PATH:
usr
/
share
/
nmap
/
nselib
--- -- Library methods for handling Cassandra Thrift communication as client -- -- @author Vlatko Kosturjak -- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html -- -- Version 0.1 -- local bin = require "bin" local nmap = require "nmap" local stdnse = require "stdnse" local string = require "string" local table = require "table" _ENV = stdnse.module("cassandra", stdnse.seeall) --[[ Cassandra Thrift protocol implementation. For more information about Cassandra, see: http://cassandra.apache.org/ ]]-- -- Protocol magic strings CASSANDRAREQ = string.char(0x80,0x01,0x00,0x01) CASSANDRARESP = string.char(0x80,0x01,0x00,0x02) CASSLOGINMAGIC = string.char(0x00, 0x00,0x00,0x01,0x0c,0x00,0x01,0x0d,0x00,0x01,0x0b,0x0b,0x00,0x00,0x00,0x02) LOGINSUCC = string.char(0x00,0x00,0x00,0x01,0x00) LOGINFAIL = string.char(0x00,0x00,0x00,0x01,0x0b) LOGINACC = string.char(0x00,0x00,0x00,0x01,0x0c) --Returns string in format length+string itself --@param str to format --@return str : string in format length+string itself function pack4str (str) return (bin.pack(">I",string.len(str)) .. str) end --Returns string in cassandra format for login --@param username to put in format --@param password to put in format --@return str : string in cassandra format for login function loginstr (username, password) local str = CASSANDRAREQ .. pack4str ("login") str = str .. CASSLOGINMAGIC str = str .. pack4str("username") str = str .. pack4str(username) str = str .. pack4str("password") str = str .. pack4str(password) str = str .. string.char (0x00, 0x00) -- add two null on the end return str end --Invokes command over socket and returns the response --@param socket to connect to --@param command to invoke --@param cnt is protocol count --@return status : true if ok; false if bad --@return result : value if status ok, error msg if bad function cmdstr (command,cnt) local str = CASSANDRAREQ .. pack4str (command) str = str .. bin.pack(">I",cnt) str = str .. string.char (0x00) -- add null on the end return str end --Invokes command over socket and returns the response --@param socket to connect to --@param command to invoke --@param cnt is protocol count --@return status : true if ok; false if bad --@return result : value if status ok, error msg if bad function sendcmd (socket, command, cnt) local cmdstr = cmdstr (command,cnt) local response local status, err = socket:send(bin.pack(">I",string.len(cmdstr))) if ( not(status) ) then return false, "error sending packet length" end status, err = socket:send(cmdstr) if ( not(status) ) then return false, "error sending packet payload" end status, response = socket:receive_bytes(4) if ( not(status) ) then return false, "error receiving length" end local _,size = bin.unpack(">I",response,1) if (string.len(response) < size+4 ) then local resp2 status, resp2 = socket:receive_bytes(size+4 - string.len(response)) if ( not(status) ) then return false, "error receiving payload" end response = response .. resp2 end -- magic response starts at 5th byte for 4 bytes, 4 byte for length + length of string commmand if (string.sub(response,5,8+4+string.len(command)) ~= CASSANDRARESP..pack4str(command)) then return false, "protocol response error" end return true, response end --Return Cluster Name --@param socket to connect to --@param cnt is protocol count --@return status : true if ok; false if bad --@return result : value if status ok, error msg if bad function describe_cluster_name (socket,cnt) local cname = "describe_cluster_name" local status,resp = sendcmd(socket,cname,cnt) if (not(status)) then stdnse.print_debug(1, "sendcmd"..resp) return false, "error in communication" end -- grab the size -- pktlen(4) + CASSANDRARESP(4) + lencmd(4) + lencmd(v) + params(7) + next byte position local position = 12+string.len(cname)+7+1 local _,size = bin.unpack(">I",resp,position) -- read the string after the size local value = string.sub(resp,position+4,position+4+size-1) return true, value end --Return API version --@param socket to connect to --@param cnt is protocol count --@return status : true if ok; false if bad --@return result : value if status ok, error msg if bad function describe_version (socket,cnt) local cname = "describe_version" local status,resp = sendcmd(socket,cname,cnt) if (not(status)) then stdnse.print_debug(1, "sendcmd"..resp) return false, "error in communication" end -- grab the size -- pktlen(4) + CASSANDRARESP(4) + lencmd(4) + lencmd(v) + params(7) + next byte position local position = 12+string.len(cname)+7+1 local _,size = bin.unpack(">I",resp,position) -- read the string after the size local value = string.sub(resp,position+4,position+4+size-1) return true, value end --Login to Cassandra --@param socket to connect to --@param username to connect to --@param password to connect to --@return status : true if ok; false if bad --@return result : table of status ok, error msg if bad --@return if status ok : remaining data read from socket but not used function login (socket,username,password) local loginstr = loginstr (username, password) local combo = username..":"..password local status, err = socket:send(bin.pack(">I",string.len(loginstr))) if ( not(status) ) then stdnse.print_debug(3, "cannot send len "..combo) return false, "Failed to connect to server" end status, err = socket:send(loginstr) if ( not(status) ) then stdnse.print_debug(3, "Sent packet for "..combo) return false, err end local response status, response = socket:receive_bytes(22) if ( not(status) ) then stdnse.print_debug(3, "Receive packet for "..combo) return false, err end local _, size = bin.unpack(">I", response, 1) local loginresp = string.sub(response,5,17) if (loginresp ~= CASSANDRARESP..pack4str("login")) then return false, "protocol error" end local magic = string.sub(response,18,22) stdnse.print_debug(3, "packet for "..combo) stdnse.print_debug(3, "packet hex: %s", stdnse.tohex(response) ) stdnse.print_debug(3, "size packet hex: %s", stdnse.tohex(size) ) stdnse.print_debug(3, "magic packet hex: %s", stdnse.tohex(magic) ) if (magic == LOGINSUCC) then return true else return false, "Login failed." end end return _ENV;
[-] iscsi.lua
[edit]
[-] httpspider.lua
[edit]
[-] rmi.lua
[edit]
[-] socks.lua
[edit]
[-] dhcp6.lua
[edit]
[-] sasl.lua
[edit]
[-] drda.lua
[edit]
[+]
data
[-] dhcp.lua
[edit]
[-] omp2.lua
[edit]
[-] ospf.lua
[edit]
[-] ipp.lua
[edit]
[-] pop3.lua
[edit]
[-] netbios.lua
[edit]
[-] pgsql.lua
[edit]
[-] packet.lua
[edit]
[-] rpc.lua
[edit]
[-] xdmcp.lua
[edit]
[-] msrpc.lua
[edit]
[+]
..
[-] eigrp.lua
[edit]
[-] giop.lua
[edit]
[-] afp.lua
[edit]
[-] bjnp.lua
[edit]
[-] match.lua
[edit]
[-] iax2.lua
[edit]
[-] smtp.lua
[edit]
[-] msrpctypes.lua
[edit]
[-] cvs.lua
[edit]
[-] natpmp.lua
[edit]
[-] bitcoin.lua
[edit]
[-] snmp.lua
[edit]
[-] rsync.lua
[edit]
[-] mssql.lua
[edit]
[-] base64.lua
[edit]
[-] ncp.lua
[edit]
[-] base32.lua
[edit]
[-] sip.lua
[edit]
[-] http.lua
[edit]
[-] asn1.lua
[edit]
[-] stun.lua
[edit]
[-] citrixxml.lua
[edit]
[-] nrpc.lua
[edit]
[-] proxy.lua
[edit]
[-] pppoe.lua
[edit]
[-] amqp.lua
[edit]
[-] dns.lua
[edit]
[-] informix.lua
[edit]
[-] tftp.lua
[edit]
[-] sslcert.lua
[edit]
[-] strbuf.lua
[edit]
[-] unpwdb.lua
[edit]
[-] strict.lua
[edit]
[-] vulns.lua
[edit]
[-] jdwp.lua
[edit]
[-] stdnse.lua
[edit]
[-] dnssd.lua
[edit]
[-] mysql.lua
[edit]
[-] rdp.lua
[edit]
[-] mongodb.lua
[edit]
[-] ndmp.lua
[edit]
[-] isns.lua
[edit]
[-] ldap.lua
[edit]
[-] creds.lua
[edit]
[-] tab.lua
[edit]
[-] ftp.lua
[edit]
[-] brute.lua
[edit]
[-] comm.lua
[edit]
[-] ipOps.lua
[edit]
[-] mobileme.lua
[edit]
[-] target.lua
[edit]
[-] rpcap.lua
[edit]
[-] eap.lua
[edit]
[-] cassandra.lua
[edit]
[-] ssh1.lua
[edit]
[-] url.lua
[edit]
[-] datafiles.lua
[edit]
[-] ajp.lua
[edit]
[-] vuzedht.lua
[edit]
[-] nsedebug.lua
[edit]
[-] rtsp.lua
[edit]
[-] shortport.lua
[edit]
[-] bittorrent.lua
[edit]
[-] ssh2.lua
[edit]
[-] msrpcperformance.lua
[edit]
[-] listop.lua
[edit]
[-] dnsbl.lua
[edit]
[-] json.lua
[edit]
[-] redis.lua
[edit]
[-] wsdd.lua
[edit]
[-] tns.lua
[edit]
[-] ike.lua
[edit]
[-] gps.lua
[edit]
[-] versant.lua
[edit]
[-] imap.lua
[edit]
[-] smb.lua
[edit]
[-] smbauth.lua
[edit]
[-] xmpp.lua
[edit]
[-] upnp.lua
[edit]
[-] membase.lua
[edit]
[-] vnc.lua
[edit]
[-] srvloc.lua
[edit]