mirror of
https://github.com/bol-van/zapret2.git
synced 2026-03-14 06:13:09 +00:00
nfqws2: hidden packet data fuzz option
This commit is contained in:
bol-van
@@ -6,6 +6,7 @@ CFLAGS_LINUX = -Wno-alloc-size-larger-than
|
||||
CFLAGS_SYSTEMD = -DUSE_SYSTEMD
|
||||
CFLAGS_BSD = -Wno-address-of-packed-member
|
||||
CFLAGS_CYGWIN = -Wno-address-of-packed-member -static
|
||||
CFLAGS_UBSAN = -fsanitize=undefined,alignment -fno-sanitize-recover=undefined,alignment
|
||||
LDFLAGS_ANDROID = -llog
|
||||
LIBS =
|
||||
LIBS_LINUX = -lz -lnetfilter_queue -lnfnetlink -lmnl -lm
|
||||
@@ -135,6 +136,9 @@ all: nfqws2
|
||||
nfqws2: $(SRC_FILES)
|
||||
$(CC) -s $(CFLAGS) $(LUA_CFL) $(CFLAGS_LINUX) -o nfqws2 $(SRC_FILES) $(LIBS) $(LUA_LIB) $(LIBS_LINUX) $(LDFLAGS)
|
||||
|
||||
ubsan: $(SRC_FILES)
|
||||
$(CC) $(CFLAGS_UBSAN) $(CFLAGS) $(LUA_CFL) $(CFLAGS_LINUX) -o nfqws2 $(SRC_FILES) $(LIBS) $(LUA_LIB) $(LIBS_LINUX) $(LDFLAGS)
|
||||
|
||||
systemd: $(SRC_FILES)
|
||||
$(CC) -s $(CFLAGS) $(LUA_CFL) $(CFLAGS_LINUX) $(CFLAGS_SYSTEMD) -o nfqws2 $(SRC_FILES) $(LIBS) $(LUA_LIB) $(LIBS_LINUX) $(LIBS_SYSTEMD) $(LDFLAGS)
|
||||
|
||||
|
||||
@@ -2030,7 +2030,7 @@ static uint8_t dpi_desync_ip_packet(
|
||||
if (!!dis->ip == !!dis->ip6) return verdict;
|
||||
|
||||
struct sockaddr_storage src, dst;
|
||||
const char *ssid;
|
||||
const char *ssid = NULL;
|
||||
struct desync_profile *dp;
|
||||
|
||||
extract_endpoints(dis->ip, dis->ip6, NULL, NULL, &src, &dst);
|
||||
@@ -2129,6 +2129,8 @@ static uint8_t dpi_desync_packet_play(
|
||||
verdict = dpi_desync_ip_packet(fwmark, ifin, ifout, &dis, mod_pkt, len_mod_pkt);
|
||||
}
|
||||
}
|
||||
else
|
||||
DLOG("invalid packet - neither ipv4 or ipv6\n");
|
||||
return verdict;
|
||||
}
|
||||
uint8_t dpi_desync_packet(uint32_t fwmark, const char *ifin, const char *ifout, const uint8_t *data_pkt, size_t len_pkt, uint8_t *mod_pkt, size_t *len_mod_pkt)
|
||||
|
||||
@@ -456,7 +456,10 @@ bool file_open_test(const char *filename, int flags)
|
||||
void fill_random_bytes(uint8_t *p,size_t sz)
|
||||
{
|
||||
size_t k;
|
||||
for (k=0 ; (k+1)<sz ; k+=2) phton16(p+k, (uint16_t)random());
|
||||
// alignment
|
||||
if ((size_t)p & 1) { *p=(uint8_t)random(); sz--; p++; }
|
||||
// random has only 31 bits of entropy. not 32 bits
|
||||
for (k=0 ; (k+1)<sz ; k+=2) *(uint16_t*)(p+k) = (uint16_t)random();
|
||||
if (sz & 1) p[sz-1]=(uint8_t)random();
|
||||
}
|
||||
void fill_random_az(uint8_t *p,size_t sz)
|
||||
|
||||
45
nfq2/nfqws.c
45
nfq2/nfqws.c
@@ -156,6 +156,37 @@ static uint8_t processPacketData(uint32_t *mark, const char *ifin, const char *i
|
||||
return dpi_desync_packet(*mark, ifin, ifout, data_pkt, len_pkt, mod_pkt, len_mod_pkt);
|
||||
}
|
||||
|
||||
static void fuzzPacketData(unsigned int count)
|
||||
{
|
||||
uint8_t packet[RECONSTRUCT_MAX_SIZE],mod[RECONSTRUCT_MAX_SIZE];
|
||||
size_t len, modlen;
|
||||
unsigned int k;
|
||||
uint32_t mark=0;
|
||||
uint8_t verdict;
|
||||
|
||||
for(k=0;k<count;k++)
|
||||
{
|
||||
if (bQuit) break;
|
||||
if (!(k%1000)) DLOG_CONDUP("fuzz ct=%u\n",k);
|
||||
len = random()%sizeof(packet);
|
||||
fill_random_bytes(packet,len);
|
||||
if (len)
|
||||
{
|
||||
// simulate ipv4 or ipv6 and invalid packet with low probability
|
||||
*packet = *packet ? (*packet & 1) ? 0x40 : 0x60 | (*packet & 0x0F) : (uint8_t)random();
|
||||
}
|
||||
modlen = sizeof(mod);
|
||||
verdict = processPacketData(&mark,random()%1 ? "ifin" : NULL,random()%1 ? "ifout" : NULL,packet,len,mod,&modlen);
|
||||
}
|
||||
}
|
||||
static void do_fuzz(void)
|
||||
{
|
||||
if (params.fuzz)
|
||||
{
|
||||
DLOG_CONDUP("fuzz packet data count=%u\n",params.fuzz);
|
||||
fuzzPacketData(params.fuzz);
|
||||
}
|
||||
}
|
||||
|
||||
static bool test_list_files()
|
||||
{
|
||||
@@ -381,9 +412,11 @@ static int nfq_main(void)
|
||||
if (!lua_init())
|
||||
goto err;
|
||||
|
||||
do_fuzz();
|
||||
|
||||
if (!params.intercept)
|
||||
{
|
||||
DLOG("no intercept quit\n");
|
||||
DLOG_CONDUP("no intercept quit\n");
|
||||
goto exok;
|
||||
}
|
||||
|
||||
@@ -548,6 +581,8 @@ static int dvt_main(void)
|
||||
if (!lua_init())
|
||||
goto exiterr;
|
||||
|
||||
do_fuzz();
|
||||
|
||||
if (!params.intercept)
|
||||
{
|
||||
DLOG("no intercept quit\n");
|
||||
@@ -737,6 +772,8 @@ static int win_main()
|
||||
res=ERROR_INVALID_PARAMETER; goto ex;
|
||||
}
|
||||
|
||||
do_fuzz();
|
||||
|
||||
if (!params.intercept)
|
||||
{
|
||||
DLOG("no intercept quit\n");
|
||||
@@ -1783,6 +1820,7 @@ enum opt_indices {
|
||||
IDX_DEBUG,
|
||||
IDX_DRY_RUN,
|
||||
IDX_INTERCEPT,
|
||||
IDX_FUZZ,
|
||||
IDX_VERSION,
|
||||
IDX_COMMENT,
|
||||
#ifdef __linux__
|
||||
@@ -1886,6 +1924,7 @@ static const struct option long_options[] = {
|
||||
[IDX_DEBUG] = {"debug", optional_argument, 0, 0},
|
||||
[IDX_DRY_RUN] = {"dry-run", no_argument, 0, 0},
|
||||
[IDX_INTERCEPT] = {"intercept", optional_argument, 0, 0},
|
||||
[IDX_FUZZ] = {"fuzz", required_argument, 0, 0},
|
||||
[IDX_VERSION] = {"version", no_argument, 0, 0},
|
||||
[IDX_COMMENT] = {"comment", optional_argument, 0, 0},
|
||||
#ifdef __linux__
|
||||
@@ -2161,6 +2200,10 @@ int main(int argc, char **argv)
|
||||
case IDX_INTERCEPT:
|
||||
params.intercept = !optarg || atoi(optarg);
|
||||
break;
|
||||
case IDX_FUZZ:
|
||||
params.fuzz = atoi(optarg);
|
||||
params.intercept = false;
|
||||
break;
|
||||
case IDX_VERSION:
|
||||
exit_clean(0);
|
||||
break;
|
||||
|
||||
@@ -133,6 +133,7 @@ struct params_s
|
||||
bool debug;
|
||||
|
||||
bool daemon, intercept;
|
||||
unsigned int fuzz;
|
||||
|
||||
#ifdef __linux__
|
||||
int qnum;
|
||||
|
||||
Reference in New Issue
Block a user