Overview of network_func.inc

Public Function Summary

Public functions are intended to be called by the code that imports this library.

Name Summary
check_udp_port_status
htonl
htons
ip_checksum
is_private_addr
is_radius_alive
ms_since_midnight
ntohl
test_udp_port

Public Function Details

check_udp_port_status

Named Parameters

dport

Code

function check_udp_port_status(dport)
{
  sport = rand() % 65000 + 1024;
  ip_pkt = forge_ip_packet(
            ip_hl   :5,
            ip_v    :4,
            ip_tos  :0,
            ip_len  :20,
            ip_id   :31337,
            ip_off  :0,
            ip_ttl  :64,
            ip_p    :IPPROTO_UDP,
            ip_src  :this_host()
          );

  udp_pkt = forge_udp_packet(
                ip      :ip_pkt,
                uh_sport:sport,
                uh_dport:dport,
                uh_ulen :8
              );

  ## Filter to check source host address and port and destination host address and port
  ## Also checking Destination host unreachable and Destination port unreachable
  filter = string("src host ", get_host_ip(), " and dst host ", this_host(),
           " and icmp and (icmp[0] == 3 and icmp[1] == 3 and icmp[28:2]==",
            sport, " and icmp[30:2]==", dport, ")");

  ## If UDP port is not reachable then it will return ICMP packet back
  ## i.e which will be having status code for Destination host unreachable
  ## and Destination port unreachable
  res = send_packet(udp_pkt, pcap_active:TRUE, pcap_filter:filter);

  ## Return 1 if udp port is alive and return 0 if udp port is not reachable
  if(res != NULL){
    return(0);
  } else {
    return(1);
  }
}

## This function will return 1 if Radius Server is running,

		
top

htonl

Named Parameters

n

Code

function htonl(n)
{
  local_var	i, j, s;

  j = n;	# We do not want to modify a global variable, just in case.
  for (i = 0; i < 4; i ++)
  {
    s[i] = j & 0xFF;
    j >>>= 8;
  }
  return raw_string(s[3], s[2], s[1], s[0]);
}

function htons(n)

		
top

htons

Named Parameters

n

Code

function htons(n)
{
  return raw_string((n >>> 8) & 0xFF, n & 0xFF);
}

function ntohl(n)

		
top

ip_checksum

Named Parameters

data

Code

function ip_checksum(data)
{
  local_var	sum, i, n;
  n = strlen(data);
  sum = 0;
  for (i = 0; i < n - 1; i += 2)
  {
    sum = sum + ord(data[i]) + 256 * ord(data[i+1]);
  }
  if (i < n)
    sum += ord(data[i]);
  sum = (sum >>> 16) + (sum & 0xffff);
  sum += (sum >>> 16);
  sum = (~sum) & 0xFFFF;
  return raw_string(sum % 256, sum / 256);
}

function ms_since_midnight()

		
top

is_private_addr

Named Parameters

addr

Code

function is_private_addr(addr)
{
  if (all_addr_private) return 1;
  if (all_addr_public) return 1;

  local_var	a;
  if (! addr)
    a = get_host_ip();
  else
    a = addr;
  # Localhost + RFC1918
  if (a =~ "^0*(127|10)\.[0-9]+\.[0-9]+\.[0-9]+") return 1;
  # RFC 1918 + Link local (RFC 3330)
  if (a =~ "^0*(192\.0*168|169\.0*254)\.[0-9]+\.[0-9]+") return 1;
  # RFC 1918
  if (a =~ "^0*172\.0*(1[6-9]|2[0-9]|3[01])\.[0-9]+\.[0-9]+") return 1;
  # TEST-NET - RFC 3330
  if (a =~ "^0*192\.0*0\.0*2\.[0-9]+") return 1;
  # RFC 2544
  if (a =~ "^0*192\.0*1[89]\.[0-9]+\.[0-9]+") return 1;
  return 0;
}

#

		
top

is_radius_alive

Named Parameters

port

Code

function is_radius_alive(port)
{
  username = string("OpenVAS");
  data = raw_string(0x40,0xfa,0xb3,0x17,0x23,0xfd,0xe5,0x7f,0x4a,0x02,
                    0x74,0x55,0x15,0x0c,0x45,0xeb) +
                    raw_string(0x01,(strlen(username)+2)) + username +
                    raw_string(0x02,0x12,0xfa,0x4d,0xb1,0x43,0x69,0xd5,
                    0x69,0x8b,0x1f,0x30, 0xea,0xf4,0x54,0x45,0x1e,0x70,
                    0x04,0x06,0x05,0x06,0x00,0x00,0x15,0x38);
  data = raw_string(0x01,0xbe,0x00,(strlen(data)+4)) + data;

  soc = open_sock_udp(port);
  if(soc)
  {
    send(socket:soc, data:data);
    buf = recv(socket:soc, length:4096);

    close(soc);
    # Radius-Code: Access-Rejected (3)
    if(buf && ord(buf[0]) == 3){
      return 1;
    }
  }
  return 0;
}


		
top

ms_since_midnight

Named Parameters

Code

function ms_since_midnight()
{
  local_var	v, s, u;

  v = gettimeofday();
  s = v[0]; u = v[1];
  s %= 1000;
  u /= 1000;
  return u + 1000 * s;
}


function htonl(n)

		
top

ntohl

Named Parameters

n

Code

function ntohl(n)
{
 if (strlen(n) != 4)
 {
  display('ntohl: invalid parameter\n');
  return;
 }
 return (ord(n[0]) << 24) | (ord(n[1]) << 16) | (ord(n[2]) << 8) | ord(n[3]);
}


## This function will return 1 UDP port is alive and

		
top

test_udp_port

Named Parameters

data
port
retries

Code

function test_udp_port(port, data, retries)
{
  local_var	ip, udp, srcaddr, dstaddr, r, f, i, n;

  if (retries <= 0) n = 6; else n = retries;
  if (isnull(data)) data = "";
  for (i = 0; i < n; i ++)
  {
    srcaddr = this_host();
    dstaddr = get_host_ip();
    srcport = 1024 + rand() % 64512;

    ip = forge_ip_packet(ip_v : 4, ip_hl : 5, ip_tos : 0,
                       ip_len : 20, ip_id : 0,
                       ip_p : IPPROTO_UDP, ip_ttl : 255, ip_off : 0,
                       ip_src : srcaddr, ip_dst : dstaddr);

    udp = forge_udp_packet(ip: ip, uh_sport : srcport, uh_dport : port,
			uh_ulen: 8 + strlen(data), data : data);

    f = strcat("src host ", dstaddr, " and dst host ", srcaddr,
	" and ( (udp and src port ", port, " and dst port ", srcport, ") or (",
	" icmp and icmp[0] = 3 and icmp[1] = 3))");
    r = send_packet(udp, pcap_timeout:1, pcap_active: TRUE, pcap_filter: f);
    if (r)
      if (ord(r[9]) == 17)	# udp
        return 2;
      else
      {
        ##dump(ddata: r, dtitle: "sniffed");
	len = (ord(r[0]) & 0xF); len *= 4;
	icmp = substr(r, len);
        ##dump(ddata: icmp, dtitle: "icmp");
        ip = substr(icmp, 8);	# Original datagram
        ##dump(ddata: ip, dtitle: "ip");
        len = (ord(ip[0]) & 0xF); len *= 4;
        udp = substr(ip, len);
        sp = ord(udp[0])*256 + ord(udp[1]);
	dp = ord(udp[2])*256 + ord(udp[3]);
        if (srcport == sp && port == dp)
          return 0;
      }
  }
  return 1;
}


function ip_checksum(data)

		
top