public void Analyze(UdpPacket udpPacket) { NetworkLayerObject credential = this._kerberosParser.Parse(udpPacket); if (credential != null) { // Raise event. this.ParsedItemDetected(this, new ParsedItemDetectedEventArgs() { ParsedItem = credential }); } }
public void Analyze(TcpSession tcpSession) { foreach (var parsrer in this._passwordParsers) { NetworkLayerObject credential = parsrer.Parse(tcpSession); if (credential != null) { // Raise event. this.ParsedItemDetected(this, new ParsedItemDetectedEventArgs() { ParsedItem = credential }); } } }
public NetworkLayerObject Parse(TcpSession tcpSession) { NetworkLayerObject credential = null; var sessionData = Encoding.ASCII.GetString(tcpSession.Data); if ((credential = SearchImapPlaintextLogin(tcpSession, sessionData)) != null) { return(credential); } else if ((credential = SearchImapAuthenticateLogin(tcpSession, sessionData)) != null) { return(credential); } else if ((credential = SearchImapCramMd5Hash(tcpSession, sessionData)) != null) { return(credential); } return(credential); }
public NetworkLayerObject Parse(TcpSession tcpSession) { // TODO: determine the autentication direction NetworkLayerObject credential = null; var sessionData = Encoding.ASCII.GetString(tcpSession.Data); if ((credential = SearchSmtpAuthLogin(tcpSession, sessionData)) != null) { return(credential); } if ((credential = SearchSmtpAuthPlain(tcpSession, sessionData)) != null) { return(credential); } if ((credential = SearchSmtpCramMd5(tcpSession, sessionData)) != null) { return(credential); } return(credential); }
public void AnalyzeGeneric(object item) { NetworkLayerObject credential = null; foreach (var parsrer in this._passwordParsers) { if (item is TcpPacket) { credential = SafeRun(x => parsrer.Parse(x as TcpPacket), item as TcpPacket); } else if (item is TcpSession) { credential = SafeRun(x => parsrer.Parse(x as TcpSession), item as TcpSession); } else if (item is UdpPacket) { credential = SafeRun(x => parsrer.Parse(x as UdpPacket), item as UdpPacket); } else if (item is UdpStream) { // Nothing to do. } else { throw new Exception("Unsupported type for password module"); } if (credential != null) { // Raise event. this.ParsedItemDetected(this, new ParsedItemDetectedEventArgs() { ParsedItem = credential }); } } }