home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / livecd.squashfs / usr / lib / python2.4 / site-packages / impacket / ImpactDecoder.py < prev    next >
Encoding:
Python Source  |  2006-05-23  |  5.4 KB  |  172 lines
  1. # Copyright (c) 2003-2006 CORE Security Technologies
  2. #
  3. # This software is provided under under a slightly modified version
  4. # of the Apache Software License. See the accompanying LICENSE file
  5. # for more information.
  6. #
  7. # $Id: ImpactDecoder.py,v 1.6 2006/05/23 22:25:34 gera Exp $
  8. #
  9. # Description:
  10. #  Convenience packet unpackers for various network protocols
  11. #  implemented in the ImpactPacket module.
  12. #
  13. # Author:
  14. #  Javier Burroni (javier)
  15. #  Bruce Leidl (brl)
  16.  
  17. import ImpactPacket
  18.  
  19. """Classes to convert from raw packets into a hierarchy of
  20. ImpactPacket derived objects.
  21.  
  22. The protocol of the outermost layer must be known in advance, and the
  23. packet must be fed to the corresponding decoder. From there it will
  24. try to decode the raw data into a hierarchy of ImpactPacket derived
  25. objects; if a layer's protocol is unknown, all the remaining data will
  26. be wrapped into a ImpactPacket.Data object.
  27. """
  28.  
  29. class Decoder:
  30.     def decode(self, aBuffer):
  31.         pass
  32.  
  33. class EthDecoder(Decoder):
  34.     def __init__(self):
  35.         pass
  36.  
  37.     def decode(self, aBuffer):
  38.         e = ImpactPacket.Ethernet(aBuffer)
  39.         off = e.get_header_size()
  40.         if e.get_ether_type() == ImpactPacket.IP.ethertype:
  41.             self.ip_decoder = IPDecoder()
  42.             packet = self.ip_decoder.decode(aBuffer[off:])
  43.         elif e.get_ether_type() == ImpactPacket.ARP.ethertype:
  44.             self.arp_decoder = ARPDecoder()
  45.             packet = self.arp_decoder.decode(aBuffer[off:])
  46.         else:
  47.             self.data_decoder = DataDecoder()
  48.             packet = self.data_decoder.decode(aBuffer[off:])
  49.  
  50.         e.contains(packet)
  51.         return e
  52.  
  53. # Linux "cooked" capture encapsulation.
  54. # Used, for instance, for packets returned by the "any" interface.
  55. class LinuxSLLDecoder(Decoder):
  56.     def __init__(self):
  57.         pass
  58.  
  59.     def decode(self, aBuffer):
  60.         e = ImpactPacket.LinuxSLL(aBuffer)
  61.         off = 16
  62.         if e.get_ether_type() == ImpactPacket.IP.ethertype:
  63.             self.ip_decoder = IPDecoder()
  64.             packet = self.ip_decoder.decode(aBuffer[off:])
  65.         elif e.get_ether_type() == ImpactPacket.ARP.ethertype:
  66.             self.arp_decoder = ARPDecoder()
  67.             packet = self.arp_decoder.decode(aBuffer[off:])
  68.         else:
  69.             self.data_decoder = DataDecoder()
  70.             packet = self.data_decoder.decode(aBuffer[off:])
  71.  
  72.         e.contains(packet)
  73.         return e
  74.  
  75. class IPDecoder(Decoder):
  76.     def __init__(self):
  77.         pass
  78.  
  79.     def decode(self, aBuffer):
  80.         i = ImpactPacket.IP(aBuffer)
  81.         off = i.get_header_size()
  82.         if i.get_ip_p() == ImpactPacket.UDP.protocol:
  83.             self.udp_decoder = UDPDecoder()
  84.             packet = self.udp_decoder.decode(aBuffer[off:])
  85.         elif i.get_ip_p() == ImpactPacket.TCP.protocol:
  86.             self.tcp_decoder = TCPDecoder()
  87.             packet = self.tcp_decoder.decode(aBuffer[off:])
  88.         elif i.get_ip_p() == ImpactPacket.ICMP.protocol:
  89.             self.icmp_decoder = ICMPDecoder()
  90.             packet = self.icmp_decoder.decode(aBuffer[off:])
  91.         else:
  92.             self.data_decoder = DataDecoder()
  93.             packet = self.data_decoder.decode(aBuffer[off:])
  94.         i.contains(packet)
  95.         return i
  96.  
  97. class ARPDecoder(Decoder):
  98.     def __init__(self):
  99.         pass
  100.  
  101.     def decode(self, aBuffer):
  102.         arp = ImpactPacket.ARP(aBuffer)
  103.         off = arp.get_header_size()
  104.         self.data_decoder = DataDecoder()
  105.         packet = self.data_decoder.decode(aBuffer[off:])
  106.         arp.contains(packet)
  107.         return arp
  108.  
  109. class UDPDecoder(Decoder):
  110.     def __init__(self):
  111.         pass
  112.  
  113.     def decode(self, aBuffer):
  114.         u = ImpactPacket.UDP(aBuffer)
  115.         off = u.get_header_size()
  116.         self.data_decoder = DataDecoder()
  117.         packet = self.data_decoder.decode(aBuffer[off:])
  118.         u.contains(packet)
  119.         return u
  120.  
  121. class TCPDecoder(Decoder):
  122.     def __init__(self):
  123.         pass
  124.  
  125.     def decode(self, aBuffer):
  126.         t = ImpactPacket.TCP(aBuffer)
  127.         off = t.get_header_size()
  128.         self.data_decoder = DataDecoder()
  129.         packet = self.data_decoder.decode(aBuffer[off:])
  130.         t.contains(packet)
  131.         return t
  132.  
  133. class IPDecoderForICMP(Decoder):
  134.     """This class was added to parse the IP header of ICMP unreachables packets
  135.     If you use the "standard" IPDecoder, it might crash (see bug #4870) ImpactPacket.py
  136.     because the TCP header inside the IP header is incomplete"""    
  137.     def __init__(self):
  138.         pass
  139.  
  140.     def decode(self, aBuffer):
  141.         i = ImpactPacket.IP(aBuffer)
  142.         off = i.get_header_size()
  143.         if i.get_ip_p() == ImpactPacket.UDP.protocol:
  144.             self.udp_decoder = UDPDecoder()
  145.             packet = self.udp_decoder.decode(aBuffer[off:])
  146.         else:
  147.             self.data_decoder = DataDecoder()
  148.             packet = self.data_decoder.decode(aBuffer[off:])
  149.         i.contains(packet)
  150.         return i
  151.  
  152. class ICMPDecoder(Decoder):
  153.     def __init__(self):
  154.         pass
  155.  
  156.     def decode(self, aBuffer):
  157.         ic = ImpactPacket.ICMP(aBuffer)
  158.         off = ic.get_header_size()
  159.         if ic.get_icmp_type() == ImpactPacket.ICMP.ICMP_UNREACH:
  160.             self.ip_decoder = IPDecoderForICMP()
  161.             packet = self.ip_decoder.decode(aBuffer[off:])
  162.         else:
  163.             self.data_decoder = DataDecoder()
  164.             packet = self.data_decoder.decode(aBuffer[off:])
  165.         ic.contains(packet)
  166.         return ic
  167.  
  168. class DataDecoder(Decoder):
  169.     def decode(self, aBuffer):
  170.         d = ImpactPacket.Data(aBuffer)
  171.         return d
  172.