Merge pull request #1204 from gpotter2/bind-udp

Additional Loopback bind + LLMNR bind + SNMP bind

Author: guedou

scapy/layers/inet6.py

@@ -4023,7 +4023,9 @@ def ra_reply_callback(req, iface):
 bind_layers(CookedLinux, IPv6,   proto = 0x86dd )
 bind_layers(GRE,       IPv6,     proto = 0x86dd )
 bind_layers(SNAP,      IPv6,     code = 0x86dd )
+bind_layers(Loopback,  IPv6,     type = 0x18 )
 bind_layers(Loopback,  IPv6,     type = 0x1c )
+bind_layers(Loopback,  IPv6,     type = 0x1e )
 bind_layers(IPerror6,  TCPerror, nh = socket.IPPROTO_TCP )
 bind_layers(IPerror6,  UDPerror, nh = socket.IPPROTO_UDP )
 bind_layers(IPv6,      TCP,      nh = socket.IPPROTO_TCP )

scapy/layers/l2.py

@@ -398,7 +398,13 @@ def m2i(self, pkt, x):
     def i2m(self, pkt, x):
         return x << 24
 
-LOOPBACK_TYPES = { 0x2: "IPv4", 0x1c: "IPv6" }
+# https://github.com/wireshark/wireshark/blob/fe219637a6748130266a0b0278166046e60a2d68/epan/dissectors/packet-null.c
+# https://www.wireshark.org/docs/wsar_html/epan/aftypes_8h.html
+LOOPBACK_TYPES = { 0x2: "IPv4",
+                   0x7: "OSI",
+                   0x10: "Appletalk",
+                   0x17: "Netware IPX/SPX",
+                   0x18: "IPv6", 0x1c: "IPv6", 0x1e: "IPv6" }
 
 class Loopback(Packet):
     """*BSD loopback layer"""

scapy/layers/llmnr.py

@@ -48,17 +48,19 @@ def answers(self, other):
                 self.qr == 1 and
                 other.qr == 0)
 
-def _llmnr_dispatcher(x, *args, **kargs):
-    cls = conf.raw_layer
-    if len(x) >= 2:
-        if (orb(x[2]) & 0x80): # Response
-            cls = LLMNRResponse
-        else:                  # Query
-            cls = LLMNRQuery
-    return cls(x, *args, **kargs)
+class _LLMNR(Packet):
+    @classmethod
+    def dispatch_hook(cls, _pkt=None, *args, **kargs):
+        if len(_pkt) >= 2:
+            if (orb(_pkt[2]) & 0x80): # Response
+                return LLMNRResponse
+            else:                  # Query
+                return LLMNRQuery
+        return cls
 
-bind_bottom_up(UDP, _llmnr_dispatcher, { "dport": 5355 })
-bind_bottom_up(UDP, _llmnr_dispatcher, { "sport": 5355 })
+bind_bottom_up(UDP, _LLMNR, dport=5355)
+bind_bottom_up(UDP, _LLMNR, sport=5355)
+bind_layers(UDP, _LLMNR, sport=5355, dport=5355)
 
 # LLMNRQuery(id=RandShort(), qd=DNSQR(qname="vista.")))
 

scapy/layers/snmp.py

@@ -238,10 +238,11 @@ def answers(self, other):
                    isinstance(other.PDU, SNMPset)    ) and
                  self.PDU.id == other.PDU.id )
 
-bind_layers( UDP,           SNMP,          sport=161)
-bind_layers( UDP,           SNMP,          dport=161)
-bind_layers( UDP,           SNMP,          sport=162) 
-bind_layers( UDP,           SNMP,          dport=162) 
+bind_bottom_up(UDP, SNMP, sport=161)
+bind_bottom_up(UDP, SNMP, dport=161)
+bind_bottom_up(UDP, SNMP, sport=162)
+bind_bottom_up(UDP, SNMP, dport=162)
+bind_layers(UDP, SNMP, sport=161, dport=161)
 
 def snmpwalk(dst, oid="1", community="public"):
     try:

test/regression.uts

@@ -800,6 +800,15 @@ assert(x.PDU.varbindlist[0].value == b"172.31.19.2")
 assert(x.PDU.varbindlist[2].oid == "1.3.6.1.4.1.253.8.64.4.2.1.5.10.14130400")
 assert(x.PDU.varbindlist[2].value == 1)
 
+= Basic UDP/SNMP bindings
+~ SNMP ASN1
+z = UDP()/x
+z = UDP(raw(z))
+assert SNMP in z
+
+x = UDP()/SNMP()
+assert x.sport == x.dport == 161
+
 = ASN1 - ASN1_Object
 assert ASN1_Object(1) == ASN1_Object(1)
 assert ASN1_Object(1) > ASN1_Object(0)
@@ -3596,10 +3605,10 @@ test_show()
 saved_AS_resolver = conf.AS_resolver
 conf.AS_resolver = None
 tr6.make_graph()
-len(tr6.graphdef) == 492
-tr6.graphdef.startswith("digraph trace {") == True
+assert len(tr6.graphdef) == 530
+assert tr6.graphdef.startswith("digraph trace {")
 '"2001:db8::1 53/udp";' in tr6.graphdef
-conf.AS_resolver = conf.AS_resolver
+conf.AS_resolver = saved_AS_resolver 
 
 ############
 ############