dsniff  2.4b2
About: A collection of tools for network auditing
  Fossies Dox: dsniff-2.4b2.tar.gz  ("inofficial" and yet experimental doxygen-generated source code documentation)  

decode_citrix.c
Go to the documentation of this file.
1 /*
2  * decode_citrix.c
3  *
4  * Citrix ICA.
5  *
6  * http://www.securityfocus.com/templates/archive.pike?list=1&date=200 \
7  * 0-04-15&msg=Pine.BSO.4.20.0003290949280.2640-100000@naughty.monkey.org
8  *
9  * Thanks to Jeremie Kass <jeremie@monkey.org> for providing me with
10  * traffic traces.
11  *
12  * Copyright (c) 2000 Dug Song <dugsong@monkey.org>
13  *
14  * $Id: decode_citrix.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $
15  */
16 
17 #include "config.h"
18 
19 #include <sys/types.h>
20 
21 #include <stdio.h>
22 #include <string.h>
23 
24 #include "buf.h"
25 #include "decode.h"
26 
27 static u_char ica_magic[] = { 0x32, 0x26, 0x85, 0x92, 0x58 };
28 
29 int
30 decode_citrix(u_char *buf, int len, u_char *obuf, int olen)
31 {
32  struct buf inbuf, outbuf;
33  u_char key, c, t[2];
34  int i;
35 
36  buf_init(&inbuf, buf, len);
37  buf_init(&outbuf, obuf, olen);
38 
39  while ((i = buf_index(&inbuf, ica_magic, sizeof(ica_magic))) >= 0) {
40  buf_skip(&inbuf, i);
41 
42  if (buf_len(&inbuf) < 60)
43  break;
44 
45  buf_skip(&inbuf, 17);
46 
47  if (buf_get(&inbuf, &key, 1) != 1)
48  break;
49 
50  buf_skip(&inbuf, 42);
51 
52  if (buf_get(&inbuf, &c, 1) != 1)
53  break;
54 
55  c ^= ('C' | key);
56 
57  buf_put(&outbuf, &c, 1);
58 
59  i = 0;
60  while (buf_get(&inbuf, t, 2) == 2) {
61  c = t[0] ^ t[1] ^ key;
62 
63  if (c == '\0') {
64  buf_put(&outbuf, "\n", 1);
65  if (++i > 2) break;
66  }
67  buf_put(&outbuf, &c, 1);
68  }
69  }
70  buf_end(&outbuf);
71 
72  return (buf_len(&outbuf));
73 }
buf_init
void buf_init(buf_t buf, u_char *data, int len)
Definition: buf.c:24
buf_end
void buf_end(buf_t buf)
Definition: buf.c:121
buf_put
int buf_put(buf_t buf, void *src, int len)
Definition: buf.c:93
ica_magic
static u_char ica_magic[]
Definition: decode_citrix.c:27
decode.h
buf.h
buf
Definition: buf.h:14
buf_get
int buf_get(buf_t buf, void *dst, int len)
Definition: buf.c:74
buf_skip
#define buf_skip(b, l)
Definition: buf.h:47
config.h
obuf
static char obuf[4096]
Definition: trigger.c:43
buf_len
#define buf_len(b)
Definition: buf.h:34
decode_citrix
int decode_citrix(u_char *buf, int len, u_char *obuf, int olen)
Definition: decode_citrix.c:30
buf_index
int buf_index(buf_t buf, void *ptr, int len)
Definition: buf.c:128