WIP JSONRPC2 implementation
This commit is contained in:
committed by
Brendan Le Glaunec
parent
5a8417cf18
commit
6ea4f6e123
@@ -0,0 +1,58 @@
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package jsonrpc2
|
||||
|
||||
// http://www.jsonrpc.org/specification
|
||||
const (
|
||||
ParseError = -32700 // Invalid JSON was received by the server. An error occurred on the server while parsing the JSON text.
|
||||
InvalidRequest = -32600 // The JSON sent is not a valid Request object.
|
||||
MethodNotFound = -32601 // The method does not exist / is not available.
|
||||
InvalidParams = -32602 // Invalid method parameter(s).
|
||||
InternalError = -32603 // Internal JSON-RPC error.
|
||||
)
|
||||
|
||||
const (
|
||||
// ParseErrorMessage is the message associated with the ParseError error
|
||||
ParseErrorMessage = "Parse error"
|
||||
// InvalidRequestMessage is the message associated with the InvalidRequest error
|
||||
InvalidRequestMessage = "Invalid Request"
|
||||
// MethodNotFoundMessage is the message associated with the MethodNotFound error
|
||||
MethodNotFoundMessage = "Method not found"
|
||||
// InvalidParamsMessage is the message associated with the InvalidParams error
|
||||
InvalidParamsMessage = "Invalid params"
|
||||
// InternalErrorMessage is the message associated with the InternalError error
|
||||
InternalErrorMessage = "Internal error"
|
||||
)
|
||||
|
||||
// Request represents a JSONRPC request
|
||||
type Request struct {
|
||||
JSONRPC string `json:"jsonrpc" validate:"eq=2.0"`
|
||||
Method string `json:"method" validate:"required"`
|
||||
Params string `json:"params" validate:"required"`
|
||||
ID string `json:"id"`
|
||||
}
|
||||
|
||||
// Response represents a JSONRPC response
|
||||
type Response struct {
|
||||
JSONRPC string `json:"jsonrpc" validate:"eq=2.0"`
|
||||
Result string `json:"result"`
|
||||
Error Error `json:"error"`
|
||||
ID string `json:"id"`
|
||||
}
|
||||
|
||||
// Error represents a JSONRPC response's error
|
||||
type Error struct {
|
||||
Code int `json:"code"`
|
||||
Message string `json:"message"`
|
||||
Data string `json:"data"`
|
||||
}
|
||||
@@ -0,0 +1,110 @@
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package service
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"github.com/EtixLabs/cameradar"
|
||||
"github.com/EtixLabs/cameradar/server/adaptor/jsonrpc2"
|
||||
v "gopkg.in/go-playground/validator.v9"
|
||||
)
|
||||
|
||||
func (c *Cameradar) handleRequest(message string) {
|
||||
var ret []cmrdr.Stream
|
||||
var JSONRPCErr jsonrpc2.Error
|
||||
|
||||
var request jsonrpc2.Request
|
||||
err := json.Unmarshal([]byte(message), &request)
|
||||
if err != nil {
|
||||
JSONRPCErr = jsonrpc2.Error{
|
||||
Code: jsonrpc2.ParseError,
|
||||
Message: jsonrpc2.ParseErrorMessage,
|
||||
Data: err.Error(),
|
||||
}
|
||||
}
|
||||
|
||||
validate := v.New()
|
||||
err = validate.Struct(request)
|
||||
if err != nil {
|
||||
JSONRPCErr = jsonrpc2.Error{
|
||||
Code: jsonrpc2.InvalidRequest,
|
||||
Message: jsonrpc2.InvalidRequestMessage,
|
||||
Data: err.Error(),
|
||||
}
|
||||
}
|
||||
|
||||
var options Options
|
||||
err = json.Unmarshal([]byte(request.Params), &options)
|
||||
if err != nil {
|
||||
JSONRPCErr = jsonrpc2.Error{
|
||||
Code: jsonrpc2.InvalidParams,
|
||||
Message: jsonrpc2.InvalidParamsMessage,
|
||||
Data: err.Error(),
|
||||
}
|
||||
}
|
||||
|
||||
c.SetOptions(options)
|
||||
|
||||
switch request.Method {
|
||||
case "discover":
|
||||
ret, err = c.Discover()
|
||||
case "attack_credentials":
|
||||
ret, err = c.Discover()
|
||||
case "attack_routes":
|
||||
ret, err = c.Discover()
|
||||
case "discover_and_attack":
|
||||
ret, err = c.DiscoverAndAttack()
|
||||
default:
|
||||
JSONRPCErr = jsonrpc2.Error{
|
||||
Code: jsonrpc2.MethodNotFound,
|
||||
Message: jsonrpc2.MethodNotFoundMessage,
|
||||
Data: err.Error(),
|
||||
}
|
||||
}
|
||||
if err != nil {
|
||||
JSONRPCErr = jsonrpc2.Error{
|
||||
Code: jsonrpc2.InternalError,
|
||||
Message: jsonrpc2.InternalErrorMessage,
|
||||
Data: err.Error(),
|
||||
}
|
||||
}
|
||||
|
||||
result, err := json.Marshal(ret)
|
||||
if err != nil {
|
||||
JSONRPCErr = jsonrpc2.Error{
|
||||
Code: jsonrpc2.InternalError,
|
||||
Message: jsonrpc2.InternalErrorMessage,
|
||||
Data: err.Error(),
|
||||
}
|
||||
}
|
||||
c.respondToClient(string(result), request.ID, JSONRPCErr)
|
||||
}
|
||||
|
||||
func (c *Cameradar) respondToClient(result, ID string, JSONRPCErr jsonrpc2.Error) {
|
||||
println(result)
|
||||
r := jsonrpc2.Response{
|
||||
JSONRPC: "2.0",
|
||||
Result: result,
|
||||
Error: JSONRPCErr,
|
||||
ID: ID,
|
||||
}
|
||||
|
||||
response, err := json.Marshal(r)
|
||||
if err != nil {
|
||||
c.toClient <- "{\"jsonrpc\": \"2.0\",\"result\":null,\"error\":{\"code\":" + fmt.Sprint(jsonrpc2.InternalError) + ",\"" + jsonrpc2.InternalErrorMessage + "\",\"data\":\"could not marshal response\"},\"id\":\"" + ID + "\"}"
|
||||
}
|
||||
|
||||
c.toClient <- string(response)
|
||||
}
|
||||
+37
-31
@@ -13,7 +13,6 @@
|
||||
package service
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
@@ -31,12 +30,6 @@ type Cameradar struct {
|
||||
fromClient <-chan string
|
||||
}
|
||||
|
||||
type request struct {
|
||||
Method string
|
||||
Target string
|
||||
Ports string
|
||||
}
|
||||
|
||||
// Options contains all options needed to launch a complete cameradar scan
|
||||
type Options struct {
|
||||
Target string
|
||||
@@ -84,56 +77,69 @@ func (c *Cameradar) Run() {
|
||||
for {
|
||||
msg, ok := <-c.fromClient
|
||||
if !ok {
|
||||
println("disconnected")
|
||||
println("client disconnected")
|
||||
return
|
||||
}
|
||||
go c.handleRequest(msg)
|
||||
}
|
||||
}
|
||||
|
||||
var req request
|
||||
err := json.Unmarshal([]byte(msg), &req)
|
||||
if err != nil {
|
||||
c.toClient <- "invalid request: " + err.Error()
|
||||
continue
|
||||
}
|
||||
|
||||
switch req.Method {
|
||||
case "discover":
|
||||
c.toClient <- "<discover results>"
|
||||
case "attack":
|
||||
c.toClient <- "<attack results>"
|
||||
default:
|
||||
c.toClient <- "invalid method: " + req.Method
|
||||
// DiscoverAndAttack launches a Cameradar scan followed by all necessary
|
||||
// attacks to access the cameras
|
||||
func (c *Cameradar) DiscoverAndAttack() ([]cmrdr.Stream, error) {
|
||||
streams, err := c.Discover()
|
||||
if err != nil {
|
||||
return streams, err
|
||||
}
|
||||
streams, err = c.AttackRoute()
|
||||
if err != nil {
|
||||
return streams, err
|
||||
}
|
||||
streams, err = c.AttackCredentials()
|
||||
if err != nil {
|
||||
return streams, err
|
||||
}
|
||||
for _, stream := range streams {
|
||||
if stream.RouteFound == false {
|
||||
return c.AttackCredentials()
|
||||
}
|
||||
}
|
||||
return streams, nil
|
||||
}
|
||||
|
||||
// Discover launches a Cameradar scan using the service's options
|
||||
func (c *Cameradar) Discover() error {
|
||||
func (c *Cameradar) Discover() ([]cmrdr.Stream, error) {
|
||||
streams, err := cmrdr.Discover(c.options.Target, c.options.Ports, c.options.OutputFile, c.options.Speed, true)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not discover streams")
|
||||
return streams, errors.Wrap(err, "could not discover streams")
|
||||
}
|
||||
c.Streams = streams
|
||||
return nil
|
||||
return streams, nil
|
||||
}
|
||||
|
||||
// AttackRoute launches a Cameradar route attack using the service's options
|
||||
func (c *Cameradar) AttackRoute() error {
|
||||
func (c *Cameradar) AttackRoute() ([]cmrdr.Stream, error) {
|
||||
streams, err := cmrdr.AttackRoute(c.Streams, c.options.Routes, c.options.Timeout, true)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not discover streams")
|
||||
return streams, errors.Wrap(err, "could not discover streams")
|
||||
}
|
||||
c.Streams = streams
|
||||
return nil
|
||||
return streams, nil
|
||||
}
|
||||
|
||||
// AttackCredentials launches a Cameradar credential attack using the service's options
|
||||
func (c *Cameradar) AttackCredentials() error {
|
||||
func (c *Cameradar) AttackCredentials() ([]cmrdr.Stream, error) {
|
||||
streams, err := cmrdr.AttackCredentials(c.Streams, c.options.Credentials, c.options.Timeout, true)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not discover streams")
|
||||
return streams, errors.Wrap(err, "could not discover streams")
|
||||
}
|
||||
c.Streams = streams
|
||||
return nil
|
||||
return streams, nil
|
||||
}
|
||||
|
||||
// SetOptions sets all options using an option structure
|
||||
func (c *Cameradar) SetOptions(options Options) {
|
||||
c.options = &options
|
||||
}
|
||||
|
||||
// SetNmapOutputFile sets the OutputFile option
|
||||
|
||||
Reference in New Issue
Block a user