internal override void DataReceived(object sender, DataReceivedEventArgs e)
{
switch (int.Parse(Exts.GetDataAsString(e.Data, 0, 1)))
{
case (int)BootMessageType.Request:
#region "BOTP - Request"
using (var request = new DHCPPacket(e.Data))
{
request.Type = e.Type;
var optvalue = Exts.GetOptionValue(e.Data, DHCPOptionEnum.Vendorclassidentifier);
if (optvalue.Length < 1 || optvalue[0] == byte.MaxValue || e.Data[0] != (byte)BootMessageType.Request)
return;
var cguid = Exts.GetOptionValue(request.Data, DHCPOptionEnum.GUID);
if (cguid.Length == 1)
return;
var guid = Guid.Parse(Exts.GetGuidAsString(cguid, cguid.Length, true));
var clientMAC = Exts.GetDataAsString(request.MacAddress, 0, request.MACAddresslength);
var clientTag = "{0}-{1}".F(guid, clientMAC);
if (!Clients.ContainsKey(clientTag))
Clients.Add(clientTag, new DHCPClient(guid, clientMAC, request.Type, e.RemoteEndpoint));
else
{
Clients[clientTag].Type = request.Type;
Clients[clientTag].EndPoint = e.RemoteEndpoint;
}
var c = Clients[clientTag];
switch (request.MessageType)
{
case DHCPMsgType.Request:
if (e.RemoteEndpoint.Address != IPAddress.None)
this.Handle_DHCP_Request(request, ref c);
break;
case DHCPMsgType.Discover:
this.Handle_DHCP_Request(request, ref c);
break;
case DHCPMsgType.Release:
if (Clients.ContainsKey(clientTag))
Clients.Remove(clientTag);
break;
default:
return;
}
}
#endregion
break;
case (int)BootMessageType.RISRequest:
#region "RIS - Request"
var packet = new RISPacket(e.Data);
var client = new RISClient(e.RemoteEndpoint);
switch (packet.RequestType)
{
case "RQU":
case "REQ":
packet.OPCode = packet.RequestType == "REQ" ? RISOPCodes.REQ : RISOPCodes.RQU;
this.Handle_RIS_Request(packet, ref client, packet.RequestType == "REQ" ? true : false);
break;
case "NEG":
case "AUT":
packet.OPCode = packet.RequestType == "NEG" ? RISOPCodes.NEG : RISOPCodes.AUT;
this.Handle_RIS_Request(packet, ref client);
break;
case "NCQ":
packet.OPCode = RISOPCodes.NCQ;
this.Handle_RIS_Request(packet, ref client);
break;
default:
Errorhandler.Report(LogTypes.Info, "Got Unknown RIS Packet ({0})".F(packet.RequestType));
break;
}
#endregion
break;
case (int)BootMessageType.RISReply:
default:
break;
}
}
public void Handle_RIS_Request(RISPacket packet, ref RISClient client, bool encrypted = false)
{
var challenge = "rootroot";
var ntlmssp = new NTLMSSP("root", challenge);
var flags = ntlmssp.Flags;
switch (packet.OPCode)
{
case RISOPCodes.REQ:
return;
case RISOPCodes.RQU:
#region "OSC File Request"
var data = this.ReadOSCFile(packet.FileName, encrypted, encrypted ? this.ntlmkey : null);
var rquResponse = new RISPacket(new byte[(data.Length + 40)]);
if (!encrypted)
rquResponse.RequestType = "RSU";
else
rquResponse.RequestType = "RSP";
rquResponse.Orign = 130;
Array.Copy(packet.Data, 8, rquResponse.Data, 8, 28);
rquResponse.Offset = 36;
Array.Copy(data, 0, rquResponse.Data, rquResponse.Offset, data.Length);
rquResponse.Offset += data.Length;
rquResponse.Length = data.Length + 36;
this.Send(ref rquResponse, client.Endpoint);
#endregion
break;
case RISOPCodes.NCQ:
#region "Driver Query"
var ncq_packet = Functions.Unpack_Packet(packet.Data);
var sysfile = string.Empty;
var service = string.Empty;
var bus = string.Empty;
var characs = string.Empty;
var vendorid = new byte[2];
Array.Copy(ncq_packet, 28, vendorid, 0, vendorid.Length);
Array.Reverse(vendorid);
var deviceid = new byte[2];
Array.Copy(ncq_packet, 30, deviceid, 0, deviceid.Length);
Array.Reverse(deviceid);
var vid = Exts.GetDataAsString(vendorid, 0, vendorid.Length);
var pid = Exts.GetDataAsString(deviceid, 0, deviceid.Length);
Functions.FindDrv(Settings.DriverFile, vid, pid,
out sysfile, out service, out bus, out characs);
if (sysfile != string.Empty && service != string.Empty)
{
var drv = Encoding.Unicode.GetBytes(sysfile);
var svc = Encoding.Unicode.GetBytes(service);
var pciid = Encoding.Unicode.GetBytes("PCI\\VEN_{0}&DEV_{1}".F(vid, pid));
var ncr_packet = new RISPacket(new byte[512]);
ncr_packet.RequestType = "NCR";
ncr_packet.Orign = 130;
ncr_packet.Offset = 8;
/* Result */
var ncr_res = BitConverter.GetBytes((int)0x00000000);
Array.Reverse(ncr_res);
Array.Copy(ncr_res, 0, ncr_packet.Data, ncr_packet.Offset, ncr_res.Length);
ncr_packet.Offset += ncr_res.Length;
/* Type */
var type = BitConverter.GetBytes((int)0x02000000);
Array.Reverse(type);
Array.Copy(type, 0, ncr_packet.Data, ncr_packet.Offset, type.Length);
ncr_packet.Offset += type.Length;
/* Offset of PCI ID*/
var pciid_offset = BitConverter.GetBytes(0x24000000);
Array.Reverse(pciid_offset);
Array.Copy(pciid_offset, 0, ncr_packet.Data, ncr_packet.Offset, pciid_offset.Length);
ncr_packet.Offset += pciid_offset.Length;
/* Offset of FileName*/
var driver_offset = BitConverter.GetBytes(0x50000000);
Array.Reverse(driver_offset);
Array.Copy(driver_offset, 0, ncr_packet.Data, ncr_packet.Offset, driver_offset.Length);
ncr_packet.Offset += driver_offset.Length;
/* Offset of Service */
var service_offset = BitConverter.GetBytes(0x68000000);
Array.Reverse(service_offset);
Array.Copy(service_offset, 0, ncr_packet.Data, ncr_packet.Offset, service_offset.Length);
ncr_packet.Offset += service_offset.Length;
var description = Functions.ParameterlistEntry("Description", "2", "RIS Network Card");
var characteristics = Functions.ParameterlistEntry("Characteristics", "1", characs);
var bustype = Functions.ParameterlistEntry("BusType", "1", bus);
var pl_length = description.Length + characteristics.Length + bustype.Length;
var pl_size = BitConverter.GetBytes(pl_length);
/* Length of Parameters */
Array.Copy(pl_size, 0, ncr_packet.Data, ncr_packet.Offset, pl_size.Length);
ncr_packet.Offset += pl_size.Length;
/* Offset of Parameters */
var pl_offset = BitConverter.GetBytes(0x74000000);
Array.Reverse(pl_offset);
Array.Copy(pl_offset, 0, ncr_packet.Data, ncr_packet.Offset, pl_offset.Length);
ncr_packet.Offset += pl_offset.Length;
/* PCI ID */
Array.Copy(pciid, 0, ncr_packet.Data, ncr_packet.Offset, 41);
ncr_packet.Offset = 80;
/* FileName */
Array.Copy(drv, 0, ncr_packet.Data, ncr_packet.Offset, drv.Length);
ncr_packet.Offset += drv.Length + 2;
/* Service */
Array.Copy(svc, 0, ncr_packet.Data, ncr_packet.Offset, svc.Length);
ncr_packet.Offset += svc.Length + 2;
Array.Copy(description, 0, ncr_packet.Data, ncr_packet.Offset, description.Length);
ncr_packet.Offset += description.Length + 1;
Array.Copy(characteristics, 0, ncr_packet.Data, ncr_packet.Offset, characteristics.Length);
ncr_packet.Offset += characteristics.Length + 1;
Array.Copy(bustype, 0, ncr_packet.Data, ncr_packet.Offset, bustype.Length);
ncr_packet.Offset += bustype.Length;
ncr_packet.Length = ncr_packet.Offset + 2;
Send(ref ncr_packet, client.Endpoint);
}
#endregion
break;
case RISOPCodes.AUT:
#region "NTLM Authenticate"
var ntlmssp_packet = Functions.Unpack_Packet(packet.Data);
if (packet.Length >= 28)
{
Array.Copy(ntlmssp_packet, ntlmssp_packet[48], this.ntlmkey, 0, ntlmssp_packet[44]);
var resPacket = new RISPacket(new byte[10]);
resPacket.RequestType = "RES";
resPacket.Orign = 130;
resPacket.Offset += 4;
var res = BitConverter.GetBytes(0x00000000);
resPacket.Length = 4;
Array.Copy(res, 0, resPacket.Data, resPacket.Offset, res.Length);
resPacket.Offset += res.Length;
this.Send(ref resPacket, client.Endpoint);
}
#endregion
break;
case RISOPCodes.CHL:
break;
case RISOPCodes.NEG:
#region "NTLM Negotiate"
var msg = NTLMSSP.CreateMessage(NTLMSSP.NTLMMessageType.Challenge, flags, challenge);
var negResponse = new RISPacket(new byte[(8 + msg.Length)]);
negResponse.OPCode = RISOPCodes.CHL;
negResponse.RequestType = "CHL";
negResponse.Orign = 130;
negResponse.Offset = 8;
Array.Copy(msg, 0, negResponse.Data, 8, msg.Length);
negResponse.Offset += msg.Length;
negResponse.Length = negResponse.Offset;
this.Send(ref negResponse, client.Endpoint);
#endregion
break;
default:
break;
}
}