Coverage for /root/GitHubProjects/impacket/impacket/ImpactDecoder.py : 62%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# Impacket - Collection of Python classes for working with network protocols.
2#
3# SECUREAUTH LABS. Copyright (C) 2018 SecureAuth Corporation. All rights reserved.
4#
5# This software is provided under a slightly modified version
6# of the Apache Software License. See the accompanying LICENSE file
7# for more information.
8#
9# Description:
10# Convenience packet unpackers for various network protocols
11# implemented in the ImpactPacket module.
12#
13# Author:
14# Javier Burroni (javier)
15# Bruce Leidl (brl)
16# Aureliano Calvo
17#
19import array
21from impacket import ICMP6
22from impacket import IP6
23from impacket import IP6_Extension_Headers
24from impacket import ImpactPacket
25from impacket import LOG
26from impacket import dot11
27from impacket import wps, eap, dhcp
28from impacket.cdp import CDP
30"""Classes to convert from raw packets into a hierarchy of
31ImpactPacket derived objects.
33The protocol of the outermost layer must be known in advance, and the
34packet must be fed to the corresponding decoder. From there it will
35try to decode the raw data into a hierarchy of ImpactPacket derived
36objects; if a layer's protocol is unknown, all the remaining data will
37be wrapped into a ImpactPacket.Data object.
38"""
40class Decoder:
41 __decoded_protocol = None
42 def decode(self, aBuffer):
43 pass
45 def set_decoded_protocol(self, protocol):
46 self.__decoded_protocol = protocol
48 def get_protocol(self, aprotocol):
49 protocol = self.__decoded_protocol
50 while protocol:
51 if protocol.__class__ == aprotocol:
52 break
53 protocol=protocol.child()
54 return protocol
56 def __str__(self):
57 protocol = self.__decoded_protocol
58 i=0
59 out=''
60 while protocol:
61 tabline=' '*i+'+-'+str(protocol.__class__)
62 out+="%s"%tabline+'\n'
63 protocol=protocol.child()
64 i+=1
65 return out
67class EthDecoder(Decoder):
68 def __init__(self):
69 pass
71 def decode(self, aBuffer):
72 e = ImpactPacket.Ethernet(aBuffer)
73 self.set_decoded_protocol( e )
74 off = e.get_header_size()
75 if e.get_ether_type() == ImpactPacket.IP.ethertype:
76 self.ip_decoder = IPDecoder()
77 packet = self.ip_decoder.decode(aBuffer[off:])
78 elif e.get_ether_type() == IP6.IP6.ethertype:
79 self.ip6_decoder = IP6Decoder()
80 packet = self.ip6_decoder.decode(aBuffer[off:])
81 elif e.get_ether_type() == ImpactPacket.ARP.ethertype:
82 self.arp_decoder = ARPDecoder()
83 packet = self.arp_decoder.decode(aBuffer[off:])
84 elif e.get_ether_type() == eap.DOT1X_AUTHENTICATION:
85 self.eapol_decoder = EAPOLDecoder()
86 packet = self.eapol_decoder.decode(aBuffer[off:])
87 # LLC ?
88 elif e.get_ether_type() < 1500:
89 self.llc_decoder = LLCDecoder()
90 packet = self.llc_decoder.decode(aBuffer[off:])
91 else:
92 self.data_decoder = DataDecoder()
93 packet = self.data_decoder.decode(aBuffer[off:])
95 e.contains(packet)
96 return e
98# Linux "cooked" capture encapsulation.
99# Used, for instance, for packets returned by the "any" interface.
100class LinuxSLLDecoder(Decoder):
101 def __init__(self):
102 pass
104 def decode(self, aBuffer):
105 e = ImpactPacket.LinuxSLL(aBuffer)
106 self.set_decoded_protocol( e )
107 off = 16
108 if e.get_ether_type() == ImpactPacket.IP.ethertype:
109 self.ip_decoder = IPDecoder()
110 packet = self.ip_decoder.decode(aBuffer[off:])
111 elif e.get_ether_type() == ImpactPacket.ARP.ethertype:
112 self.arp_decoder = ARPDecoder()
113 packet = self.arp_decoder.decode(aBuffer[off:])
114 elif e.get_ether_type() == eap.DOT1X_AUTHENTICATION:
115 self.eapol_decoder = EAPOLDecoder()
116 packet = self.eapol_decoder.decode(aBuffer[off:])
117 else:
118 self.data_decoder = DataDecoder()
119 packet = self.data_decoder.decode(aBuffer[off:])
121 e.contains(packet)
122 return e
124class IPDecoder(Decoder):
125 def __init__(self):
126 pass
128 def decode(self, aBuffer):
129 i = ImpactPacket.IP(aBuffer)
130 self.set_decoded_protocol ( i )
131 off = i.get_header_size()
132 end = i.get_ip_len()
133 # If ip_len == 0 we might be facing TCP segmentation offload, let's calculate the right len
134 if end == 0: 134 ↛ 135line 134 didn't jump to line 135, because the condition on line 134 was never true
135 LOG.warning('IP len reported as 0, most probably because of TCP segmentation offload. Attempting to fix its size')
136 i.set_ip_len(len(aBuffer))
137 end = i.get_ip_len()
139 if i.get_ip_p() == ImpactPacket.UDP.protocol: 139 ↛ 140line 139 didn't jump to line 140, because the condition on line 139 was never true
140 self.udp_decoder = UDPDecoder()
141 packet = self.udp_decoder.decode(aBuffer[off:end])
142 elif i.get_ip_p() == ImpactPacket.TCP.protocol: 142 ↛ 143line 142 didn't jump to line 143, because the condition on line 142 was never true
143 self.tcp_decoder = TCPDecoder()
144 packet = self.tcp_decoder.decode(aBuffer[off:end])
145 elif i.get_ip_p() == ImpactPacket.ICMP.protocol: 145 ↛ 148line 145 didn't jump to line 148, because the condition on line 145 was never false
146 self.icmp_decoder = ICMPDecoder()
147 packet = self.icmp_decoder.decode(aBuffer[off:end])
148 elif i.get_ip_p() == ImpactPacket.IGMP.protocol:
149 self.igmp_decoder = IGMPDecoder()
150 packet = self.igmp_decoder.decode(aBuffer[off:end])
151 else:
152 self.data_decoder = DataDecoder()
153 packet = self.data_decoder.decode(aBuffer[off:end])
154 i.contains(packet)
155 return i
157class IP6MultiProtocolDecoder(Decoder):
158 def __init__(self, a_protocol_id):
159 self.protocol_id = a_protocol_id
161 def decode(self, buffer):
162 if self.protocol_id == ImpactPacket.UDP.protocol:
163 self.udp_decoder = UDPDecoder()
164 packet = self.udp_decoder.decode(buffer)
165 elif self.protocol_id == ImpactPacket.TCP.protocol: 165 ↛ 166line 165 didn't jump to line 166, because the condition on line 165 was never true
166 self.tcp_decoder = TCPDecoder()
167 packet = self.tcp_decoder.decode(buffer)
168 elif self.protocol_id == ICMP6.ICMP6.protocol:
169 self.icmp6_decoder = ICMP6Decoder()
170 packet = self.icmp6_decoder.decode(buffer)
171 else:
172 # IPv6 Extension Headers lookup
173 extension_headers = IP6_Extension_Headers.IP6_Extension_Header.get_extension_headers()
174 if buffer and self.protocol_id in extension_headers:
175 extension_header_decoder_class = extension_headers[self.protocol_id].get_decoder()
176 self.extension_header_decoder = extension_header_decoder_class()
177 packet = self.extension_header_decoder.decode(buffer)
178 else:
179 self.data_decoder = DataDecoder()
180 packet = self.data_decoder.decode(buffer)
182 return packet
184class IP6Decoder(Decoder):
185 def __init__(self):
186 pass
188 def decode(self, buffer):
189 ip6_packet = IP6.IP6(buffer)
190 self.set_decoded_protocol(ip6_packet)
191 start_pos = ip6_packet.get_header_size()
192 end_pos = ip6_packet.get_payload_length() + start_pos
193 contained_protocol = ip6_packet.get_next_header()
195 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
196 child_packet = multi_protocol_decoder.decode(buffer[start_pos:end_pos])
198 ip6_packet.contains(child_packet)
199 return ip6_packet
201class HopByHopDecoder(Decoder):
202 def __init__(self):
203 pass
205 def decode(self, buffer):
206 hop_by_hop = IP6_Extension_Headers.Hop_By_Hop(buffer)
207 self.set_decoded_protocol(hop_by_hop)
208 start_pos = hop_by_hop.get_header_size()
209 contained_protocol = hop_by_hop.get_next_header()
211 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
212 child_packet = multi_protocol_decoder.decode(buffer[start_pos:])
214 hop_by_hop.contains(child_packet)
215 return hop_by_hop
217class DestinationOptionsDecoder(Decoder):
218 def __init__(self):
219 pass
221 def decode(self, buffer):
222 destination_options = IP6_Extension_Headers.Destination_Options(buffer)
223 self.set_decoded_protocol(destination_options)
224 start_pos = destination_options.get_header_size()
225 contained_protocol = destination_options.get_next_header()
227 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
228 child_packet = multi_protocol_decoder.decode(buffer[start_pos:])
230 destination_options.contains(child_packet)
231 return destination_options
233class RoutingOptionsDecoder(Decoder):
234 def __init__(self):
235 pass
237 def decode(self, buffer):
238 routing_options = IP6_Extension_Headers.Routing_Options(buffer)
239 self.set_decoded_protocol(routing_options)
240 start_pos = routing_options.get_header_size()
241 contained_protocol = routing_options.get_next_header()
243 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
244 child_packet = multi_protocol_decoder.decode(buffer[start_pos:])
246 routing_options.contains(child_packet)
247 return routing_options
249class ICMP6Decoder(Decoder):
250 def __init__(self):
251 pass
253 def decode(self, buffer):
254 icmp6_packet = ICMP6.ICMP6(buffer)
255 self.set_decoded_protocol(icmp6_packet)
256 start_pos = icmp6_packet.get_header_size()
258 self.data_decoder = DataDecoder()
259 child_packet = self.data_decoder.decode(buffer[start_pos:])
260 icmp6_packet.contains(child_packet)
261 return icmp6_packet
264class ARPDecoder(Decoder):
265 def __init__(self):
266 pass
268 def decode(self, aBuffer):
269 arp = ImpactPacket.ARP(aBuffer)
270 self.set_decoded_protocol( arp )
271 off = arp.get_header_size()
272 self.data_decoder = DataDecoder()
273 packet = self.data_decoder.decode(aBuffer[off:])
274 arp.contains(packet)
275 return arp
277class UDPDecoder(Decoder):
278 def __init__(self):
279 pass
281 def decode(self, aBuffer):
282 u = ImpactPacket.UDP(aBuffer)
283 self.set_decoded_protocol( u )
284 off = u.get_header_size()
285 self.data_decoder = DataDecoder()
286 packet = self.data_decoder.decode(aBuffer[off:])
287 u.contains(packet)
288 return u
290class TCPDecoder(Decoder):
291 def __init__(self):
292 pass
294 def decode(self, aBuffer):
295 t = ImpactPacket.TCP(aBuffer)
296 self.set_decoded_protocol( t )
297 off = t.get_header_size()
298 self.data_decoder = DataDecoder()
299 packet = self.data_decoder.decode(aBuffer[off:])
300 t.contains(packet)
301 return t
303class IGMPDecoder(Decoder):
304 def __init__(self):
305 pass
306 def decode(self, aBuffer):
307 ig = ImpactPacket.IGMP(aBuffer)
308 off = ig.get_header_size()
309 self.data_decoder = DataDecoder()
310 packet = self.data_decoder.decode(aBuffer[off:])
311 ig.contains(packet)
312 return ig
315class IPDecoderForICMP(Decoder):
316 """This class was added to parse the IP header of ICMP unreachables packets
317 If you use the "standard" IPDecoder, it might crash (see bug #4870) ImpactPacket.py
318 because the TCP header inside the IP header is incomplete"""
319 def __init__(self):
320 pass
322 def decode(self, aBuffer):
323 i = ImpactPacket.IP(aBuffer)
324 self.set_decoded_protocol( i )
325 off = i.get_header_size()
326 if i.get_ip_p() == ImpactPacket.UDP.protocol:
327 self.udp_decoder = UDPDecoder()
328 packet = self.udp_decoder.decode(aBuffer[off:])
329 else:
330 self.data_decoder = DataDecoder()
331 packet = self.data_decoder.decode(aBuffer[off:])
332 i.contains(packet)
333 return i
335class ICMPDecoder(Decoder):
336 def __init__(self):
337 pass
339 def decode(self, aBuffer):
340 ic = ImpactPacket.ICMP(aBuffer)
341 self.set_decoded_protocol( ic )
342 off = ic.get_header_size()
343 if ic.get_icmp_type() == ImpactPacket.ICMP.ICMP_UNREACH: 343 ↛ 344line 343 didn't jump to line 344, because the condition on line 343 was never true
344 self.ip_decoder = IPDecoderForICMP()
345 packet = self.ip_decoder.decode(aBuffer[off:])
346 else:
347 self.data_decoder = DataDecoder()
348 packet = self.data_decoder.decode(aBuffer[off:])
349 ic.contains(packet)
350 return ic
352class DataDecoder(Decoder):
353 def decode(self, aBuffer):
354 d = ImpactPacket.Data(aBuffer)
355 self.set_decoded_protocol( d )
356 return d
358class BaseDot11Decoder(Decoder):
359 def __init__(self, key_manager=None):
360 self.set_key_manager(key_manager)
362 def set_key_manager(self, key_manager):
363 self.key_manager = key_manager
365 def find_key(self, bssid):
366 try:
367 key = self.key_manager.get_key(bssid)
368 except:
369 return False
370 return key
372class RadioTapDecoder(BaseDot11Decoder):
373 def __init__(self):
374 BaseDot11Decoder.__init__(self)
376 def decode(self, aBuffer):
377 rt = dot11.RadioTap(aBuffer)
378 self.set_decoded_protocol( rt )
380 self.do11_decoder = Dot11Decoder()
381 self.do11_decoder.set_key_manager(self.key_manager)
382 flags=rt.get_flags()
383 if flags is not None: 383 ↛ 387line 383 didn't jump to line 387, because the condition on line 383 was never false
384 fcs=flags&dot11.RadioTap.RTF_FLAGS.PROPERTY_FCS_AT_END
385 self.do11_decoder.FCS_at_end(fcs)
387 packet = self.do11_decoder.decode(rt.get_body_as_string())
389 rt.contains(packet)
390 return rt
392class Dot11Decoder(BaseDot11Decoder):
393 def __init__(self):
394 BaseDot11Decoder.__init__(self)
395 self.__FCS_at_end = True
397 def FCS_at_end(self, fcs_at_end=True):
398 self.__FCS_at_end=not not fcs_at_end
400 def decode(self, aBuffer):
401 d = dot11.Dot11(aBuffer, self.__FCS_at_end)
402 self.set_decoded_protocol( d )
404 type = d.get_type()
405 if type == dot11.Dot11Types.DOT11_TYPE_CONTROL: 405 ↛ 406line 405 didn't jump to line 406, because the condition on line 405 was never true
406 dot11_control_decoder = Dot11ControlDecoder()
407 packet = dot11_control_decoder.decode(d.body_string)
408 elif type == dot11.Dot11Types.DOT11_TYPE_DATA:
409 dot11_data_decoder = Dot11DataDecoder(self.key_manager)
411 dot11_data_decoder.set_dot11_hdr(d)
413 packet = dot11_data_decoder.decode(d.body_string)
414 elif type == dot11.Dot11Types.DOT11_TYPE_MANAGEMENT: 414 ↛ 419line 414 didn't jump to line 419, because the condition on line 414 was never false
415 dot11_management_decoder = Dot11ManagementDecoder()
416 dot11_management_decoder.set_subtype(d.get_subtype())
417 packet = dot11_management_decoder.decode(d.body_string)
418 else:
419 data_decoder = DataDecoder()
420 packet = data_decoder.decode(d.body_string)
422 d.contains(packet)
423 return d
425class Dot11ControlDecoder(BaseDot11Decoder):
426 def __init__(self):
427 BaseDot11Decoder.__init__(self)
428 self.__FCS_at_end = True
430 def FCS_at_end(self, fcs_at_end=True):
431 self.__FCS_at_end=not not fcs_at_end
433 def decode(self, aBuffer):
434 d = dot11.Dot11(aBuffer, self.__FCS_at_end)
435 self.set_decoded_protocol(d)
437 self.subtype = d.get_subtype()
438 if self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CLEAR_TO_SEND:
439 self.ctrl_cts_decoder = Dot11ControlFrameCTSDecoder()
440 packet = self.ctrl_cts_decoder.decode(d.body_string)
441 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_ACKNOWLEDGMENT:
442 self.ctrl_ack_decoder = Dot11ControlFrameACKDecoder()
443 packet = self.ctrl_ack_decoder.decode(d.body_string)
444 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_REQUEST_TO_SEND:
445 self.ctrl_rts_decoder = Dot11ControlFrameRTSDecoder()
446 packet = self.ctrl_rts_decoder.decode(d.body_string)
447 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_POWERSAVE_POLL:
448 self.ctrl_pspoll_decoder = Dot11ControlFramePSPollDecoder()
449 packet = self.ctrl_pspoll_decoder.decode(d.body_string)
450 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CF_END:
451 self.ctrl_cfend_decoder = Dot11ControlFrameCFEndDecoder()
452 packet = self.ctrl_cfend_decoder.decode(d.body_string)
453 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CF_END_CF_ACK:
454 self.ctrl_cfendcfack_decoder = Dot11ControlFrameCFEndCFACKDecoder()
455 packet = self.ctrl_cfendcfack_decoder.decode(d.body_string)
456 else:
457 data_decoder = DataDecoder()
458 packet = data_decoder.decode(d.body_string)
460 d.contains(packet)
461 return d
463class Dot11ControlFrameCTSDecoder(BaseDot11Decoder):
464 def __init__(self):
465 BaseDot11Decoder.__init__(self)
467 def decode(self, aBuffer):
468 p = dot11.Dot11ControlFrameCTS(aBuffer)
469 self.set_decoded_protocol(p)
470 return p
472class Dot11ControlFrameACKDecoder(BaseDot11Decoder):
473 def __init__(self):
474 BaseDot11Decoder.__init__(self)
476 def decode(self, aBuffer):
477 p = dot11.Dot11ControlFrameACK(aBuffer)
478 self.set_decoded_protocol(p)
479 return p
481class Dot11ControlFrameRTSDecoder(BaseDot11Decoder):
482 def __init__(self):
483 BaseDot11Decoder.__init__(self)
485 def decode(self, aBuffer):
486 p = dot11.Dot11ControlFrameRTS(aBuffer)
487 self.set_decoded_protocol(p)
488 return p
490class Dot11ControlFramePSPollDecoder(BaseDot11Decoder):
491 def __init__(self):
492 BaseDot11Decoder.__init__(self)
494 def decode(self, aBuffer):
495 p = dot11.Dot11ControlFramePSPoll(aBuffer)
496 self.set_decoded_protocol(p)
497 return p
499class Dot11ControlFrameCFEndDecoder(BaseDot11Decoder):
500 def __init__(self):
501 BaseDot11Decoder.__init__(self)
503 def decode(self, aBuffer):
504 p = dot11.Dot11ControlFrameCFEnd(aBuffer)
505 self.set_decoded_protocol(p)
506 return p
507class Dot11ControlFrameCFEndCFACKDecoder(BaseDot11Decoder):
508 def __init__(self):
509 BaseDot11Decoder.__init__(self)
511 def decode(self, aBuffer):
512 p = dot11.Dot11ControlFrameCFEndCFACK(aBuffer)
513 self.set_decoded_protocol(p)
514 return p
516class Dot11DataDecoder(BaseDot11Decoder):
517 def __init__(self, key_manager):
518 BaseDot11Decoder.__init__(self, key_manager)
520 def set_dot11_hdr(self, dot11_obj):
521 self.dot11 = dot11_obj
523 def decode(self, aBuffer):
524 if self.dot11.get_fromDS() and self.dot11.get_toDS(): 524 ↛ 525line 524 didn't jump to line 525, because the condition on line 524 was never true
525 if self.dot11.is_QoS_frame():
526 p = dot11.Dot11DataAddr4QoSFrame(aBuffer)
527 else:
528 p = dot11.Dot11DataAddr4Frame(aBuffer)
529 elif self.dot11.is_QoS_frame(): 529 ↛ 530line 529 didn't jump to line 530, because the condition on line 529 was never true
530 p = dot11.Dot11DataQoSFrame(aBuffer)
531 else:
532 p = dot11.Dot11DataFrame(aBuffer)
533 self.set_decoded_protocol( p )
535 if not self.dot11.get_protectedFrame():
536 self.llc_decoder = LLCDecoder()
537 packet = self.llc_decoder.decode(p.body_string)
538 else:
539 if not self.dot11.get_fromDS() and self.dot11.get_toDS(): 539 ↛ 541line 539 didn't jump to line 541, because the condition on line 539 was never false
540 bssid = p.get_address1()
541 elif self.dot11.get_fromDS() and not self.dot11.get_toDS():
542 bssid = p.get_address2()
543 elif not self.dot11.get_fromDS() and not self.dot11.get_toDS():
544 bssid = p.get_address3()
545 else:
546 # WDS, this is the RA
547 bssid = p.get_address1()
549 wep_decoder = Dot11WEPDecoder(self.key_manager)
550 wep_decoder.set_bssid(bssid)
551 packet = wep_decoder.decode(p.body_string)
552 if packet is None: 552 ↛ 553line 552 didn't jump to line 553, because the condition on line 552 was never true
553 wpa_decoder = Dot11WPADecoder()
554 packet = wpa_decoder.decode(p.body_string)
555 if packet is None:
556 wpa2_decoder = Dot11WPA2Decoder()
557 packet = wpa2_decoder.decode(p.body_string)
558 if packet is None:
559 data_decoder = DataDecoder()
560 packet = data_decoder.decode(p.body_string)
562 p.contains(packet)
563 return p
565class Dot11WEPDecoder(BaseDot11Decoder):
566 def __init__(self, key_manager):
567 BaseDot11Decoder.__init__(self, key_manager)
568 self.bssid = None
570 def set_bssid(self, bssid):
571 self.bssid = bssid
573 def decode(self, aBuffer):
574 wep = dot11.Dot11WEP(aBuffer)
575 self.set_decoded_protocol( wep )
577 if wep.is_WEP() is False: 577 ↛ 578line 577 didn't jump to line 578, because the condition on line 577 was never true
578 return None
580 key = self.find_key(self.bssid)
581 if key:
582 decoded_string=wep.get_decrypted_data(key)
584 wep_data = Dot11WEPDataDecoder()
585 packet = wep_data.decode(decoded_string)
586 else:
587 data_decoder = DataDecoder()
588 packet = data_decoder.decode(wep.body_string)
590 wep.contains(packet)
592 return wep
594class Dot11WEPDataDecoder(BaseDot11Decoder):
595 def __init__(self):
596 BaseDot11Decoder.__init__(self)
598 def decode(self, aBuffer):
599 wep_data = dot11.Dot11WEPData(aBuffer)
601 if not wep_data.check_icv():
602 # TODO: Do something when the icv is not correct
603 pass
605 self.set_decoded_protocol( wep_data )
607 llc_decoder = LLCDecoder()
608 packet = llc_decoder.decode(wep_data.body_string)
610 wep_data.contains(packet)
612 return wep_data
615class Dot11WPADecoder(BaseDot11Decoder):
616 def __init__(self):
617 BaseDot11Decoder.__init__(self)
619 def decode(self, aBuffer, key=None):
620 wpa = dot11.Dot11WPA(aBuffer)
621 self.set_decoded_protocol( wpa )
623 if wpa.is_WPA() is False:
624 return None
626 if key:
627 decoded_string=wpa.get_decrypted_data()
629 wpa_data = Dot11WPADataDecoder()
630 packet = wpa_data.decode(decoded_string)
631 else:
632 data_decoder = DataDecoder()
633 packet = data_decoder.decode(wpa.body_string)
635 wpa.contains(packet)
637 return wpa
639class Dot11WPADataDecoder(BaseDot11Decoder):
640 def __init__(self):
641 BaseDot11Decoder.__init__(self)
643 def decode(self, aBuffer):
644 wpa_data = dot11.Dot11WPAData(aBuffer)
645 self.set_decoded_protocol( wpa_data )
647 llc_decoder = LLCDecoder()
648 packet = self.llc_decoder.decode(wpa_data.body_string)
650 wpa_data.contains(packet)
652 return wpa_data
654class Dot11WPA2Decoder(BaseDot11Decoder):
655 def __init__(self):
656 BaseDot11Decoder.__init__(self)
658 def decode(self, aBuffer, key=None):
659 wpa2 = dot11.Dot11WPA2(aBuffer)
660 self.set_decoded_protocol( wpa2 )
662 if wpa2.is_WPA2() is False:
663 return None
665 if key:
666 decoded_string=wpa2.get_decrypted_data()
668 wpa2_data = Dot11WPA2DataDecoder()
669 packet = wpa2_data.decode(decoded_string)
670 else:
671 data_decoder = DataDecoder()
672 packet = data_decoder.decode(wpa2.body_string)
674 wpa2.contains(packet)
676 return wpa2
678class Dot11WPA2DataDecoder(BaseDot11Decoder):
679 def __init__(self):
680 BaseDot11Decoder.__init__(self)
682 def decode(self, aBuffer):
683 wpa2_data = dot11.Dot11WPA2Data(aBuffer)
684 self.set_decoded_protocol( wpa2_data )
686 llc_decoder = LLCDecoder()
687 packet = self.llc_decoder.decode(wpa2_data.body_string)
689 wpa2_data.contains(packet)
691 return wpa2_data
693class LLCDecoder(Decoder):
694 def __init__(self):
695 pass
697 def decode(self, aBuffer):
698 d = dot11.LLC(aBuffer)
699 self.set_decoded_protocol( d )
701 if d.get_DSAP()==dot11.SAPTypes.SNAP: 701 ↛ 710line 701 didn't jump to line 710, because the condition on line 701 was never false
702 if d.get_SSAP()==dot11.SAPTypes.SNAP: 702 ↛ 710line 702 didn't jump to line 710, because the condition on line 702 was never false
703 if d.get_control()==dot11.LLC.DLC_UNNUMBERED_FRAMES: 703 ↛ 710line 703 didn't jump to line 710, because the condition on line 703 was never false
704 snap_decoder = SNAPDecoder()
705 packet = snap_decoder.decode(d.body_string)
706 d.contains(packet)
707 return d
709 # Only SNAP is implemented
710 data_decoder = DataDecoder()
711 packet = data_decoder.decode(d.body_string)
712 d.contains(packet)
713 return d
715class SNAPDecoder(Decoder):
716 def __init__(self):
717 pass
719 def decode(self, aBuffer):
720 s = dot11.SNAP(aBuffer)
721 self.set_decoded_protocol( s )
722 if s.get_OUI()==CDP.OUI and s.get_protoID()==CDP.Type: 722 ↛ 723line 722 didn't jump to line 723, because the condition on line 722 was never true
723 dec = CDPDecoder()
724 packet = dec.decode(s.body_string)
725 elif s.get_OUI()!=0x000000: 725 ↛ 727line 725 didn't jump to line 727, because the condition on line 725 was never true
726 # We don't know how to handle other than OUI=0x000000 (EtherType)
727 self.data_decoder = DataDecoder()
728 packet = self.data_decoder.decode(s.body_string)
729 elif s.get_protoID() == ImpactPacket.IP.ethertype:
730 self.ip_decoder = IPDecoder()
731 packet = self.ip_decoder.decode(s.body_string)
732 elif s.get_protoID() == ImpactPacket.ARP.ethertype: 732 ↛ 735line 732 didn't jump to line 735, because the condition on line 732 was never false
733 self.arp_decoder = ARPDecoder()
734 packet = self.arp_decoder.decode(s.body_string)
735 elif s.get_protoID() == eap.DOT1X_AUTHENTICATION:
736 self.eapol_decoder = EAPOLDecoder()
737 packet = self.eapol_decoder.decode(s.body_string)
738 else:
739 self.data_decoder = DataDecoder()
740 packet = self.data_decoder.decode(s.body_string)
742 s.contains(packet)
743 return s
745class CDPDecoder(Decoder):
747 def __init__(self):
748 pass
750 def decode(self, aBuffer):
751 s = CDP(aBuffer)
752 self.set_decoded_protocol( s )
753 return s
755class Dot11ManagementDecoder(BaseDot11Decoder):
756 def __init__(self):
757 BaseDot11Decoder.__init__(self)
758 self.subtype = None
760 def set_subtype(self, subtype):
761 self.subtype=subtype
763 def decode(self, aBuffer):
764 p = dot11.Dot11ManagementFrame(aBuffer)
765 self.set_decoded_protocol( p )
767 if self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_BEACON:
768 self.mgt_beacon_decoder = Dot11ManagementBeaconDecoder()
769 packet = self.mgt_beacon_decoder.decode(p.body_string)
770 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_PROBE_REQUEST:
771 self.mgt_probe_request_decoder = Dot11ManagementProbeRequestDecoder()
772 packet = self.mgt_probe_request_decoder.decode(p.body_string)
773 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_PROBE_RESPONSE:
774 self.mgt_probe_response_decoder = Dot11ManagementProbeResponseDecoder()
775 packet = self.mgt_probe_response_decoder.decode(p.body_string)
776 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_DEAUTHENTICATION:
777 self.mgt_deauthentication_decoder = Dot11ManagementDeauthenticationDecoder()
778 packet = self.mgt_deauthentication_decoder.decode(p.body_string)
779 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_AUTHENTICATION:
780 self.mgt_Authentication_decoder = Dot11ManagementAuthenticationDecoder()
781 packet = self.mgt_Authentication_decoder.decode(p.body_string)
782 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_DISASSOCIATION:
783 self.mgt_disassociation_decoder = Dot11ManagementDisassociationDecoder()
784 packet = self.mgt_disassociation_decoder.decode(p.body_string)
785 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_ASSOCIATION_REQUEST:
786 self.mgt_association_request_decoder = Dot11ManagementAssociationRequestDecoder()
787 packet = self.mgt_association_request_decoder.decode(p.body_string)
788 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_ASSOCIATION_RESPONSE:
789 self.mgt_association_response_decoder = Dot11ManagementAssociationResponseDecoder()
790 packet = self.mgt_association_response_decoder.decode(p.body_string)
791 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_REASSOCIATION_REQUEST:
792 self.mgt_reassociation_request_decoder = Dot11ManagementReassociationRequestDecoder()
793 packet = self.mgt_reassociation_request_decoder.decode(p.body_string)
794 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_REASSOCIATION_RESPONSE: 794 ↛ 798line 794 didn't jump to line 798, because the condition on line 794 was never false
795 self.mgt_reassociation_response_decoder = Dot11ManagementReassociationResponseDecoder()
796 packet = self.mgt_reassociation_response_decoder.decode(p.body_string)
797 else:
798 data_decoder = DataDecoder()
799 packet = data_decoder.decode(p.body_string)
801 p.contains(packet)
802 return p
804class Dot11ManagementBeaconDecoder(BaseDot11Decoder):
805 def __init__(self):
806 BaseDot11Decoder.__init__(self)
808 def decode(self, aBuffer):
809 p = dot11.Dot11ManagementBeacon(aBuffer)
810 self.set_decoded_protocol( p )
812 return p
814class Dot11ManagementProbeRequestDecoder(BaseDot11Decoder):
815 def __init__(self):
816 BaseDot11Decoder.__init__(self)
818 def decode(self, aBuffer):
819 p = dot11.Dot11ManagementProbeRequest(aBuffer)
820 self.set_decoded_protocol( p )
822 return p
824class Dot11ManagementProbeResponseDecoder(BaseDot11Decoder):
825 def __init__(self):
826 BaseDot11Decoder.__init__(self)
828 def decode(self, aBuffer):
829 p = dot11.Dot11ManagementProbeResponse(aBuffer)
830 self.set_decoded_protocol( p )
832 return p
834class Dot11ManagementDeauthenticationDecoder(BaseDot11Decoder):
835 def __init__(self):
836 BaseDot11Decoder.__init__(self)
838 def decode(self, aBuffer):
839 p = dot11.Dot11ManagementDeauthentication(aBuffer)
840 self.set_decoded_protocol( p )
842 return p
844class Dot11ManagementAuthenticationDecoder(BaseDot11Decoder):
845 def __init__(self):
846 BaseDot11Decoder.__init__(self)
848 def decode(self, aBuffer):
849 p = dot11.Dot11ManagementAuthentication(aBuffer)
850 self.set_decoded_protocol(p)
852 return p
854class Dot11ManagementDisassociationDecoder(BaseDot11Decoder):
855 def __init__(self):
856 BaseDot11Decoder.__init__(self)
858 def decode(self, aBuffer):
859 p = dot11.Dot11ManagementDisassociation(aBuffer)
860 self.set_decoded_protocol(p)
862 return p
864class Dot11ManagementAssociationRequestDecoder(BaseDot11Decoder):
865 def __init__(self):
866 BaseDot11Decoder.__init__(self)
868 def decode(self, aBuffer):
869 p = dot11.Dot11ManagementAssociationRequest(aBuffer)
870 self.set_decoded_protocol(p)
872 return p
874class Dot11ManagementAssociationResponseDecoder(BaseDot11Decoder):
875 def __init__(self):
876 BaseDot11Decoder.__init__(self)
878 def decode(self, aBuffer):
879 p = dot11.Dot11ManagementAssociationResponse(aBuffer)
880 self.set_decoded_protocol(p)
882 return p
884class Dot11ManagementReassociationRequestDecoder(BaseDot11Decoder):
885 def __init__(self):
886 BaseDot11Decoder.__init__(self)
888 def decode(self, aBuffer):
889 p = dot11.Dot11ManagementReassociationRequest(aBuffer)
890 self.set_decoded_protocol(p)
892 return p
894class Dot11ManagementReassociationResponseDecoder(BaseDot11Decoder):
895 def __init__(self):
896 BaseDot11Decoder.__init__(self)
898 def decode(self, aBuffer):
899 p = dot11.Dot11ManagementReassociationResponse(aBuffer)
900 self.set_decoded_protocol(p)
902 return p
904class BaseDecoder(Decoder):
906 def decode(self, buff):
908 packet = self.klass(buff)
909 self.set_decoded_protocol(packet)
910 cd = self.child_decoders.get(self.child_key(packet), DataDecoder())
911 packet.contains(cd.decode(packet.get_body_as_string()))
912 return packet
914class SimpleConfigDecoder(BaseDecoder):
916 child_decoders = {}
917 klass = wps.SimpleConfig
918 child_key = lambda s,p: None 918 ↛ exitline 918 didn't run the lambda on line 918
920 def decode(self, buff):
921 sc = BaseDecoder.decode(self, buff)
922 ary = array.array('B', sc.child().get_packet())
923 sc.unlink_child()
924 tlv = wps.SimpleConfig.build_tlv_container()
925 tlv.from_ary(ary)
926 sc.contains(tlv)
928 return sc
930class EAPExpandedDecoder(BaseDecoder):
931 child_decoders = {
932 (eap.EAPExpanded.WFA_SMI, eap.EAPExpanded.SIMPLE_CONFIG): SimpleConfigDecoder(),
933 }
934 klass = eap.EAPExpanded
935 child_key = lambda s,p: (p.get_vendor_id(), p.get_vendor_type()) 935 ↛ exitline 935 didn't run the lambda on line 935
937class EAPRDecoder(BaseDecoder):
938 child_decoders = {
939 eap.EAPR.EXPANDED:EAPExpandedDecoder()
940 }
941 klass = eap.EAPR
942 child_key = lambda s, p: p.get_type() 942 ↛ exitline 942 didn't run the lambda on line 942
944class EAPDecoder(BaseDecoder):
945 child_decoders = {
946 eap.EAP.REQUEST: EAPRDecoder(),
947 eap.EAP.RESPONSE: EAPRDecoder(),
948 }
949 klass = eap.EAP
950 child_key = lambda s, p: p.get_code() 950 ↛ exitline 950 didn't run the lambda on line 950
952class EAPOLDecoder(BaseDecoder):
953 child_decoders = {
954 eap.EAPOL.EAP_PACKET: EAPDecoder()
955 }
956 klass = eap.EAPOL
957 child_key = lambda s, p: p.get_packet_type() 957 ↛ exitline 957 didn't run the lambda on line 957
959class BootpDecoder(Decoder):
960 def __init__(self):
961 pass
963 def decode(self, aBuffer):
964 d = dhcp.BootpPacket(aBuffer)
965 self.set_decoded_protocol( d )
966 off = len(d.getData())
967 if dhcp.DhcpPacket(aBuffer[off:])['cookie'] == dhcp.DhcpPacket.MAGIC_NUMBER:
968 self.data_decoder = DHCPDecoder()
969 packet = self.data_decoder.decode(aBuffer[off:])
970 d.contains(packet)
971 return d
973class DHCPDecoder(Decoder):
974 def __init__(self):
975 pass
977 def decode(self, aBuffer):
978 d = dhcp.DhcpPacket(aBuffer)
979 self.set_decoded_protocol( d )
980 return d