Coverage for /root/GitHubProjects/impacket/impacket/ImpactDecoder.py : 62%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# SECUREAUTH LABS. Copyright 2018 SecureAuth Corporation. All rights reserved.
2#
3# This software is provided under under a slightly modified version
4# of the Apache Software License. See the accompanying LICENSE file
5# for more information.
6#
7# Description:
8# Convenience packet unpackers for various network protocols
9# implemented in the ImpactPacket module.
10#
11# Author:
12# Javier Burroni (javier)
13# Bruce Leidl (brl)
14# Aureliano Calvo
16import array
18from impacket import ICMP6
19from impacket import IP6
20from impacket import IP6_Extension_Headers
21from impacket import ImpactPacket
22from impacket import LOG
23from impacket import dot11
24from impacket import wps, eap, dhcp
25from impacket.cdp import CDP
27"""Classes to convert from raw packets into a hierarchy of
28ImpactPacket derived objects.
30The protocol of the outermost layer must be known in advance, and the
31packet must be fed to the corresponding decoder. From there it will
32try to decode the raw data into a hierarchy of ImpactPacket derived
33objects; if a layer's protocol is unknown, all the remaining data will
34be wrapped into a ImpactPacket.Data object.
35"""
37class Decoder:
38 __decoded_protocol = None
39 def decode(self, aBuffer):
40 pass
42 def set_decoded_protocol(self, protocol):
43 self.__decoded_protocol = protocol
45 def get_protocol(self, aprotocol):
46 protocol = self.__decoded_protocol
47 while protocol:
48 if protocol.__class__ == aprotocol:
49 break
50 protocol=protocol.child()
51 return protocol
53 def __str__(self):
54 protocol = self.__decoded_protocol
55 i=0
56 out=''
57 while protocol:
58 tabline=' '*i+'+-'+str(protocol.__class__)
59 out+="%s"%tabline+'\n'
60 protocol=protocol.child()
61 i+=1
62 return out
64class EthDecoder(Decoder):
65 def __init__(self):
66 pass
68 def decode(self, aBuffer):
69 e = ImpactPacket.Ethernet(aBuffer)
70 self.set_decoded_protocol( e )
71 off = e.get_header_size()
72 if e.get_ether_type() == ImpactPacket.IP.ethertype:
73 self.ip_decoder = IPDecoder()
74 packet = self.ip_decoder.decode(aBuffer[off:])
75 elif e.get_ether_type() == IP6.IP6.ethertype:
76 self.ip6_decoder = IP6Decoder()
77 packet = self.ip6_decoder.decode(aBuffer[off:])
78 elif e.get_ether_type() == ImpactPacket.ARP.ethertype:
79 self.arp_decoder = ARPDecoder()
80 packet = self.arp_decoder.decode(aBuffer[off:])
81 elif e.get_ether_type() == eap.DOT1X_AUTHENTICATION:
82 self.eapol_decoder = EAPOLDecoder()
83 packet = self.eapol_decoder.decode(aBuffer[off:])
84 # LLC ?
85 elif e.get_ether_type() < 1500:
86 self.llc_decoder = LLCDecoder()
87 packet = self.llc_decoder.decode(aBuffer[off:])
88 else:
89 self.data_decoder = DataDecoder()
90 packet = self.data_decoder.decode(aBuffer[off:])
92 e.contains(packet)
93 return e
95# Linux "cooked" capture encapsulation.
96# Used, for instance, for packets returned by the "any" interface.
97class LinuxSLLDecoder(Decoder):
98 def __init__(self):
99 pass
101 def decode(self, aBuffer):
102 e = ImpactPacket.LinuxSLL(aBuffer)
103 self.set_decoded_protocol( e )
104 off = 16
105 if e.get_ether_type() == ImpactPacket.IP.ethertype:
106 self.ip_decoder = IPDecoder()
107 packet = self.ip_decoder.decode(aBuffer[off:])
108 elif e.get_ether_type() == ImpactPacket.ARP.ethertype:
109 self.arp_decoder = ARPDecoder()
110 packet = self.arp_decoder.decode(aBuffer[off:])
111 elif e.get_ether_type() == eap.DOT1X_AUTHENTICATION:
112 self.eapol_decoder = EAPOLDecoder()
113 packet = self.eapol_decoder.decode(aBuffer[off:])
114 else:
115 self.data_decoder = DataDecoder()
116 packet = self.data_decoder.decode(aBuffer[off:])
118 e.contains(packet)
119 return e
121class IPDecoder(Decoder):
122 def __init__(self):
123 pass
125 def decode(self, aBuffer):
126 i = ImpactPacket.IP(aBuffer)
127 self.set_decoded_protocol ( i )
128 off = i.get_header_size()
129 end = i.get_ip_len()
130 # If ip_len == 0 we might be facing TCP segmentation offload, let's calculate the right len
131 if end == 0: 131 ↛ 132line 131 didn't jump to line 132, because the condition on line 131 was never true
132 LOG.warning('IP len reported as 0, most probably because of TCP segmentation offload. Attempting to fix its size')
133 i.set_ip_len(len(aBuffer))
134 end = i.get_ip_len()
136 if i.get_ip_p() == ImpactPacket.UDP.protocol: 136 ↛ 137line 136 didn't jump to line 137, because the condition on line 136 was never true
137 self.udp_decoder = UDPDecoder()
138 packet = self.udp_decoder.decode(aBuffer[off:end])
139 elif i.get_ip_p() == ImpactPacket.TCP.protocol: 139 ↛ 140line 139 didn't jump to line 140, because the condition on line 139 was never true
140 self.tcp_decoder = TCPDecoder()
141 packet = self.tcp_decoder.decode(aBuffer[off:end])
142 elif i.get_ip_p() == ImpactPacket.ICMP.protocol: 142 ↛ 145line 142 didn't jump to line 145, because the condition on line 142 was never false
143 self.icmp_decoder = ICMPDecoder()
144 packet = self.icmp_decoder.decode(aBuffer[off:end])
145 elif i.get_ip_p() == ImpactPacket.IGMP.protocol:
146 self.igmp_decoder = IGMPDecoder()
147 packet = self.igmp_decoder.decode(aBuffer[off:end])
148 else:
149 self.data_decoder = DataDecoder()
150 packet = self.data_decoder.decode(aBuffer[off:end])
151 i.contains(packet)
152 return i
154class IP6MultiProtocolDecoder(Decoder):
155 def __init__(self, a_protocol_id):
156 self.protocol_id = a_protocol_id
158 def decode(self, buffer):
159 if self.protocol_id == ImpactPacket.UDP.protocol:
160 self.udp_decoder = UDPDecoder()
161 packet = self.udp_decoder.decode(buffer)
162 elif self.protocol_id == ImpactPacket.TCP.protocol: 162 ↛ 163line 162 didn't jump to line 163, because the condition on line 162 was never true
163 self.tcp_decoder = TCPDecoder()
164 packet = self.tcp_decoder.decode(buffer)
165 elif self.protocol_id == ICMP6.ICMP6.protocol:
166 self.icmp6_decoder = ICMP6Decoder()
167 packet = self.icmp6_decoder.decode(buffer)
168 else:
169 # IPv6 Extension Headers lookup
170 extension_headers = IP6_Extension_Headers.IP6_Extension_Header.get_extension_headers()
171 if buffer and self.protocol_id in extension_headers:
172 extension_header_decoder_class = extension_headers[self.protocol_id].get_decoder()
173 self.extension_header_decoder = extension_header_decoder_class()
174 packet = self.extension_header_decoder.decode(buffer)
175 else:
176 self.data_decoder = DataDecoder()
177 packet = self.data_decoder.decode(buffer)
179 return packet
181class IP6Decoder(Decoder):
182 def __init__(self):
183 pass
185 def decode(self, buffer):
186 ip6_packet = IP6.IP6(buffer)
187 self.set_decoded_protocol(ip6_packet)
188 start_pos = ip6_packet.get_header_size()
189 end_pos = ip6_packet.get_payload_length() + start_pos
190 contained_protocol = ip6_packet.get_next_header()
192 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
193 child_packet = multi_protocol_decoder.decode(buffer[start_pos:end_pos])
195 ip6_packet.contains(child_packet)
196 return ip6_packet
198class HopByHopDecoder(Decoder):
199 def __init__(self):
200 pass
202 def decode(self, buffer):
203 hop_by_hop = IP6_Extension_Headers.Hop_By_Hop(buffer)
204 self.set_decoded_protocol(hop_by_hop)
205 start_pos = hop_by_hop.get_header_size()
206 contained_protocol = hop_by_hop.get_next_header()
208 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
209 child_packet = multi_protocol_decoder.decode(buffer[start_pos:])
211 hop_by_hop.contains(child_packet)
212 return hop_by_hop
214class DestinationOptionsDecoder(Decoder):
215 def __init__(self):
216 pass
218 def decode(self, buffer):
219 destination_options = IP6_Extension_Headers.Destination_Options(buffer)
220 self.set_decoded_protocol(destination_options)
221 start_pos = destination_options.get_header_size()
222 contained_protocol = destination_options.get_next_header()
224 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
225 child_packet = multi_protocol_decoder.decode(buffer[start_pos:])
227 destination_options.contains(child_packet)
228 return destination_options
230class RoutingOptionsDecoder(Decoder):
231 def __init__(self):
232 pass
234 def decode(self, buffer):
235 routing_options = IP6_Extension_Headers.Routing_Options(buffer)
236 self.set_decoded_protocol(routing_options)
237 start_pos = routing_options.get_header_size()
238 contained_protocol = routing_options.get_next_header()
240 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol)
241 child_packet = multi_protocol_decoder.decode(buffer[start_pos:])
243 routing_options.contains(child_packet)
244 return routing_options
246class ICMP6Decoder(Decoder):
247 def __init__(self):
248 pass
250 def decode(self, buffer):
251 icmp6_packet = ICMP6.ICMP6(buffer)
252 self.set_decoded_protocol(icmp6_packet)
253 start_pos = icmp6_packet.get_header_size()
255 self.data_decoder = DataDecoder()
256 child_packet = self.data_decoder.decode(buffer[start_pos:])
257 icmp6_packet.contains(child_packet)
258 return icmp6_packet
261class ARPDecoder(Decoder):
262 def __init__(self):
263 pass
265 def decode(self, aBuffer):
266 arp = ImpactPacket.ARP(aBuffer)
267 self.set_decoded_protocol( arp )
268 off = arp.get_header_size()
269 self.data_decoder = DataDecoder()
270 packet = self.data_decoder.decode(aBuffer[off:])
271 arp.contains(packet)
272 return arp
274class UDPDecoder(Decoder):
275 def __init__(self):
276 pass
278 def decode(self, aBuffer):
279 u = ImpactPacket.UDP(aBuffer)
280 self.set_decoded_protocol( u )
281 off = u.get_header_size()
282 self.data_decoder = DataDecoder()
283 packet = self.data_decoder.decode(aBuffer[off:])
284 u.contains(packet)
285 return u
287class TCPDecoder(Decoder):
288 def __init__(self):
289 pass
291 def decode(self, aBuffer):
292 t = ImpactPacket.TCP(aBuffer)
293 self.set_decoded_protocol( t )
294 off = t.get_header_size()
295 self.data_decoder = DataDecoder()
296 packet = self.data_decoder.decode(aBuffer[off:])
297 t.contains(packet)
298 return t
300class IGMPDecoder(Decoder):
301 def __init__(self):
302 pass
303 def decode(self, aBuffer):
304 ig = ImpactPacket.IGMP(aBuffer)
305 off = ig.get_header_size()
306 self.data_decoder = DataDecoder()
307 packet = self.data_decoder.decode(aBuffer[off:])
308 ig.contains(packet)
309 return ig
312class IPDecoderForICMP(Decoder):
313 """This class was added to parse the IP header of ICMP unreachables packets
314 If you use the "standard" IPDecoder, it might crash (see bug #4870) ImpactPacket.py
315 because the TCP header inside the IP header is incomplete"""
316 def __init__(self):
317 pass
319 def decode(self, aBuffer):
320 i = ImpactPacket.IP(aBuffer)
321 self.set_decoded_protocol( i )
322 off = i.get_header_size()
323 if i.get_ip_p() == ImpactPacket.UDP.protocol:
324 self.udp_decoder = UDPDecoder()
325 packet = self.udp_decoder.decode(aBuffer[off:])
326 else:
327 self.data_decoder = DataDecoder()
328 packet = self.data_decoder.decode(aBuffer[off:])
329 i.contains(packet)
330 return i
332class ICMPDecoder(Decoder):
333 def __init__(self):
334 pass
336 def decode(self, aBuffer):
337 ic = ImpactPacket.ICMP(aBuffer)
338 self.set_decoded_protocol( ic )
339 off = ic.get_header_size()
340 if ic.get_icmp_type() == ImpactPacket.ICMP.ICMP_UNREACH: 340 ↛ 341line 340 didn't jump to line 341, because the condition on line 340 was never true
341 self.ip_decoder = IPDecoderForICMP()
342 packet = self.ip_decoder.decode(aBuffer[off:])
343 else:
344 self.data_decoder = DataDecoder()
345 packet = self.data_decoder.decode(aBuffer[off:])
346 ic.contains(packet)
347 return ic
349class DataDecoder(Decoder):
350 def decode(self, aBuffer):
351 d = ImpactPacket.Data(aBuffer)
352 self.set_decoded_protocol( d )
353 return d
355class BaseDot11Decoder(Decoder):
356 def __init__(self, key_manager=None):
357 self.set_key_manager(key_manager)
359 def set_key_manager(self, key_manager):
360 self.key_manager = key_manager
362 def find_key(self, bssid):
363 try:
364 key = self.key_manager.get_key(bssid)
365 except:
366 return False
367 return key
369class RadioTapDecoder(BaseDot11Decoder):
370 def __init__(self):
371 BaseDot11Decoder.__init__(self)
373 def decode(self, aBuffer):
374 rt = dot11.RadioTap(aBuffer)
375 self.set_decoded_protocol( rt )
377 self.do11_decoder = Dot11Decoder()
378 self.do11_decoder.set_key_manager(self.key_manager)
379 flags=rt.get_flags()
380 if flags is not None: 380 ↛ 384line 380 didn't jump to line 384, because the condition on line 380 was never false
381 fcs=flags&dot11.RadioTap.RTF_FLAGS.PROPERTY_FCS_AT_END
382 self.do11_decoder.FCS_at_end(fcs)
384 packet = self.do11_decoder.decode(rt.get_body_as_string())
386 rt.contains(packet)
387 return rt
389class Dot11Decoder(BaseDot11Decoder):
390 def __init__(self):
391 BaseDot11Decoder.__init__(self)
392 self.__FCS_at_end = True
394 def FCS_at_end(self, fcs_at_end=True):
395 self.__FCS_at_end=not not fcs_at_end
397 def decode(self, aBuffer):
398 d = dot11.Dot11(aBuffer, self.__FCS_at_end)
399 self.set_decoded_protocol( d )
401 type = d.get_type()
402 if type == dot11.Dot11Types.DOT11_TYPE_CONTROL: 402 ↛ 403line 402 didn't jump to line 403, because the condition on line 402 was never true
403 dot11_control_decoder = Dot11ControlDecoder()
404 packet = dot11_control_decoder.decode(d.body_string)
405 elif type == dot11.Dot11Types.DOT11_TYPE_DATA:
406 dot11_data_decoder = Dot11DataDecoder(self.key_manager)
408 dot11_data_decoder.set_dot11_hdr(d)
410 packet = dot11_data_decoder.decode(d.body_string)
411 elif type == dot11.Dot11Types.DOT11_TYPE_MANAGEMENT: 411 ↛ 416line 411 didn't jump to line 416, because the condition on line 411 was never false
412 dot11_management_decoder = Dot11ManagementDecoder()
413 dot11_management_decoder.set_subtype(d.get_subtype())
414 packet = dot11_management_decoder.decode(d.body_string)
415 else:
416 data_decoder = DataDecoder()
417 packet = data_decoder.decode(d.body_string)
419 d.contains(packet)
420 return d
422class Dot11ControlDecoder(BaseDot11Decoder):
423 def __init__(self):
424 BaseDot11Decoder.__init__(self)
425 self.__FCS_at_end = True
427 def FCS_at_end(self, fcs_at_end=True):
428 self.__FCS_at_end=not not fcs_at_end
430 def decode(self, aBuffer):
431 d = dot11.Dot11(aBuffer, self.__FCS_at_end)
432 self.set_decoded_protocol(d)
434 self.subtype = d.get_subtype()
435 if self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CLEAR_TO_SEND:
436 self.ctrl_cts_decoder = Dot11ControlFrameCTSDecoder()
437 packet = self.ctrl_cts_decoder.decode(d.body_string)
438 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_ACKNOWLEDGMENT:
439 self.ctrl_ack_decoder = Dot11ControlFrameACKDecoder()
440 packet = self.ctrl_ack_decoder.decode(d.body_string)
441 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_REQUEST_TO_SEND:
442 self.ctrl_rts_decoder = Dot11ControlFrameRTSDecoder()
443 packet = self.ctrl_rts_decoder.decode(d.body_string)
444 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_POWERSAVE_POLL:
445 self.ctrl_pspoll_decoder = Dot11ControlFramePSPollDecoder()
446 packet = self.ctrl_pspoll_decoder.decode(d.body_string)
447 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CF_END:
448 self.ctrl_cfend_decoder = Dot11ControlFrameCFEndDecoder()
449 packet = self.ctrl_cfend_decoder.decode(d.body_string)
450 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CF_END_CF_ACK:
451 self.ctrl_cfendcfack_decoder = Dot11ControlFrameCFEndCFACKDecoder()
452 packet = self.ctrl_cfendcfack_decoder.decode(d.body_string)
453 else:
454 data_decoder = DataDecoder()
455 packet = data_decoder.decode(d.body_string)
457 d.contains(packet)
458 return d
460class Dot11ControlFrameCTSDecoder(BaseDot11Decoder):
461 def __init__(self):
462 BaseDot11Decoder.__init__(self)
464 def decode(self, aBuffer):
465 p = dot11.Dot11ControlFrameCTS(aBuffer)
466 self.set_decoded_protocol(p)
467 return p
469class Dot11ControlFrameACKDecoder(BaseDot11Decoder):
470 def __init__(self):
471 BaseDot11Decoder.__init__(self)
473 def decode(self, aBuffer):
474 p = dot11.Dot11ControlFrameACK(aBuffer)
475 self.set_decoded_protocol(p)
476 return p
478class Dot11ControlFrameRTSDecoder(BaseDot11Decoder):
479 def __init__(self):
480 BaseDot11Decoder.__init__(self)
482 def decode(self, aBuffer):
483 p = dot11.Dot11ControlFrameRTS(aBuffer)
484 self.set_decoded_protocol(p)
485 return p
487class Dot11ControlFramePSPollDecoder(BaseDot11Decoder):
488 def __init__(self):
489 BaseDot11Decoder.__init__(self)
491 def decode(self, aBuffer):
492 p = dot11.Dot11ControlFramePSPoll(aBuffer)
493 self.set_decoded_protocol(p)
494 return p
496class Dot11ControlFrameCFEndDecoder(BaseDot11Decoder):
497 def __init__(self):
498 BaseDot11Decoder.__init__(self)
500 def decode(self, aBuffer):
501 p = dot11.Dot11ControlFrameCFEnd(aBuffer)
502 self.set_decoded_protocol(p)
503 return p
504class Dot11ControlFrameCFEndCFACKDecoder(BaseDot11Decoder):
505 def __init__(self):
506 BaseDot11Decoder.__init__(self)
508 def decode(self, aBuffer):
509 p = dot11.Dot11ControlFrameCFEndCFACK(aBuffer)
510 self.set_decoded_protocol(p)
511 return p
513class Dot11DataDecoder(BaseDot11Decoder):
514 def __init__(self, key_manager):
515 BaseDot11Decoder.__init__(self, key_manager)
517 def set_dot11_hdr(self, dot11_obj):
518 self.dot11 = dot11_obj
520 def decode(self, aBuffer):
521 if self.dot11.get_fromDS() and self.dot11.get_toDS(): 521 ↛ 522line 521 didn't jump to line 522, because the condition on line 521 was never true
522 if self.dot11.is_QoS_frame():
523 p = dot11.Dot11DataAddr4QoSFrame(aBuffer)
524 else:
525 p = dot11.Dot11DataAddr4Frame(aBuffer)
526 elif self.dot11.is_QoS_frame(): 526 ↛ 527line 526 didn't jump to line 527, because the condition on line 526 was never true
527 p = dot11.Dot11DataQoSFrame(aBuffer)
528 else:
529 p = dot11.Dot11DataFrame(aBuffer)
530 self.set_decoded_protocol( p )
532 if not self.dot11.get_protectedFrame():
533 self.llc_decoder = LLCDecoder()
534 packet = self.llc_decoder.decode(p.body_string)
535 else:
536 if not self.dot11.get_fromDS() and self.dot11.get_toDS(): 536 ↛ 538line 536 didn't jump to line 538, because the condition on line 536 was never false
537 bssid = p.get_address1()
538 elif self.dot11.get_fromDS() and not self.dot11.get_toDS():
539 bssid = p.get_address2()
540 elif not self.dot11.get_fromDS() and not self.dot11.get_toDS():
541 bssid = p.get_address3()
542 else:
543 # WDS, this is the RA
544 bssid = p.get_address1()
546 wep_decoder = Dot11WEPDecoder(self.key_manager)
547 wep_decoder.set_bssid(bssid)
548 packet = wep_decoder.decode(p.body_string)
549 if packet is None: 549 ↛ 550line 549 didn't jump to line 550, because the condition on line 549 was never true
550 wpa_decoder = Dot11WPADecoder()
551 packet = wpa_decoder.decode(p.body_string)
552 if packet is None:
553 wpa2_decoder = Dot11WPA2Decoder()
554 packet = wpa2_decoder.decode(p.body_string)
555 if packet is None:
556 data_decoder = DataDecoder()
557 packet = data_decoder.decode(p.body_string)
559 p.contains(packet)
560 return p
562class Dot11WEPDecoder(BaseDot11Decoder):
563 def __init__(self, key_manager):
564 BaseDot11Decoder.__init__(self, key_manager)
565 self.bssid = None
567 def set_bssid(self, bssid):
568 self.bssid = bssid
570 def decode(self, aBuffer):
571 wep = dot11.Dot11WEP(aBuffer)
572 self.set_decoded_protocol( wep )
574 if wep.is_WEP() is False: 574 ↛ 575line 574 didn't jump to line 575, because the condition on line 574 was never true
575 return None
577 key = self.find_key(self.bssid)
578 if key:
579 decoded_string=wep.get_decrypted_data(key)
581 wep_data = Dot11WEPDataDecoder()
582 packet = wep_data.decode(decoded_string)
583 else:
584 data_decoder = DataDecoder()
585 packet = data_decoder.decode(wep.body_string)
587 wep.contains(packet)
589 return wep
591class Dot11WEPDataDecoder(BaseDot11Decoder):
592 def __init__(self):
593 BaseDot11Decoder.__init__(self)
595 def decode(self, aBuffer):
596 wep_data = dot11.Dot11WEPData(aBuffer)
598 if not wep_data.check_icv():
599 # TODO: Do something when the icv is not correct
600 pass
602 self.set_decoded_protocol( wep_data )
604 llc_decoder = LLCDecoder()
605 packet = llc_decoder.decode(wep_data.body_string)
607 wep_data.contains(packet)
609 return wep_data
612class Dot11WPADecoder(BaseDot11Decoder):
613 def __init__(self):
614 BaseDot11Decoder.__init__(self)
616 def decode(self, aBuffer, key=None):
617 wpa = dot11.Dot11WPA(aBuffer)
618 self.set_decoded_protocol( wpa )
620 if wpa.is_WPA() is False:
621 return None
623 if key:
624 decoded_string=wpa.get_decrypted_data()
626 wpa_data = Dot11WPADataDecoder()
627 packet = wpa_data.decode(decoded_string)
628 else:
629 data_decoder = DataDecoder()
630 packet = data_decoder.decode(wpa.body_string)
632 wpa.contains(packet)
634 return wpa
636class Dot11WPADataDecoder(BaseDot11Decoder):
637 def __init__(self):
638 BaseDot11Decoder.__init__(self)
640 def decode(self, aBuffer):
641 wpa_data = dot11.Dot11WPAData(aBuffer)
642 self.set_decoded_protocol( wpa_data )
644 llc_decoder = LLCDecoder()
645 packet = self.llc_decoder.decode(wpa_data.body_string)
647 wpa_data.contains(packet)
649 return wpa_data
651class Dot11WPA2Decoder(BaseDot11Decoder):
652 def __init__(self):
653 BaseDot11Decoder.__init__(self)
655 def decode(self, aBuffer, key=None):
656 wpa2 = dot11.Dot11WPA2(aBuffer)
657 self.set_decoded_protocol( wpa2 )
659 if wpa2.is_WPA2() is False:
660 return None
662 if key:
663 decoded_string=wpa2.get_decrypted_data()
665 wpa2_data = Dot11WPA2DataDecoder()
666 packet = wpa2_data.decode(decoded_string)
667 else:
668 data_decoder = DataDecoder()
669 packet = data_decoder.decode(wpa2.body_string)
671 wpa2.contains(packet)
673 return wpa2
675class Dot11WPA2DataDecoder(BaseDot11Decoder):
676 def __init__(self):
677 BaseDot11Decoder.__init__(self)
679 def decode(self, aBuffer):
680 wpa2_data = dot11.Dot11WPA2Data(aBuffer)
681 self.set_decoded_protocol( wpa2_data )
683 llc_decoder = LLCDecoder()
684 packet = self.llc_decoder.decode(wpa2_data.body_string)
686 wpa2_data.contains(packet)
688 return wpa2_data
690class LLCDecoder(Decoder):
691 def __init__(self):
692 pass
694 def decode(self, aBuffer):
695 d = dot11.LLC(aBuffer)
696 self.set_decoded_protocol( d )
698 if d.get_DSAP()==dot11.SAPTypes.SNAP: 698 ↛ 707line 698 didn't jump to line 707, because the condition on line 698 was never false
699 if d.get_SSAP()==dot11.SAPTypes.SNAP: 699 ↛ 707line 699 didn't jump to line 707, because the condition on line 699 was never false
700 if d.get_control()==dot11.LLC.DLC_UNNUMBERED_FRAMES: 700 ↛ 707line 700 didn't jump to line 707, because the condition on line 700 was never false
701 snap_decoder = SNAPDecoder()
702 packet = snap_decoder.decode(d.body_string)
703 d.contains(packet)
704 return d
706 # Only SNAP is implemented
707 data_decoder = DataDecoder()
708 packet = data_decoder.decode(d.body_string)
709 d.contains(packet)
710 return d
712class SNAPDecoder(Decoder):
713 def __init__(self):
714 pass
716 def decode(self, aBuffer):
717 s = dot11.SNAP(aBuffer)
718 self.set_decoded_protocol( s )
719 if s.get_OUI()==CDP.OUI and s.get_protoID()==CDP.Type: 719 ↛ 720line 719 didn't jump to line 720, because the condition on line 719 was never true
720 dec = CDPDecoder()
721 packet = dec.decode(s.body_string)
722 elif s.get_OUI()!=0x000000: 722 ↛ 724line 722 didn't jump to line 724, because the condition on line 722 was never true
723 # We don't know how to handle other than OUI=0x000000 (EtherType)
724 self.data_decoder = DataDecoder()
725 packet = self.data_decoder.decode(s.body_string)
726 elif s.get_protoID() == ImpactPacket.IP.ethertype:
727 self.ip_decoder = IPDecoder()
728 packet = self.ip_decoder.decode(s.body_string)
729 elif s.get_protoID() == ImpactPacket.ARP.ethertype: 729 ↛ 732line 729 didn't jump to line 732, because the condition on line 729 was never false
730 self.arp_decoder = ARPDecoder()
731 packet = self.arp_decoder.decode(s.body_string)
732 elif s.get_protoID() == eap.DOT1X_AUTHENTICATION:
733 self.eapol_decoder = EAPOLDecoder()
734 packet = self.eapol_decoder.decode(s.body_string)
735 else:
736 self.data_decoder = DataDecoder()
737 packet = self.data_decoder.decode(s.body_string)
739 s.contains(packet)
740 return s
742class CDPDecoder(Decoder):
744 def __init__(self):
745 pass
747 def decode(self, aBuffer):
748 s = CDP(aBuffer)
749 self.set_decoded_protocol( s )
750 return s
752class Dot11ManagementDecoder(BaseDot11Decoder):
753 def __init__(self):
754 BaseDot11Decoder.__init__(self)
755 self.subtype = None
757 def set_subtype(self, subtype):
758 self.subtype=subtype
760 def decode(self, aBuffer):
761 p = dot11.Dot11ManagementFrame(aBuffer)
762 self.set_decoded_protocol( p )
764 if self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_BEACON:
765 self.mgt_beacon_decoder = Dot11ManagementBeaconDecoder()
766 packet = self.mgt_beacon_decoder.decode(p.body_string)
767 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_PROBE_REQUEST:
768 self.mgt_probe_request_decoder = Dot11ManagementProbeRequestDecoder()
769 packet = self.mgt_probe_request_decoder.decode(p.body_string)
770 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_PROBE_RESPONSE:
771 self.mgt_probe_response_decoder = Dot11ManagementProbeResponseDecoder()
772 packet = self.mgt_probe_response_decoder.decode(p.body_string)
773 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_DEAUTHENTICATION:
774 self.mgt_deauthentication_decoder = Dot11ManagementDeauthenticationDecoder()
775 packet = self.mgt_deauthentication_decoder.decode(p.body_string)
776 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_AUTHENTICATION:
777 self.mgt_Authentication_decoder = Dot11ManagementAuthenticationDecoder()
778 packet = self.mgt_Authentication_decoder.decode(p.body_string)
779 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_DISASSOCIATION:
780 self.mgt_disassociation_decoder = Dot11ManagementDisassociationDecoder()
781 packet = self.mgt_disassociation_decoder.decode(p.body_string)
782 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_ASSOCIATION_REQUEST:
783 self.mgt_association_request_decoder = Dot11ManagementAssociationRequestDecoder()
784 packet = self.mgt_association_request_decoder.decode(p.body_string)
785 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_ASSOCIATION_RESPONSE:
786 self.mgt_association_response_decoder = Dot11ManagementAssociationResponseDecoder()
787 packet = self.mgt_association_response_decoder.decode(p.body_string)
788 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_REASSOCIATION_REQUEST:
789 self.mgt_reassociation_request_decoder = Dot11ManagementReassociationRequestDecoder()
790 packet = self.mgt_reassociation_request_decoder.decode(p.body_string)
791 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_REASSOCIATION_RESPONSE: 791 ↛ 795line 791 didn't jump to line 795, because the condition on line 791 was never false
792 self.mgt_reassociation_response_decoder = Dot11ManagementReassociationResponseDecoder()
793 packet = self.mgt_reassociation_response_decoder.decode(p.body_string)
794 else:
795 data_decoder = DataDecoder()
796 packet = data_decoder.decode(p.body_string)
798 p.contains(packet)
799 return p
801class Dot11ManagementBeaconDecoder(BaseDot11Decoder):
802 def __init__(self):
803 BaseDot11Decoder.__init__(self)
805 def decode(self, aBuffer):
806 p = dot11.Dot11ManagementBeacon(aBuffer)
807 self.set_decoded_protocol( p )
809 return p
811class Dot11ManagementProbeRequestDecoder(BaseDot11Decoder):
812 def __init__(self):
813 BaseDot11Decoder.__init__(self)
815 def decode(self, aBuffer):
816 p = dot11.Dot11ManagementProbeRequest(aBuffer)
817 self.set_decoded_protocol( p )
819 return p
821class Dot11ManagementProbeResponseDecoder(BaseDot11Decoder):
822 def __init__(self):
823 BaseDot11Decoder.__init__(self)
825 def decode(self, aBuffer):
826 p = dot11.Dot11ManagementProbeResponse(aBuffer)
827 self.set_decoded_protocol( p )
829 return p
831class Dot11ManagementDeauthenticationDecoder(BaseDot11Decoder):
832 def __init__(self):
833 BaseDot11Decoder.__init__(self)
835 def decode(self, aBuffer):
836 p = dot11.Dot11ManagementDeauthentication(aBuffer)
837 self.set_decoded_protocol( p )
839 return p
841class Dot11ManagementAuthenticationDecoder(BaseDot11Decoder):
842 def __init__(self):
843 BaseDot11Decoder.__init__(self)
845 def decode(self, aBuffer):
846 p = dot11.Dot11ManagementAuthentication(aBuffer)
847 self.set_decoded_protocol(p)
849 return p
851class Dot11ManagementDisassociationDecoder(BaseDot11Decoder):
852 def __init__(self):
853 BaseDot11Decoder.__init__(self)
855 def decode(self, aBuffer):
856 p = dot11.Dot11ManagementDisassociation(aBuffer)
857 self.set_decoded_protocol(p)
859 return p
861class Dot11ManagementAssociationRequestDecoder(BaseDot11Decoder):
862 def __init__(self):
863 BaseDot11Decoder.__init__(self)
865 def decode(self, aBuffer):
866 p = dot11.Dot11ManagementAssociationRequest(aBuffer)
867 self.set_decoded_protocol(p)
869 return p
871class Dot11ManagementAssociationResponseDecoder(BaseDot11Decoder):
872 def __init__(self):
873 BaseDot11Decoder.__init__(self)
875 def decode(self, aBuffer):
876 p = dot11.Dot11ManagementAssociationResponse(aBuffer)
877 self.set_decoded_protocol(p)
879 return p
881class Dot11ManagementReassociationRequestDecoder(BaseDot11Decoder):
882 def __init__(self):
883 BaseDot11Decoder.__init__(self)
885 def decode(self, aBuffer):
886 p = dot11.Dot11ManagementReassociationRequest(aBuffer)
887 self.set_decoded_protocol(p)
889 return p
891class Dot11ManagementReassociationResponseDecoder(BaseDot11Decoder):
892 def __init__(self):
893 BaseDot11Decoder.__init__(self)
895 def decode(self, aBuffer):
896 p = dot11.Dot11ManagementReassociationResponse(aBuffer)
897 self.set_decoded_protocol(p)
899 return p
901class BaseDecoder(Decoder):
903 def decode(self, buff):
905 packet = self.klass(buff)
906 self.set_decoded_protocol(packet)
907 cd = self.child_decoders.get(self.child_key(packet), DataDecoder())
908 packet.contains(cd.decode(packet.get_body_as_string()))
909 return packet
911class SimpleConfigDecoder(BaseDecoder):
913 child_decoders = {}
914 klass = wps.SimpleConfig
915 child_key = lambda s,p: None 915 ↛ exitline 915 didn't run the lambda on line 915
917 def decode(self, buff):
918 sc = BaseDecoder.decode(self, buff)
919 ary = array.array('B', sc.child().get_packet())
920 sc.unlink_child()
921 tlv = wps.SimpleConfig.build_tlv_container()
922 tlv.from_ary(ary)
923 sc.contains(tlv)
925 return sc
927class EAPExpandedDecoder(BaseDecoder):
928 child_decoders = {
929 (eap.EAPExpanded.WFA_SMI, eap.EAPExpanded.SIMPLE_CONFIG): SimpleConfigDecoder(),
930 }
931 klass = eap.EAPExpanded
932 child_key = lambda s,p: (p.get_vendor_id(), p.get_vendor_type()) 932 ↛ exitline 932 didn't run the lambda on line 932
934class EAPRDecoder(BaseDecoder):
935 child_decoders = {
936 eap.EAPR.EXPANDED:EAPExpandedDecoder()
937 }
938 klass = eap.EAPR
939 child_key = lambda s, p: p.get_type() 939 ↛ exitline 939 didn't run the lambda on line 939
941class EAPDecoder(BaseDecoder):
942 child_decoders = {
943 eap.EAP.REQUEST: EAPRDecoder(),
944 eap.EAP.RESPONSE: EAPRDecoder(),
945 }
946 klass = eap.EAP
947 child_key = lambda s, p: p.get_code() 947 ↛ exitline 947 didn't run the lambda on line 947
949class EAPOLDecoder(BaseDecoder):
950 child_decoders = {
951 eap.EAPOL.EAP_PACKET: EAPDecoder()
952 }
953 klass = eap.EAPOL
954 child_key = lambda s, p: p.get_packet_type() 954 ↛ exitline 954 didn't run the lambda on line 954
956class BootpDecoder(Decoder):
957 def __init__(self):
958 pass
960 def decode(self, aBuffer):
961 d = dhcp.BootpPacket(aBuffer)
962 self.set_decoded_protocol( d )
963 off = len(d.getData())
964 if dhcp.DhcpPacket(aBuffer[off:])['cookie'] == dhcp.DhcpPacket.MAGIC_NUMBER:
965 self.data_decoder = DHCPDecoder()
966 packet = self.data_decoder.decode(aBuffer[off:])
967 d.contains(packet)
968 return d
970class DHCPDecoder(Decoder):
971 def __init__(self):
972 pass
974 def decode(self, aBuffer):
975 d = dhcp.DhcpPacket(aBuffer)
976 self.set_decoded_protocol( d )
977 return d