1.2 release

ChangeLog

@@ -1,8 +1,3 @@
-1.2 - 25/04/2014 - Linux
-* Minor release.
-* Updated reverse regular expression generation engine (used for generting bogus service signatures).
-* Reported bugs fixed
-
 1.1 - 1/01/2014 - Linux
 * Minor release.
 * Updated reverse regular expression generation engine (used for generting bogus service signatures).

DOCS

@@ -8,6 +8,10 @@ Portspoof documentation notes
 	$ make
 	$ sudo make install
 
+	OR
+
+	$ g++ -lpthread -Wall -g Configuration.cpp  connection.cpp   Portspoof.cpp Revregex.cpp Utils.cpp Fuzzer.cpp Server.cpp -o portspoof
+
 
 2. Configure your firewall rules:
 
@@ -19,7 +23,7 @@ Portspoof documentation notes
 	# iptables-restore < iptables-config (system_files directory) # remember to change the interface name!
 
 	Run Portspoof with service emulation:
-	$ portspoof -c /etc/portspoof.conf -s /etc/portspoof_signatures -D
+	$ portspoof -c portspoof.conf -s portspoof_signatures -D
 
 	Run Portspoof in daemon "open port" mode:
 	$  portspoof -D

configure

@@ -4972,10 +4972,6 @@ fi
 done
 
 
-# Check for directories
-
-test "$sysconfdir" = '${prefix}/etc' && sysconfdir=/etc
-
 ac_config_files="$ac_config_files Makefile src/Makefile tools/Makefile"
 
 cat >confcache <<\_ACEOF

configure.in

@@ -4,11 +4,11 @@
 CFLASGS="${CFLAGS=}"
 
 AC_PREREQ(2.61)
-AC_INIT([portspoof], [1.2], [piotr[at]duszynski.eu])
+AC_INIT([portspoof], [1.0], [piotr[at]duszynski.eu])
 AC_CONFIG_AUX_DIR(auto)
 AC_CONFIG_MACRO_DIR([m4])
 
-AM_INIT_AUTOMAKE(portspoof,1.2)
+AM_INIT_AUTOMAKE(portspoof,1.0)
 AC_CONFIG_SRCDIR([src/Portspoof.cpp])
 AC_CONFIG_HEADER([src/config.h])
 AC_DEFINE([_GNU_SOURCE], [1], [Use GNU source])
@@ -46,9 +46,5 @@ AC_TYPE_SIZE_T
 AC_FUNC_MALLOC
 AC_CHECK_FUNCS([inet_ntoa memset socket])
 
-# Check for directories
-
-test "$sysconfdir" = '${prefix}/etc' && sysconfdir=/etc
-
 AC_CONFIG_FILES([Makefile src/Makefile tools/Makefile])
 AC_OUTPUT

src/Revregex.cpp

@@ -1,6 +1,8 @@
 #include <stdio.h>
 #include <ctype.h>
 #include <stdlib.h>
+#include <openssl/aes.h>
+#include <openssl/evp.h>
 #include <string.h>
 #include <string>
 #include <sstream>
@@ -383,7 +385,7 @@ wektor fill_specialchars(wektor str,int start_offset,int end_offset)
 					result_vector.push_back('\t');
 					i++;	
 			}
-			else if(str[i]==dot && i+1<=end_offset && ( i == start_offset || str[i-1] != bslash ) )
+			else if(str[i]==dot && ( i == start_offset ||  str[i-1] != bslash ) )
 			{
 					result_vector.push_back(97+rand()%25);	
 					if(i<=end_offset && (str[i+1]=='+' || str[i+1]=='*') )
@@ -427,6 +429,59 @@ wektor escape_hex(wektor str,int start_offset,int end_offset)
 	
 }
 
+/*
+char * clear_spaces(char* str)
+{
+	
+	int len=0;
+	int flag=1;
+	int i=0;
+	int j=0;
+	char* str2;
+	
+	len=strlen(str);
+    if (!(str2 = malloc((len+1) * sizeof(char))))
+        exit(1);	
+
+	memset(str2,0,len+1);
+	
+	for(i;i<len;i++)
+	{
+			
+		if(str[i]==' ' && flag==1)
+			{
+			str2[j]=str[i];
+			j++;
+			flag=0;
+			}
+		else if(str[i]==' ')
+			flag=0;
+		else
+			flag=1;
+			
+		if(flag)	
+		{
+			str2[j]=str[i];
+			j++;
+		}
+	
+	}
+	
+	fprintf(stdout,"size %d\n",j);
+	
+	char* strfin;
+    if (!(strfin = malloc((j + 1) * sizeof(char))))
+        exit(1);
+
+	memset(strfin,0,j+1);
+	memcpy(strfin,str2,j);
+
+	free(str2);
+	
+	return strfin;
+	
+}
+*/
 
 wektor revregexn(wektor str)
 {
@@ -596,4 +651,4 @@ std::vector<char> process_signature(std::string str)
 
 	return result_vector;
 	
-}
+}

src/connection.cpp

@@ -46,30 +46,6 @@
 #include "connection.h"
 #include "Configuration.h"
 
-/*
-ipstr has to be of length INET_ADDRSTRLEN
-or INET6_ADDRSTRLEN
-*/
-int get_ipstr(int fd, char *ipstr)
-{
-  socklen_t len;
-  struct sockaddr_storage addr;
-
-  len = sizeof(struct sockaddr_storage);
-  getpeername(fd, (struct sockaddr *)&addr, &len);
-
-  if (addr.ss_family == AF_INET)
-  {
-    struct sockaddr_in *s = (struct sockaddr_in *)&addr;
-    inet_ntop(AF_INET, &s->sin_addr, ipstr, INET_ADDRSTRLEN);
-  }
-  else
-  { // AF_INET6
-    struct sockaddr_in6 *s = (struct sockaddr_in6 *)&addr;
-    inet_ntop(AF_INET6, &s->sin6_addr, ipstr, INET6_ADDRSTRLEN);
-  }
-  return 1;
-}
 
 void nonblock(int sockfd)
 {
@@ -91,6 +67,7 @@ void nonblock(int sockfd)
 void* process_connection(void *arg)
 {
 	int tid =  *((int*)(&arg));
+	//int len;  
 	string str;
 	char buffer[1000];//TODO: to be fixed
 	int original_port=DEFAULT_PORT;
@@ -99,8 +76,6 @@ void* process_connection(void *arg)
 	struct sockaddr_in peer_sockaddr;
 	int peer_sockaddr_len=sizeof(struct sockaddr_in);
 	char* msg;
-    char ipstr[INET6_ADDRSTRLEN];
-	memset(ipstr, '\0', INET6_ADDRSTRLEN);
 	
 	while(1) {
 		
@@ -131,15 +106,14 @@ void* process_connection(void *arg)
 								goto close_socket;
 							}
 					else
-            		original_port = ntohs(peer_sockaddr.sin_port);
-					get_ipstr(threads[tid].clients[i], ipstr);
-
+					original_port = ntohs(peer_sockaddr.sin_port);
+					
 					#endif
 				
 					//LOG
 					msg=(char*)malloc(MAX_LOG_MSG_LEN);
 					memset(msg,0,MAX_LOG_MSG_LEN);
-					snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d  \n",ipstr,original_port);//" port:%d src_ip%s\n", original_port,;
+					snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d  \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,;
 					Utils::log_write(configuration,msg);
 					free(msg);
 					//
@@ -180,15 +154,14 @@ void* process_connection(void *arg)
 								goto close_socket2;
 							}
 					else
-            		original_port = ntohs(peer_sockaddr.sin_port);
-					get_ipstr(threads[tid].clients[i], ipstr);
-
+					original_port = ntohs(peer_sockaddr.sin_port);
+					
 					#endif
 				
 					//LOG
 					msg =(char*)malloc(MAX_LOG_MSG_LEN);
 					memset(msg,0,MAX_LOG_MSG_LEN);
-					snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d  \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,;
+					snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d  \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,;
 					Utils::log_write(configuration,msg);
 					free(msg);
 					//	
@@ -207,22 +180,20 @@ void* process_connection(void *arg)
 					
 				#ifdef OSX
 				//  BSD
-				original_port = ntohs(peer_sockaddr.sin_port);
+							original_port = ntohs(peer_sockaddr.sin_port);
 				//
 				#else
 				// Linux
 				if ( getsockopt (threads[tid].clients[i], SOL_IP, SO_ORIGINAL_DST, (struct sockaddr*)&peer_sockaddr, (socklen_t*) &peer_sockaddr_len ))
 						perror("Getsockopt failed");
-
-		        get_ipstr(threads[tid].clients[i], ipstr);
-		        original_port = ntohs(peer_sockaddr.sin_port);
+				original_port = ntohs(peer_sockaddr.sin_port);
 				//
 				#endif
 							  	
 				//LOG
 				char* msg=(char*)malloc(MAX_LOG_MSG_LEN);
 				memset(msg,0,MAX_LOG_MSG_LEN);
-				snprintf(msg,MAX_LOG_MSG_LEN,"%d # Service_probe # SIGNATURE_SEND # source_ip:%s # dst_port:%d  \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,;
+				snprintf(msg,MAX_LOG_MSG_LEN,"%d # Service_probe # SIGNATURE_SEND # source_ip:%s # dst_port:%d  \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,;
 				Utils::log_write(configuration,msg);
 				free(msg);
 				//

tools/Makefile.am

@@ -2,6 +2,6 @@
 
 EXTRA_DIST = portspoof.conf portspoof_signatures 
 
-confdir= "/$sysconfdir/portspoof/""
+confdir= $(sysconfdir)/portspoof
 
 sysconf_DATA=portspoof.conf portspoof_signatures