def handle_udp_netis_backdoor(socket, data, srcpeername, dstport):
tee_received_bin(data)
if data == '\n':
print("Netis backdoor scan received")
socket.sendto(tee_sent_bin('\n\0\0\6\0\1\0\0\0\0\320\245Login:'******'AAAAAAAAnetcore\0'):
print("Netis backdoor enable command received")
socket.sendto(tee_sent_bin('AA\0\5ABAA\0\0\0\0Login successed!\r\n'), srcpeername) # sic
elif data.startswith('AA\0\0AAAA?\0'):
print("Netis backdoor version query received")
socket.sendto(tee_sent_bin('AA\0\5ABAA\0\0\1\0IGD MPT Interface daemon 1.0\0'), srcpeername)
elif data.startswith('AA\0\0AAAA$GetVersion\0'):
print("Netis backdoor $GetVersion command received")
socket.sendto(tee_sent_bin('AA\0\5ABAA\0\0\0\0{}'.format(VERSION_TEXT)), srcpeername)
elif data.startswith('AA\0\0AAAA$Help\0'):
print("Netis backdoor $Help command received")
socket.sendto(tee_sent_bin('AA\0\5ABAA\0\0\1\0{}'.format(HELP_TEXT)), srcpeername)
elif data.startswith('AA\0\0AAAA'):
print("\nNetis backdoor execute command received:")
command = tee_received_text(data[8:].strip())
print("")
outstream = StringIO.StringIO()
outstream.send = outstream.write # HACK
process_commandline(outstream, command)
output = tee_sent_text(outstream.getvalue())
print("\nAssembled reply packets:")
marker = 'B'
while len(output) > 0:
curr_block = output[:1991]
output = output[1991:]
socket.sendto(tee_sent_bin('AA\0\4A{}AA{}'.format(marker, curr_block)), srcpeername)
marker = chr(1 + ord(marker))
socket.sendto(tee_sent_bin('AA\0\5A{}AA\0\0\0\0'.format(marker)), srcpeername)
else:
print("Unknown Netis backdoor command")
def handle_udp_sip(socket, data, srcpeername, dstport):
input_stream = StringIO.StringIO(tee_received_text(data))
firstline = input_stream.readline().strip()
rematch = re.match("([A-Z]+) ([^ ]+) ?.*", firstline)
if not rematch:
raise Exception('Unexpected request')
method = rematch.group(1)
url = rematch.group(2)
# Parse headers
headers = {}
while True:
header = input_stream.readline().strip()
if header == '':
break
else:
rematch = re.match("([^:]+): ?(.*)", header)
if not rematch:
raise Exception('Unexpected header')
else:
headers[rematch.group(1)] = rematch.group(2)
svtool = detect_sipvicious(headers['From'], dstport)
# Send reply
if (method == 'OPTIONS' or method == 'INVITE') and svtool == SIPVICIOUS_SVMAP:
print("It looks like we are being scanned by svmap")
resp = 'SIP/2.0 200 OK\n'
rheaders = dict(headers)
rheaders['To'] += ';tag=' + uuid.uuid4().hex
rheaders['Allow'] = 'INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, SUBSCRIBE, NOTIFY, INFO'
rheaders['User-Agent'] = USER_AGENT
elif (method == 'REGISTER' or method == 'INVITE') and svtool == SIPVICIOUS_SVWAR:
print("It looks like we are being scanned by svwar")
if is_bad_user(srcpeername[0], headers['To']):
print("Pretending {} is a bad user".format(headers['To']))
resp = 'SIP/2.0 404 Not Found\n'
else:
print("Pretending {} is a good user".format(headers['To']))
resp = 'SIP/2.0 200 OK\n'
# http://kb.smartvox.co.uk/asterisk/friendlyscanner-gets-aggressive/
rheaders = { 'From': headers['From'], 'To': headers['To'], 'Call-ID': headers['Call-ID'], 'CSeq': headers['CSeq'] }
rheaders['Via'] = '{};received={}'.format(headers['Via'].replace(';rport', ''), srcpeername[0])
rheaders['User-Agent'] = USER_AGENT
elif method == 'INVITE':
print("The intruder is trying to make a call")
# Pretend we don't understand to stop further interactions
resp = 'SIP/2.0 501 Not Implemented\n'
rheaders = {}
to_hdr = headers.get('To', '')
from_hdr = headers.get('From', '')
ua_hdr = headers.get('User-Agent', '')
log_append('udp_sip_invites', srcpeername[0], to_hdr, from_hdr, ua_hdr)
elif (method == 'ACK' or method == 'BYE'):
resp = 'SIP/2.0 200 OK\n'
rheaders = dict(headers)
rheaders['User-Agent'] = USER_AGENT
else:
resp = 'SIP/2.0 501 Not Implemented\n'
rheaders = {}
# Assemble response
for k in rheaders:
resp += '{}: {}\n'.format(k, rheaders[k])
socket.sendto(tee_sent_text('{}\n'.format(resp)), srcpeername)