do - data = data .. tostring(v) + data[#data+1] = tostring(v) end - return data + return table.concat(data) end, --- Sends the DRDA over the db2socket @@ -305,7 +306,7 @@ DRDAParameter = { -- -- @return data string containing the DRDA Parameter __tostring = function( self ) - return bin.pack(">SSA", self.Length, self.CodePoint, self.Data or "" ) + return string.pack(">I2I2", self.Length, self.CodePoint) .. (self.Data or "") end, --- Builds a DRDA Parameter from a string @@ -317,13 +318,10 @@ DRDAParameter = { if( #data < 4 ) then return -1 end - pos, self.Length, self.CodePoint = bin.unpack( ">SS", data, pos ) - - -- make sure the Length is assigned a value even though 0(nil) is returned - self.Length = self.Length or 0 + self.Length, self.CodePoint, pos = string.unpack( ">I2I2", data, pos ) if ( self.Length > 0 ) then - pos, self.Data = bin.unpack("A" .. self.Length - 4, data, pos ) + self.Data, pos = string.unpack("c" .. self.Length - 4, data, pos ) end return pos end, @@ -381,7 +379,7 @@ DDM = { --- Converts the DDM object to a string __tostring = function( self ) - return bin.pack(">SCCSSS", self.Length, self.Magic, self.Format, self.CorelId, self.Length2, self.CodePoint) + return string.pack(">I2BBI2I2I2", self.Length, self.Magic, self.Format, self.CorelId, self.Length2, self.CodePoint) end, --- Constructs a DDM object from a string @@ -395,7 +393,7 @@ DDM = { return -1, ("drda.DDM.fromString: str was less than DDM_SIZE (%d)"):format( DDM_SIZE ) end - pos, self.Length, self.Magic, self.Format, self.CorelId, self.Length2, self.CodePoint = bin.unpack( ">SCCSSS", str ) + self.Length, self.Magic, self.Format, self.CorelId, self.Length2, self.CodePoint, pos = string.unpack( ">I2BBI2I2I2", str ) return pos end, @@ -617,7 +615,7 @@ Helper = { return false, "ERROR: Response did not contain any valid security mechanisms" end - if ( select(2, bin.unpack(">S", param:getData())) ~= SecMec.USER_PASSWORD ) then + if ( string.unpack(">I2", param:getData()) ~= SecMec.USER_PASSWORD ) then stdnse.debug1("drda.Helper.login: ERROR: Securite Mechanism not supported") return false, "ERROR: Security mechanism not supported" end diff --git a/nselib/iax2.lua b/nselib/iax2.lua index 9ab96c3c1..05c6b815e 100644 --- a/nselib/iax2.lua +++ b/nselib/iax2.lua @@ -5,11 +5,11 @@ -- @author Patrik Karlsson -- -local bin = require "bin" local math = require "math" local nmap = require "nmap" local os = require "os" local stdnse = require "stdnse" +local string = require "string" local openssl = stdnse.silent_require "openssl" local table = require "table" _ENV = stdnse.module("iax2", stdnse.seeall) @@ -72,26 +72,25 @@ IAX2 = { -- @return header instance of Header parse = function(data) local header = IAX2.Header:new() - local pos, frame_type = bin.unpack("C", data) + local frame_type, pos = string.unpack("B", data) if ( (frame_type & 0x80) == 0 ) then print("frame_type", stdnse.tohex(frame_type)) stdnse.debug2("Frametype not supported") return end header.type = IAX2.PacketType.FULL - pos, header.src_call = bin.unpack(">S", data) + header.src_call, pos = string.unpack(">I2", data) header.src_call = (header.src_call & 0x7FFF) - local retrans - pos, retrans = bin.unpack("C", data, pos) + local retrans = string.unpack("B", data, pos) if ( (retrans & 0x80) == 8 ) then header.retrans = true end - pos, header.dst_call = bin.unpack(">S", data, pos - 1) + header.dst_call, pos = string.unpack(">I2", data, pos) header.dst_call = (header.dst_call & 0x7FFF) - pos, header.timestamp, header.oseqno, - header.iseqno, header.frametype, header.subclass = bin.unpack(">ICCCC", data, pos) + header.timestamp, header.oseqno, + header.iseqno, header.frametype, header.subclass, pos = string.unpack(">I4BBBB", data, pos) return header end, @@ -109,7 +108,7 @@ IAX2 = { if ( self.retrans ) then dst_call = dst_call + 32768 end - return bin.pack(">SSICCCC", src_call, dst_call, self.timestamp, + return string.pack(">I2I2 I4BBBB", src_call, dst_call, self.timestamp, self.oseqno, self.iseqno, self.frametype, self.subclass) end, }, @@ -155,12 +154,12 @@ IAX2 = { -- Converts the instance to a string -- @return str containing the instance __tostring = function(self) - local data = "" + local data = {} for _, ie in ipairs(self.ies) do - data = data .. bin.pack("Cp", ie.type, ie.value ) + data[#data+1] = string.pack("Bs1", ie.type, ie.value ) end - return tostring(self.header) .. data + return tostring(self.header) .. table.concat(data) end, }, @@ -213,7 +212,7 @@ IAX2 = { resp.ies = {} repeat local ie = {} - pos, ie.type, ie.value = bin.unpack(">Cp", data, pos) + ie.type, ie.value, pos = string.unpack(">Bs1", data, pos) table.insert(resp.ies, ie) until( pos > #data ) return resp diff --git a/scripts/broadcast-ping.nse b/scripts/broadcast-ping.nse index da48cb4d7..1dd87010a 100644 --- a/scripts/broadcast-ping.nse +++ b/scripts/broadcast-ping.nse @@ -115,7 +115,7 @@ local icmp_packet = function(srcIP, dstIP, ttl, data_length, mtu, seqNo, icmp_id 20 + #icmp_msg, -- total length 0) -- IP ID .. "\x40\x00" -- DF - .. string.pack("CC", + .. string.pack("BB", ttl, 1 -- ICMP )