diff --git a/Gopkg.lock b/Gopkg.lock index e4fc914..06548f8 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -1,20 +1,11 @@ # This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. -[[projects]] - branch = "master" - name = "git.loafle.net/overflow/service_matcher-go" - packages = [ - ".", - "snmp" - ] - revision = "a804b4824f2e65ab70a706ae62aa452b6f4fb9b6" - [[projects]] name = "github.com/davecgh/go-spew" packages = ["spew"] - revision = "346938d642f2ec3594ed81d874461961cd0faa76" - version = "v1.1.0" + revision = "8991bc29aa16c548c550c7ff78260e27b9ab7c73" + version = "v1.1.1" [[projects]] name = "github.com/pmezard/go-difflib" @@ -37,6 +28,6 @@ [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "e411f01b744d615451da86fca1cda7559ac20eb10b59f76fe97f185639b1a788" + inputs-digest = "ec738887f78fd05112bc2a2f3b8a899e39749ad1dd11668f687f3ccebe1f3cf6" solver-name = "gps-cdcl" solver-version = 1 diff --git a/Gopkg.toml b/Gopkg.toml index 686c565..d3c86d7 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -1,6 +1,6 @@ # Gopkg.toml example # -# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html +# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md # for detailed Gopkg.toml documentation. # # required = ["github.com/user/thing/cmd/thing"] @@ -25,10 +25,6 @@ # unused-packages = true -[[constraint]] - branch = "master" - name = "git.loafle.net/overflow/service_matcher-go" - [[constraint]] name = "github.com/stretchr/testify" version = "1.2.2" diff --git a/activedirectory/activedirectory.go b/activedirectory/activedirectory.go index 05f7275..a100d4b 100644 --- a/activedirectory/activedirectory.go +++ b/activedirectory/activedirectory.go @@ -195,12 +195,12 @@ func (m *ActiveDirectoryMatcher) IsError(info osm.MatchInfo, index int, packet * func (m *ActiveDirectoryMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } buf := new(bytes.Buffer) - buf.Write(packet.Buffer) + buf.Write(packet.Bytes()) adRecv := AD_RECV{} @@ -303,7 +303,7 @@ func NewMatcher() osm.Matcher { sendByte1 := mCache.Bytes() m := &ActiveDirectoryMatcher{ - //sendPackets: make([][]byte, 2), + //sendPackets: make([][]byte, 2), } pp := osm.NewPacket(sendByte1, len(sendByte1)) diff --git a/cassandra/cassandra.go b/cassandra/cassandra.go index cb14ada..48a51bd 100644 --- a/cassandra/cassandra.go +++ b/cassandra/cassandra.go @@ -45,12 +45,12 @@ func (m *CassandraMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Pa func (m *CassandraMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } reader := new(bytes.Buffer) - reader.Write(packet.Buffer) + reader.Write(packet.Bytes()) c := cassandra{} if err := binary.Read(reader, binary.BigEndian, &c); err != nil { diff --git a/dns/dns.go b/dns/dns.go index c7fd48a..041354d 100644 --- a/dns/dns.go +++ b/dns/dns.go @@ -45,7 +45,7 @@ func (t *DNSMatcher) Key() string { return "DNS" } -func (t *DNSMatcher) String() string { +func (t *DNSMatcher) Name() string { return "DNS" } @@ -66,12 +66,12 @@ func (t *DNSMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) } func (t *DNSMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } reader := new(bytes.Buffer) - reader.Write(packet.Buffer) + reader.Write(packet.Bytes()) h := Dns_frame_header{} if err := binary.Read(reader, binary.BigEndian, &h); err != nil { diff --git a/elasticsearch/elasticsearch.go b/elasticsearch/elasticsearch.go index dc6a728..981d8f6 100644 --- a/elasticsearch/elasticsearch.go +++ b/elasticsearch/elasticsearch.go @@ -44,11 +44,11 @@ func (es *ElasticSearchMatcher) IsError(info osm.MatchInfo, index int, packet *o func (es *ElasticSearchMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } - str := string(packet.Buffer) + str := string(packet.Bytes()) hnb := strings.Split(str, "\r\n\r\n") header := hnb[0] body := hnb[1] diff --git a/ftp/ftp.go b/ftp/ftp.go index 2e76e47..7bedc23 100644 --- a/ftp/ftp.go +++ b/ftp/ftp.go @@ -56,11 +56,11 @@ func (ftp *FTPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet func (ftp *FTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } - str := strings.Split(string(packet.Buffer), "\r\n")[0] + str := strings.Split(string(packet.Bytes()), "\r\n")[0] if len(str) < 4 { return osm.NotMatchedError() } diff --git a/http/http.go b/http/http.go index 67c8059..dddf206 100644 --- a/http/http.go +++ b/http/http.go @@ -41,11 +41,11 @@ func (h *HTTPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) func (h *HTTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } - str := string(packet.Buffer) + str := string(packet.Bytes()) elems := strings.Split(str, "\r\n") if len(elems) <= 0 || 9 > len(elems[0]) { diff --git a/imap/imap.go b/imap/imap.go index a9cf966..fb702d4 100644 --- a/imap/imap.go +++ b/imap/imap.go @@ -17,10 +17,14 @@ func (i *IMAPMatcher) Key() string { return "IMAP" } -func (i *IMAPMatcher) String() string { +func (i *IMAPMatcher) Name() string { return "IMAP" } +func (i *IMAPMatcher) Meta() osm.Metadata { + return nil +} + func (i *IMAPMatcher) IsPrePacket() bool { return true } @@ -33,40 +37,40 @@ func (i *IMAPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) return false } -func (i *IMAPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) bool { +func (i *IMAPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { switch index { case 0: - recvStr := string(packet.Buffer) + recvStr := string(packet.Bytes()) if len(recvStr) < 3 { - return false + return osm.NotMatchedError() } compareStr := recvStr[0:4] if compareStr == PRE_COMPARE_STR { - return true + return nil } case 1: - recvStr := string(packet.Buffer) + recvStr := string(packet.Bytes()) if len(recvStr) < 5 { - return false + return osm.NotMatchedError() } compareStr := recvStr[0:5] if compareStr == SEND_COMPARE_STR { - return true + return nil } } - return false + return osm.NotMatchedError() } func NewMatcher() osm.Matcher { diff --git a/ldap/ldap.go b/ldap/ldap.go index 36f4507..bf87471 100644 --- a/ldap/ldap.go +++ b/ldap/ldap.go @@ -40,10 +40,10 @@ func (l *LDAPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) func (l *LDAPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } - p := ber.DecodePacket(packet.Buffer) + p := ber.DecodePacket(packet.Bytes()) if len(p.Children) <= 1 { return osm.NotMatchedError() diff --git a/lpd/lpd.go b/lpd/lpd.go index 943821e..81bfd76 100644 --- a/lpd/lpd.go +++ b/lpd/lpd.go @@ -35,7 +35,7 @@ func (l *LPDMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) func (l *LPDMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } diff --git a/mongodb/mongodb.go b/mongodb/mongodb.go index 4b19630..1dac1e7 100644 --- a/mongodb/mongodb.go +++ b/mongodb/mongodb.go @@ -77,12 +77,12 @@ func (m *MongoDBMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Pack func (m *MongoDBMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } reader := new(bytes.Buffer) - reader.Write(packet.Buffer) + reader.Write(packet.Bytes()) reply := OP_reply{} if err := binary.Read(reader, binary.LittleEndian, &reply); err != nil { diff --git a/mysql/mysql.go b/mysql/mysql.go index 902a68e..d3ec011 100644 --- a/mysql/mysql.go +++ b/mysql/mysql.go @@ -56,7 +56,7 @@ type serverSettings struct { } func (m *MySqlMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } diff --git a/nbss/nbss.go b/nbss/nbss.go index e5e31fd..cfa9dce 100644 --- a/nbss/nbss.go +++ b/nbss/nbss.go @@ -55,12 +55,12 @@ func (t *NBSSMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) func (t *NBSSMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } reader := new(bytes.Buffer) - reader.Write(packet.Buffer) + reader.Write(packet.Bytes()) n := NBSS{} if err := binary.Read(reader, binary.LittleEndian, &n); err != nil { @@ -72,7 +72,6 @@ func (t *NBSSMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) e } return nil - } func NewMatcher() osm.Matcher { diff --git a/oracle/oracle.go b/oracle/oracle.go index feddb01..e57af77 100644 --- a/oracle/oracle.go +++ b/oracle/oracle.go @@ -14,10 +14,14 @@ type OracleMatcher struct { func (o *OracleMatcher) Key() string { return "ORACLE" } -func (o *OracleMatcher) String() string { +func (o *OracleMatcher) Name() string { return "Oracle" } +func (o *OracleMatcher) Meta() osm.Metadata { + return nil +} + func (o *OracleMatcher) IsPrePacket() bool { return false } @@ -30,17 +34,17 @@ func (o *OracleMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packe return false } -func (o *OracleMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) bool { +func (o *OracleMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { if packet == nil { - return false + return osm.NotMatchedError() } header := header_packet{} refuse := body_refuse{} buf := new(bytes.Buffer) - buf.Write(packet.Buffer) + buf.Write(packet.Bytes()) binary.Read(buf, binary.BigEndian, &header) binary.Read(buf, binary.BigEndian, &refuse) @@ -49,32 +53,32 @@ func (o *OracleMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) //fmt.Println(refuse) if header.Check_sum != 0 { - return false + return osm.NotMatchedError() } if header.Types != 4 { - return false + return osm.NotMatchedError() } if header.Reserved_byte != 0 { - return false + return osm.NotMatchedError() } if header.Header_sum != 0 { - return false + return osm.NotMatchedError() } if refuse.Reason_user != 34 { - return false + return osm.NotMatchedError() } if refuse.Reason_system != 0 { - return false + return osm.NotMatchedError() } var dataLen int = int(refuse.Data_len) if dataLen != packet.Len-12 { // if dataLen != packet.Len-22 { // morformed packet error not user not service - return false + return osm.NotMatchedError() } } - return true + return nil } func NewMatcher() osm.Matcher { diff --git a/packet.go b/packet.go index 2627663..fa86f08 100644 --- a/packet.go +++ b/packet.go @@ -5,6 +5,20 @@ type Packet struct { Len int } +func (p *Packet) Valid() bool { + if nil == p.Buffer || 0 == p.Len { + return false + } + return true +} + +func (p *Packet) Bytes() []byte { + if p.Valid() { + return p.Buffer[:p.Len] + } + return nil +} + func NewPacket(buf []byte, len int) *Packet { return &Packet{ Buffer: buf, diff --git a/pop/pop.go b/pop/pop.go index 710b0af..ce271a4 100644 --- a/pop/pop.go +++ b/pop/pop.go @@ -16,10 +16,14 @@ func (p *POPMatcher) Key() string { return "POP3" } -func (p *POPMatcher) String() string { +func (p *POPMatcher) Name() string { return "POP3" } +func (p *POPMatcher) Meta() osm.Metadata { + return nil +} + func (p *POPMatcher) IsPrePacket() bool { return true } @@ -32,27 +36,27 @@ func (p *POPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) return false } -func (p *POPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) bool { +func (p *POPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { switch index { case 0: fallthrough case 1: - recvStr := string(packet.Buffer) + recvStr := string(packet.Bytes()) if len(recvStr) < 3 { - return false + return osm.NotMatchedError() } compareStr := recvStr[0:3] if compareStr == COMPARE_STR { - return true + return nil } } - return false + return osm.NotMatchedError() } func NewMatcher() osm.Matcher { diff --git a/postgresql/postgresql.go b/postgresql/postgresql.go index e03af65..21fdc1c 100644 --- a/postgresql/postgresql.go +++ b/postgresql/postgresql.go @@ -68,12 +68,12 @@ func (p *PostgreSQLMatcher) IsError(info osm.MatchInfo, index int, packet *osm.P func (p *PostgreSQLMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } reader := new(bytes.Buffer) - reader.Write(packet.Buffer) + reader.Write(packet.Bytes()) pg := pgsqlErrResponse{} if err := binary.Read(reader, binary.BigEndian, &pg); err != nil { diff --git a/redis/redis.go b/redis/redis.go index 076b366..74b2c2b 100644 --- a/redis/redis.go +++ b/redis/redis.go @@ -54,11 +54,11 @@ func (r *RedisMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet func (r *RedisMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } - resp := strings.Split(string(packet.Buffer), "\r\n")[0] + resp := strings.Split(string(packet.Bytes()), "\r\n")[0] if len(resp) <= 0 { return osm.NotMatchedError() } @@ -87,7 +87,7 @@ func (r *RedisMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) case 1: // INFO - info := string(packet.Buffer) + info := string(packet.Bytes()) if !r.protected { r.parseInfo(info) } @@ -109,7 +109,7 @@ func (r *RedisMatcher) checkProtectedMode(packet *osm.Packet) bool { compareSign = "-" compareMsg = "DENIED" ) - str := string(packet.Buffer[:packet.Len]) + str := string(packet.Bytes()) if str == "" { return false diff --git a/rmi/rmi.go b/rmi/rmi.go index ff193a9..8e270a8 100644 --- a/rmi/rmi.go +++ b/rmi/rmi.go @@ -57,13 +57,13 @@ func (r *RMIMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) func (r *RMIMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } rmiRecv := RMI_RECV_MESSAGE{} - buf := bytes.NewReader(packet.Buffer) + buf := bytes.NewReader(packet.Bytes()) binary.Read(buf, binary.BigEndian, &rmiRecv.streamMessage) binary.Read(buf, binary.BigEndian, &rmiRecv.packetLen) diff --git a/smb/smb.go b/smb/smb.go index 96516f6..89af75a 100644 --- a/smb/smb.go +++ b/smb/smb.go @@ -78,12 +78,12 @@ func (t *SMBMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) func (t *SMBMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } reader := new(bytes.Buffer) - reader.Write(packet.Buffer) + reader.Write(packet.Bytes()) s := smb{} if err := binary.Read(reader, binary.BigEndian, &s); err != nil { diff --git a/smtp/smtp.go b/smtp/smtp.go index 7383eb7..8e3a984 100644 --- a/smtp/smtp.go +++ b/smtp/smtp.go @@ -14,10 +14,14 @@ func (t *SmtpMatcher) Key() string { return "SMTP" } -func (t *SmtpMatcher) String() string { +func (t *SmtpMatcher) Name() string { return "SMTP" } +func (t *SmtpMatcher) Meta() osm.Metadata { + return nil +} + func (t *SmtpMatcher) IsPrePacket() bool { return true } @@ -30,31 +34,32 @@ func (t *SmtpMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) return false } -func (t *SmtpMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) bool { +func (t *SmtpMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { if packet == nil { - return false + return osm.NoPacketReceivedError() } - buf := string(packet.Buffer) + + buf := string(packet.Bytes()) if len(buf) == 0 || len(buf) < 5 { - return false + return osm.NotMatchedError() } splits := strings.Split(buf, "\r\n") splits = strings.Split(buf, " ") if index == 0 { if splits[0] == "220" { - return true + return nil } } else if index == 1 { if splits[0] == "250" { - return true + return nil } } else if index == 2 { if splits[0] == "221" { - return true + return nil } } - return false + return osm.NotMatchedError() } func NewMatcher() osm.Matcher { diff --git a/snmp/v2/snmpv2.go b/snmp/v2/snmpv2.go index 59d93f8..5aecd18 100644 --- a/snmp/v2/snmpv2.go +++ b/snmp/v2/snmpv2.go @@ -66,7 +66,7 @@ func (s *SNMPMatcher) HasResponse(index int) bool { func (s *SNMPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } @@ -81,7 +81,7 @@ func (s *SNMPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) e } `asn1:"tag:2"` } - if _, err := asn1.Unmarshal(packet.Buffer[0:packet.Len], &p); err != nil { + if _, err := asn1.Unmarshal(packet.Bytes(), &p); err != nil { return err } diff --git a/sqlserver/sqlserver.go b/sqlserver/sqlserver.go index a1af17a..98c323b 100644 --- a/sqlserver/sqlserver.go +++ b/sqlserver/sqlserver.go @@ -72,13 +72,17 @@ func (t *SQLServerMatcher) Key() string { return "SQLSERVER" } -func (t *SQLServerMatcher) String() string { +func (t *SQLServerMatcher) Name() string { if t.isSSL { return "SQL Server (SSL)" } return "SQL Server" } +func (t *SQLServerMatcher) Meta() osm.Metadata { + return nil +} + func (t *SQLServerMatcher) IsPrePacket() bool { return false } @@ -91,45 +95,45 @@ func (t *SQLServerMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Pa return false } -func (t *SQLServerMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) bool { +func (t *SQLServerMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { if packet == nil { - return false + return osm.NoPacketReceivedError() } reader := new(bytes.Buffer) - reader.Write(packet.Buffer) + reader.Write(packet.Bytes()) m := mssqlResponse{} if err := binary.Read(reader, binary.BigEndian, &m); err != nil { - return false + return osm.NotMatchedError() } if m.Type_ != HEADER_TYPE_RESPONSE { - return false + return osm.NotMatchedError() } if m.Length != uint16(packet.Len) { - return false + return osm.NotMatchedError() } switch m.PreLoginResp.Msg[m.Length-9 : m.Length-8][0] { case 0: - return true + return nil case 1: t.isSSL = true - return true + return nil case 2: - return true + return nil case 3: t.isSSL = true - return true + return nil default: - return false + return osm.NotMatchedError() } - return false + return osm.NotMatchedError() } diff --git a/ssh/ssh.go b/ssh/ssh.go index e260a7a..406ae4b 100644 --- a/ssh/ssh.go +++ b/ssh/ssh.go @@ -43,13 +43,13 @@ func (ssh *SSHMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet func (ssh *SSHMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } // SSH-protoversion-softwareversion SP comments CR LF // e.g. ) SSH-2.0-OpenSSH_7.5p1 Ubuntu-10ubuntu0.1\n - scanner := bufio.NewScanner(bytes.NewReader(packet.Buffer)) + scanner := bufio.NewScanner(bytes.NewReader(packet.Bytes())) for scanner.Scan() { exchange := scanner.Text() diff --git a/telnet/telnet.go b/telnet/telnet.go index 39613dd..c61e705 100644 --- a/telnet/telnet.go +++ b/telnet/telnet.go @@ -42,14 +42,14 @@ func (tel *TelnetMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Pac func (tel *TelnetMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { - if packet == nil || packet.Buffer == nil || packet.Len == 0 { + if packet == nil || !packet.Valid() { return osm.NoPacketReceivedError() } buf := make([]byte, 0, 0) count := 0 - for i := 0; i < len(packet.Buffer); i++ { + for i := 0; i < packet.Len; i++ { if packet.Buffer[i] > 0 { buf = append(buf, packet.Buffer[i]) } else if count > 2 { diff --git a/wmi/wmi.go b/wmi/wmi.go index a39a7ed..72edd92 100644 --- a/wmi/wmi.go +++ b/wmi/wmi.go @@ -53,7 +53,7 @@ func (w *WMIMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) er } buf := new(bytes.Buffer) - buf.Write(packet.Buffer) + buf.Write(packet.Bytes()) wmiRecv := DCERPC_DEFAULT{}