metasploit-framework/lib/packetfu/packetfu.rb

149 lines
3.7 KiB
Ruby
Raw Normal View History

# :title: PacketFu Documentation
# :main: README
cwd = File.expand_path(File.dirname(__FILE__))
$: << cwd
require File.join(cwd,"packetfu","structfu")
require "ipaddr"
require 'rubygems' if RUBY_VERSION =~ /^1\.[0-8]/
module PacketFu
# Picks up all the protocols defined in the protos subdirectory
def self.require_protos(cwd)
protos_dir = File.join(cwd, "packetfu", "protos")
Dir.new(protos_dir).each do |fname|
next unless fname[/\.rb$/]
begin
require File.join(protos_dir,fname)
rescue
warn "Warning: Could not load `#{fname}'. Skipping."
end
end
end
# Deal with Ruby's encoding by ignoring it.
def self.force_binary(str)
str.force_encoding "binary" if str.respond_to? :force_encoding
end
# Sets the expected byte order for a pcap file. See PacketFu::Read.set_byte_order
@byte_order = :little
# Checks if pcaprub is loaded correctly.
@pcaprub_loaded = false
# PacketFu works best with Pcaprub version 0.8-dev (at least)
# The current (Aug 01, 2010) pcaprub gem is 0.9, so should be fine.
def self.pcaprub_platform_require
begin
require 'pcaprub'
rescue LoadError
return false
end
@pcaprub_loaded = true
end
pcaprub_platform_require
if @pcaprub_loaded
pcaprub_regex = /[0-9]\.([8-9]|[1-7][0-9])(-dev)?/ # Regex for 0.8 and beyond.
if Pcap.version !~ pcaprub_regex
@pcaprub_loaded = false # Don't bother with broken versions
raise LoadError, "PcapRub not at a minimum version of 0.8-dev"
end
require "packetfu/capture"
require "packetfu/inject"
end
# Returns the status of pcaprub
def self.pcaprub_loaded?
@pcaprub_loaded
end
# Returns an array of classes defined in PacketFu
def self.classes
constants.map { |const| const_get(const) if const_get(const).kind_of? Class}.compact
end
# Adds the class to PacketFu's list of packet classes -- used in packet parsing.
def self.add_packet_class(klass)
raise "Need a class" unless klass.kind_of? Class
if klass.name !~ /[A-Za-z0-9]Packet/
raise "Packet classes should be named 'ProtoPacket'"
end
@packet_classes ||= []
@packet_classes << klass
@packet_classes.sort! {|x,y| x.name <=> y.name}
end
# Presumably, there may be a time where you'd like to remove a packet class.
def self.remove_packet_class(klass)
raise "Need a class" unless klass.kind_of? Class
@packet_classes ||= []
@packet_classes.delete klass
@packet_classes
end
# Returns an array of packet classes
def self.packet_classes
@packet_classes || []
end
# Returns an array of packet types by packet prefix.
def self.packet_prefixes
return [] unless @packet_classes
@packet_classes.map {|p| p.to_s.split("::").last.to_s.downcase.gsub(/packet$/,"")}
end
# The current inspect style. One of :hex, :dissect, or :default
# Note that :default means Ruby's default, which is usually
# far too long to be useful.
def self.inspect_style
@inspect_style ||= :dissect
end
# Setter for PacketFu's @inspect_style
def self.inspect_style=(arg)
@inspect_style = case arg
when :hex, :pretty
:hex
when :dissect, :verbose
:dissect
when :default, :ugly
:default
else
:dissect
end
end
# Switches inspect styles in a round-robin fashion between
# :dissect, :default, and :hex
def toggle_inspect
case @inspect_style
when :hex, :pretty
@inspect_style = :dissect
when :dissect, :verbose
@inspect_style = :default
when :default, :ugly
@inspect_style = :hex
else
@inspect_style = :dissect
end
end
end
require File.join(cwd,"packetfu","version")
require File.join(cwd,"packetfu","pcap")
require File.join(cwd,"packetfu","packet")
PacketFu.require_protos(cwd)
require File.join(cwd,"packetfu","utils")
require File.join(cwd,"packetfu","config")
# vim: nowrap sw=2 sts=0 ts=2 ff=unix ft=ruby