Navigation

← Previous Changeset
Next Changeset →

Changeset 5446

Timestamp:

03/16/08 23:46:42 (7 months ago)

Author:

hdm

Message:

Merged all of the scruby patches, fixed Dot11 support with regards to RadioTap? headers.

Files:

framework3/trunk/lib/msf/core/exploit/capture.rb (modified) (2 diffs)
framework3/trunk/lib/scruby.rb (modified) (1 diff)
framework3/trunk/lib/scruby/const.rb (modified) (3 diffs)
framework3/trunk/lib/scruby/dissector.rb (modified) (18 diffs)
framework3/trunk/lib/scruby/field.rb (modified) (20 diffs)
framework3/trunk/lib/scruby/help.rb (modified) (2 diffs)
framework3/trunk/lib/scruby/layer.rb (modified) (4 diffs)
framework3/trunk/lib/scruby/unittest.rb (modified) (11 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

framework3/trunk/lib/msf/core/exploit/capture.rb

r5352	r5446
100	100	raw = pkt.raw_data
101	101	off = 0
102
	102
103	103	case pkt.datalink
104	104	when 119
…	…
129	129	def each_packet
130	130	return if not self.capture
	131
	132	# print_status("Link type is #{capture.datalink}")
	133
131	134	capture.each do \|packet\|
132
133	135	dec = Scruby.linklayer_dissector(capture.datalink, packet)
134	136

framework3/trunk/lib/scruby.rb

r5349	r5446
53	53	end
54	54
55		~~def method_missing(method, *args)~~
56		~~Scruby.method_missing(method, *args)~~
57		~~end~~
58
59	55	# Same as above, for fields
60	56	def self.field(method, *args)

framework3/trunk/lib/scruby/const.rb

r5440	r5446
14	14
15	15	# Scruby version
16		SCRUBY_VERSION = '0.~~2.1-hdm-2~~'
	16	SCRUBY_VERSION = '0.3-hdm'
17	17
18	18	# Completion for functions
19	19	FUNCTIONS_LIST = %w[sendp sniff ls lsc]
	20
	21	# Link types that are not implented in Pcap
	22	DLT_OPENBSD = 12
	23
	24	# Pcap::DLT_IEEE802 is 6 but on my system, sniffing on ath0 return 105 as link type
	25	DLT_IEEE80211 = 105
20	26
21	27	# History
…	…
32	38	LOOPBACK_DEVICE_PREFIX = 'lo'
33	39
	40	# If two layers are to be bound every time
	41	BIND_ALWAYS = ''
	42
34	43	# Constants for Ethernet
35	44	ETHERTYPE_IPv4 = 0x800
36		ETHERTYPE_ARP = 0x806
37		ETHERTYPE_ALL = { ETHERTYPE_IPv4 => "IPv4",
38		ETHERTYPE_ARP => "ARP"}
	45	ETHERTYPE_ARP = 0x806
	46	ETHERTYPE_ALL = { ETHERTYPE_IPv4 => 'IPv4',
	47	ETHERTYPE_ARP => 'ARP' }
	48	ETHERADDR_ANY = '00:00:00:00:00:00'
	49
	50	# Constants for ARP
	51	ARPTYPE_WHOAS = 1
	52	ARPTYPE_ISAT = 2
	53	ARPTYPE_RARP_REQ = 3
	54	ARPTYPE_RARP_RES = 4
	55	ARPTYPE_DYN_RARP_REQ = 5
	56	ARPTYPE_DYN_RARP_REP = 6
	57	ARPTYPE_DYN_RARP_ERR = 7
	58	ARPTYPE_IN_ARP_REQ = 8
	59	ARPTYPE_IN_ARP_REP = 9
	60
	61	ARPTYPE_ALL = { ARPTYPE_WHOAS => 'who-as',
	62	ARPTYPE_ISAT => 'is-at',
	63	ARPTYPE_RARP_REQ => 'RARP-req',
	64	ARPTYPE_RARP_RES => 'RARP-rep',
	65	ARPTYPE_DYN_RARP_REQ => 'DynRARP-req',
	66	ARPTYPE_DYN_RARP_REP => 'DynRARP-rep',
	67	ARPTYPE_DYN_RARP_ERR => 'DynRARP-err',
	68	ARPTYPE_IN_ARP_REQ => 'InARP-req',
	69	ARPTYPE_IN_ARP_REP => 'InARP-rep' }
	70
	71	ARPHWTYPE_ETHER = 1
	72	ARPHWTYPE_FRAME_RELAY = 15
	73	ARPHWTYPE_ALL = { ARPHWTYPE_ETHER => 'Ethernet',
	74	ARPHWTYPE_FRAME_RELAY => 'FrameRelay' }
	75
	76	ARPHWLEN_TOKEN_RING = 1
	77	ARPHWLEN_ETHER = 6
	78	ARPHWLEN_ALL = { ARPHWLEN_TOKEN_RING => 'TokenRing',
	79	ARPHWLEN_ETHER => 'Ethernet' }
	80
	81	ARPPROTOLEN_IPv4 = 4
	82	ARPPROTOLEN_IPv6 = 16
	83	ARPPROTOLEN_ALL = { ARPPROTOLEN_IPv4 => 'IPv4',
	84	ARPPROTOLEN_IPv6 => 'IPv6' }
39	85
40	86	# Constants for BSD loopback interfaces
…	…
42	88
43	89	# Constants for IP
	90	IPFLAGS = %w[MF DF evil]
	91
44	92	IPPROTO_ICMP = 1
45	93	IPPROTO_TCP = 6
46	94	IPPROTO_UDP = 17
47		IPPROTO_ALL = { IPPROTO_ICMP => "ICMP",
48		IPPROTO_TCP => "TCP",
49		IPPROTO_UDP => "UDP" }
	95	IPPROTO_ALL = { IPPROTO_ICMP => 'ICMP',
	96	IPPROTO_TCP => 'TCP',
	97	IPPROTO_UDP => 'UDP' }
	98
	99	# Constants for TCP
	100	TCPFLAGS = %w[FIN SYN RST PSH ACK URG ECN RES]
50	101
51	102	# Constants for ICMP
52		ICMPTYPE_ECHO = 8
	103	ICMPTYPE_ECHO_REQ = 8
	104	ICMPTYPE_ALL = { ICMPTYPE_ECHO_REQ => 'echo request' }
	105
	106	# Constants for 802.11
	107	DOT11TYPE_MANAGEMENT = 0
	108	DOT11TYPE_CONTROL = 1
	109	DOT11TYPE_DATA = 2
	110	DOT11TYPE_RESERVED = 3
	111
	112	DOT11TYPE_ALL = { DOT11TYPE_MANAGEMENT => 'Management',
	113	DOT11TYPE_CONTROL => 'Control',
	114	DOT11TYPE_DATA => 'Data',
	115	DOT11TYPE_RESERVED => 'Reserved' }
	116
	117	DOT11SUBTYPE_PS_POLL = 0b1010
	118	DOT11SUBTYPE_RTS = 0b1011
	119	DOT11SUBTYPE_CF_END = 0b1110
	120	DOT11SUBTYPE_CF_END_CF_ACK = 0b1111
	121
	122	DOT11_FC_FLAGS = %w[to-DS from-DS MF retry pw-mgt MD wep order]
	123
	124	DOT11_CAPABILITIES = %w[res8 res9 short-slot res11 res12 DSSS-OFDM res14 res15 ESS IBSS CFP CFP-req privacy short-preamble PBCC agility]
	125
	126	DOT11_ID = {0 => 'SSID', 1 => 'Rates', 2 => 'FHset', 3 => 'DSset', 4 => 'CFset', 5 => 'TIM', 6 => 'IBSSset', 16 => 'challenge', 42 => 'ERPinfo', 46 => 'QoS Capability', 47 => 'ERPinfo', 48 => 'RSNinfo', 50 => 'ESRates',221 => 'vendor',68 => 'reserved'}
	127
	128	DOT11_REASON = {0 => 'reserved',1 => 'unspec', 2 => 'auth-expired',
	129	3 => 'deauth-ST-leaving',
	130	4 => 'inactivity', 5 => 'AP-full', 6 => 'class2-from-nonauth',
	131	7 => 'class3-from-nonass', 8 => 'disas-ST-leaving',
	132	9 => 'ST-not-auth'}
	133
	134	DOT11_AUTH_ALGO = {0 => 'open', 1 => 'sharedkey'}
	135
	136	DOT11_STATUS = {0 => 'success', 1 => 'failure', 10 => 'cannot-support-all-cap',
	137	11 => 'inexist-asso', 12 => 'asso-denied', 13 => 'algo-unsupported',
	138	14 => 'bad-seq-num', 15 => 'challenge-failure',
	139	16 => 'timeout', 17 => 'AP-full', 18 => 'rate-unsupported'}
	140
	141	RADIOTAP_PRESENT = %w[TSFT Flags Rate Channel FHSS dBm_AntSignal dBm_AntNoise Lock_Quality TX_Attenuation dB_TX_Attenuation
	142	dBm_TX_Power Antenna dB_AntSignal dB_AntNoise
	143	b14 b15 b16 b17 b18 b19 b20 b21 b22 b23
	144	b24 b25 b26 b27 b28 b29 b30 Ext]
53	145
54	146	def self.aware_proto

framework3/trunk/lib/scruby/dissector.rb

r5440	r5446
38	38	class Ether<Layer
39	39	Scruby.register_dissector(self)
40		~~def method_missing(method, *args)~~
41		~~return Scruby.field(method, *args)~~
42		~~end~~
43	40
44	41	attr_accessor :dst, :src, :type
…	…
46	43	def init
47	44	@protocol = 'Ethernet'
48		@fields_desc = [ MACField('dst', ~~'00:00:00:00:00:00'~~),
49		MACField('src', ~~'00:00:00:00:00:00'~~),
50		XShort~~Field('type', ETHERTYPE_IPv4~~) ]
51		end
52
53		end
54
	45	@fields_desc = [ MACField('dst', ETHERADDR_ANY),
	46	MACField('src', ETHERADDR_ANY),
	47	XShortEnumField('type', ETHERTYPE_IPv4, ETHERTYPE_ALL) ]
	48	end
	49
	50	end
	51
55	52	# Dissector for ARP
56	53	class ARP<Layer
…	…
84	81	end
85	82	end
86		end
87
88
	83	end
	84
89	85	# Dissector for IPv4
90	86	class IP<Layer
91	87	Scruby.register_dissector(self)
92		def method_missing(method, *args)
93		return Scruby.field(method, *args)
94		end
95
	88
96	89	attr_accessor :version, :ihl, :tos, :len, :id, :flags, :frag
97	90	attr_accessor :ttl, :proto, :chksum, :src, :dst
…	…
99	92	def init
100	93	@protocol = 'IPv4'
101		@fields_desc = [ BitField(~~"version"~~, 4, 4),
102		BitField(~~"ihl"~~, 5, 4),
	94	@fields_desc = [ BitField('version', 4, 4),
	95	BitField('ihl', 5, 4),
103	96	XByteField('tos', 0),
104	97	ShortField('len', 20),
105	98	XShortField('id', 0),
106		~~BitField('flags', 0, 3~~),
	99	FlagsField('flags', 0, 3, IPFLAGS),
107	100	BitField('frag', 0, 13),
108	101	ByteField('ttl', 64),
…	…
127	120	class ICMP<Layer
128	121	Scruby.register_dissector(self)
129		def method_missing(method, *args)
130		return Scruby.field(method, *args)
131		end
132
	122
133	123	attr_accessor :type, :code, :chksum, :id, :seq
134	124
135	125	def init
136	126	@protocol = 'ICMP'
137		@fields_desc = [ Byte~~Field('type', ICMPTYPE_ECHO~~),
	127	@fields_desc = [ ByteEnumField('type', ICMPTYPE_ECHO_REQ, ICMPTYPE_ALL),
138	128	ByteField('code', 0),
139	129	XShortField('chksum', 0),
…	…
153	143	class Raw<Layer
154	144	Scruby.register_dissector(self)
155		def method_missing(method, *args)
156		return Scruby.field(method, *args)
157		end
158
	145
159	146	attr_accessor :load
160	147
…	…
169	156	class TCP<Layer
170	157	Scruby.register_dissector(self)
171		~~def method_missing(method, *args)~~
172		~~return Scruby.field(method, *args)~~
173		~~end~~
174	158
175	159	attr_accessor :sport, :dport, :seq, :ack, :dataofs, :reserved
…	…
182	166	IntField('seq', 0),
183	167	IntField('ack', 0),
184		BitField(~~"dataofs"~~, 5, 4),
185		BitField(~~"reserved"~~, 0, 4),
186		~~XByteField('flags', 0x2~~),
	168	BitField('dataofs', 5, 4),
	169	BitField('reserved', 0, 4),
	170	FlagsField('flags', 0x2, 8, TCPFLAGS),
187	171	ShortField('window', 8192),
188	172	XShortField('chksum', 0),
…	…
218	202	class UDP<Layer
219	203	Scruby.register_dissector(self)
220		def method_missing(method, *args)
221		return Scruby.field(method, *args)
222		end
223
	204
224	205	attr_accessor :sport, :dport, :len, :chksum
225	206
…	…
264	245	class ClassicBSDLoopback<Layer
265	246	Scruby.register_dissector(self)
266		def method_missing(method, *args)
267		return Scruby.field(method, *args)
268		end
269
	247
270	248	attr_accessor :header
271	249
…	…
280	258	class OpenBSDLoopback<Layer
281	259	Scruby.register_dissector(self)
282		def method_missing(method, *args)
283		return Scruby.field(method, *args)
284		end
285
	260
286	261	attr_accessor :header
287	262
…	…
297	272	class Prism<Layer
298	273	Scruby.register_dissector(self)
299		def method_missing(method, *args)
300		return Scruby.field(method, *args)
301		end
302
	274
303	275	attr_accessor :header
304	276
…	…
353	325
354	326	end
355
356		~~=begin~~
357		~~class Dot11<Layer~~
358		~~Scruby.register_dissector(self)~~
359		~~def method_missing(method, *args)~~
360		~~return Scruby.field(method, *args)~~
361		~~end~~
362
363		~~attr_accessor :header~~
364
365		~~def init~~
366		~~@protocol = '802.11'~~
367		~~@fields_desc = [~~
368		~~BitField("subtype", 0, 4),~~
369		~~BitEnumField("type", 0, 2, ["Management", "Control", "Data", "Reserved"]),~~
370		~~BitField("proto", 0, 2),~~
371		~~FlagsField("FCfield", 0, 8, ["to-DS", "from-DS", "MF", "retry", "pw-mgt", "MD", "wep", "order"]),~~
372		~~ShortField("ID",0),~~
373		~~MACField("addr1", ETHER_ANY),~~
374		~~Dot11Addr2MACField("addr2", ETHER_ANY),~~
375		~~Dot11Addr3MACField("addr3", ETHER_ANY),~~
376		~~Dot11SCField("SC", 0),~~
377		~~Dot11Addr4MACField("addr4", ETHER_ANY)~~
378		]
379		~~end~~
380
381		~~end~~
382		~~=end~~
383	327
384	328	# Dissector for RIFF file format header
385	329	class RIFF<Layer
386	330	Scruby.register_dissector(self)
387		def method_missing(method, *args)
388		return Scruby.field(method, *args)
389		end
390
391		attr_accessor :id, :size
	331
	332	attr_accessor :id, :size, :headerid
392	333
393	334	def init
…	…
403	344	class ANI<Layer
404	345	Scruby.register_dissector(self)
405		def method_missing(method, *args)
406		return Scruby.field(method, *args)
407		end
408
409		attr_accessor :headersize, :frames, :steps, :width, :height, :bitcount, :planes
	346
	347	attr_accessor :id, :size, :headersize, :frames, :steps, :width, :height, :bitcount, :planes
410	348	attr_accessor :displayrate, :reserved, :sequence, :icon
411	349
…	…
429	367	end
430	368
	369
	370
	371	# Dot11 dissectors
	372	class RadioTap<Layer
	373	Scruby.register_dissector(self)
	374
	375	attr_accessor :version, :pad, :len, :notdecoded, :present
	376
	377	def init
	378	@protocol = 'RadioTap'
	379	@fields_desc = [ ByteField('version', 0),
	380	ByteField('pad', 0),
	381	FieldLenField('len', 0, 'radiotap', 's', { :adjust => -8 } ),
	382	FlagsField('present', 0, 32, RADIOTAP_PRESENT),
	383	StrLenField('radiotap', '', 'len')
	384	]
	385	end
	386
	387	end
	388
	389
	390	# Dot11 dissectors
	391	class Dot11<Layer
	392	Scruby.register_dissector(self)
	393
	394	attr_accessor :subtype, :type, :proto, :FCfield, :ID, :addr1, :addr2, :addr3, :SC, :addr4
	395
	396	def init
	397	@protocol = '802.11'
	398	@fields_desc = [ BitField('subtype', 0, 4),
	399	BitEnumField('type', DOT11TYPE_DATA, 2, DOT11TYPE_ALL),
	400	BitField('proto', 0, 2),
	401	FlagsField('FCfield', 0, 8, DOT11_FC_FLAGS),
	402	ShortField('ID', 0),
	403	MACField('addr1', ETHERADDR_ANY),
	404	Dot11Addr2MACField('addr2', ETHERADDR_ANY),
	405	Dot11Addr3MACField('addr3', ETHERADDR_ANY),
	406	Dot11SCField('SC', 0),
	407	Dot11Addr4MACField('addr4', ETHERADDR_ANY) ]
	408	end
	409
	410	end
	411
	412	class Dot11QoS<Layer
	413	Scruby.register_dissector(self)
	414
	415	attr_accessor :TID, :EOSP, :AckPolicy, :Reserved, :TXOP
	416
	417	def init
	418	@protocol = '802.11 QoS'
	419	@fields_desc = [ BitField('TID',0,4),
	420	BitField('EOSP',0,1),
	421	BitField('AckPolicy',0,2),
	422	BitField('Reserved',0,1),
	423	ByteField('TXOP',0) ]
	424	end
	425
	426	end
	427
	428	class Dot11Beacon<Layer
	429	Scruby.register_dissector(self)
	430
	431	attr_accessor :timestamp, :beacon_interval, :cap
	432
	433	def init
	434	@protocol = '802.11 Beacon'
	435	@fields_desc = [ LongField('timestamp', 0), # Bug: should be little endian
	436	LEShortField('beacon_interval', 0x64),
	437	FlagsField('cap', 0, 16, DOT11_CAPABILITIES) ]
	438	end
	439
	440	end
	441
	442	class Dot11Elt<Layer
	443	Scruby.register_dissector(self)
	444
	445	attr_accessor :ID, :len, :info
	446
	447	def init
	448	@protocol = '802.11 Information Element'
	449	@fields_desc = [ ByteEnumField('ID', 0, DOT11_ID),
	450	FieldLenField('len', 0, 'info', 'C'),
	451	StrLenField('info', '', 'len') ]
	452	end
	453
	454	end
	455
	456	class Dot11ATIM<Layer
	457	Scruby.register_dissector(self)
	458
	459	def init
	460	@protocol = '802.11 ATIM'
	461	end
	462	end
	463
	464	class Dot11Disas<Layer
	465	Scruby.register_dissector(self)
	466
	467	attr_accessor :reason
	468
	469	def init
	470	@protocol = '802.11 Disassociation'
	471	@fields_desc = [ LEShortEnumField('reason', 1, DOT11_REASON) ]
	472	end
	473
	474	end
	475
	476	class Dot11AssoReq<Layer
	477	Scruby.register_dissector(self)
	478
	479	attr_accessor :cap, :listen_interval
	480
	481	def init
	482	@protocol = '802.11 Association Request'
	483	@fields_desc = [ FlagsField('cap', 0, 16, DOT11_CAPABILITIES),
	484	LEShortField('listen_interval', 0xc8) ]
	485	end
	486
	487	end
	488
	489	class Dot11AssoResp<Layer
	490	Scruby.register_dissector(self)
	491
	492	attr_accessor :cap, :status, :AID
	493
	494	def init
	495	@protocol = '802.11 Association Response'
	496	@fields_desc = [ FlagsField('cap', 0, 16, DOT11_CAPABILITIES),
	497	LEShortField('status', 0),
	498	LEShortField('AID', 0) ]
	499	end
	500
	501	end
	502
	503	class Dot11ReassoReq<Layer
	504	Scruby.register_dissector(self)
	505
	506	attr_accessor :cap, :current_AP, :listen_interval
	507
	508	def init
	509	@protocol = '802.11 Reassociation Request'
	510	@fields_desc = [ FlagsField('cap', 0, 16, DOT11_CAPABILITIES),
	511	MACField('current_AP', ETHERADDR_ANY),
	512	LEShortField('listen_interval', 0xc8) ]
	513	end
	514
	515	end
	516
	517	class Dot11ReassoResp<Dot11AssoResp
	518	Scruby.register_dissector(self)
	519
	520	def init
	521	@protocol = '802.11 Reassociation Response'
	522	end
	523	end
	524
	525	class Dot11ProbeReq<Layer
	526	Scruby.register_dissector(self)
	527
	528	def init
	529	@protocol = '802.11 Probe Request'
	530	end
	531	end
	532
	533	class Dot11ProbeResp<Layer
	534	Scruby.register_dissector(self)
	535
	536	attr_accessor :timestamp, :beacon_interval, :cap
	537
	538	def init
	539	@protocol = '802.11 Probe Response'
	540	@fields_desc = [ LongField('timestamp', 0), # Bug: should be little endian
	541	LEShortField('beacon_interval', 0x64),
	542	FlagsField('cap', 0, 16, DOT11_CAPABILITIES) ]
	543	end
	544
	545	end
	546
	547	class Dot11Auth<Layer
	548	Scruby.register_dissector(self)
	549
	550	attr_accessor :algo, :seqnum, :status
	551
	552	def init
	553	@protocol = '802.11 Authentication'
	554	@fields_desc = [ LEShortEnumField('algo', 0, DOT11_AUTH_ALGO),
	555	LEShortField('seqnum', 0),
	556	LEShortEnumField('status', 0, DOT11_STATUS) ]
	557	end
	558
	559	end
	560
	561	class Dot11Deauth<Layer
	562	Scruby.register_dissector(self)
	563
	564	attr_accessor :reason
	565
	566	def init
	567	@protocol = '802.11 Deauthentication'
	568	@fields_desc = [ LEShortEnumField('reason', 1, DOT11_REASON) ]
	569	end
	570
	571	end
	572
	573	class Dot11WEP<Layer
	574	Scruby.register_dissector(self)
	575
	576	attr_accessor :iv, :keyid, :wepdata, :icv
	577
	578	def init
	579	@protocol = '802.11 WEP packet'
	580	@fields_desc = [ StrFixedLenField('iv', "\0\0\0", 3),
	581	ByteField('keyid', 0),
	582	StrField('wepdata', ''), # Bug: 4 bytes remains
	583	IntField('icv', 0) ]
	584	end
	585
	586	end
	587
	588	class LLC<Layer
	589	Scruby.register_dissector(self)
	590
	591	attr_accessor :dsap, :ssap, :ctrl
	592
	593	def init
	594	@protocol = 'LLC'
	595	@fields_desc = [ XByteField('dsap', 0),
	596	XByteField('ssap', 0),
	597	ByteField('ctrl', 0) ]
	598	end
	599
	600	end
	601
431	602	# Layer bounds
432	603	@@layer_bounds =
…	…
437	608	['type', ETHERTYPE_ARP, ARP]
438	609	],
439
	610
	611	'RadioTap' =>
	612	[
	613	[BIND_ALWAYS, BIND_ALWAYS, Dot11]
	614	],
	615
	616	'Prism' =>
	617	[
	618	[BIND_ALWAYS, BIND_ALWAYS, Dot11]
	619	],
	620
	621	'Dot11' => [
	622	['type', 2, LLC],
	623	['subtype', 0, Dot11AssoReq],
	624	['subtype', 1, Dot11AssoResp],
	625	['subtype', 2, Dot11ReassoReq],
	626	['subtype', 3, Dot11ReassoResp],
	627	['subtype', 4, Dot11ProbeReq],
	628	['subtype', 5, Dot11ProbeResp],
	629	['subtype', 8, Dot11Beacon],
	630	['subtype', 9, Dot11ATIM],
	631	['subtype', 10, Dot11Disas],
	632	['subtype', 11, Dot11Auth],
	633	['subtype', 12, Dot11Deauth],
	634	],
	635
	636	'Dot11QoS' => [
	637	[BIND_ALWAYS, BIND_ALWAYS, LLC]
	638	],
	639	'Dot11Beacon' => [
	640	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	641	],
	642	'Dot11AssoReq' => [
	643	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	644	],
	645	'Dot11AssoResp' => [
	646	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	647	],
	648	'Dot11ReassoReq' => [
	649	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	650	],
	651	'Dot11ReassoResp' => [
	652	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	653	],
	654	'Dot11ProbeReq' => [
	655	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	656	],
	657	'Dot11ProbeResp' => [
	658	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	659	],
	660	'Dot11Auth' => [
	661	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	662	],
	663	'Dot11Elt' => [
	664	[BIND_ALWAYS, BIND_ALWAYS, Dot11Elt]
	665	],
	666
440	667	'ClassicBSDLoopback' =>
441	668	[
…	…
467	694	when Pcap::DLT_NULL
468	695	ClassicBSDLoopback(pkt)
469		when ~~Pcap::DLT_RAW~~
	696	when DLT_OPENBSD
470	697	OpenBSDLoopback(pkt)
471	698	when Pcap::DLT_PRISM_HEADER
472	699	Prism(pkt)
	700	when Pcap::DLT_IEEE802
	701	when Pcap::DLT_IEEE802_11
	702	Dot11(pkt)
	703	when Pcap::DLT_IEEE802_11_RADIO
	704	RadioTap(pkt)
	705	when Pcap::DLT_IEEE802_11_RADIO_AVS
	706	RadioTap(pkt)
473	707	when 101,
474	708	IP(pkt)
…	…
495	729	TCP
496	730	UDP
	731	LLC
	732	ARP
	733	Prism
	734	Dot11
	735	Dot11Beacon
	736	Dot11Elt
	737	Dot11ATIM
	738	Dot11Disas
	739	Dot11AssoReq
	740	Dot11AssoResp
	741	Dot11ReassoReq
	742	Dot11ReassoResp
	743	Dot11ProbeReq
	744	Dot11ProbeResp
	745	Dot11Auth
	746	Dot11Deauth
	747	Dot11WEP
497	748
498	749	Scapy (1.2.0.1) packet dissectors/types:

framework3/trunk/lib/scruby/field.rb

r5349	r5446
46	46	def dissect(layer, string)
47	47
	48	# Preparing the packet for building
	49	self.pre_build()
	50
48	51	part = string.unpack(self.format + 'a*')
49	52
…	…
74	77
75	78	# Converts from human to internal encoding
76		# e.g. allows TCP(:~~sport=>'http~~')
	79	# e.g. allows TCP(:proto=>'ICMP')
77	80	def from_human(value)
78	81	return value
…	…
85	88	end
86	89
87		# Same as tuhuman() but displays more information
	90	# Same as to_human() but displays more information
88	91	# e.g. "6 (TCP)" instead of "6" for IP protocol
89	92	def to_human_complete(value)
90	93	return value.to_s
	94	end
	95
	96	# Returns yes if the field is to be added to the dissectors, e.g. depending
	97	# on the value of another field of the layer (see Dot11*)
	98	def is_applicable?(layer)
	99	return true
	100	end
	101
	102	# Prepares the packet for building
	103	# e.g. for StrLenField, retrieves the right format size from the associated FieldLenField
	104	def pre_build
91	105	end
92	106
…	…
101	115	def to_human_complete(value)
102	116	return sprintf('0x%x', value)
	117	end
	118	end
	119
	120	# Shortcut mixins for reducing code size
	121	module FieldHumanHexEnum
	122	def to_human(value)
	123	return sprintf('0x%x', value)
	124	end
	125
	126	def to_human_complete(value)
	127	# Checking if the value is in the enumeration keys
	128	if @enum.keys.include?(value)
	129	return sprintf('0x%x', value) + ' (' + @enum[value].to_s + ')'
	130
	131	# Otherwise, just returning the value
	132	else
	133	return sprintf('0x%x', value)
	134	end
103	135	end
104	136	end
…	…
148	180
149	181	def to_human_complete(value)
150
	182	puts "ok"
151	183	# Checking if the value is in the enumeration keys
152	184	if @enum.keys.include?(value)
…	…
202	234	end
203	235
204		~~def to_net(value)~~
205		~~return value.to_s~~
206		~~end~~
207
208		~~def to_human(value)~~
209		~~return value.to_s.inspect~~
210		~~end~~
211
212		~~def to_human_complete(value)~~
213		~~return value.to_s.inspect~~
214		~~end~~
215
216	236	end
217	237
…	…
236	256	def dissect(layer, string)
237	257
	258	@@bitsdone \|\|= 0
238	259	# Cannot dissect if the wanted size is greater than the length of the string
239	260	# e.g. "IP('A'*7)" should not set frag=65
…	…
277	298
278	299	def to_net(value)
	300
	301	@@bitsdone \|\|= 0
	302
279	303	# OR'ing this value the value the previous ones
280	304	@@byte <<= @size
…	…
327	351	# Same as ByteEnumField, displayed in hexadecimal form
328	352	class XByteEnumField<ByteEnumField
329		include FieldHumanHex
	353	include FieldHumanHexEnum
330	354	end
331	355
…	…
351	375	# Same as ShortEnumField, displayed in hexadecimal form
352	376