class SAPHDBSegment(PacketNoPadded):
"""SAP HANA SQL Command Network Protocol Segment
This packet represents a segment within a HDB packet.
The segment header is comprised of 24 byte, being the first 13 bytes always the same fields and the remaining 11
bytes depend on the segment kind field.
"""
name = "SAP HANA SQL Command Network Protocol Segment"
fields_desc = [
# Segment length needs to be calculated counting the segment header
FieldLenField("segmentlength", None, length_of="parts", fmt="<i", adjust=lambda x, l:l+24),
LESignedIntField("segmentofs", 0),
FieldLenField("noofparts", None, count_of="parts", fmt="<h"),
LESignedShortField("segmentno", 1),
EnumField("segmentkind", 1, hdb_segmentkind_values, fmt="<b"),
ConditionalField(EnumField("messagetype", 0, hdb_message_type_values, fmt="<b"), hdb_segment_is_request),
ConditionalField(LESignedByteField("commit", 0), hdb_segment_is_request),
ConditionalField(LESignedByteField("commandoptions", 0), hdb_segment_is_request),
ConditionalField(LongField("reserved1", 0), hdb_segment_is_request),
ConditionalField(ByteField("reserved2", 0), hdb_segment_is_reply),
ConditionalField(EnumField("functioncode", 0, hdb_function_code_values, fmt="<h"), hdb_segment_is_reply),
ConditionalField(LongField("reserved3", 0), hdb_segment_is_reply),
ConditionalField(StrFixedLenField("reserved4", None, 11), lambda pkt: not (hdb_segment_is_reply(pkt) or hdb_segment_is_request(pkt))),
PacketListField("parts", None, SAPHDBPart, count_from=lambda x: x.noofparts),
]
class ZigbeeAppDataPayload2(Packet):
name = "Zigbee Application Layer Data Payload (General APS Frame Format)"
fields_desc = [
# Frame control (1 octet)
FlagsField("frame_control", 2, 4,
['reserved1', 'security', 'ack_req', 'extended_hdr']),
BitEnumField("delivery_mode", 0, 2,
{0: 'unicast', 1: 'indirect',
2: 'broadcast', 3: 'group_addressing'}),
BitEnumField("aps_frametype", 0, 2,
{0: 'data', 1: 'command', 2: 'ack'}),
# Destination endpoint (0/1 octet)
ConditionalField(
ByteField("dst_endpoint", 10),
lambda pkt: (pkt.frame_control.ack_req or pkt.aps_frametype == 2)
),
# Group address (0/2 octets) TODO
ConditionalField(
# unsigned short (little-endian)
EnumField("grp_address", 0, {}, fmt="<H"),
lambda pkt: (pkt.frame_control.ack_req or pkt.aps_frametype == 2 \
or pkt.aps_frametype == 0)
),
# Cluster identifier (0/2 octets)
ConditionalField(
# unsigned short (little-endian)
EnumField("cluster", 0, _zcl_cluster_identifier, fmt="<H"),
lambda pkt: (pkt.frame_control.ack_req or pkt.aps_frametype == 2 \
or pkt.aps_frametype == 0)
),
# Profile identifier (0/2 octets)
ConditionalField(
EnumField("profile", 0, _zcl_profile_identifier, fmt="<H"),
lambda pkt: (pkt.frame_control.ack_req or pkt.aps_frametype == 2 \
or pkt.aps_frametype == 0)
),
# Source endpoint (0/1 octets)
ConditionalField(
ByteField("src_endpoint", 10),
lambda pkt: (pkt.frame_control.ack_req or pkt.aps_frametype == 2 \
or pkt.aps_frametype == 0)
),
# APS counter (1 octet)
ByteField("counter", 0),
# Extended header (0/1/2 octets)
# cribbed from https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-zbee-aps.c # noqa: E501
ConditionalField(
ByteEnumField(
"fragmentation", 0,
{0: "none", 1: "first_block", 2: "middle_block"}),
lambda pkt: pkt.frame_control.extended_hdr
),
ConditionalField(ByteField("block_number", 0),
lambda pkt: pkt.fragmentation),
# variable length frame payload:
# 3 frame types: data, APS command, and acknowledgement
# ConditionalField(StrField("data", ""), lambda pkt:pkt.aps_frametype == 0), # noqa: E501
]
class ZigbeeAppDataPayload(Packet):
name = "Zigbee Application Layer Data Payload (General APS Frame Format)"
fields_desc = [
# Frame control (1 octet)
FlagsField("frame_control", 2, 4,
['reserved1', 'security', 'ack_req', 'extended_hdr']),
BitEnumField("delivery_mode", 0, 2, {
0: 'unicast',
1: 'indirect',
2: 'broadcast',
3: 'group_addressing'
}),
BitEnumField("aps_frametype", 0, 2, {
0: 'data',
1: 'command',
2: 'ack'
}),
# Destination endpoint (0/1 octet)
ConditionalField(
ByteField("dst_endpoint", 10), lambda pkt:
((pkt.frame_control.ack_req or pkt.aps_frametype == 2) and pkt.
delivery_mode != 3)),
# Group address (0/2 octets) TODO
ConditionalField(XLEShortField("group", 0x0005), lambda pkt:
(pkt.delivery_mode == 3)),
# Cluster identifier (0/2 octets)
EnumField("cluster", 0, _zcl_cluster_identifier, fmt="<H"),
# Profile identifier (0/2 octets)
EnumField("profile", 0, _zcl_profile_identifier, fmt="<H"),
# Source endpoint (0/1 octets)
ByteField("src_endpoint", 10),
# APS counter (1 octet)
ByteField("counter", 0),
# Extended header (0/1/2 octets)
# cribbed from https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-zbee-aps.c # noqa: E501
ConditionalField(
ByteEnumField("fragmentation", 0, {
0: "none",
1: "first_block",
2: "middle_block"
}), lambda pkt: pkt.frame_control.extended_hdr),
ConditionalField(ByteField("block_number", 0),
lambda pkt: pkt.fragmentation),
# variable length frame payload:
# 3 frame types: data, APS command, and acknowledgement
# ConditionalField(StrField("data", ""), lambda pkt:pkt.aps_frametype == 0), # noqa: E501
]
def guess_payload_class(self, payload):
if self.frame_control & 0x02: # we have a security header
return ZigbeeSecurityHeader
elif self.aps_frametype == 0: # data
return ZigbeeClusterLibrary # TODO might also be another frame
elif self.aps_frametype == 1: # command
return ZigbeeAppCommandPayload
else:
return Packet.guess_payload_class(self, payload)
class TLS_Ext_EncryptedServerName(TLS_Ext_PrettyPacketList):
name = "TLS Extension - Encrypted Server Name"
fields_desc = [
ShortEnumField("type", 0xffce, _tls_ext),
ShortField("len", None),
EnumField("cipher", None, _tls_cipher_suites),
ShortEnumField("key_exchange_group", None, _tls_named_groups),
FieldLenField("key_exchange_len",
None,
length_of="key_exchange",
fmt="H"),
XStrLenField("key_exchange",
"",
length_from=lambda pkt: pkt.key_exchange_len),
FieldLenField("record_digest_len", None, length_of="record_digest"),
XStrLenField("record_digest",
"",
length_from=lambda pkt: pkt.record_digest_len),
FieldLenField("encrypted_sni_len",
None,
length_of="encrypted_sni",
fmt="H"),
XStrLenField("encrypted_sni",
"",
length_from=lambda pkt: pkt.encrypted_sni_len)
]
class SAPHDBOptionPartRow(PacketNoPadded):
"""SAP HANA SQL Command Network Protocol Option Part Row
This packet represents a row in an Option Part.
Each row is comprised of a key, type and value.
"""
part_kind = None
option_keys = None
name = "SAP HANA SQL Command Network Protocol Option Part Row"
fields_desc = [
MultiEnumField("key", 0, hdb_option_part_key_vals, depends_on=lambda x: x.part_kind, fmt="<b"),
EnumField("type", 0, hdb_data_type_vals, fmt="<b"),
ConditionalField(FieldLenField("length", None, length_of="value", fmt="<h"), lambda x: x.type in [29, 30, 33]),
MultipleTypeField(
[
(LESignedByteField("value", 0), lambda x: x.type == 1),
(LESignedShortField("value", 0), lambda x: x.type == 2),
(LESignedIntField("value", 0), lambda x: x.type == 3),
(LESignedLongField("value", 0), lambda x: x.type == 4),
(Field("value", 0, fmt="<d"), lambda x: x.type == 7),
(YesNoByteField("value", 0), lambda x: x.type == 28),
(StrFixedLenField("value", None, length_from=lambda x: x.length), lambda x: x.type in [29, 30, 33]),
],
StrField("value", ""),
),
]
class USBEp(USBMitm):
fields_desc = [
LEShortField('epnum', 0),
EnumField(
'eptype', USBDefs.EP.TransferType.CTRL, USBDefs.EP.TransferType.desc, '<I'
),
EnumField('epdir', USBDefs.EP.Direction.IN, USBDefs.EP.Direction.desc, '<I'),
]
def extract_padding(self, s):
return '', s
def is_ctrl_0(self):
return self.epnum == 0 and self.eptype == USBDefs.EP.TransferType.CTRL
def is_interrupt(self):
return self.eptype == USBDefs.EP.TransferType.INT
class TLS_Ext_SignatureAlgorithmsCert(TLS_Ext_Unknown): # RFC 8446
name = "TLS Extension - Signature Algorithms Cert"
fields_desc = [
ShortEnumField("type", 0x31, _tls_ext),
ShortField("len", None),
SigAndHashAlgsLenField("sig_algs_len", None, length_of="sig_algs"),
SigAndHashAlgsField("sig_algs", [],
EnumField("hash_sig", None, _tls_hash_sig),
length_from=lambda pkt: pkt.sig_algs_len)
] # noqa: E501
class RTPSSubMessage_HEARTBEAT(EPacket):
"""
0...2...........7...............15.............23...............31
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HEARTBEAT | flags | octetsToNextHeader |
+---------------+---------------+---------------+---------------+
| EntityId readerEntityId |
+---------------+---------------+---------------+---------------+
| EntityId writerEntityId |
+---------------+---------------+---------------+---------------+
| |
+ SequenceNumber firstAvailableSeqNumber +
| |
+---------------+---------------+---------------+---------------+
| |
+ SequenceNumber lastSeqNumber +
| |
+---------------+---------------+---------------+---------------+
| Counter count |
+---------------+---------------+---------------+---------------+
"""
name = "RTPS HEARTBEAT (0x07)"
fields_desc = [
XByteField("submessageId", 0x07),
XByteField("submessageFlags", 0),
EField(ShortField("octetsToNextHeader", 0)),
EnumField(
"reader_id",
default=b"\x00\x00\x00\x00",
fmt="4s",
enum=_rtps_reserved_entity_ids,
),
EnumField(
"writer_id",
default=b"\x00\x00\x00\x00",
fmt="4s",
enum=_rtps_reserved_entity_ids,
),
XLongField("firstAvailableSeqNum", 0),
XLongField("lastSeqNum", 0),
EField(IntField("count", 0)),
]
class ManagementNewDevice(USBMitm):
fields_desc = [
EnumField('speed', USBMitm.USBSpeed.HIGH_SPEED, USBMitm.USBSpeed.desc, '<I'),
PacketField('device', DeviceDescriptor(), DeviceDescriptor),
PacketField(
'configuration', ConfigurationDescriptor(), ConfigurationDescriptor
),
]
def desc(self):
return 'NewDevice'
class RTPSSubMessage_ACKNACK(EPacket):
"""
0...2...........7...............15.............23...............31
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ACKNACK | flags | octetsToNextHeader |
+---------------+---------------+---------------+---------------+
| EntityId readerEntityId |
+---------------+---------------+---------------+---------------+
| EntityId writerEntityId |
+---------------+---------------+---------------+---------------+
| |
+ SequenceNumberSet readerSNState +
| |
+---------------+---------------+---------------+---------------+
| Counter count |
+---------------+---------------+---------------+---------------+
"""
name = "RTPS ACKNACK (0x06)"
fields_desc = [
XByteField("submessageId", 0x06),
XByteField("submessageFlags", 0x00),
EField(ShortField("octetsToNextHeader", 0)),
EnumField(
"reader_id",
default=b"\x00\x00\x00\x00",
fmt="4s",
enum=_rtps_reserved_entity_ids,
),
EnumField(
"writer_id",
default=b"\x00\x00\x00\x00",
fmt="4s",
enum=_rtps_reserved_entity_ids,
),
XStrLenField(
"readerSNState",
0, length_from=lambda pkt: pkt.octetsToNextHeader - 8 - 4
),
XNBytesField("count", 0, 4),
]
class ZigbeeAppDataPayloadStub(Packet):
name = "Zigbee Application Layer Data Payload for Inter-PAN Transmission"
fields_desc = [
FlagsField("frame_control", 0, 4, ['reserved1', 'security', 'ack_req', 'extended_hdr']), # noqa: E501
BitEnumField("delivery_mode", 0, 2, {0: 'unicast', 2: 'broadcast', 3: 'group'}), # noqa: E501
BitField("frametype", 3, 2), # value 0b11 (3) is a reserved frame type
# Group Address present only when delivery mode field has a value of 0b11 (group delivery mode) # noqa: E501
ConditionalField(
XLEShortField("group_addr", 0x0), # 16-bit identifier of the group
lambda pkt: pkt.getfieldval("delivery_mode") == 0b11
),
# Cluster identifier
EnumField("cluster", 0, _zcl_cluster_identifier, fmt="<H"), # unsigned short (little-endian) # noqa: E501
# Profile identifier
EnumField("profile", 0, _zcl_profile_identifier, fmt="<H"),
# ZigBee Payload
ConditionalField(
StrField("data", ""),
lambda pkt: pkt.frametype == 3
),
]
class VendorIdPacket(Packet):
name = "RTPS Vendor ID"
fields_desc = [
# ByteField("major", 0),
# ByteField("minor", 0),
EnumField(name="vendor_id",
default=b"\x00\x00",
enum=_rtps_vendor_ids,
fmt="2s"),
]
def extract_padding(self, p):
return b"", p
class SAPHDBPartError(PacketNoPadded):
"""SAP HANA SQL Command Network Protocol Error Part
"""
part_kind = 6
name = "SAP HANA SQL Command Network Protocol Error Part"
fields_desc = [
LESignedIntField("error_code", 0),
LESignedIntField("error_position", 0),
FieldLenField("error_text_length", None, length_of="error_text", fmt="<i"),
EnumField("error_level", 0, hdb_error_level_vals, fmt="<b"),
StrFixedLenField("sql_state", "HY000", 5),
PadField(StrFixedLenField("error_text", "", length_from=lambda pkt: pkt.error_text_length), 8),
]
class USBMessageDevice(USBMessage):
'UDP packet payload from ubq_core bearing USB traffic from device->host.'
name = 'USBMessageDevice'
fields_desc = [
LEIntField('len', None),
EnumField('type', USBMitm.MitmType.USB, USBMitm.MitmType.desc, '<I'),
TypePacketField(
'content',
ManagementMessage(),
'type',
{0: USBMessageResponse, 1: USBAck, 2: ManagementMessage},
),
]
def desc(self):
return self.content.desc()
class SAPHDBPart(PacketNoPadded):
"""SAP HANA SQL Command Network Protocol Part
This packet represents a part within a HDB packet.
The part header is comprised of 16 bytes.
"""
name = "SAP HANA SQL Command Network Protocol Part"
fields_desc = [
EnumField("partkind", 0, hdb_partkind_values, fmt="<b"),
LESignedByteField("partattributes", 0),
FieldLenField("argumentcount", None, count_of="buffer", fmt="<h"),
LESignedIntField("bigargumentcount", 0),
FieldLenField("bufferlength", None, length_of="buffer", fmt="<i"),
LESignedIntField("buffersize", 2**17 - 32 - 24),
PadField(PacketListField("buffer", [], next_cls_cb=saphdb_determine_part_class,
count_from=lambda x: x.argumentcount,
length_from=lambda x: x.bufferlength), 8),
]
class USBMessageHost(USBMessage):
'UDP packet payload from ubq_core bearing USB traffic from host->device.'
name = 'USBMessageHost'
fields_desc = [
LEIntField('len', None),
EnumField(
'type', USBMitm.ManagementType.RESET, USBMitm.ManagementType.desc, '<I'
),
TypePacketField(
'content',
ManagementMessage(),
'type',
{0: USBMessageRequest, 1: USBAck, 2: ManagementMessage},
),
]
def desc(self):
return self.content.desc()
class SAPHDB(Packet):
"""SAP HANA SQL Command Network Protocol packet
This packet is used for the HANA SQL Command Network Protocol.
The message header is comprised of 32 bytes.
"""
name = "SAP HANA SQL Command Network Protocol"
fields_desc = [
LESignedLongField("sessionid", -1),
LESignedIntField("packetcount", 0),
FieldLenField("varpartlength", None, length_of="segments", fmt="<I"),
LEIntField("varpartsize", 2**17 - 32),
FieldLenField("noofsegm", None, count_of="segments", fmt="<h"),
EnumField("packetoptions", 0, hdb_packetoptions_values, fmt="b"),
ByteField("reserved1", None),
LEIntField("compressionvarpartlength", 0),
IntField("reserved2", None),
PacketListField("segments", None, SAPHDBSegment, count_from=lambda x: x.noofsegm),
]
class ManagementMessage(USBMitm):
'USBQ management message'
fields_desc = [
EnumField(
'management_type',
USBMitm.ManagementType.RESET,
USBMitm.ManagementType.desc,
'<I',
),
TypePacketField(
'management_content',
ManagementReset(),
'management_type',
{
USBMitm.ManagementType.RESET: ManagementReset,
USBMitm.ManagementType.NEW_DEVICE: ManagementNewDevice,
USBMitm.ManagementType.RELOAD: ManagementReload,
},
),
] # FIXME: ManagementReset is empty, so if there is nothing to dissect, management_content will be the default value
def post_build(self, p, pay):
if self.management_type is None:
if isinstance(self.management_content, ManagementNewDevice):
p = struct.pack('<H', USBMitm.ManagementType.NEW_DEVICE) + p[2:]
elif isinstance(self.management_content, ManagementReload):
p = struct.pack('<H', USBMitm.ManagementType.RELOAD) + p[2:]
else:
p = struct.pack('<H', USBMitm.ManagementType.RESET) + p[2:]
return p + pay
def desc(self):
if self.management_type == USBMitm.ManagementType.RESET:
return 'Reset'
elif self.management_type == USBMitm.ManagementType.RELOAD:
return 'Reload'
else:
return self.management_content.desc()
def __init__(self, name, default, enum, defEnum):
EnumField.__init__(self, name, default, enum, "B")
defEnum = self.defEnum = defEnum
def __init__(self, name, default, dico):
EnumField.__init__(self, name, default, dico)
def __init__(self, name, default, enum):
EnumField.__init__(self, name, default, enum, "!I")
def __init__(self, name, default, enum, basis_type_of, remain=0):
self.basis_type_of = basis_type_of
EnumField.__init__(self, name, default, enum, "B")
def __init__(self, name, default, enum):
EnumField.__init__(self, name, default, enum, "!I")
def __init__(self, name, default, dico):
EnumField.__init__(self, name, default, dico)
def __init__(self, name, default, enum, basis_type_of, remain=0):
self.basis_type_of = basis_type_of
EnumField.__init__(self, name, default, enum, "B")
def __init__(self, name, default, enum, defEnum):
EnumField.__init__(self, name, default, enum, "B")
defEnum = self.defEnum = defEnum