def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
# Initiate the connection
sock = socket.socket()
sock.connect((options.remote_host, options.remote_port))
conn = SAPNIStreamSocket(sock)
print "[*] Connected to the SAP Router %s:%d" % (options.remote_host,
options.remote_port)
# Retrieve the router version used by the server if not specified
if options.router_version is None:
options.router_version = get_router_version(conn)
print "[*] Using SAP Router version %d" % options.router_version
print "[*] Checking if the server is vulnerable to a timing attack ..."
with open(options.output, "w") as f:
c = 0
for i in range(0, len(options.password) + 1):
password = options.password[:i] + "X" * (len(options.password) - i)
print "[*] Trying with password (%s) len %d" % (password,
len(password))
for _ in range(0, options.tries):
try_password(options, password, f, c)
c += 1
def __init__(self,
bind_address,
bind_port,
remote_address,
remote_port,
handler,
backlog=5,
keep_alive=True,
options=None):
"""Create the proxy binding a socket in the giving port and setting the
handler for the incoming connections.
:param bind_address: address to bind the listener socket
:type bind_address: C{string}
:param bind_port: port to bind the listener socket
:type bind_port: ``int``
:param remote_address: remote address to connect to
:param remote_address: C{string}
:param remote_port: remote port to connect to
:type remote_port: ``int``
:param handler: handler class
:type handler: :class:`SAPNIProxyHandler` class
:param backlog: backlog parameter to set in the listener socket
:type backlog: ``int``
:param keep_alive: if true, the proxy will handle the keep-alive
requests and responses. Otherwise, keep-alive messages are passed
to the handler as regular packets.
:type keep_alive: ``bool``
:param options: options to pass to the handler instance
:type options: ``dict``
"""
self.remote_host = (remote_address, remote_port)
self.handler = handler
self.keep_alive = keep_alive
self.options = options
# Create and bind the listener socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((bind_address, bind_port))
sock.listen(backlog)
# Create the NI Stream Socket
self.listener = SAPNIStreamSocket(sock, keep_alive)
log_sapni.debug(
"SAPNIProxy: Binded to address %s:%d, proxying to %s:%d",
bind_address, bind_port, remote_address, remote_port)
def __init__(self, bind_address, bind_port, remote_address, remote_port,
handler, backlog=5, keep_alive=True, options=None):
"""
Create the proxy binding a socket in the giving port and setting the
handler for the incoming connections.
@param bind_address: address to bind the listener socket
@type bind_address: C{string}
@param bind_port: port to bind the listener socket
@type bind_port: C{int}
@param remote_address: remote address to connect to
@param remote_address: C{string}
@param remote_port: remote port to connect to
@type remote_port: C{int}
@param handler: handler class
@type handler: L{SAPNIProxyHandler} class
@param backlog: backlog parameter to set in the listener socket
@type backlog: C{int}
@param keep_alive: if true, the proxy will handle the keep-alive
requests and responses. Otherwise, keep-alive messages are passed
to the handler as regular packets.
@type keep_alive: C{bool}
@param options: options to pass to the handler instance
@type options: C{dict}
"""
self.remote_host = (remote_address, remote_port)
self.handler = handler
self.keep_alive = keep_alive
self.options = options
# Create and bind the listener socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((bind_address, bind_port))
sock.listen(backlog)
# Create the NI Stream Socket
self.listener = SAPNIStreamSocket(sock, keep_alive)
log_sapni.debug("SAPNIProxy: Binded to address %s:%d, proxying to %s:%d",
bind_address, bind_port, remote_address, remote_port)
def get_nisocket(cls, host, port, **kwargs):
"""
Helper function to obtain a L{SAPNIStreamSocket}.
@param host: host to connect to
@type host: C{string}
@param port: port to connect to
@type port: C{int}
@keyword kwargs: arguments to pass to L{SAPNIStreamSocket} constructor
@return: connected socket
@rtype: L{SAPNIStreamSocket}
"""
sock = socket.socket()
sock.connect((host, port))
return cls(sock, **kwargs)
def handle_connection(self):
"""Block until a connection is received from the listener and handle that
client using the provided handler class.
:return: the handler instance handling the request
:rtype: :class:`SAPNIProxyHandler`
"""
# Accept a client connection
(client, address) = self.listener.ins.accept()
# Creates a remote socket
remote = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
remote.connect(self.remote_host)
# Create the NI Stream Socket and handle it
proxy = self.handler(SAPNIStreamSocket(client, self.keep_alive),
SAPNIStreamSocket(remote, self.keep_alive),
self.options)
log_sapni.debug("SAPNIProxy: Handled a connection from %s", address)
return proxy
def handle_connection(self):
"""Block until a connection is received from the listener and handle that
client using the provided handler class.
@return: the handler instance handling the request
@rtype: L{SAPNIProxyHandler}
"""
# Accept a client connection
(client, address) = self.listener.ins.accept()
# Creates a remote socket
remote = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
remote.connect(self.remote_host)
# Create the NI Stream Socket and handle it
proxy = self.handler(SAPNIStreamSocket(client, self.keep_alive),
SAPNIStreamSocket(remote, self.keep_alive),
self.options)
log_sapni.debug("SAPNIProxy: Handled a connection from %s", address)
return proxy