def test_sapnistreamsocket_without_keep_alive(self): """Test SAPNIStreamSocket without keep alive""" self.start_server(self.test_address, self.test_port, SAPNITestHandlerKeepAlive) sock = socket.socket() sock.connect((self.test_address, self.test_port)) self.client = SAPNIStreamSocket(sock, keep_alive=False) packet = self.client.sr(Raw(self.test_string)) packet.decode_payload_as(Raw) # We should receive our packet first self.assertIn(SAPNI, packet) self.assertEqual(packet[SAPNI].length, len(self.test_string)) self.assertEqual(packet.payload.load, self.test_string) # Then we should get a we should receive a PING packet = self.client.recv() self.assertIn(SAPNI, packet) self.assertEqual(packet[SAPNI].length, len(SAPNI.SAPNI_PING)) self.assertEqual(packet.payload.load, SAPNI.SAPNI_PING) self.client.close() self.stop_server()
def main(): options = parse_options() if options.verbose: logging.basicConfig(level=logging.DEBUG) # Initiate the connection sock = socket.socket() sock.connect((options.remote_host, options.remote_port)) conn = SAPNIStreamSocket(sock) print "[*] Connected to the SAP Router %s:%d" % (options.remote_host, options.remote_port) # Retrieve the router version used by the server if not specified if options.router_version is None: options.router_version = get_router_version(conn) print "[*] Using SAP Router version %d" % options.router_version print "[*] Checking if the server is vulnerable to a timing attack ..." with open(options.output, "w") as f: c = 0 for i in range(0, len(options.password) + 1): password = options.password[:i] + "X" * (len(options.password) - i) print "[*] Trying with password (%s) len %d" % (password, len(password)) for _ in range(0, options.tries): try_password(options, password, f, c) c += 1
def test_sapnistreamsocket_close(self): """Test SAPNIStreamSocket with a server that closes the connection""" self.start_server(SAPNITestHandlerClose) sock = socket.socket() sock.connect((self.test_address, self.test_port)) self.client = SAPNIStreamSocket(sock, keep_alive=False) with self.assertRaises(socket.error): self.client.sr(self.test_string) self.stop_server()
def server_mode(options): """"Implements the niping server running mode :param options: option set from the command line :type options: Values """ if not options.host: options.host = "0.0.0.0" sock = socket() try: sock.bind((options.host, options.port)) sock.listen(0) logging.info("") logging.info(datetime.today().ctime()) logging.info("ready for connect from client ...") while True: sc, sockname = sock.accept() client = SAPNIStreamSocket(sc) logging.info("") logging.info(datetime.today().ctime()) logging.info("connect from host '{}', client hdl {} o.k.".format( sockname[0], client.fileno())) try: while True: r = client.recv() client.send(r.payload) except SocketError: pass finally: logging.info("") logging.info(datetime.today().ctime()) logging.info("client hdl {} disconnected ...".format( client.fileno())) except SocketError: logging.error("[*] Connection error") except KeyboardInterrupt: logging.error("[*] Cancelled by the user") finally: sock.shutdown(SHUT_RDWR) sock.close()
def test_sapnistreamsocket(self): """Test SAPNIStreamSocket""" self.start_server(self.test_address, self.test_port, SAPNITestHandler) sock = socket.socket() sock.connect((self.test_address, self.test_port)) self.client = SAPNIStreamSocket(sock) packet = self.client.sr(Raw(self.test_string)) packet.decode_payload_as(Raw) self.client.close() self.assertIn(SAPNI, packet) self.assertEqual(packet[SAPNI].length, len(self.test_string)) self.assertEqual(packet.payload.load, self.test_string) self.stop_server()
def handle_connection(self): """Block until a connection is received from the listener, request a route to forward the traffic through the remote SAP Router and handle the client using the provided handler class. :return: the handler instance handling the request :rtype: :class:`SAPNIProxyHandler` """ # Accept a client connection (client, __) = self.listener.ins.accept() # Creates a remote socket router = self.route() # Create the NI Stream Socket and handle it proxy = self.handler(SAPNIStreamSocket(client, self.keep_alive), router, self.options) return proxy
def test_sapnistreamsocket_with_keep_alive(self): """Test SAPNIStreamSocket with keep alive""" self.start_server(SAPNITestHandlerKeepAlive) sock = socket.socket() sock.connect((self.test_address, self.test_port)) self.client = SAPNIStreamSocket(sock, keep_alive=True) packet = self.client.sr(self.test_string) packet.decode_payload_as(Raw) self.client.close() # We should receive our packet, the PING should be handled by the # stream socket self.assertIn(SAPNI, packet) self.assertEqual(packet[SAPNI].length, len(self.test_string)) self.assertEqual(packet.payload.load, self.test_string) self.stop_server()
def test_sapnistreamsocket_base_cls(self): """Test SAPNIStreamSocket handling of custom base packet classes""" self.start_server(self.test_address, self.test_port, SAPNITestHandler) class SomeClass(Packet): fields_desc = [StrField("text", None)] sock = socket.socket() sock.connect((self.test_address, self.test_port)) self.client = SAPNIStreamSocket(sock, base_cls=SomeClass) packet = self.client.sr(Raw(self.test_string)) self.client.close() self.assertIn(SAPNI, packet) self.assertIn(SomeClass, packet) self.assertEqual(packet[SAPNI].length, len(self.test_string)) self.assertEqual(packet[SomeClass].text, self.test_string) self.stop_server()
def test_sapnistreamsocket_with_keep_alive(self): """Test SAPNIStreamSocket with keep alive""" self.start_server(self.test_address, self.test_port, SAPNITestHandlerKeepAlive) sock = socket.socket() sock.connect((self.test_address, self.test_port)) self.client = SAPNIStreamSocket(sock, keep_alive=True) self.client.send(Raw(self.test_string)) packet = self.client.recv() packet.decode_payload_as(Raw) # We should receive our packet first self.assertIn(SAPNI, packet) self.assertEqual(packet[SAPNI].length, len(self.test_string)) self.assertEqual(packet.payload.load, self.test_string) # Then we should get a connection reset if we try to receive from the server self.assertRaises(socket.error, self.client.recv) self.client.close() self.stop_server()