Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / tftp.inc < prev next >

Wrap

Text File | 2005-03-31 | 3KB | 113 lines

# # # This NASL script was written by Martin O'Neal of Corsaire # (http://www.corsaire.com) # # The script provides basic tftp functionality for use in other scripts... # # DISCLAIMER # The information contained within this script is supplied "as-is" with # no warranties or guarantees of fitness of use or otherwise. Corsaire # accepts no responsibility for any damage caused by the use or misuse of # this information. # # GPLv2 # ############## declarations ################ # declare function function tftp_get(port,path) { # initialise variables local_var request_data; local_var request_ip; local_var request_udp; local_var response_udp; local_var response_data; local_var filter; local_var source_port; local_var destination_port; source_port=23793+int((rand()%6157)); destination_port=port; # create request request_data=raw_string(0x00,0x01)+path+raw_string(0x00)+'octet'+raw_string(0x00); request_ip=forge_ip_packet(ip_hl:5,ip_v:4,ip_tos:0,ip_len:20,ip_id:rand(),ip_off:0,ip_ttl:64,ip_p:IPPROTO_UDP,ip_src:this_host()); request_udp=forge_udp_packet(ip:request_ip,uh_sport:source_port,uh_dport:destination_port,uh_ulen:8+strlen(request_data),data:request_data); # create filter filter='udp and dst port '+source_port+' and src host '+get_host_ip(); # send packet response_udp=send_packet(request_udp,pcap_active:TRUE,pcap_filter:filter); # check if response received if(response_udp) { # retrieve udp data response_data=get_udp_element(udp:response_udp,element:"data"); # check if udp data is valid positive tftp data response if(ord(response_data[0])==0x00 && ord(response_data[1])==0x03 && ord(response_data[2])==0x00 && ord(response_data[3])==0x01) { # remove tftp protocol header from data response_data=substr(response_data,4); return(response_data); } } return; } # declare function function tftp_put(port,path) { # initialise variables local_var request_data; local_var request_ip; local_var request_udp; local_var response_udp; local_var response_data; local_var filter; local_var source_port; local_var destination_port; source_port=32288+int((rand()%7354)); destination_port=port; # create request request_data=raw_string(0x00,0x02)+path+raw_string(0x00)+'octet'+raw_string(0x00); request_ip=forge_ip_packet(ip_hl:5,ip_v:4,ip_tos:0,ip_len:20,ip_id:rand(),ip_off:0,ip_ttl:64,ip_p:IPPROTO_UDP,ip_src:this_host()); request_udp=forge_udp_packet(ip:request_ip,uh_sport:source_port,uh_dport:destination_port,uh_ulen:8+strlen(request_data),data:request_data); # create filter filter='udp and dst port '+source_port+' and src host '+get_host_ip(); # send packet response_udp=send_packet(request_udp,pcap_active:TRUE,pcap_filter:filter); # check if response received if(response_udp) { # retrieve udp data response_data=get_udp_element(udp:response_udp,element:"data"); # check if udp data is valid positive tftp data response if(ord(response_data[0])==0x00 && ord(response_data[1])==0x04 && ord(response_data[2])==0x00 && ord(response_data[3])==0x00) { return(TRUE); } } return; }