class UDS_IOCBIPR(Packet):
name = 'InputOutputControlByIdentifierPositiveResponse'
fields_desc = [
XShortField('dataIdentifier', 0),
StrField('controlStatusRecord', 0, fmt="B")
]
def answers(self, other):
return other.__class__ == UDS_IOCBI \
and other.dataIdentifier == self.dataIdentifier
@staticmethod
def get_log(pkt):
return pkt.sprintf("%UDS.service%"), pkt.dataIdentifier
class UDS_RDBPI(Packet):
transmissionModes = {
0: 'ISOSAEReserved',
1: 'sendAtSlowRate',
2: 'sendAtMediumRate',
3: 'sendAtFastRate',
4: 'stopSending'
}
name = 'ReadDataByPeriodicIdentifier'
fields_desc = [
ByteEnumField('transmissionMode', 0, transmissionModes),
ByteField('periodicDataIdentifier', 0),
StrField('furtherPeriodicDataIdentifier', 0, fmt="B")
]
class UDS_RUPR(Packet):
name = 'RequestUploadPositiveResponse'
fields_desc = [
BitField('memorySizeLen', 0, 4),
BitField('reserved', 0, 4),
StrField('maxNumberOfBlockLength', 0, fmt="B"),
]
def answers(self, other):
return other.__class__ == UDS_RU
@staticmethod
def get_log(pkt):
return pkt.sprintf("%UDS.service%"), pkt.memorySizeLen
class UDS_TDPR(Packet):
name = 'TransferDataPositiveResponse'
fields_desc = [
ByteField('blockSequenceCounter', 0),
StrField('transferResponseParameterRecord', 0, fmt="B")
]
def answers(self, other):
return other.__class__ == UDS_TD \
and other.blockSequenceCounter == self.blockSequenceCounter
@staticmethod
def get_log(pkt):
return pkt.sprintf("%UDS.service%"), pkt.blockSequenceCounter
def __init__(self, tblfld):
assert isinstance(tblfld, PacketField)
assert hasattr(
tblfld.cls,
'index'), 'No index() method defined for OmciTableField row object'
assert hasattr(
tblfld.cls, 'is_delete'
), 'No delete() method defined for OmciTableField row object'
super(OmciTableField,
self).__init__([(IntField('table_length', 0),
(self.cond_pkt, self.cond_pkt_val)),
(PadField(StrField('me_type_table', None),
OmciTableField.PDU_SIZE),
(self.cond_pkt2, self.cond_pkt_val2))], tblfld)
class UDS_RDTCIPR(Packet):
name = 'ReadDTCInformationPositiveResponse'
fields_desc = [
ByteEnumField('reportType', 0, UDS_RDTCI.reportTypes),
ConditionalField(XByteField('DTCStatusAvailabilityMask', 0),
lambda pkt: pkt.reportType in [0x01, 0x07, 0x11,
0x12, 0x02, 0x0A,
0x0B, 0x0C, 0x0D,
0x0E, 0x0F, 0x13,
0x15]),
ConditionalField(ByteEnumField('DTCFormatIdentifier', 0,
{0: 'ISO15031-6DTCFormat',
1: 'UDS-1DTCFormat',
2: 'SAEJ1939-73DTCFormat',
3: 'ISO11992-4DTCFormat'}),
lambda pkt: pkt.reportType in [0x01, 0x07,
0x11, 0x12]),
ConditionalField(ShortField('DTCCount', 0),
lambda pkt: pkt.reportType in [0x01, 0x07,
0x11, 0x12]),
ConditionalField(StrField('DTCAndStatusRecord', 0),
lambda pkt: pkt.reportType in [0x02, 0x0A, 0x0B,
0x0C, 0x0D, 0x0E,
0x0F, 0x13, 0x15]),
ConditionalField(StrField('dataRecord', 0),
lambda pkt: pkt.reportType in [0x03, 0x04, 0x05,
0x06, 0x08, 0x09,
0x10, 0x14])
]
def answers(self, other):
return other.__class__ == UDS_RDTCI \
and other.reportType == self.reportType
@staticmethod
def get_log(pkt):
return pkt.sprintf("%UDS.service%"), repr(pkt)
class ThriftMessage(Packet):
fields_desc = [
Field("type", None),
Field("method", None),
Field("seqid", None),
Field('header', None),
Field('args', None),
StrField("load", ""),
]
def __init__(self,
pkt=b"",
mtype=None,
method=None,
seqid=None,
args=None,
header=None):
Packet.__init__(self, pkt)
self.setfieldval('type', mtype)
self.setfieldval('method', method)
self.setfieldval('seqid', seqid)
self.setfieldval('header', header)
self.setfieldval('args', args)
self.setfieldval('load', pkt)
if args and not isinstance(args, ThriftStruct):
raise ValueError('args must be a ThriftStruct instance')
if header and not isinstance(header, ThriftStruct):
raise ValueError('header must be a ThriftStruct instance')
def hashret(self):
# The only field both Call and Reply have in common
return self.method
def __str__(self):
header = ', header=%s' % self.header if self.header else ''
field = ', fields=%s' % self.args if self.args else ''
return 'type=%s, method=%s, seqid=%s%s%s' % (self.type, self.method,
self.seqid, header, field)
@property
def as_dict(self):
return {
'type': self.type,
'method': self.method,
'seqid': self.seqid,
'header': self.header.as_dict if self.header else None,
'args': self.args.as_dict if self.args else None,
'length': len(self.load),
}
class AH(Packet):
"""
Authentication Header
See https://tools.ietf.org/rfc/rfc4302.txt
"""
name = 'AH'
fields_desc = [
ByteEnumField('nh', None, IP_PROTOS),
ByteField('payloadlen', None),
ShortField('reserved', None),
XIntField('spi', 0x0),
IntField('seq', 0),
StrField('icv', None),
StrField('padding', None),
]
overload_fields = {
IP: {
'proto': socket.IPPROTO_AH
},
IPv6: {
'nh': socket.IPPROTO_AH
},
IPv6ExtHdrHopByHop: {
'nh': socket.IPPROTO_AH
},
IPv6ExtHdrDestOpt: {
'nh': socket.IPPROTO_AH
},
IPv6ExtHdrRouting: {
'nh': socket.IPPROTO_AH
},
}
class UDS_ATP(Packet):
timingParameterAccessTypes = {
0: 'ISOSAEReserved',
1: 'readExtendedTimingParameterSet',
2: 'setTimingParametersToDefaultValues',
3: 'readCurrentlyActiveTimingParameters',
4: 'setTimingParametersToGivenValues'
}
name = 'AccessTimingParameter'
fields_desc = [
ByteEnumField('timingParameterAccessType', 0,
timingParameterAccessTypes),
ConditionalField(StrField('timingParameterRequestRecord', B""),
lambda pkt: pkt.timingParameterAccessType == 0x4)
]
class DNSRRDNSKEY(_DNSRRdummy):
name = "DNS DNSKEY Resource Record"
fields_desc = [
DNSStrField("rrname", ""),
ShortEnumField("type", 48, dnstypes),
ShortEnumField("rclass", 1, dnsclasses),
IntField("ttl", 0),
ShortField("rdlen", None),
FlagsField("flags", 256, 16, "S???????Z???????"),
# S: Secure Entry Point
# Z: Zone Key
ByteField("protocol", 3),
ByteEnumField("algorithm", 5, dnssecalgotypes),
StrField("publickey", "")
]
class GMLAN_RDBPKTI(Packet):
name = 'ReadDataByPacketIdentifier'
subfunctions = {
0x00: "stopSending",
0x01: "sendOneResponse",
0x02: "scheduleAtSlowRate",
0x03: "scheduleAtMediumRate",
0x04: "scheduleAtFastRate"
}
fields_desc = [
XByteEnumField('subfunction', 0, subfunctions),
ConditionalField(StrField('request_DPIDs', b''),
lambda pkt: pkt.subfunction > 0x0)
]
class SignalPacket(Packet):
name = "signal_packet"
fields_desc = [
IntEnumField("signal", 1, commands),
IEEEDoubleField("send_timestamp", 0),
IntField("wait_seconds", DEFAULT_WAIT_SECONDS),
FieldLenField("music_file_name_len", None,
length_of="music_file_name"),
StrField("music_file_name", "")
]
def __eq__(self, other):
return self.signal == other.signal \
and self.send_timestamp == other.send_timestamp \
and self.wait_seconds == other.wait_seconds \
and self.music_file_name == other.music_file_name
class PortIngressRuleResultOLTQueue(Packet):
""" Variable Descriptor: Port Ingress Rule Result OLT Queue """
name = "Variable Descriptor: Port Ingress Rule Result OLT Queue"
fields_desc = [
XByteField("branch", 0xD7),
XShortField("leaf", 0x0501),
ByteField("length", 15),
XByteField("result", 3),
XByteField("oltqueuerule", 0x13),
XShortField("objecttype", 0x0001),
XByteField("instance", 0),
XByteField("pon", 0),
StrField("unicastvssn", "TBIT"),
XIntField("unicastlink", 0xe2222900),
XByteField("pad", 0),
]
class UDS_CDTCS(Packet):
DTCSettingTypes = {
0: 'ISOSAEReserved',
1: 'on',
2: 'off'
}
name = 'ControlDTCSetting'
fields_desc = [
ByteEnumField('DTCSettingType', 0, DTCSettingTypes),
StrField('DTCSettingControlOptionRecord', B"")
]
@staticmethod
def get_log(pkt):
return pkt.sprintf("%UDS.service%"), \
pkt.sprintf("%UDS_CDTCS.DTCSettingType%")
class GMLAN_RMBAPR(Packet):
name = 'ReadMemoryByAddressPositiveResponse'
fields_desc = [
MultipleTypeField([
(XShortField('memoryAddress',
0), lambda pkt: GMLAN.determine_len(2)),
(X3BytesField('memoryAddress',
0), lambda pkt: GMLAN.determine_len(3)),
(XIntField('memoryAddress', 0), lambda pkt: GMLAN.determine_len(4))
], XIntField('memoryAddress', 0)),
StrField('dataRecord', b"", fmt="B")
]
def answers(self, other):
return isinstance(other, GMLAN_RMBA) and \
other.memoryAddress == self.memoryAddress
class SDOption_Config(_SDOption):
LEN_OFFSET = 0x01
name = "Config Option"
_defaults = {'type': _SDOption.CFG_TYPE}
fields_desc = [
_SDOption_Header,
StrField("cfg_str", "")
]
def post_build(self, pkt, pay):
length = self.len
if length is None:
length = len(self.cfg_str) + self.LEN_OFFSET
pkt = struct.pack("!H", length) + pkt[2:]
return pkt + pay
class SAPCredv2_Cred_Cipher(Packet):
"""SAP Cred cipher packet. This is the header of an encrypted
credential format 1. It contains all the required data to decrypt the stored
credential.
"""
name = "SAP Cred Cipher Header"
fields_desc = [
ByteField("version", 2),
ByteEnumField("algorithm", 0, cipher_algorithms),
ShortField("unknown", 0),
StrFixedLenField("salt", None, 16),
StrFixedLenField("iv", None, 16),
StrField("cipher_text", None),
]
class GMLAN_TD(Packet):
subfunctions = {
0x00: "download",
0x80: "downloadAndExecuteOrExecute"
}
name = 'TransferData'
fields_desc = [
ByteEnumField('subfunction', 0, subfunctions),
ConditionalField(XShortField('startingAddress', 0),
lambda pkt: GMLAN.determine_len(2)),
ConditionalField(X3BytesField('startingAddress', 0),
lambda pkt: GMLAN.determine_len(3)),
ConditionalField(XIntField('startingAddress', 0),
lambda pkt: GMLAN.determine_len(4)),
StrField("dataRecord", None)
]
class KWP_IOCBLI(Packet):
name = 'InputOutputControlByLocalIdentifier'
inputOutputControlParameters = {
0x00: "Return Control to ECU",
0x01: "Report Current State",
0x04: "Reset to Default",
0x05: "Freeze Current State",
0x07: "Short Term Adjustment",
0x08: "Long Term Adjustment"
}
fields_desc = [
XByteField('localIdentifier', 0),
XByteEnumField('inputOutputControlParameter', 0,
inputOutputControlParameters),
StrField('controlState', b"", fmt="B")
]
class Dot11CCMP(Dot11Encrypted):
name = "802.11 TKIP packet"
fields_desc = [
# iv - 8 bytes
ByteField("PN0", 0),
ByteField("PN1", 0),
ByteField("res0", 0),
BitField("key_id", 0, 2), #
BitField("ext_iv", 0, 1), # => LE = reversed order
BitField("res1", 0, 5), #
ByteField("PN2", 0),
ByteField("PN3", 0),
ByteField("PN4", 0),
ByteField("PN5", 0),
# data
StrField("data", None),
]
class SAPCARCompressedBlobFormat(PacketNoPadded):
"""SAP CAR compressed blob
This is used for decompressing blobs inside the compressed block.
"""
name = "SAP CAR Archive Compressed blob"
fields_desc = [
LEIntField("compressed_length", None),
LEIntField("uncompress_length", None),
ByteEnumField("algorithm", 0x12, {0x12: "LZH", 0x10: "LZC"}),
StrFixedLenField("magic_bytes", "\x1f\x9d", 2),
ByteField("special", 2),
ConditionalField(StrField("blob", None, remain=4), lambda x: x.compressed_length <= 8),
ConditionalField(StrFixedLenField("blob", None, length_from=lambda x: x.compressed_length - 8),
lambda x: x.compressed_length > 8),
]
class Raw(Packet):
name = "Raw"
fields_desc = [ StrField("load", "") ]
def answers(self, other):
return 1
# s = str(other)
# t = self.load
# l = min(len(s), len(t))
# return s[:l] == t[:l]
def mysummary(self):
cs = conf.raw_summary
if cs:
if callable(cs):
return "Raw %s" % cs(self.load)
else:
return "Raw %r" % self.load
return Packet.mysummary(self)
class DNSRRRSIG(_DNSRRdummy):
name = "DNS RRSIG Resource Record"
fields_desc = [DNSStrField("rrname", ""),
ShortEnumField("type", 46, dnstypes),
ShortEnumField("rclass", 1, dnsclasses),
IntField("ttl", 0),
ShortField("rdlen", None),
ShortEnumField("typecovered", 1, dnstypes),
ByteEnumField("algorithm", 5, dnssecalgotypes),
ByteField("labels", 0),
IntField("originalttl", 0),
UTCTimeField("expiration", 0),
UTCTimeField("inception", 0),
ShortField("keytag", 0),
DNSStrField("signersname", ""),
StrField("signature", "")
]
class BOOTP(Packet):
name = "BOOTP"
fields_desc = [
ByteEnumField("op", 1, {
1: "BOOTREQUEST",
2: "BOOTREPLY"
}),
ByteField("htype", 1),
ByteField("hlen", 6),
ByteField("hops", 0),
IntField("xid", 0),
ShortField("secs", 0),
FlagsField("flags", 0, 16, "???????????????B"),
IPField("ciaddr", "0.0.0.0"),
IPField("yiaddr", "0.0.0.0"),
IPField("siaddr", "0.0.0.0"),
IPField("giaddr", "0.0.0.0"),
Field("chaddr", b"", "16s"),
Field("sname", b"", "64s"),
Field("file", b"", "128s"),
StrField("options", b"")
]
def guess_payload_class(self, payload):
if self.options[:len(dhcpmagic)] == dhcpmagic:
return DHCP
else:
return Packet.guess_payload_class(self, payload)
def extract_padding(self, s):
if self.options[:len(dhcpmagic)] == dhcpmagic:
# set BOOTP options to DHCP magic cookie and make rest a payload of DHCP options # noqa: E501
payload = self.options[len(dhcpmagic):]
self.options = self.options[:len(dhcpmagic)]
return payload, None
else:
return b"", None
def hashret(self):
return struct.pack("!I", self.xid)
def answers(self, other):
if not isinstance(other, BOOTP):
return 0
return self.xid == other.xid
class Dot11TKIP(Dot11Encrypted):
name = "802.11 TKIP packet"
fields_desc = [
# iv - 4 bytes
ByteField("TSC1", 0),
ByteField("WEPSeed", 0),
ByteField("TSC0", 0),
BitField("key_id", 0, 2), #
BitField("ext_iv", 0, 1), # => LE = reversed order
BitField("res", 0, 5), #
# ext_iv - 4 bytes
ConditionalField(ByteField("TSC2", 0), lambda pkt: pkt.ext_iv),
ConditionalField(ByteField("TSC3", 0), lambda pkt: pkt.ext_iv),
ConditionalField(ByteField("TSC4", 0), lambda pkt: pkt.ext_iv),
ConditionalField(ByteField("TSC5", 0), lambda pkt: pkt.ext_iv),
# data
StrField("data", None),
]
class UDS_RCPR(Packet):
name = 'RoutineControlPositiveResponse'
fields_desc = [
ByteEnumField('routineControlType', 0, UDS_RC.routineControlTypes),
XShortField('routineIdentifier', 0),
StrField('routineStatusRecord', 0, fmt="B"),
]
def answers(self, other):
return other.__class__ == UDS_RC \
and other.routineControlType == self.routineControlType
@staticmethod
def get_log(pkt):
return pkt.sprintf("%UDS.service%"),\
(pkt.routineControlType,
pkt.routineIdentifier,
pkt.routineStatusRecord)
class ZigbeeSecurityHeader(Packet):
name = "Zigbee Security Header"
fields_desc = [
# Security control (1 octet)
FlagsField("reserved1", 0, 2, ['reserved1', 'reserved2']),
BitField("extended_nonce", 1, 1), # set to 1 if the sender address field is present (source) # noqa: E501
# Key identifier
BitEnumField("key_type", 1, 2, {
0: 'data_key',
1: 'network_key',
2: 'key_transport_key',
3: 'key_load_key'
}),
# Security level (3 bits)
BitEnumField("nwk_seclevel", 0, 3, {
0: "None",
1: "MIC-32",
2: "MIC-64",
3: "MIC-128",
4: "ENC",
5: "ENC-MIC-32",
6: "ENC-MIC-64",
7: "ENC-MIC-128"
}),
# Frame counter (4 octets)
XLEIntField("fc", 0), # provide frame freshness and prevent duplicate frames # noqa: E501
# Source address (0/8 octets)
ConditionalField(dot15d4AddressField("source", 0, adjust=lambda pkt, x: 8), lambda pkt: pkt.extended_nonce), # noqa: E501
# Key sequence number (0/1 octet): only present when key identifier is 1 (network key) # noqa: E501
ConditionalField(ByteField("key_seqnum", 0), lambda pkt: pkt.getfieldval("key_type") == 1), # noqa: E501
# Payload
# the length of the encrypted data is the payload length minus the MIC
StrField("data", ""), # noqa: E501
# Message Integrity Code (0/variable in size), length depends on nwk_seclevel # noqa: E501
XStrField("mic", ""),
]
def post_dissect(self, s):
# Get the mic dissected correctly
mic_length = util_mic_len(self)
if mic_length > 0: # Slice "data" into "data + mic"
_data, _mic = self.data[:-mic_length], self.data[-mic_length:]
self.data, self.mic = _data, _mic
return s
class VRRPv3(Packet):
fields_desc = [
BitField("version", 3, 4),
BitField("type", 1, 4),
ByteField("vrid", 1),
ByteField("priority", 100),
FieldLenField("ipcount", None, count_of="addrlist", fmt="B"),
BitField("res", 0, 4),
BitField("adv", 100, 12),
XShortField("chksum", None),
MultipleTypeField([
(FieldListField("addrlist", [],
IPField("", "0.0.0.0"),
count_from=lambda pkt: pkt.ipcount),
lambda p: isinstance(p.underlayer, IP)),
(FieldListField("addrlist", [],
IP6Field("", "::"),
count_from=lambda pkt: pkt.ipcount),
lambda p: isinstance(p.underlayer, IPv6)),
], StrField("addrlist", ""))
]
def post_build(self, p, pay):
if self.chksum is None:
if isinstance(self.underlayer, IP):
ck = in4_chksum(112, self.underlayer, p)
elif isinstance(self.underlayer, IPv6):
ck = in6_chksum(112, self.underlayer, p)
else:
warning(
"No IP(v6) layer to compute checksum on VRRP. Leaving null"
) # noqa: E501
ck = 0
p = p[:6] + chb(ck >> 8) + chb(ck & 0xff) + p[8:]
return p
@classmethod
def dispatch_hook(cls, _pkt=None, *args, **kargs):
if _pkt and len(_pkt) >= 16:
ver_n_type = orb(_pkt[0])
if ver_n_type < 48 or ver_n_type > 57: # Version != 3
return VRRP
return VRRPv3
class GMLAN_TD(Packet):
subfunctions = {0x00: "download", 0x80: "downloadAndExecuteOrExecute"}
name = 'TransferData'
fields_desc = [
ByteEnumField('subfunction', 0, subfunctions),
ConditionalField(XShortField('startingAddress', 0),
lambda pkt: GMLAN.determine_len(2)),
ConditionalField(X3BytesField('startingAddress', 0),
lambda pkt: GMLAN.determine_len(3)),
ConditionalField(XIntField('startingAddress', 0),
lambda pkt: GMLAN.determine_len(4)),
StrField("dataRecord", None)
]
@staticmethod
def get_log(pkt):
return pkt.sprintf("%GMLAN.service%"), \
(pkt.sprintf("%GMLAN_TD.subfunction%"), pkt.startingAddress,
pkt.dataRecord)
class USBPcap(Packet):
''' Packet used in pcap files '''
name = 'USBPcap'
fields_desc = [
LELongField('urb_id', 0),
CharEnumField('urb_type', SUBMIT, pcap_urb_type),
ByteEnumField('urb_transfert', PCAP_CTRL, pcap_urb_transfert),
BitEnumField('endpoint_direction', USBDefs.EP.Direction.IN, 1,
USBDefs.EP.Direction.desc),
BitField('endpoint_number', 0, 7),
ByteField('device', 1),
LEShortField('bus_id', 1),
ByteEnumField('device_setup_request', 0, pcap_setup_request),
ByteEnumField('data_present', 0, pcap_data_present),
LELongField('urb_sec', 0),
LEIntField('urb_usec', 0),
LESignedIntEnumField('urb_status', 0, pcap_urb_status),
LEIntField('urb_length', 0),
LEIntField('data_length', 0),
ConditionalField(
PacketField('urb_setup', GetDescriptor(), URB),
lambda p: p.urb_transfert == 2 and p.urb_type == 'S',
),
BytesFixedLenField(
'garbage',
pcap_garbage,
length_from=lambda p: 24
if p.urb_setup is None else 24 - len(p.urb_setup),
),
ConditionalField(
PacketField('descriptor', DeviceDescriptor(), Descriptor),
lambda p: p.urb_transfert == 2 and p.urb_type == 'C' and p.
data_length > 0,
),
StrField('data', ''),
]
def is_ctrl_request(self):
return self.urb_type == SUBMIT and self.urb_transfert == PCAP_CTRL
def is_ctrl_response(self):
return self.urb_type == COMPLETE and self.urb_transfert == PCAP_CTRL
