Rooba
/
scapy
mirror of https://github.com/secdev/scapy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

layers: l2tp: parse L2TPv2 packets correctly 

The current code ignores the header flags which makes every L2TP packets
parse as a data message which includes the optional 'length' field.

Signed-off-by: Speidy <speidy@gmail.com>
This commit is contained in:
Speidy 2018-01-15 20:21:07 +02:00
parent 343303a435
commit f4a7922079
No known key found for this signature in database
GPG Key ID: 8AD32D04337B1F18
1 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
scapy/layers/l2tp.py
View File

@ -16,14 +16,27 @@ from scapy.fields import *
from scapy.layers.inet import UDP from scapy.layers.inet import UDP
from scapy.layers.ppp import PPP from scapy.layers.ppp import PPP
class L2TP(Packet): class L2TP(Packet):
fields_desc = [ ShortEnumField("pkt_type",2,{2:"data"}), name = "L2TP"
ShortField("len", None), fields_desc = [
FlagsField("hdr", 0, 12, ['res00', 'res01', 'res02', 'res03', 'priority', 'offset',
'res06', 'sequence', 'res08', 'res09', 'length', 'control']),
BitEnumField("version", 2, 4, {2: 'L2TPv2'}),
ConditionalField(ShortField("len", 0),
lambda pkt: pkt.hdr & 'control+length'),
ShortField("tunnel_id", 0), ShortField("tunnel_id", 0),
ShortField("session_id", 0), ShortField("session_id", 0),
ShortField("ns", 0), ConditionalField(ShortField("ns", 0),
ShortField("nr", 0), lambda pkt: pkt.hdr & 'sequence+control'),
ShortField("offset", 0) ] ConditionalField(ShortField("nr", 0),
lambda pkt: pkt.hdr & 'sequence+control'),
ConditionalField(
PadField(ShortField("offset", 0), 4, b"\x00"),
lambda pkt: not (pkt.hdr & 'control') and pkt.hdr & 'offset'
)
]
def post_build(self, pkt, pay): def post_build(self, pkt, pay):
if self.len is None: if self.len is None: