dsniff  2.4b2
About: A collection of tools for network auditing
  Fossies Dox: dsniff-2.4b2.tar.gz  ("inofficial" and yet experimental doxygen-generated source code documentation)  

decode_pcanywhere.c
Go to the documentation of this file.
1 /*
2  * decode_pcanywhere.c
3  *
4  * Symantec pcAnywhere.
5  *
6  * Thanks to Pascal Longpre <longprep@HOTMAIL.COM> for his BUGTRAQ post
7  * on pcAnywhere encryption, and for providing me with traffic traces.
8  *
9  * Copyright (c) 2000 Dug Song <dugsong@monkey.org>
10  *
11  * $Id: decode_pcanywhere.c,v 1.7 2001/03/15 08:33:01 dugsong Exp $
12  */
13 
14 #include "config.h"
15 
16 #include <sys/types.h>
17 
18 #include <stdio.h>
19 #include <string.h>
20 
21 #include "buf.h"
22 #include "decode.h"
23 
24 int
25 decode_pcanywhere(u_char *buf, int len, u_char *obuf, int olen)
26 {
27  struct buf *word, inbuf, outbuf;
28  u_char *p, c;
29  int i;
30 
31  buf_init(&inbuf, buf, len);
32  buf_init(&outbuf, obuf, olen);
33 
34  /* Skip leading zero bytes. */
35  while (buf_get(&inbuf, &c, 1) == 1) {
36  if (c != 0) break;
37  }
38  /* Version 7, no encryption */
39  if (c < 0x0f && c != 0x06 /* jic */) {
40  while ((word = buf_tok(&inbuf, "\r", 1)) != NULL) {
41  if (buf_ptr(word)[0] == 0x6f)
42  break;
43  buf_putf(&outbuf, "%.*s\n",
44  buf_len(word), buf_ptr(word));
45  }
46  }
47  /* Version 9, encrypted */
48  else {
49  /* Skip optional \x6f command packets. */
50  while ((i = buf_index(&inbuf, "\x06", 1)) >= 0) {
51  buf_skip(&inbuf, i);
52  if (buf_len(&inbuf) > 2 && buf_ptr(&inbuf)[1] != 0xff)
53  break;
54  buf_skip(&inbuf, 2);
55  }
56  /* Parse \x06 auth packets. */
57  while (buf_cmp(&inbuf, "\x06", 1) == 0) {
58  buf_skip(&inbuf, 1);
59 
60  if (buf_get(&inbuf, &c, 1) != 1)
61  break;
62 
63  if (buf_len(&inbuf) < c)
64  break;
65 
66  p = buf_ptr(&inbuf);
67  buf_skip(&inbuf, c);
68 
69  for (i = c - 1; i > 0; i--) {
70  p[i] = p[i - 1] ^ p[i] ^ (i - 1);
71  }
72  p[0] ^= 0xab;
73 
74  buf_putf(&outbuf, "%.*s\n", c, p);
75  }
76  }
77  buf_end(&outbuf);
78 
79  return (buf_len(&outbuf));
80 }
81 
buf_putf
int buf_putf(buf_t buf, const char *fmt,...)
Definition: buf.c:106
buf_init
void buf_init(buf_t buf, u_char *data, int len)
Definition: buf.c:24
buf_end
void buf_end(buf_t buf)
Definition: buf.c:121
decode.h
buf.h
buf
Definition: buf.h:14
buf_get
int buf_get(buf_t buf, void *dst, int len)
Definition: buf.c:74
buf_tok
buf_t buf_tok(buf_t buf, void *sep, int len)
Definition: buf.c:167
buf_ptr
#define buf_ptr(b)
Definition: buf.h:31
decode_pcanywhere
int decode_pcanywhere(u_char *buf, int len, u_char *obuf, int olen)
Definition: decode_pcanywhere.c:25
buf_cmp
int buf_cmp(buf_t buf, void *ptr, int len)
Definition: buf.c:158
buf_skip
#define buf_skip(b, l)
Definition: buf.h:47
config.h
obuf
static char obuf[4096]
Definition: trigger.c:43
buf_len
#define buf_len(b)
Definition: buf.h:34
buf_index
int buf_index(buf_t buf, void *ptr, int len)
Definition: buf.c:128