Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1# SECUREAUTH LABS. Copyright 2018 SecureAuth Corporation. All rights reserved. 

2# 

3# This software is provided under under a slightly modified version 

4# of the Apache Software License. See the accompanying LICENSE file 

5# for more information. 

6# 

7# Description: 

8# Convenience packet unpackers for various network protocols 

9# implemented in the ImpactPacket module. 

10# 

11# Author: 

12# Javier Burroni (javier) 

13# Bruce Leidl (brl) 

14# Aureliano Calvo 

15 

16import array 

17 

18from impacket import ICMP6 

19from impacket import IP6 

20from impacket import IP6_Extension_Headers 

21from impacket import ImpactPacket 

22from impacket import LOG 

23from impacket import dot11 

24from impacket import wps, eap, dhcp 

25from impacket.cdp import CDP 

26 

27"""Classes to convert from raw packets into a hierarchy of 

28ImpactPacket derived objects. 

29 

30The protocol of the outermost layer must be known in advance, and the 

31packet must be fed to the corresponding decoder. From there it will 

32try to decode the raw data into a hierarchy of ImpactPacket derived 

33objects; if a layer's protocol is unknown, all the remaining data will 

34be wrapped into a ImpactPacket.Data object. 

35""" 

36 

37class Decoder: 

38 __decoded_protocol = None 

39 def decode(self, aBuffer): 

40 pass 

41 

42 def set_decoded_protocol(self, protocol): 

43 self.__decoded_protocol = protocol 

44 

45 def get_protocol(self, aprotocol): 

46 protocol = self.__decoded_protocol 

47 while protocol: 

48 if protocol.__class__ == aprotocol: 

49 break 

50 protocol=protocol.child() 

51 return protocol 

52 

53 def __str__(self): 

54 protocol = self.__decoded_protocol 

55 i=0 

56 out='' 

57 while protocol: 

58 tabline=' '*i+'+-'+str(protocol.__class__) 

59 out+="%s"%tabline+'\n' 

60 protocol=protocol.child() 

61 i+=1 

62 return out 

63 

64class EthDecoder(Decoder): 

65 def __init__(self): 

66 pass 

67 

68 def decode(self, aBuffer): 

69 e = ImpactPacket.Ethernet(aBuffer) 

70 self.set_decoded_protocol( e ) 

71 off = e.get_header_size() 

72 if e.get_ether_type() == ImpactPacket.IP.ethertype: 

73 self.ip_decoder = IPDecoder() 

74 packet = self.ip_decoder.decode(aBuffer[off:]) 

75 elif e.get_ether_type() == IP6.IP6.ethertype: 

76 self.ip6_decoder = IP6Decoder() 

77 packet = self.ip6_decoder.decode(aBuffer[off:]) 

78 elif e.get_ether_type() == ImpactPacket.ARP.ethertype: 

79 self.arp_decoder = ARPDecoder() 

80 packet = self.arp_decoder.decode(aBuffer[off:]) 

81 elif e.get_ether_type() == eap.DOT1X_AUTHENTICATION: 

82 self.eapol_decoder = EAPOLDecoder() 

83 packet = self.eapol_decoder.decode(aBuffer[off:]) 

84 # LLC ? 

85 elif e.get_ether_type() < 1500: 

86 self.llc_decoder = LLCDecoder() 

87 packet = self.llc_decoder.decode(aBuffer[off:]) 

88 else: 

89 self.data_decoder = DataDecoder() 

90 packet = self.data_decoder.decode(aBuffer[off:]) 

91 

92 e.contains(packet) 

93 return e 

94 

95# Linux "cooked" capture encapsulation. 

96# Used, for instance, for packets returned by the "any" interface. 

97class LinuxSLLDecoder(Decoder): 

98 def __init__(self): 

99 pass 

100 

101 def decode(self, aBuffer): 

102 e = ImpactPacket.LinuxSLL(aBuffer) 

103 self.set_decoded_protocol( e ) 

104 off = 16 

105 if e.get_ether_type() == ImpactPacket.IP.ethertype: 

106 self.ip_decoder = IPDecoder() 

107 packet = self.ip_decoder.decode(aBuffer[off:]) 

108 elif e.get_ether_type() == ImpactPacket.ARP.ethertype: 

109 self.arp_decoder = ARPDecoder() 

110 packet = self.arp_decoder.decode(aBuffer[off:]) 

111 elif e.get_ether_type() == eap.DOT1X_AUTHENTICATION: 

112 self.eapol_decoder = EAPOLDecoder() 

113 packet = self.eapol_decoder.decode(aBuffer[off:]) 

114 else: 

115 self.data_decoder = DataDecoder() 

116 packet = self.data_decoder.decode(aBuffer[off:]) 

117 

118 e.contains(packet) 

119 return e 

120 

121class IPDecoder(Decoder): 

122 def __init__(self): 

123 pass 

124 

125 def decode(self, aBuffer): 

126 i = ImpactPacket.IP(aBuffer) 

127 self.set_decoded_protocol ( i ) 

128 off = i.get_header_size() 

129 end = i.get_ip_len() 

130 # If ip_len == 0 we might be facing TCP segmentation offload, let's calculate the right len 

131 if end == 0: 131 ↛ 132line 131 didn't jump to line 132, because the condition on line 131 was never true

132 LOG.warning('IP len reported as 0, most probably because of TCP segmentation offload. Attempting to fix its size') 

133 i.set_ip_len(len(aBuffer)) 

134 end = i.get_ip_len() 

135 

136 if i.get_ip_p() == ImpactPacket.UDP.protocol: 136 ↛ 137line 136 didn't jump to line 137, because the condition on line 136 was never true

137 self.udp_decoder = UDPDecoder() 

138 packet = self.udp_decoder.decode(aBuffer[off:end]) 

139 elif i.get_ip_p() == ImpactPacket.TCP.protocol: 139 ↛ 140line 139 didn't jump to line 140, because the condition on line 139 was never true

140 self.tcp_decoder = TCPDecoder() 

141 packet = self.tcp_decoder.decode(aBuffer[off:end]) 

142 elif i.get_ip_p() == ImpactPacket.ICMP.protocol: 142 ↛ 145line 142 didn't jump to line 145, because the condition on line 142 was never false

143 self.icmp_decoder = ICMPDecoder() 

144 packet = self.icmp_decoder.decode(aBuffer[off:end]) 

145 elif i.get_ip_p() == ImpactPacket.IGMP.protocol: 

146 self.igmp_decoder = IGMPDecoder() 

147 packet = self.igmp_decoder.decode(aBuffer[off:end]) 

148 else: 

149 self.data_decoder = DataDecoder() 

150 packet = self.data_decoder.decode(aBuffer[off:end]) 

151 i.contains(packet) 

152 return i 

153 

154class IP6MultiProtocolDecoder(Decoder): 

155 def __init__(self, a_protocol_id): 

156 self.protocol_id = a_protocol_id 

157 

158 def decode(self, buffer): 

159 if self.protocol_id == ImpactPacket.UDP.protocol: 

160 self.udp_decoder = UDPDecoder() 

161 packet = self.udp_decoder.decode(buffer) 

162 elif self.protocol_id == ImpactPacket.TCP.protocol: 162 ↛ 163line 162 didn't jump to line 163, because the condition on line 162 was never true

163 self.tcp_decoder = TCPDecoder() 

164 packet = self.tcp_decoder.decode(buffer) 

165 elif self.protocol_id == ICMP6.ICMP6.protocol: 

166 self.icmp6_decoder = ICMP6Decoder() 

167 packet = self.icmp6_decoder.decode(buffer) 

168 else: 

169 # IPv6 Extension Headers lookup 

170 extension_headers = IP6_Extension_Headers.IP6_Extension_Header.get_extension_headers() 

171 if buffer and self.protocol_id in extension_headers: 

172 extension_header_decoder_class = extension_headers[self.protocol_id].get_decoder() 

173 self.extension_header_decoder = extension_header_decoder_class() 

174 packet = self.extension_header_decoder.decode(buffer) 

175 else: 

176 self.data_decoder = DataDecoder() 

177 packet = self.data_decoder.decode(buffer) 

178 

179 return packet 

180 

181class IP6Decoder(Decoder): 

182 def __init__(self): 

183 pass 

184 

185 def decode(self, buffer): 

186 ip6_packet = IP6.IP6(buffer) 

187 self.set_decoded_protocol(ip6_packet) 

188 start_pos = ip6_packet.get_header_size() 

189 end_pos = ip6_packet.get_payload_length() + start_pos 

190 contained_protocol = ip6_packet.get_next_header() 

191 

192 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol) 

193 child_packet = multi_protocol_decoder.decode(buffer[start_pos:end_pos]) 

194 

195 ip6_packet.contains(child_packet) 

196 return ip6_packet 

197 

198class HopByHopDecoder(Decoder): 

199 def __init__(self): 

200 pass 

201 

202 def decode(self, buffer): 

203 hop_by_hop = IP6_Extension_Headers.Hop_By_Hop(buffer) 

204 self.set_decoded_protocol(hop_by_hop) 

205 start_pos = hop_by_hop.get_header_size() 

206 contained_protocol = hop_by_hop.get_next_header() 

207 

208 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol) 

209 child_packet = multi_protocol_decoder.decode(buffer[start_pos:]) 

210 

211 hop_by_hop.contains(child_packet) 

212 return hop_by_hop 

213 

214class DestinationOptionsDecoder(Decoder): 

215 def __init__(self): 

216 pass 

217 

218 def decode(self, buffer): 

219 destination_options = IP6_Extension_Headers.Destination_Options(buffer) 

220 self.set_decoded_protocol(destination_options) 

221 start_pos = destination_options.get_header_size() 

222 contained_protocol = destination_options.get_next_header() 

223 

224 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol) 

225 child_packet = multi_protocol_decoder.decode(buffer[start_pos:]) 

226 

227 destination_options.contains(child_packet) 

228 return destination_options 

229 

230class RoutingOptionsDecoder(Decoder): 

231 def __init__(self): 

232 pass 

233 

234 def decode(self, buffer): 

235 routing_options = IP6_Extension_Headers.Routing_Options(buffer) 

236 self.set_decoded_protocol(routing_options) 

237 start_pos = routing_options.get_header_size() 

238 contained_protocol = routing_options.get_next_header() 

239 

240 multi_protocol_decoder = IP6MultiProtocolDecoder(contained_protocol) 

241 child_packet = multi_protocol_decoder.decode(buffer[start_pos:]) 

242 

243 routing_options.contains(child_packet) 

244 return routing_options 

245 

246class ICMP6Decoder(Decoder): 

247 def __init__(self): 

248 pass 

249 

250 def decode(self, buffer): 

251 icmp6_packet = ICMP6.ICMP6(buffer) 

252 self.set_decoded_protocol(icmp6_packet) 

253 start_pos = icmp6_packet.get_header_size() 

254 

255 self.data_decoder = DataDecoder() 

256 child_packet = self.data_decoder.decode(buffer[start_pos:]) 

257 icmp6_packet.contains(child_packet) 

258 return icmp6_packet 

259 

260 

261class ARPDecoder(Decoder): 

262 def __init__(self): 

263 pass 

264 

265 def decode(self, aBuffer): 

266 arp = ImpactPacket.ARP(aBuffer) 

267 self.set_decoded_protocol( arp ) 

268 off = arp.get_header_size() 

269 self.data_decoder = DataDecoder() 

270 packet = self.data_decoder.decode(aBuffer[off:]) 

271 arp.contains(packet) 

272 return arp 

273 

274class UDPDecoder(Decoder): 

275 def __init__(self): 

276 pass 

277 

278 def decode(self, aBuffer): 

279 u = ImpactPacket.UDP(aBuffer) 

280 self.set_decoded_protocol( u ) 

281 off = u.get_header_size() 

282 self.data_decoder = DataDecoder() 

283 packet = self.data_decoder.decode(aBuffer[off:]) 

284 u.contains(packet) 

285 return u 

286 

287class TCPDecoder(Decoder): 

288 def __init__(self): 

289 pass 

290 

291 def decode(self, aBuffer): 

292 t = ImpactPacket.TCP(aBuffer) 

293 self.set_decoded_protocol( t ) 

294 off = t.get_header_size() 

295 self.data_decoder = DataDecoder() 

296 packet = self.data_decoder.decode(aBuffer[off:]) 

297 t.contains(packet) 

298 return t 

299 

300class IGMPDecoder(Decoder): 

301 def __init__(self): 

302 pass 

303 def decode(self, aBuffer): 

304 ig = ImpactPacket.IGMP(aBuffer) 

305 off = ig.get_header_size() 

306 self.data_decoder = DataDecoder() 

307 packet = self.data_decoder.decode(aBuffer[off:]) 

308 ig.contains(packet) 

309 return ig 

310 

311 

312class IPDecoderForICMP(Decoder): 

313 """This class was added to parse the IP header of ICMP unreachables packets 

314 If you use the "standard" IPDecoder, it might crash (see bug #4870) ImpactPacket.py 

315 because the TCP header inside the IP header is incomplete""" 

316 def __init__(self): 

317 pass 

318 

319 def decode(self, aBuffer): 

320 i = ImpactPacket.IP(aBuffer) 

321 self.set_decoded_protocol( i ) 

322 off = i.get_header_size() 

323 if i.get_ip_p() == ImpactPacket.UDP.protocol: 

324 self.udp_decoder = UDPDecoder() 

325 packet = self.udp_decoder.decode(aBuffer[off:]) 

326 else: 

327 self.data_decoder = DataDecoder() 

328 packet = self.data_decoder.decode(aBuffer[off:]) 

329 i.contains(packet) 

330 return i 

331 

332class ICMPDecoder(Decoder): 

333 def __init__(self): 

334 pass 

335 

336 def decode(self, aBuffer): 

337 ic = ImpactPacket.ICMP(aBuffer) 

338 self.set_decoded_protocol( ic ) 

339 off = ic.get_header_size() 

340 if ic.get_icmp_type() == ImpactPacket.ICMP.ICMP_UNREACH: 340 ↛ 341line 340 didn't jump to line 341, because the condition on line 340 was never true

341 self.ip_decoder = IPDecoderForICMP() 

342 packet = self.ip_decoder.decode(aBuffer[off:]) 

343 else: 

344 self.data_decoder = DataDecoder() 

345 packet = self.data_decoder.decode(aBuffer[off:]) 

346 ic.contains(packet) 

347 return ic 

348 

349class DataDecoder(Decoder): 

350 def decode(self, aBuffer): 

351 d = ImpactPacket.Data(aBuffer) 

352 self.set_decoded_protocol( d ) 

353 return d 

354 

355class BaseDot11Decoder(Decoder): 

356 def __init__(self, key_manager=None): 

357 self.set_key_manager(key_manager) 

358 

359 def set_key_manager(self, key_manager): 

360 self.key_manager = key_manager 

361 

362 def find_key(self, bssid): 

363 try: 

364 key = self.key_manager.get_key(bssid) 

365 except: 

366 return False 

367 return key 

368 

369class RadioTapDecoder(BaseDot11Decoder): 

370 def __init__(self): 

371 BaseDot11Decoder.__init__(self) 

372 

373 def decode(self, aBuffer): 

374 rt = dot11.RadioTap(aBuffer) 

375 self.set_decoded_protocol( rt ) 

376 

377 self.do11_decoder = Dot11Decoder() 

378 self.do11_decoder.set_key_manager(self.key_manager) 

379 flags=rt.get_flags() 

380 if flags is not None: 380 ↛ 384line 380 didn't jump to line 384, because the condition on line 380 was never false

381 fcs=flags&dot11.RadioTap.RTF_FLAGS.PROPERTY_FCS_AT_END 

382 self.do11_decoder.FCS_at_end(fcs) 

383 

384 packet = self.do11_decoder.decode(rt.get_body_as_string()) 

385 

386 rt.contains(packet) 

387 return rt 

388 

389class Dot11Decoder(BaseDot11Decoder): 

390 def __init__(self): 

391 BaseDot11Decoder.__init__(self) 

392 self.__FCS_at_end = True 

393 

394 def FCS_at_end(self, fcs_at_end=True): 

395 self.__FCS_at_end=not not fcs_at_end 

396 

397 def decode(self, aBuffer): 

398 d = dot11.Dot11(aBuffer, self.__FCS_at_end) 

399 self.set_decoded_protocol( d ) 

400 

401 type = d.get_type() 

402 if type == dot11.Dot11Types.DOT11_TYPE_CONTROL: 402 ↛ 403line 402 didn't jump to line 403, because the condition on line 402 was never true

403 dot11_control_decoder = Dot11ControlDecoder() 

404 packet = dot11_control_decoder.decode(d.body_string) 

405 elif type == dot11.Dot11Types.DOT11_TYPE_DATA: 

406 dot11_data_decoder = Dot11DataDecoder(self.key_manager) 

407 

408 dot11_data_decoder.set_dot11_hdr(d) 

409 

410 packet = dot11_data_decoder.decode(d.body_string) 

411 elif type == dot11.Dot11Types.DOT11_TYPE_MANAGEMENT: 411 ↛ 416line 411 didn't jump to line 416, because the condition on line 411 was never false

412 dot11_management_decoder = Dot11ManagementDecoder() 

413 dot11_management_decoder.set_subtype(d.get_subtype()) 

414 packet = dot11_management_decoder.decode(d.body_string) 

415 else: 

416 data_decoder = DataDecoder() 

417 packet = data_decoder.decode(d.body_string) 

418 

419 d.contains(packet) 

420 return d 

421 

422class Dot11ControlDecoder(BaseDot11Decoder): 

423 def __init__(self): 

424 BaseDot11Decoder.__init__(self) 

425 self.__FCS_at_end = True 

426 

427 def FCS_at_end(self, fcs_at_end=True): 

428 self.__FCS_at_end=not not fcs_at_end 

429 

430 def decode(self, aBuffer): 

431 d = dot11.Dot11(aBuffer, self.__FCS_at_end) 

432 self.set_decoded_protocol(d) 

433 

434 self.subtype = d.get_subtype() 

435 if self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CLEAR_TO_SEND: 

436 self.ctrl_cts_decoder = Dot11ControlFrameCTSDecoder() 

437 packet = self.ctrl_cts_decoder.decode(d.body_string) 

438 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_ACKNOWLEDGMENT: 

439 self.ctrl_ack_decoder = Dot11ControlFrameACKDecoder() 

440 packet = self.ctrl_ack_decoder.decode(d.body_string) 

441 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_REQUEST_TO_SEND: 

442 self.ctrl_rts_decoder = Dot11ControlFrameRTSDecoder() 

443 packet = self.ctrl_rts_decoder.decode(d.body_string) 

444 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_POWERSAVE_POLL: 

445 self.ctrl_pspoll_decoder = Dot11ControlFramePSPollDecoder() 

446 packet = self.ctrl_pspoll_decoder.decode(d.body_string) 

447 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CF_END: 

448 self.ctrl_cfend_decoder = Dot11ControlFrameCFEndDecoder() 

449 packet = self.ctrl_cfend_decoder.decode(d.body_string) 

450 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_CONTROL_CF_END_CF_ACK: 

451 self.ctrl_cfendcfack_decoder = Dot11ControlFrameCFEndCFACKDecoder() 

452 packet = self.ctrl_cfendcfack_decoder.decode(d.body_string) 

453 else: 

454 data_decoder = DataDecoder() 

455 packet = data_decoder.decode(d.body_string) 

456 

457 d.contains(packet) 

458 return d 

459 

460class Dot11ControlFrameCTSDecoder(BaseDot11Decoder): 

461 def __init__(self): 

462 BaseDot11Decoder.__init__(self) 

463 

464 def decode(self, aBuffer): 

465 p = dot11.Dot11ControlFrameCTS(aBuffer) 

466 self.set_decoded_protocol(p) 

467 return p 

468 

469class Dot11ControlFrameACKDecoder(BaseDot11Decoder): 

470 def __init__(self): 

471 BaseDot11Decoder.__init__(self) 

472 

473 def decode(self, aBuffer): 

474 p = dot11.Dot11ControlFrameACK(aBuffer) 

475 self.set_decoded_protocol(p) 

476 return p 

477 

478class Dot11ControlFrameRTSDecoder(BaseDot11Decoder): 

479 def __init__(self): 

480 BaseDot11Decoder.__init__(self) 

481 

482 def decode(self, aBuffer): 

483 p = dot11.Dot11ControlFrameRTS(aBuffer) 

484 self.set_decoded_protocol(p) 

485 return p 

486 

487class Dot11ControlFramePSPollDecoder(BaseDot11Decoder): 

488 def __init__(self): 

489 BaseDot11Decoder.__init__(self) 

490 

491 def decode(self, aBuffer): 

492 p = dot11.Dot11ControlFramePSPoll(aBuffer) 

493 self.set_decoded_protocol(p) 

494 return p 

495 

496class Dot11ControlFrameCFEndDecoder(BaseDot11Decoder): 

497 def __init__(self): 

498 BaseDot11Decoder.__init__(self) 

499 

500 def decode(self, aBuffer): 

501 p = dot11.Dot11ControlFrameCFEnd(aBuffer) 

502 self.set_decoded_protocol(p) 

503 return p 

504class Dot11ControlFrameCFEndCFACKDecoder(BaseDot11Decoder): 

505 def __init__(self): 

506 BaseDot11Decoder.__init__(self) 

507 

508 def decode(self, aBuffer): 

509 p = dot11.Dot11ControlFrameCFEndCFACK(aBuffer) 

510 self.set_decoded_protocol(p) 

511 return p 

512 

513class Dot11DataDecoder(BaseDot11Decoder): 

514 def __init__(self, key_manager): 

515 BaseDot11Decoder.__init__(self, key_manager) 

516 

517 def set_dot11_hdr(self, dot11_obj): 

518 self.dot11 = dot11_obj 

519 

520 def decode(self, aBuffer): 

521 if self.dot11.get_fromDS() and self.dot11.get_toDS(): 521 ↛ 522line 521 didn't jump to line 522, because the condition on line 521 was never true

522 if self.dot11.is_QoS_frame(): 

523 p = dot11.Dot11DataAddr4QoSFrame(aBuffer) 

524 else: 

525 p = dot11.Dot11DataAddr4Frame(aBuffer) 

526 elif self.dot11.is_QoS_frame(): 526 ↛ 527line 526 didn't jump to line 527, because the condition on line 526 was never true

527 p = dot11.Dot11DataQoSFrame(aBuffer) 

528 else: 

529 p = dot11.Dot11DataFrame(aBuffer) 

530 self.set_decoded_protocol( p ) 

531 

532 if not self.dot11.get_protectedFrame(): 

533 self.llc_decoder = LLCDecoder() 

534 packet = self.llc_decoder.decode(p.body_string) 

535 else: 

536 if not self.dot11.get_fromDS() and self.dot11.get_toDS(): 536 ↛ 538line 536 didn't jump to line 538, because the condition on line 536 was never false

537 bssid = p.get_address1() 

538 elif self.dot11.get_fromDS() and not self.dot11.get_toDS(): 

539 bssid = p.get_address2() 

540 elif not self.dot11.get_fromDS() and not self.dot11.get_toDS(): 

541 bssid = p.get_address3() 

542 else: 

543 # WDS, this is the RA 

544 bssid = p.get_address1() 

545 

546 wep_decoder = Dot11WEPDecoder(self.key_manager) 

547 wep_decoder.set_bssid(bssid) 

548 packet = wep_decoder.decode(p.body_string) 

549 if packet is None: 549 ↛ 550line 549 didn't jump to line 550, because the condition on line 549 was never true

550 wpa_decoder = Dot11WPADecoder() 

551 packet = wpa_decoder.decode(p.body_string) 

552 if packet is None: 

553 wpa2_decoder = Dot11WPA2Decoder() 

554 packet = wpa2_decoder.decode(p.body_string) 

555 if packet is None: 

556 data_decoder = DataDecoder() 

557 packet = data_decoder.decode(p.body_string) 

558 

559 p.contains(packet) 

560 return p 

561 

562class Dot11WEPDecoder(BaseDot11Decoder): 

563 def __init__(self, key_manager): 

564 BaseDot11Decoder.__init__(self, key_manager) 

565 self.bssid = None 

566 

567 def set_bssid(self, bssid): 

568 self.bssid = bssid 

569 

570 def decode(self, aBuffer): 

571 wep = dot11.Dot11WEP(aBuffer) 

572 self.set_decoded_protocol( wep ) 

573 

574 if wep.is_WEP() is False: 574 ↛ 575line 574 didn't jump to line 575, because the condition on line 574 was never true

575 return None 

576 

577 key = self.find_key(self.bssid) 

578 if key: 

579 decoded_string=wep.get_decrypted_data(key) 

580 

581 wep_data = Dot11WEPDataDecoder() 

582 packet = wep_data.decode(decoded_string) 

583 else: 

584 data_decoder = DataDecoder() 

585 packet = data_decoder.decode(wep.body_string) 

586 

587 wep.contains(packet) 

588 

589 return wep 

590 

591class Dot11WEPDataDecoder(BaseDot11Decoder): 

592 def __init__(self): 

593 BaseDot11Decoder.__init__(self) 

594 

595 def decode(self, aBuffer): 

596 wep_data = dot11.Dot11WEPData(aBuffer) 

597 

598 if not wep_data.check_icv(): 

599 # TODO: Do something when the icv is not correct 

600 pass 

601 

602 self.set_decoded_protocol( wep_data ) 

603 

604 llc_decoder = LLCDecoder() 

605 packet = llc_decoder.decode(wep_data.body_string) 

606 

607 wep_data.contains(packet) 

608 

609 return wep_data 

610 

611 

612class Dot11WPADecoder(BaseDot11Decoder): 

613 def __init__(self): 

614 BaseDot11Decoder.__init__(self) 

615 

616 def decode(self, aBuffer, key=None): 

617 wpa = dot11.Dot11WPA(aBuffer) 

618 self.set_decoded_protocol( wpa ) 

619 

620 if wpa.is_WPA() is False: 

621 return None 

622 

623 if key: 

624 decoded_string=wpa.get_decrypted_data() 

625 

626 wpa_data = Dot11WPADataDecoder() 

627 packet = wpa_data.decode(decoded_string) 

628 else: 

629 data_decoder = DataDecoder() 

630 packet = data_decoder.decode(wpa.body_string) 

631 

632 wpa.contains(packet) 

633 

634 return wpa 

635 

636class Dot11WPADataDecoder(BaseDot11Decoder): 

637 def __init__(self): 

638 BaseDot11Decoder.__init__(self) 

639 

640 def decode(self, aBuffer): 

641 wpa_data = dot11.Dot11WPAData(aBuffer) 

642 self.set_decoded_protocol( wpa_data ) 

643 

644 llc_decoder = LLCDecoder() 

645 packet = self.llc_decoder.decode(wpa_data.body_string) 

646 

647 wpa_data.contains(packet) 

648 

649 return wpa_data 

650 

651class Dot11WPA2Decoder(BaseDot11Decoder): 

652 def __init__(self): 

653 BaseDot11Decoder.__init__(self) 

654 

655 def decode(self, aBuffer, key=None): 

656 wpa2 = dot11.Dot11WPA2(aBuffer) 

657 self.set_decoded_protocol( wpa2 ) 

658 

659 if wpa2.is_WPA2() is False: 

660 return None 

661 

662 if key: 

663 decoded_string=wpa2.get_decrypted_data() 

664 

665 wpa2_data = Dot11WPA2DataDecoder() 

666 packet = wpa2_data.decode(decoded_string) 

667 else: 

668 data_decoder = DataDecoder() 

669 packet = data_decoder.decode(wpa2.body_string) 

670 

671 wpa2.contains(packet) 

672 

673 return wpa2 

674 

675class Dot11WPA2DataDecoder(BaseDot11Decoder): 

676 def __init__(self): 

677 BaseDot11Decoder.__init__(self) 

678 

679 def decode(self, aBuffer): 

680 wpa2_data = dot11.Dot11WPA2Data(aBuffer) 

681 self.set_decoded_protocol( wpa2_data ) 

682 

683 llc_decoder = LLCDecoder() 

684 packet = self.llc_decoder.decode(wpa2_data.body_string) 

685 

686 wpa2_data.contains(packet) 

687 

688 return wpa2_data 

689 

690class LLCDecoder(Decoder): 

691 def __init__(self): 

692 pass 

693 

694 def decode(self, aBuffer): 

695 d = dot11.LLC(aBuffer) 

696 self.set_decoded_protocol( d ) 

697 

698 if d.get_DSAP()==dot11.SAPTypes.SNAP: 698 ↛ 707line 698 didn't jump to line 707, because the condition on line 698 was never false

699 if d.get_SSAP()==dot11.SAPTypes.SNAP: 699 ↛ 707line 699 didn't jump to line 707, because the condition on line 699 was never false

700 if d.get_control()==dot11.LLC.DLC_UNNUMBERED_FRAMES: 700 ↛ 707line 700 didn't jump to line 707, because the condition on line 700 was never false

701 snap_decoder = SNAPDecoder() 

702 packet = snap_decoder.decode(d.body_string) 

703 d.contains(packet) 

704 return d 

705 

706 # Only SNAP is implemented 

707 data_decoder = DataDecoder() 

708 packet = data_decoder.decode(d.body_string) 

709 d.contains(packet) 

710 return d 

711 

712class SNAPDecoder(Decoder): 

713 def __init__(self): 

714 pass 

715 

716 def decode(self, aBuffer): 

717 s = dot11.SNAP(aBuffer) 

718 self.set_decoded_protocol( s ) 

719 if s.get_OUI()==CDP.OUI and s.get_protoID()==CDP.Type: 719 ↛ 720line 719 didn't jump to line 720, because the condition on line 719 was never true

720 dec = CDPDecoder() 

721 packet = dec.decode(s.body_string) 

722 elif s.get_OUI()!=0x000000: 722 ↛ 724line 722 didn't jump to line 724, because the condition on line 722 was never true

723 # We don't know how to handle other than OUI=0x000000 (EtherType) 

724 self.data_decoder = DataDecoder() 

725 packet = self.data_decoder.decode(s.body_string) 

726 elif s.get_protoID() == ImpactPacket.IP.ethertype: 

727 self.ip_decoder = IPDecoder() 

728 packet = self.ip_decoder.decode(s.body_string) 

729 elif s.get_protoID() == ImpactPacket.ARP.ethertype: 729 ↛ 732line 729 didn't jump to line 732, because the condition on line 729 was never false

730 self.arp_decoder = ARPDecoder() 

731 packet = self.arp_decoder.decode(s.body_string) 

732 elif s.get_protoID() == eap.DOT1X_AUTHENTICATION: 

733 self.eapol_decoder = EAPOLDecoder() 

734 packet = self.eapol_decoder.decode(s.body_string) 

735 else: 

736 self.data_decoder = DataDecoder() 

737 packet = self.data_decoder.decode(s.body_string) 

738 

739 s.contains(packet) 

740 return s 

741 

742class CDPDecoder(Decoder): 

743 

744 def __init__(self): 

745 pass 

746 

747 def decode(self, aBuffer): 

748 s = CDP(aBuffer) 

749 self.set_decoded_protocol( s ) 

750 return s 

751 

752class Dot11ManagementDecoder(BaseDot11Decoder): 

753 def __init__(self): 

754 BaseDot11Decoder.__init__(self) 

755 self.subtype = None 

756 

757 def set_subtype(self, subtype): 

758 self.subtype=subtype 

759 

760 def decode(self, aBuffer): 

761 p = dot11.Dot11ManagementFrame(aBuffer) 

762 self.set_decoded_protocol( p ) 

763 

764 if self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_BEACON: 

765 self.mgt_beacon_decoder = Dot11ManagementBeaconDecoder() 

766 packet = self.mgt_beacon_decoder.decode(p.body_string) 

767 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_PROBE_REQUEST: 

768 self.mgt_probe_request_decoder = Dot11ManagementProbeRequestDecoder() 

769 packet = self.mgt_probe_request_decoder.decode(p.body_string) 

770 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_PROBE_RESPONSE: 

771 self.mgt_probe_response_decoder = Dot11ManagementProbeResponseDecoder() 

772 packet = self.mgt_probe_response_decoder.decode(p.body_string) 

773 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_DEAUTHENTICATION: 

774 self.mgt_deauthentication_decoder = Dot11ManagementDeauthenticationDecoder() 

775 packet = self.mgt_deauthentication_decoder.decode(p.body_string) 

776 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_AUTHENTICATION: 

777 self.mgt_Authentication_decoder = Dot11ManagementAuthenticationDecoder() 

778 packet = self.mgt_Authentication_decoder.decode(p.body_string) 

779 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_DISASSOCIATION: 

780 self.mgt_disassociation_decoder = Dot11ManagementDisassociationDecoder() 

781 packet = self.mgt_disassociation_decoder.decode(p.body_string) 

782 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_ASSOCIATION_REQUEST: 

783 self.mgt_association_request_decoder = Dot11ManagementAssociationRequestDecoder() 

784 packet = self.mgt_association_request_decoder.decode(p.body_string) 

785 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_ASSOCIATION_RESPONSE: 

786 self.mgt_association_response_decoder = Dot11ManagementAssociationResponseDecoder() 

787 packet = self.mgt_association_response_decoder.decode(p.body_string) 

788 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_REASSOCIATION_REQUEST: 

789 self.mgt_reassociation_request_decoder = Dot11ManagementReassociationRequestDecoder() 

790 packet = self.mgt_reassociation_request_decoder.decode(p.body_string) 

791 elif self.subtype is dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_REASSOCIATION_RESPONSE: 791 ↛ 795line 791 didn't jump to line 795, because the condition on line 791 was never false

792 self.mgt_reassociation_response_decoder = Dot11ManagementReassociationResponseDecoder() 

793 packet = self.mgt_reassociation_response_decoder.decode(p.body_string) 

794 else: 

795 data_decoder = DataDecoder() 

796 packet = data_decoder.decode(p.body_string) 

797 

798 p.contains(packet) 

799 return p 

800 

801class Dot11ManagementBeaconDecoder(BaseDot11Decoder): 

802 def __init__(self): 

803 BaseDot11Decoder.__init__(self) 

804 

805 def decode(self, aBuffer): 

806 p = dot11.Dot11ManagementBeacon(aBuffer) 

807 self.set_decoded_protocol( p ) 

808 

809 return p 

810 

811class Dot11ManagementProbeRequestDecoder(BaseDot11Decoder): 

812 def __init__(self): 

813 BaseDot11Decoder.__init__(self) 

814 

815 def decode(self, aBuffer): 

816 p = dot11.Dot11ManagementProbeRequest(aBuffer) 

817 self.set_decoded_protocol( p ) 

818 

819 return p 

820 

821class Dot11ManagementProbeResponseDecoder(BaseDot11Decoder): 

822 def __init__(self): 

823 BaseDot11Decoder.__init__(self) 

824 

825 def decode(self, aBuffer): 

826 p = dot11.Dot11ManagementProbeResponse(aBuffer) 

827 self.set_decoded_protocol( p ) 

828 

829 return p 

830 

831class Dot11ManagementDeauthenticationDecoder(BaseDot11Decoder): 

832 def __init__(self): 

833 BaseDot11Decoder.__init__(self) 

834 

835 def decode(self, aBuffer): 

836 p = dot11.Dot11ManagementDeauthentication(aBuffer) 

837 self.set_decoded_protocol( p ) 

838 

839 return p 

840 

841class Dot11ManagementAuthenticationDecoder(BaseDot11Decoder): 

842 def __init__(self): 

843 BaseDot11Decoder.__init__(self) 

844 

845 def decode(self, aBuffer): 

846 p = dot11.Dot11ManagementAuthentication(aBuffer) 

847 self.set_decoded_protocol(p) 

848 

849 return p 

850 

851class Dot11ManagementDisassociationDecoder(BaseDot11Decoder): 

852 def __init__(self): 

853 BaseDot11Decoder.__init__(self) 

854 

855 def decode(self, aBuffer): 

856 p = dot11.Dot11ManagementDisassociation(aBuffer) 

857 self.set_decoded_protocol(p) 

858 

859 return p 

860 

861class Dot11ManagementAssociationRequestDecoder(BaseDot11Decoder): 

862 def __init__(self): 

863 BaseDot11Decoder.__init__(self) 

864 

865 def decode(self, aBuffer): 

866 p = dot11.Dot11ManagementAssociationRequest(aBuffer) 

867 self.set_decoded_protocol(p) 

868 

869 return p 

870 

871class Dot11ManagementAssociationResponseDecoder(BaseDot11Decoder): 

872 def __init__(self): 

873 BaseDot11Decoder.__init__(self) 

874 

875 def decode(self, aBuffer): 

876 p = dot11.Dot11ManagementAssociationResponse(aBuffer) 

877 self.set_decoded_protocol(p) 

878 

879 return p 

880 

881class Dot11ManagementReassociationRequestDecoder(BaseDot11Decoder): 

882 def __init__(self): 

883 BaseDot11Decoder.__init__(self) 

884 

885 def decode(self, aBuffer): 

886 p = dot11.Dot11ManagementReassociationRequest(aBuffer) 

887 self.set_decoded_protocol(p) 

888 

889 return p 

890 

891class Dot11ManagementReassociationResponseDecoder(BaseDot11Decoder): 

892 def __init__(self): 

893 BaseDot11Decoder.__init__(self) 

894 

895 def decode(self, aBuffer): 

896 p = dot11.Dot11ManagementReassociationResponse(aBuffer) 

897 self.set_decoded_protocol(p) 

898 

899 return p 

900 

901class BaseDecoder(Decoder): 

902 

903 def decode(self, buff): 

904 

905 packet = self.klass(buff) 

906 self.set_decoded_protocol(packet) 

907 cd = self.child_decoders.get(self.child_key(packet), DataDecoder()) 

908 packet.contains(cd.decode(packet.get_body_as_string())) 

909 return packet 

910 

911class SimpleConfigDecoder(BaseDecoder): 

912 

913 child_decoders = {} 

914 klass = wps.SimpleConfig 

915 child_key = lambda s,p: None 915 ↛ exitline 915 didn't run the lambda on line 915

916 

917 def decode(self, buff): 

918 sc = BaseDecoder.decode(self, buff) 

919 ary = array.array('B', sc.child().get_packet()) 

920 sc.unlink_child() 

921 tlv = wps.SimpleConfig.build_tlv_container() 

922 tlv.from_ary(ary) 

923 sc.contains(tlv) 

924 

925 return sc 

926 

927class EAPExpandedDecoder(BaseDecoder): 

928 child_decoders = { 

929 (eap.EAPExpanded.WFA_SMI, eap.EAPExpanded.SIMPLE_CONFIG): SimpleConfigDecoder(), 

930 } 

931 klass = eap.EAPExpanded 

932 child_key = lambda s,p: (p.get_vendor_id(), p.get_vendor_type()) 932 ↛ exitline 932 didn't run the lambda on line 932

933 

934class EAPRDecoder(BaseDecoder): 

935 child_decoders = { 

936 eap.EAPR.EXPANDED:EAPExpandedDecoder() 

937 } 

938 klass = eap.EAPR 

939 child_key = lambda s, p: p.get_type() 939 ↛ exitline 939 didn't run the lambda on line 939

940 

941class EAPDecoder(BaseDecoder): 

942 child_decoders = { 

943 eap.EAP.REQUEST: EAPRDecoder(), 

944 eap.EAP.RESPONSE: EAPRDecoder(), 

945 } 

946 klass = eap.EAP 

947 child_key = lambda s, p: p.get_code() 947 ↛ exitline 947 didn't run the lambda on line 947

948 

949class EAPOLDecoder(BaseDecoder): 

950 child_decoders = { 

951 eap.EAPOL.EAP_PACKET: EAPDecoder() 

952 } 

953 klass = eap.EAPOL 

954 child_key = lambda s, p: p.get_packet_type() 954 ↛ exitline 954 didn't run the lambda on line 954

955 

956class BootpDecoder(Decoder): 

957 def __init__(self): 

958 pass 

959 

960 def decode(self, aBuffer): 

961 d = dhcp.BootpPacket(aBuffer) 

962 self.set_decoded_protocol( d ) 

963 off = len(d.getData()) 

964 if dhcp.DhcpPacket(aBuffer[off:])['cookie'] == dhcp.DhcpPacket.MAGIC_NUMBER: 

965 self.data_decoder = DHCPDecoder() 

966 packet = self.data_decoder.decode(aBuffer[off:]) 

967 d.contains(packet) 

968 return d 

969 

970class DHCPDecoder(Decoder): 

971 def __init__(self): 

972 pass 

973 

974 def decode(self, aBuffer): 

975 d = dhcp.DhcpPacket(aBuffer) 

976 self.set_decoded_protocol( d ) 

977 return d