Convert more bin.lua packings

nselib/membase.lua

@@ -10,11 +10,11 @@
 --
 
 
-local bin = require "bin"
 local match = require "match"
 local nmap = require "nmap"
 local sasl = require "sasl"
 local stdnse = require "stdnse"
+local string = require "string"
 local table = require "table"
 _ENV = stdnse.module("membase", stdnse.seeall)
 
@@ -66,7 +66,7 @@ TAP = {
       -- Converts the header to string
       -- @return string containing the Header as string
       __tostring = function(self)
-        return bin.pack(">CCSCCSIIL", self.magic, self.opcode, self.keylen,
+        return string.pack(">BB I2 BB I2 I4 I4 I8", self.magic, self.opcode, self.keylen,
         self.extlen, self.data_type, self.vbucket, self.total_body,
         self.opaque, self.CAS)
       end,
@@ -172,9 +172,9 @@ TAP = {
           return false, "Packet to short"
         end
         local pos
-        pos, self.magic, self.opcode, self.keylen, self.extlen,
+        self.magic, self.opcode, self.keylen, self.extlen,
           self.data_type, self.status, self.total_body, self.opaque,
-          self.CAS = bin.unpack(">CCSCCSIIL", self.data)
+          self.BAI2 , pos = string.unpack(">BB I2 BB I2 I4 I4 I8", self.data)
         return true
       end
 

nselib/msrpcperformance.lua

@@ -17,10 +17,10 @@
 --@copyright Same as Nmap--See https://nmap.org/book/man-legal.html
 -----------------------------------------------------------------------
 
-local bin = require "bin"
 local msrpc = require "msrpc"
 local msrpctypes = require "msrpctypes"
 local stdnse = require "stdnse"
+local string = require "string"
 _ENV = stdnse.module("msrpcperformance", stdnse.seeall)
 
 ---Parses the title database, which is a series of null-terminated string pairs.
@@ -35,7 +35,7 @@ local function parse_perf_title_database(data, pos)
 
   repeat
     local number, name
-    pos, number, name = bin.unpack("<zz", data, pos)
+    number, name, pos = string.unpack("<zz", data, pos)
 
     if(number == nil) then
       return false, "Couldn't parse the title database: end of string encountered early"
@@ -326,7 +326,6 @@ local function parse_perf_counter(data, pos, counter_definition)
     pos, result = msrpctypes.unmarshall_int32(data, pos)
   elseif(counter_definition['CounterSize'] == 8) then
     pos, result = msrpctypes.unmarshall_int64(data, pos)
-    -- pos, result = bin.unpack("<d", data, pos)
   else
     pos, result = msrpctypes.unmarshall_raw(data, pos, counter_definition['CounterSize'])
   end

nselib/proxy.lua

@@ -7,7 +7,6 @@
 -- @author Joao Correa <joao@livewire.com.br>
 -- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html
 
-local bin = require "bin"
 local dns = require "dns"
 local ipOps = require "ipOps"
 local nmap = require "nmap"
@@ -141,25 +140,6 @@ function test_connect(host, port, proxyType, hostname)
   return test(socket, req, false)
 end
 
---- Function that resolves IP address for hostname and
---- returns it as hex values
---@param hostname Hostname to resolve
---@return Ip address of hostname in hex
-function hex_resolve(hostname)
-  local a, b, c, d;
-  local dns_status, ip = dns.query(hostname)
-  if not dns_status then
-    return false
-  end
-  local t, err = ipOps.get_parts_as_number(ip)
-  if t and not err
-    then a, b, c, d = table.unpack(t)
-    else return false
-  end
-  local sip = string.format("%.2x ", a) .. string.format("%.2x ", b) .. string.format("%.2x ", c) .. string.format("%.2x ",d)
-  return true, sip
-end
-
 --- Checks if any parameter was used in old or new syntax
 --  and return the parameters
 --  @return url the proxy.url parameter
@@ -211,14 +191,12 @@ end
 --  @return socket A socket with the handshake already done, or an error if
 --                 status is false
 function socksHandshake(socket, version, hostname)
-  local resolve, sip, paystring, payload
+  local status, ip = dns.query(hostname)
-  resolve, sip = hex_resolve(hostname)
+  if not status then
-  if not resolve then
     return false, "Unable to resolve hostname"
   end
   if version == 4 then
-    paystring = '04 01 00 50 ' .. sip .. ' 6e 6d 61 70 00'
+    local payload = '\x04\x01\x00\x50' .. ipOps.ip_to_str(ip) .. '\x6e\x6d\x61\x70\x00'
-    payload = bin.pack("H",paystring)
     local status, response = socket:send(payload)
     if not status then
       socket:close()
@@ -250,7 +228,7 @@ function socksHandshake(socket, version, hostname)
     return false, err
   end
   if version == 5 then
-    local payload = bin.pack("H",'05 01 00')
+    local payload = '\x05\x01\x00'
     local status, err = socket:send(payload)
     if not status then
       socket:close()
@@ -267,8 +245,7 @@ function socksHandshake(socket, version, hostname)
       -- If no Auth is required, try to establish connection
       stdnse.debug1("Socks5: No authentication required")
       -- Socks5 second payload: Version, Command, Null, Address type, Ip-Address, Port number
-      paystring = '05 01 00 01 ' .. sip .. '00 50'
+      payload = '\x05\x01\x00\x01' .. ipOps.ip_to_str(ip) .. '\x00\x50'
-      payload = bin.pack("H",paystring)
       status, err = socket:send(payload)
       if not status then
         socket:close()

nselib/sip.lua

@@ -36,7 +36,6 @@
 -- Version 0.1
 -- Created 2011/03/30 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
 
-local bin = require "bin"
 local nmap = require "nmap"
 local os = require "os"
 local stdnse = require "stdnse"
@@ -805,11 +804,11 @@ SipAuth = {
 
     local result
     if ( self.algorithm:upper() == "MD5" ) then
-      local HA1 = select(2, bin.unpack("H16", openssl.md5(self.username .. ":" .. self.realm .. ":" .. self.password)))
+      local HA1 = stdnse.tohex(openssl.md5(self.username .. ":" .. self.realm .. ":" .. self.password))
-      local HA2 = select(2, bin.unpack("H16", openssl.md5(self.method .. ":" .. self.uri)))
+      local HA2 = stdnse.tohex(openssl.md5(self.method .. ":" .. self.uri))
       result = openssl.md5(HA1:lower() .. ":" .. self.nonce ..":" .. HA2:lower())
     end
-    return select(2, bin.unpack("H16", result)):lower()
+    return stdnse.tohex(result):lower()
   end,
 
   --- Creates the complete authentication response

nselib/socks.lua

@@ -4,11 +4,11 @@
 -- @author Patrik Karlsson <patrik@cqure.net>
 --
 
-local bin = require "bin"
 local match = require "match"
 local nmap = require "nmap"
 local stdnse = require "stdnse"
 local string = require "string"
+local table = require "table"
 _ENV = stdnse.module("socks", stdnse.seeall)
 
 -- SOCKS Authentication methods
@@ -40,11 +40,8 @@ Request = {
     -- server.
     -- @return string containing the raw request
     __tostring = function(self)
-      local methods = ""
+      return string.pack("Bs1", self.version,
-      for _, m in ipairs(self.auth_method) do
+        string.pack(("B"):rep(#self.auth_method), table.unpack(self.auth_method)))
-        methods = methods .. string.char(m)
-      end
-      return bin.pack("Cp", self.version, methods)
     end,
 
   },
@@ -85,7 +82,7 @@ Request = {
         username = (username == "") and "\0" or username
         password = (password == "") and "\0" or password
 
-        return bin.pack("Cpp", version, username, password)
+        return string.pack("Bs1s1", version, username, password)
       end
     end,
 
@@ -117,7 +114,7 @@ Response = {
         return
       end
       local pos
-      pos, self.version, self.method = bin.unpack("CC", self.data)
+      self.version, self.method, pos = string.unpack("BB", self.data)
       return true
     end
 
@@ -151,7 +148,7 @@ Response = {
         return
       end
       local pos
-      pos, self.version, self.status = bin.unpack("CC", self.data)
+      self.version, self.status, pos = string.unpack("BB", self.data)
       return true
     end,
 

scripts/allseeingeye-info.nse

@@ -2,7 +2,6 @@ local comm = require "comm"
 local nmap = require "nmap"
 local shortport = require "shortport"
 local string = require "string"
-local bin = require "bin"
 local stdnse = require "stdnse"
 
 description = [[
@@ -151,22 +150,22 @@ action = function(host, port)
   local o = stdnse.output_table()
   local pos = 5
 
-  pos, o["game"] = bin.unpack("p", data, pos)
+  o["game"],
-  pos, o["port"] = bin.unpack("p", data, pos)
+  o["port"],
-  pos, o["server name"] = bin.unpack("p", data, pos)
+  o["server name"],
-  pos, o["game type"] = bin.unpack("p", data, pos)
+  o["game type"],
-  pos, o["map"] = bin.unpack("p", data, pos)
+  o["map"],
-  pos, o["version"] = bin.unpack("p", data, pos)
+  o["version"],
-  pos, o["passworded"] = bin.unpack("p", data, pos)
+  o["passworded"],
-  pos, o["num players"] = bin.unpack("p", data, pos)
+  o["num players"],
-  pos, o["max players"] = bin.unpack("p", data, pos)
+  o["max players"], pos = string.unpack(("s1"):rep(9), data, pos)
 
   -- extract the key-value pairs
   local kv = stdnse.output_table()
   o["settings"] = kv
   while data:byte(pos) ~= 1 do
     local key, value
-    pos, key, value = bin.unpack("pp", data, pos)
+    key, value, pos = string.unpack("s1s1", data, pos)
     kv[key] = value
   end
   pos = pos + 1
@@ -181,22 +180,22 @@ action = function(host, port)
 
     local player = stdnse.output_table()
     if (flags & 1) ~= 0 then
-      pos, player.name = bin.unpack("p", data, pos)
+      player.name, pos = string.unpack("s1", data, pos)
     end
     if (flags & 2) ~= 0 then
-      pos, player.team = bin.unpack("p", data, pos)
+      player.team, pos = string.unpack("s1", data, pos)
     end
     if (flags & 4) ~= 0 then
-      pos, player.skin = bin.unpack("p", data, pos)
+      player.skin, pos = string.unpack("s1", data, pos)
     end
     if (flags & 8) ~= 0 then
-      pos, player.score = bin.unpack("p", data, pos)
+      player.score, pos = string.unpack("s1", data, pos)
     end
     if (flags & 16) ~= 0 then
-      pos, player.ping = bin.unpack("p", data, pos)
+      player.ping, pos = string.unpack("s1", data, pos)
     end
     if (flags & 32) ~= 0 then
-      pos, player.time = bin.unpack("p", data, pos)
+      player.time, pos = string.unpack("s1", data, pos)
     end
 
     players["player " .. playernum] = player

scripts/bacnet-info.nse

@@ -1,4 +1,3 @@
-local bin = require "bin"
 local nmap = require "nmap"
 local shortport = require "shortport"
 local stdnse = require "stdnse"
@@ -948,7 +947,7 @@ function field_size(packet)
   end
   -- unpack a string of length <value>
   local charset, info
-  offset, charset, info = bin.unpack("CA" .. tostring(value), packet, offset)
+  charset, info, offset = string.unpack("Bc" .. tostring(value), packet, offset)
   -- return information that was found in the packet
   if charset == 0 then -- UTF-8
     return info
@@ -980,7 +979,7 @@ end
 --- Sends a query for Property Identifier id (a number) on socket
 local function send_query(socket, id)
   -- Wireshark dissection:
-  local query = bin.pack(">C2SC7ICC",
+  local query = string.pack(">BB I2 BBBBBBB I4 BB",
     0x81, -- Type: BACnet/IP (Annex J)
     0x0a, -- Function: Original-Unicast-NPDU
     0x0011, -- BVLC-Length: 4 of 17 bytes
@@ -1037,8 +1036,8 @@ function standard_query(socket, type)
   end
   -- validate valid BACNet Packet
   if( string.byte(response, 1) == 0x81 ) then
-    -- Lookup byte 7 (pakcet type)
+    -- Lookup byte 7 (packet type)
-    local pos, value = bin.unpack("C", response, 7)
+    local value = string.byte(response, 7)
     -- verify that the response packet was not an error packet
     if( value ~= 0x50) then
       --collect information by looping thru the packet
@@ -1081,12 +1080,12 @@ function vendornum_query(socket)
   end
   -- validate valid BACNet Packet
   if( string.byte(response, 1) == 0x81 ) then
-    local pos, value = bin.unpack("C", response, 7)
+    local value = string.byte(response, 7)
     --if the vendor query resulted in an error
     if( value ~= 0x50) then
       -- read values for byte 18 in the packet data
       -- this value determines if vendor number is 1 or 2 bytes
-      pos, value = bin.unpack("C", response, 18)
+      value = string.byte(response, 18)
     else
       stdnse.debug1("Error receiving Vendor ID: BACNet Error")
       return nil
@@ -1100,8 +1099,7 @@ function vendornum_query(socket)
       -- if value is 22 (byte 18)
     elseif( value == 0x22 ) then
       -- convert hex to decimal
-      local vendornum
+      local vendornum = string.unpack(">I2", response, 19)
-      pos, vendornum = bin.unpack(">S", response, 19)
       -- look up vendor name from table
       return vendor_lookup(vendornum)
     else
@@ -1157,7 +1155,7 @@ action = function(host, port)
 
   -- if the response starts with 0x81 then its BACNet
   if( string.byte(response, 1) == 0x81 ) then
-    local pos, value = bin.unpack("C", response, 7)
+    local value = string.byte(response, 7)
     --if the first query resulted in an error
     --
     if( value == 0x50) then
@@ -1179,9 +1177,8 @@ action = function(host, port)
       to_return["Vendor Name"] = standard_query(sock, "vendor")
 
       -- Instance Number (object number)
-      local instance_upper, instance
+      local instance = string.unpack(">I3", response, 20)
-      pos, instance_upper, instance = bin.unpack("C>S", response, 20)
+      to_return["Object-identifier"] = instance
-      to_return["Object-identifier"] = instance_upper * 0x10000 + instance
 
       --Firmware Verson
       to_return["Firmware"] = standard_query(sock, "firmware")