0b65ece85b
- Added a patch to add both communication partners in arpspoof - Added patch to allow multiple targets to be imitated simultaniously - Added patch to allow the selection of source hw address in arpspoof - Added a patch which fixes and modernizes the POP decoder - Fixed segmentation faults related to libnet_name2addr4() (#1009879) - Added a patch to fix bit-shift in pntohl() macro (#714958, #850496) - Avoid xdrs being used without being initialised (#715042, #850494)
123 lines
2.9 KiB
Diff
123 lines
2.9 KiB
Diff
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to rewrite and
|
|
modernize the POP decoder. For some more information, please have a look to Debian
|
|
bug ID #647583.
|
|
|
|
--- dsniff-2.4/decode_pop.c 2013-12-20 21:06:13.000000000 +0100
|
|
+++ dsniff-2.4/decode_pop.c.modernize_pop 2013-12-20 21:12:58.000000000 +0100
|
|
@@ -6,6 +6,8 @@
|
|
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
|
|
*
|
|
* $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $
|
|
+ *
|
|
+ * Rewritten by Stefan Tomanek 2011 <stefan@pico.ruhr.de>
|
|
*/
|
|
|
|
#include "config.h"
|
|
@@ -45,32 +47,87 @@
|
|
decode_pop(u_char *buf, int len, u_char *obuf, int olen)
|
|
{
|
|
char *p;
|
|
+ char *s;
|
|
+ int n;
|
|
int i, j;
|
|
+ char *user;
|
|
+ char *password;
|
|
+ enum {
|
|
+ NONE,
|
|
+ AUTHPLAIN,
|
|
+ AUTHLOGIN,
|
|
+ USERPASS
|
|
+ } mode = NONE;
|
|
|
|
obuf[0] = '\0';
|
|
|
|
for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) {
|
|
- if (strncasecmp(p, "AUTH PLAIN", 10) == 0 ||
|
|
- strncasecmp(p, "AUTH LOGIN", 10) == 0) {
|
|
- strlcat(obuf, p, olen);
|
|
- strlcat(obuf, "\n", olen);
|
|
-
|
|
- /* Decode SASL auth. */
|
|
- for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) {
|
|
- strlcat(obuf, p, olen);
|
|
- j = base64_pton(p, p, strlen(p));
|
|
- p[j] = '\0';
|
|
- strlcat(obuf, " [", olen);
|
|
- strlcat(obuf, p, olen);
|
|
- strlcat(obuf, "]\n", olen);
|
|
+ if (mode == NONE) {
|
|
+ user = NULL;
|
|
+ password = NULL;
|
|
+ if (strncasecmp(p, "AUTH PLAIN", 10) == 0) {
|
|
+ mode = AUTHPLAIN;
|
|
+ continue;
|
|
+ }
|
|
+ if (strncasecmp(p, "AUTH LOGIN", 10) == 0) {
|
|
+ mode = AUTHLOGIN;
|
|
+ continue;
|
|
+ }
|
|
+ if (strncasecmp(p, "USER ", 5) == 0) {
|
|
+ mode = USERPASS;
|
|
+ /* the traditional login cuts right to the case,
|
|
+ * so no continue here
|
|
+ */
|
|
}
|
|
}
|
|
- /* Save regular POP2, POP3 auth info. */
|
|
- else if (strncasecmp(p, "USER ", 5) == 0 ||
|
|
- strncasecmp(p, "PASS ", 5) == 0 ||
|
|
- strncasecmp(p, "HELO ", 5) == 0) {
|
|
- strlcat(obuf, p, olen);
|
|
- strlcat(obuf, "\n", olen);
|
|
+ printf("(%d) %s\n", mode, p);
|
|
+ if (mode == USERPASS) {
|
|
+ if (strncasecmp(p, "USER ", 5) == 0) {
|
|
+ user = &p[5];
|
|
+ } else if (strncasecmp(p, "PASS ", 5) == 0) {
|
|
+ password = &p[5];
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (mode == AUTHPLAIN) {
|
|
+ j = base64_pton(p, p, strlen(p));
|
|
+ p[j] = '\0';
|
|
+ n = 0;
|
|
+ s = p;
|
|
+ /* p consists of three parts, divided by \0 */
|
|
+ while (s <= &p[j] && n<=3) {
|
|
+ if (n == 0) {
|
|
+ /* we do not process this portion yet */
|
|
+ } else if (n == 1) {
|
|
+ user = s;
|
|
+ } else if (n == 2) {
|
|
+ password = s;
|
|
+ }
|
|
+ n++;
|
|
+ while (*s) s++;
|
|
+ s++;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (mode == AUTHLOGIN) {
|
|
+ j = base64_pton(p, p, strlen(p));
|
|
+ p[j] = '\0';
|
|
+ if (!user) {
|
|
+ user = p;
|
|
+ } else {
|
|
+ password = p;
|
|
+ /* got everything we need :-) */
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (user && password) {
|
|
+ strlcat(obuf, "\nusername [", olen);
|
|
+ strlcat(obuf, user, olen);
|
|
+ strlcat(obuf, "] password [", olen);
|
|
+ strlcat(obuf, password, olen);
|
|
+ strlcat(obuf, "]\n", olen);
|
|
+
|
|
+ mode = NONE;
|
|
}
|
|
}
|
|
return (strlen(obuf));
|