-
Notifications
You must be signed in to change notification settings - Fork 30
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SMB Protocol gets the remote port of the attack+Grouping of protocol …
…utils.
- Loading branch information
Showing
43 changed files
with
173 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
39 changes: 39 additions & 0 deletions
39
.../java/de/tudarmstadt/informatik/hostage/protocol/commons/logWatchers/InterceptSysout.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
package de.tudarmstadt.informatik.hostage.protocol.commons.logWatchers; | ||
|
||
import java.io.OutputStream; | ||
import java.io.PrintStream; | ||
import java.util.ArrayList; | ||
import java.util.regex.Matcher; | ||
import java.util.regex.Pattern; | ||
|
||
public class InterceptSysout extends PrintStream { | ||
final static ArrayList<String> packets = new ArrayList<>(); | ||
|
||
public InterceptSysout(OutputStream out) { | ||
super(out); | ||
} | ||
|
||
/** | ||
* Intercept System.out.println without disturbing the console. | ||
* The packets from SMP protocol contain the connection received with the real port. | ||
* @param output System.out output as a stream. | ||
*/ | ||
@Override | ||
public void print(String output) { | ||
final Pattern secondPattern = Pattern.compile("\\Q[\\ESMB\\Q]\\E Connection from*"); | ||
Matcher matcher = secondPattern.matcher(output); | ||
if (matcher.find()) { | ||
packets.add(output); | ||
} | ||
super.print(output); | ||
} | ||
|
||
public ArrayList<String> getPackets(){ | ||
return packets; | ||
} | ||
|
||
public String getPacket(){ | ||
return packets.get(0); | ||
} | ||
|
||
} |
2 changes: 1 addition & 1 deletion
2
...ge/protocol/amqpUtils/LogBackWatcher.java → ...l/commons/logWatchers/LogBackWatcher.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 28 additions & 0 deletions
28
src/main/java/de/tudarmstadt/informatik/hostage/protocol/commons/patterns/IpPattern.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
package de.tudarmstadt.informatik.hostage.protocol.commons.patterns; | ||
|
||
import java.util.regex.Matcher; | ||
import java.util.regex.Pattern; | ||
|
||
import de.tudarmstadt.informatik.hostage.commons.MyLinkedMap; | ||
|
||
public class IpPattern { | ||
|
||
/** | ||
* Regex pattern matching Groups 1 and 2 will hold IP and port, respectively. | ||
* "(" capturing group, | ||
* "\d" Matches any digit character (0-9). Equivalent to [0-9]. | ||
* "{1,3} or {1,5} Matches the specified quantity of the previous token. | ||
* "\." Matches a "." character. | ||
* @return receiver and sender ip and port. | ||
*/ | ||
public static MyLinkedMap<Integer,String> getsAllIpsPorts(String capturePacket) { | ||
MyLinkedMap<Integer,String> allIpsPorts = new MyLinkedMap<>(); //keeps the insertion order. | ||
final Pattern pattern = Pattern.compile("(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}):(\\d{1,5})"); | ||
Matcher matcher = pattern.matcher(capturePacket); | ||
while (matcher.find()) { | ||
allIpsPorts.put(Integer.valueOf(matcher.group(2)),matcher.group(1));//group 2 port, group 1 IP. | ||
} | ||
return allIpsPorts; | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...tik/hostage/protocol/cifs/FileInject.java → ...stage/protocol/utils/cifs/FileInject.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...col/cifs/JLANFileServerConfiguration.java → ...ils/cifs/JLANFileServerConfiguration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...otocol/cifs/PseudoJavaFileDiskDriver.java → .../utils/cifs/PseudoJavaFileDiskDriver.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
.../hostage/protocol/cifs/smbutils/NBDS.java → ...ge/protocol/utils/cifs/smbutils/NBDS.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.