Changeset 422
- Timestamp:
- 03/25/06 20:32:38 (3 years ago)
- Files:
-
- nepenthes/trunk/modules/shellcode-signatures/Makefile.am (modified) (2 diffs)
- nepenthes/trunk/modules/shellcode-signatures/Makefile.parser (added)
- nepenthes/trunk/modules/shellcode-signatures/lex.yy.c (added)
- nepenthes/trunk/modules/shellcode-signatures/parser-shared.h (deleted)
- nepenthes/trunk/modules/shellcode-signatures/parser.h (added)
- nepenthes/trunk/modules/shellcode-signatures/parser.hpp (added)
- nepenthes/trunk/modules/shellcode-signatures/parser.l (modified) (1 diff)
- nepenthes/trunk/modules/shellcode-signatures/parser.y (modified) (6 diffs)
- nepenthes/trunk/modules/shellcode-signatures/sch_namespace_xor.hpp (modified) (1 diff)
- nepenthes/trunk/modules/shellcode-signatures/shellcode.l (deleted)
- nepenthes/trunk/modules/shellcode-signatures/shellcode.y (deleted)
- nepenthes/trunk/modules/shellcode-signatures/y.tab.c (added)
- nepenthes/trunk/modules/shellcode-signatures/y.tab.h (added)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
nepenthes/trunk/modules/shellcode-signatures/Makefile.am
r419 r422 12 12 13 13 14 BUILD_SOURCES = parser.c15 16 14 shellcodesignatures_la_SOURCES = shellcode-signatures.sc 17 shellcodesignatures_la_SOURCES += parser.y15 shellcodesignatures_la_SOURCES += y.tab.c lex.yy.c 18 16 shellcodesignatures_la_SOURCES += shellcode-signatures.cpp shellcode-signatures.hpp 19 17 … … 22 20 shellcodesignatures_la_LDFLAGS = -module -no-undefined -avoid-version 23 21 24 CLEANFILES = parser.cnepenthes/trunk/modules/shellcode-signatures/parser.l
r419 r422 2 2 %{ 3 3 #include <string.h> 4 #include " parser.h"4 #include "y.tab.h" 5 5 6 6 inline void string_reset(); nepenthes/trunk/modules/shellcode-signatures/parser.y
r419 r422 1 1 /* $Id$ */ 2 2 %{ 3 #include "parser-shared.h" 4 5 struct shellcode *shellcodes = NULL; 6 3 #define _GNU_SOURCE 4 #include <string.h> 5 #include <stdio.h> 6 #include <memory.h> 7 8 #include "parser.h" 9 10 inline void string_reset(); 11 inline char *string_get_buffer(); 12 inline int string_get_len(); 7 13 8 14 extern char *yytext; 9 15 extern FILE *yyin; 16 17 static struct shellcode *shellcodes = NULL; 10 18 extern int line_number; 11 19 20 static struct shellcode *init_shellcode(); 21 static char *get_namespace_by_numeric(int num); 22 static char *get_mapping_by_numeric(int num); 12 23 13 24 %} … … 44 55 45 56 printf("\tname %s\n", shellcodes->name); 46 printf("\tnamespace %s (%d) \n", get_namespace_by_numeric(shellcodes-> sc_namespace), shellcodes->sc_namespace);57 printf("\tnamespace %s (%d) \n", get_namespace_by_numeric(shellcodes->nspace), shellcodes->nspace); 47 58 // printf("\tpattern %s\n", shellcodes->pattern); 48 59 printf("\tmap-size %d\n", shellcodes->map_items); … … 72 83 : SC_XOR 73 84 { 74 shellcodes-> sc_namespace = sc_xor;85 shellcodes->nspace = sc_xor; 75 86 } 76 87 | 77 88 SC_LINKXOR 78 89 { 79 shellcodes-> sc_namespace = sc_linkxor;90 shellcodes->nspace = sc_linkxor; 80 91 } 81 92 | 82 93 SC_KONSTANZXOR 83 94 { 84 shellcodes-> sc_namespace = sc_konstanzxor;95 shellcodes->nspace = sc_konstanzxor; 85 96 } 86 97 | 87 98 SC_LEIMBACHXOR 88 99 { 89 shellcodes-> sc_namespace = sc_leimbachxor;100 shellcodes->nspace = sc_leimbachxor; 90 101 } 91 102 | 92 103 SC_BIND_SHELL 93 104 { 94 shellcodes-> sc_namespace = sc_bindshell;105 shellcodes->nspace = sc_bindshell; 95 106 } 96 107 | 97 108 SC_CONNECTBACK_SHELL 98 109 { 99 shellcodes-> sc_namespace = sc_connectbackshell;110 shellcodes->nspace = sc_connectbackshell; 100 111 } 101 112 | 102 113 SC_CONNECTBACK_FILETRANSFER 103 114 { 104 shellcodes-> sc_namespace = sc_connectbackfiletransfer;115 shellcodes->nspace = sc_connectbackfiletransfer; 105 116 } 106 117 | 107 118 SC_EXECUTE 108 119 { 109 shellcodes-> sc_namespace = sc_execute;120 shellcodes->nspace = sc_execute; 110 121 } 111 122 | 112 123 SC_DOWNLOAD 113 124 { 114 shellcodes-> sc_namespace = sc_download;125 shellcodes->nspace = sc_download; 115 126 } 116 127 | 117 128 SC_URL 118 129 { 119 shellcodes-> sc_namespace = sc_url;130 shellcodes->nspace = sc_url; 120 131 } 121 132 | 122 133 SC_CONNECTBACK_LINK_FILETRANSFER 123 134 { 124 shellcodes-> sc_namespace = sc_link;135 shellcodes->nspace = sc_link; 125 136 } 126 137 | 127 138 SC_BIND_LINK_FILETRANSFER 128 139 { 129 shellcodes-> sc_namespace = sc_blink;140 shellcodes->nspace = sc_blink; 130 141 } 131 142 ; … … 226 237 227 238 228 char *get_namespace_by_numeric(int num)239 static char *get_namespace_by_numeric(int num) 229 240 { 230 241 … … 251 262 } 252 263 253 char *get_mapping_by_numeric(int num)264 static char *get_mapping_by_numeric(int num) 254 265 { 255 266 static char *mapmapping[]= … … 271 282 272 283 273 int yyerror(char* s) { 274 printf(" %s at '%s' on line %d\n", s, yytext, line_number );return 0; 275 } 276 277 278 int yywrap(){ return 1; } 279 /* 280 int main(int argc, char** argv){ 281 init_shellcode(); 282 yyparse(); 283 } 284 285 */ 284 int yyerror(char* s) 285 { 286 printf(" %s at '%s' on line %d\n", s, yytext, line_number ); 287 return 0; 288 } 289 290 291 int yywrap() 292 { 293 return 1; 294 } 295 296 struct shellcode *sc_parse_file(const char *filename) 297 { 298 init_shellcode(); 299 300 yyin = fopen(filename, "r"); 301 302 if( yyin == NULL ) 303 return NULL; 304 305 yyparse(); 306 fclose(yyin); 307 308 return shellcodes; 309 } 310 311 char *sc_get_error() 312 { 313 return "no idea"; 314 } nepenthes/trunk/modules/shellcode-signatures/sch_namespace_xor.hpp
r419 r422 34 34 #include <pcre.h> 35 35 #include "ShellcodeHandler.hpp" 36 #include "parser -shared.h"36 #include "parser.hpp" 37 37 38 38 namespace nepenthes
