sad/portspoof
1
0
Fork 0
mirror of https://github.com/drk1wi/portspoof.git synced 2024-06-24 07:48:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

update minor issues.

Browse Source
This commit is contained in:
Piotr Duszynski 2014-04-25 08:25:42 +02:00
parent 4d50ce6195
commit b247176edd
5 changed files with 56 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CREDITS Normal file
View File

@ -0,0 +1,4 @@
I would like to thank you the following people for their contributions to the project:
Matthew Bricker https://twitter.com/MatthewBricker
drits

12
configure.in
View File

@ -46,5 +46,17 @@ AC_TYPE_SIZE_T
AC_FUNC_MALLOC
AC_CHECK_FUNCS([inet_ntoa memset socket])
# Check for directories
test "$sysconfdir" = '${prefix}/etc' && sysconfdir=/etc
TARGET="$sysconfdir/portspoof/"
if test ! -d $TARGET; then
mkdir $TARGET
fi
+ AT_CHECK([mkdir "$dir" "$TMPDIR" && touch "$file.ac" || exit 77])
AC_CONFIG_FILES([Makefile src/Makefile tools/Makefile])
AC_OUTPUT

59
src/Revregex.cpp
View File

@ -1,8 +1,6 @@
#include <stdio.h>
#include <ctype.h>
#include <stdlib.h>
#include <openssl/aes.h>
#include <openssl/evp.h>
#include <string.h>
#include <string>
#include <sstream>
@ -385,7 +383,7 @@ wektor fill_specialchars(wektor str,int start_offset,int end_offset)
result_vector.push_back('\t');
i++;
}
else if(str[i]==dot && ( i == start_offset || str[i-1] != bslash ) )
else if(str[i]==dot && i+1<=end_offset && ( i == start_offset || str[i-1] != bslash ) )
{
result_vector.push_back(97+rand()%25);
if(i<=end_offset && (str[i+1]=='+' || str[i+1]=='*') )
@ -429,59 +427,6 @@ wektor escape_hex(wektor str,int start_offset,int end_offset)
}
/*
char * clear_spaces(char* str)
{
int len=0;
int flag=1;
int i=0;
int j=0;
char* str2;
len=strlen(str);
if (!(str2 = malloc((len+1) * sizeof(char))))
exit(1);
memset(str2,0,len+1);
for(i;i<len;i++)
{
if(str[i]==' ' && flag==1)
{
str2[j]=str[i];
j++;
flag=0;
}
else if(str[i]==' ')
flag=0;
else
flag=1;
if(flag)
{
str2[j]=str[i];
j++;
}
}
fprintf(stdout,"size %d\n",j);
char* strfin;
if (!(strfin = malloc((j + 1) * sizeof(char))))
exit(1);
memset(strfin,0,j+1);
memcpy(strfin,str2,j);
free(str2);
return strfin;
}
*/
wektor revregexn(wektor str)
{
@ -651,4 +596,4 @@ std::vector<char> process_signature(std::string str)
return result_vector;
}
}

45
src/connection.cpp
View File

@ -46,6 +46,30 @@
#include "connection.h"
#include "Configuration.h"
/*
ipstr has to be of length INET_ADDRSTRLEN
or INET6_ADDRSTRLEN
*/
int get_ipstr(int fd, char *ipstr)
{
socklen_t len;
struct sockaddr_storage addr;
len = sizeof(struct sockaddr_storage);
getpeername(fd, (struct sockaddr *)&addr, &len);
if (addr.ss_family == AF_INET)
{
struct sockaddr_in *s = (struct sockaddr_in *)&addr;
inet_ntop(AF_INET, &s->sin_addr, ipstr, INET_ADDRSTRLEN);
}
else
{ // AF_INET6
struct sockaddr_in6 *s = (struct sockaddr_in6 *)&addr;
inet_ntop(AF_INET6, &s->sin6_addr, ipstr, INET6_ADDRSTRLEN);
}
return 1;
}
void nonblock(int sockfd)
{
@ -67,7 +91,6 @@ void nonblock(int sockfd)
void* process_connection(void *arg)
{
int tid = *((int*)(&arg));
//int len;
string str;
char buffer[1000];//TODO: to be fixed
int original_port=DEFAULT_PORT;
@ -76,6 +99,8 @@ void* process_connection(void *arg)
struct sockaddr_in peer_sockaddr;
int peer_sockaddr_len=sizeof(struct sockaddr_in);
char* msg;
char ipstr[INET6_ADDRSTRLEN];
memset(ipstr, '\0', INET6_ADDRSTRLEN);
while(1) {
@ -106,14 +131,15 @@ void* process_connection(void *arg)
goto close_socket;
}
else
original_port = ntohs(peer_sockaddr.sin_port);
original_port = ntohs(peer_sockaddr.sin_port);
get_ipstr(threads[tid].clients[i], ipstr);
#endif
//LOG
msg=(char*)malloc(MAX_LOG_MSG_LEN);
memset(msg,0,MAX_LOG_MSG_LEN);
snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,;
snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,;
Utils::log_write(configuration,msg);
free(msg);
//
@ -154,14 +180,15 @@ void* process_connection(void *arg)
goto close_socket2;
}
else
original_port = ntohs(peer_sockaddr.sin_port);
original_port = ntohs(peer_sockaddr.sin_port);
get_ipstr(threads[tid].clients[i], ipstr);
#endif
//LOG
msg =(char*)malloc(MAX_LOG_MSG_LEN);
memset(msg,0,MAX_LOG_MSG_LEN);
snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,;
snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,;
Utils::log_write(configuration,msg);
free(msg);
//
@ -180,20 +207,22 @@ void* process_connection(void *arg)
#ifdef OSX
// BSD
original_port = ntohs(peer_sockaddr.sin_port);
original_port = ntohs(peer_sockaddr.sin_port);
//
#else
// Linux
if ( getsockopt (threads[tid].clients[i], SOL_IP, SO_ORIGINAL_DST, (struct sockaddr*)&peer_sockaddr, (socklen_t*) &peer_sockaddr_len ))
perror("Getsockopt failed");
original_port = ntohs(peer_sockaddr.sin_port);
original_port = ntohs(peer_sockaddr.sin_port);
get_ipstr(threads[tid].clients[i], ipstr);
//
#endif
//LOG
char* msg=(char*)malloc(MAX_LOG_MSG_LEN);
memset(msg,0,MAX_LOG_MSG_LEN);
snprintf(msg,MAX_LOG_MSG_LEN,"%d # Service_probe # SIGNATURE_SEND # source_ip:%s # dst_port:%d \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,;
snprintf(msg,MAX_LOG_MSG_LEN,"%d # Service_probe # SIGNATURE_SEND # source_ip:%s # dst_port:%d \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,;
Utils::log_write(configuration,msg);
free(msg);
//

2
tools/Makefile.am
View File

@ -2,6 +2,6 @@
EXTRA_DIST = portspoof.conf portspoof_signatures
confdir= $(sysconfdir)/portspoof
confdir= "/$sysconfdir/portspoof/""
sysconf_DATA=portspoof.conf portspoof_signatures