ing

2017-11-21 21:47:55 +09:00
parent 753fafced4
commit 3dd6cb79ca
102 changed files with 9778 additions and 1 deletions
--- a/matcher/rmi/rmi.go
+++ b/matcher/rmi/rmi.go
@@ -0,0 +1,111 @@
+package rmi
+
+import (
+	"bytes"
+	"encoding/binary"
+	"git.loafle.net/overflow/overflow_discovery/match/packet"
+	"git.loafle.net/overflow/overflow_discovery/model/scaninfo"
+)
+
+const (
+	MAGIC_NUMBER    = 0x4a524d49
+	STREAM_PROTOCOL = 0x4b
+	VERSION         = 0x0002
+	ACK_PROTOCOL    = 0x4e
+)
+
+type RMI_SEND_MESSAGE struct {
+	magic    uint32
+	version  uint16
+	protocol uint8
+}
+
+type RMI_RECV_MESSAGE struct {
+	streamMessage uint8
+	packetLen     uint16
+	host          []byte
+	port          [2]byte
+}
+type RMIMatcher struct {
+	sendPackets []*packet.Packet
+}
+
+func (r *RMIMatcher) Match(index int, packet *packet.Packet, info scaninfo.ServiceScanInfo) bool {
+	result := false
+
+	if packet == nil || packet.Buffer == nil || packet.Len == 0 {
+		return result
+	}
+
+	//fmt.Println("packet :", packet)
+	rmiRecv := RMI_RECV_MESSAGE{}
+
+	buf := bytes.NewReader(packet.Buffer)
+	binary.Read(buf, binary.BigEndian, &rmiRecv.streamMessage)
+	binary.Read(buf, binary.BigEndian, &rmiRecv.packetLen)
+
+	lenInt := int(rmiRecv.packetLen)
+
+	var tempHost = make([]byte, lenInt, lenInt)
+	copy(rmiRecv.host, tempHost)
+
+	rmiRecv.host = tempHost
+
+	binary.Read(buf, binary.BigEndian, &rmiRecv.host)
+	binary.Read(buf, binary.BigEndian, &rmiRecv.port)
+
+	hostIp := string(rmiRecv.host[:lenInt])
+	//fmt.Println(hostIp)
+
+	//hostPort := binary.BigEndian.Uint16(rmiRecv.port[:2])
+
+	if rmiRecv.streamMessage == ACK_PROTOCOL && lenInt == len(hostIp) {
+		result = true
+	}
+
+	return result
+}
+
+func (r *RMIMatcher) PacketCount() int {
+	return len(r.sendPackets)
+}
+
+func (r *RMIMatcher) Packet(index int) *packet.Packet {
+	return r.sendPackets[index]
+}
+
+func (r *RMIMatcher) ServiceName() string {
+	return "RMI"
+}
+
+func (r *RMIMatcher) IsError(index int, packet *packet.Packet, info scaninfo.ServiceScanInfo) bool {
+	return false
+}
+
+func (r *RMIMatcher) HasResponse(index int) bool {
+	return false
+}
+
+func (r *RMIMatcher) IsPrePacket() bool {
+	return false
+}
+
+func NewRMIMatcher() *RMIMatcher {
+
+	r := RMIMatcher{}
+	rsm := RMI_SEND_MESSAGE{
+		magic:    MAGIC_NUMBER,
+		version:  VERSION,
+		protocol: STREAM_PROTOCOL,
+	}
+
+	mCache := new(bytes.Buffer)
+	binary.Write(mCache, binary.BigEndian, rsm)
+
+	sendByte1 := mCache.Bytes()
+	pp := packet.NewPacket(sendByte1, len(sendByte1))
+
+	r.sendPackets = append(r.sendPackets, pp)
+
+	return &r
+}
--- a/matcher/rmi/rmi_test.go
+++ b/matcher/rmi/rmi_test.go
@@ -0,0 +1,52 @@
+package rmi
+
+import (
+	"fmt"
+	"git.loafle.net/overflow/overflow_discovery/match/packet"
+	//"git.loafle.net/overflow/overflow_discovery/discovery/discovery/types"
+	"net"
+	"testing"
+)
+
+func TestNew(t *testing.T) {
+	r := NewRMIMatcher()
+	fmt.Println("TestNew: ", r)
+}
+func TestRMIMatcher_Match(t *testing.T) {
+
+	fmt.Println("Match")
+
+	hm := NewRMIMatcher()
+
+	//port := types.NewPort("9840", types.NewHost("192.168.1.101"), types.TYPE_TCP)
+	//
+	//var ipport string
+	//ipport = port.Host.Ip + ":" + string(port.Port)
+
+	//fmt.Println(ipport)
+
+	client, err := net.Dial("tcp", "192.168.1.101:9840")
+
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	defer client.Close()
+
+	pack := hm.Packet(0)
+
+	fmt.Println(pack.Buffer)
+
+	//writer.WriteString(pack)
+	client.Write(pack.Buffer)
+
+	bytes := make([]byte, 512)
+
+	l, _ := client.Read(bytes)
+
+	//fmt.Println(bytes)
+
+	t1 := hm.Match(0, packet.NewPacket(bytes, l), nil)
+
+	fmt.Println(t1)
+}