dsniff  2.4b2
About: A collection of tools for network auditing
  Fossies Dox: dsniff-2.4b2.tar.gz  ("inofficial" and yet experimental doxygen-generated source code documentation)  

decode_aim.c
Go to the documentation of this file.
1 /*
2  * decode_aim.c
3  *
4  * AOL Instant Messenger (and ICQ2000).
5  *
6  * Copyright (c) 2000 Dug Song <dugsong@monkey.org>
7  *
8  * $Id: decode_aim.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $
9  */
10 
11 #include "config.h"
12 
13 #include <sys/types.h>
14 
15 #include <stdio.h>
16 #include <string.h>
17 
18 #include "hex.h"
19 #include "buf.h"
20 #include "decode.h"
21 
22 struct flap {
23  u_char start;
24  u_char channel;
25  u_short seqnum;
26  u_short datalen;
27 };
28 
29 static char *aim_xor1 = "Tic/Toc";
30 
31 static u_char aim_xor2[] = {
32  0xf3, 0x26, 0x81, 0xc4, 0x39, 0x86, 0xdb, 0x92,
33  0x71, 0xa3, 0xb9, 0xe6, 0x53, 0x7a, 0x95, 0x7c
34 };
35 
36 int
37 decode_aim(u_char *buf, int len, u_char *obuf, int olen)
38 {
39  struct buf *msg, inbuf, outbuf;
40  struct flap *flap;
41  u_char c, *p;
42  int i, j;
43 
44  buf_init(&inbuf, buf, len);
45  buf_init(&outbuf, obuf, olen);
46 
47  if (buf_cmp(&inbuf, "FLAPON\r\n\r\n", 10) == 0)
48  buf_skip(&inbuf, 10);
49 
50  while (buf_len(&inbuf) > sizeof(*flap)) {
51  flap = (struct flap *)buf_ptr(&inbuf);
52  flap->datalen = ntohs(flap->datalen);
53 
54  i = sizeof(*flap) + flap->datalen;
55 
56  if ((msg = buf_tok(&inbuf, NULL, i)) == NULL)
57  break;
58 
59  buf_skip(msg, sizeof(*flap));
60 
61  if (buf_cmp(msg, "toc_signon ", 11) == 0) {
62  msg->base[msg->end - 1] = '\0';
63  p = buf_ptr(msg);
64 
65  for (i = 0; i < 4; i++) {
66  if ((j = strcspn(p, " ")) > 0)
67  p += (j + 1);
68  }
69  if (strtok(p, " ") == NULL)
70  continue;
71 
72  buf_putf(&outbuf, "%s ", buf_ptr(msg));
73 
74  i = strlen(p);
75  j = hex_decode(p, i, p, i);
76 
77  for (i = 0; i < j; i++)
78  p[i] = p[i] ^ aim_xor1[i % 7];
79  p[i] = '\0';
80 
81  buf_putf(&outbuf, "[%s]\n", p);
82  }
83  else if (flap->start == 0x2a && flap->channel == 0x01 &&
84  buf_cmp(msg, "\x00\x00\x00\x01", 4) == 0) {
85  buf_skip(msg, 7);
86 
87  buf_get(msg, &c, 1);
88  p = buf_ptr(msg);
89 
90  if (c == 0 || buf_skip(msg, c + 3) < 0)
91  continue;
92 
93  p[c] = '\0';
94 
95  buf_get(msg, &c, 1);
96 
97  if (buf_len(msg) < c + 1)
98  continue;
99 
100  buf_putf(&outbuf, "%s\n", p);
101 
102  p = buf_ptr(msg);
103 
104  for (i = 0; i < c; i++) {
105  p[i] = p[i] ^ aim_xor2[i % sizeof(aim_xor2)];
106  }
107  p[i] = '\0';
108 
109  buf_putf(&outbuf, "%s\n", p);
110 
111  break;
112  }
113  }
114  buf_end(&outbuf);
115 
116  return (buf_len(&outbuf));
117 }
buf_putf
int buf_putf(buf_t buf, const char *fmt,...)
Definition: buf.c:106
decode_aim
int decode_aim(u_char *buf, int len, u_char *obuf, int olen)
Definition: decode_aim.c:37
buf_init
void buf_init(buf_t buf, u_char *data, int len)
Definition: buf.c:24
buf_end
void buf_end(buf_t buf)
Definition: buf.c:121
flap::start
u_char start
Definition: decode_aim.c:23
buf::base
u_char * base
Definition: buf.h:15
flap::datalen
u_short datalen
Definition: decode_aim.c:26
decode.h
hex.h
buf.h
flap::seqnum
u_short seqnum
Definition: decode_aim.c:25
aim_xor1
static char * aim_xor1
Definition: decode_aim.c:29
buf
Definition: buf.h:14
buf_get
int buf_get(buf_t buf, void *dst, int len)
Definition: buf.c:74
aim_xor2
static u_char aim_xor2[]
Definition: decode_aim.c:31
buf_tok
buf_t buf_tok(buf_t buf, void *sep, int len)
Definition: buf.c:167
buf_ptr
#define buf_ptr(b)
Definition: buf.h:31
buf_cmp
int buf_cmp(buf_t buf, void *ptr, int len)
Definition: buf.c:158
hex_decode
int hex_decode(char *src, int srclen, u_char *dst, int dstlen)
Definition: hex.c:20
buf_skip
#define buf_skip(b, l)
Definition: buf.h:47
buf::end
int end
Definition: buf.h:18
flap::channel
u_char channel
Definition: decode_aim.c:24
config.h
obuf
static char obuf[4096]
Definition: trigger.c:43
buf_len
#define buf_len(b)
Definition: buf.h:34
flap
Definition: decode_aim.c:22