Chinaunix首页 | 论坛 | 博客
  • 博客访问: 251800
  • 博文数量: 62
  • 博客积分: 1547
  • 博客等级: 上尉
  • 技术积分: 672
  • 用 户 组: 普通用户
  • 注册时间: 2006-01-12 23:46
个人简介

music,code,dialog,rest

文章分类

全部博文(62)

文章存档

2020年(2)

2019年(6)

2018年(4)

2017年(5)

2016年(20)

2015年(4)

2014年(2)

2013年(1)

2012年(1)

2011年(1)

2010年(1)

2009年(2)

2007年(10)

2006年(3)

分类: 网络与安全

2006-04-28 00:09:09

 
       本程序通过pcap读取文件后,将参数指定的password和传输的Radius数据按Radius协议进行MD5计算得出新验证字(Authenticator), 并和数据包中携带的验证字进行对比,来验证Radius协议层的服务器和客户端之间的共享密码。
 
       读取文件后,对数据包解包,数据处理和MD5加密。数据解包方法,主要方式是从RawData到各层的Struct数据结构的Casting。
 
       MD5的加密包,取自国内的某个网页,可能是CSDN,但发现了一些宏定义的问题,修改后也能使用了。
       最后那个是unsigned int8到Hex的转换函数,用来对数据进行HexString的输出。
 
       本工具使用mingw32进行调试和编译。
      

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <pcap.h>
#include <remote-ext.h>
#include "ether.h"
#include "ethertype.h"
#include "ip.h"
#include "ipproto.h"
#include "udp.h"
#include "radius.h"
#include "md5lib.h"

#define LINE_LEN 16

#define    SWAPLONG(y) \
((((y)&0xff)<<24) | (((y)&0xff00)<<8) | (((y)&0xff0000)>>8) | (((y)>>24)&0xff))

#define    SWAPSHORT(y) \
    ( (((y)&0xff)<<8) | ((u_short)((y)&0xff00)>>8) )

#define PRINT_HEX(bytes_len, ptr_data) \
           while(bytes_len) \
           { \
              printf("%02X", *ptr_data ); \
              ptr_data++; \
              bytes_len--; \
              if(bytes_len>0){ \
                  printf("%02X ",*ptr_data); \
                  ptr_data++; \
                  bytes_len--; \
              } \
           } \

//#define SUBSTR(a,b,c)


void dispatcher_handler(u_char *, const struct pcap_pkthdr *, const u_char *);
void radauth(const struct radhdr *, const u_char *, u_char *, u_char *);
u_char * itoh(u_int8_t);

    const struct ether_hdr *eth_hdr; /* The ethernet header */
    const struct ip *ip_hdr; /* The IP header */
    const struct udphdr *udp_hdr; /* The UDP header */
    const struct radhdr *rad_hdr;
//    const char *payload; /* Packet payload */


    u_int size_ip_hdr;
    u_int size_udp_hdr;
    u_int size_rad_hdr;
    char *pwd;



main(int argc, char **argv)
{
pcap_t *fp;
char errbuf[PCAP_ERRBUF_SIZE];
char source[PCAP_BUF_SIZE];

    if(argc != 3){

        printf("\n usage: %s filename testpass\n\n", argv[0]);
        printf(" Zenith518  \t\t\n");
        printf(" 2006.04.28\n");
        return -1;

    }


    /* Create the source string according to the new WinPcap syntax */
    if ( pcap_createsrcstr( source,
// variable that will keep the source string

                            PCAP_SRC_FILE,
// we want to open a file

                            NULL,
// remote host

                            NULL,
// port on the remote host

                            argv[1],
// name of the file we want to open

                            errbuf
// error buffer

                            ) != 0)
    {
        fprintf(stderr,"\nError creating a source string\n");
        return -1;
    }

    /* Open the capture file */
    if ( (fp= pcap_open(source,
// name of the device

                        65536,
// portion of the packet to capture

                                        
// 65536 guarantees that the whole packet will be captured on all the link layers

                         PCAP_OPENFLAG_PROMISCUOUS,
// promiscuous mode

                         1000,
// read timeout

                         NULL,
// authentication on the remote machine

                         errbuf
// error buffer

                         ) ) == NULL)
    {
        fprintf(stderr,"\nUnable to open the file %s.\n", source);
        return -1;
    }

    
// read and dispatch packets until EOF is reached

    pwd=argv[2];
    printf("\nGrei Zhang(CBC/RBE1), start decoding\n\n");
    pcap_loop(fp, 0, dispatcher_handler, NULL);

    
//system("PAUSE");

    printf("\nNotice: If you are interested, you can send me email!\n");
    
//printf("greizh@sh163.net\n");


    return 0;
}

void dispatcher_handler(u_char *temp1,
                        const struct pcap_pkthdr *header, const u_char *pkt_data)
{
    u_int i=0,
          rad_attr_leng=0,
          validcontid=0;

    const u_char *eth_payload,
                 *ip_payload,
                 *udp_payload,
                 *rad_payload;

    u_char auth[33],
            newauth[33],
            *share;

    share=pwd;


    size_t length;

    eth_hdr = (struct ether_hdr*)(pkt_data);
    eth_payload = pkt_data + ETHER_HDRLEN;

    ip_hdr = (struct ip*)(eth_payload);
    size_ip_hdr = IP_HL(ip_hdr)*4;
    ip_payload = eth_payload + size_ip_hdr;




    if (size_ip_hdr < 20) {
        printf(" * Invalid IP header length: %u bytes\n", size_ip_hdr);
        return;
    }


    /* print pkt timestamp and pkt len */
    printf("%ld:%ld (%ld)", header->ts.tv_sec, header->ts.tv_usec, header->len);


    if (SWAPSHORT(eth_hdr->ether_type) == ETHERTYPE_IP)
    {
        if (ip_hdr->ip_p==IPPROTO_UDP)
        {
            udp_hdr = (struct udphdr*)(ip_payload);
          size_udp_hdr = sizeof(struct udphdr);
           if (size_udp_hdr < 8) {
                printf(" * Invalid UDP header length: %u bytes\n", size_udp_hdr);
             return;
           }
            udp_payload = ip_payload + size_udp_hdr;


            if ((SWAPSHORT(udp_hdr->uh_dport)==RADIUS_NEW_ACCOUNTING_PORT)||
                (SWAPSHORT(udp_hdr->uh_sport)==RADIUS_NEW_ACCOUNTING_PORT))
            {
               rad_hdr=(struct radhdr*)(udp_payload);
               if (rad_hdr->code==RADCMD_ACCOUN_REQ)
               {
                  rad_payload = udp_payload + sizeof(struct radhdr);
                  validcontid=1;
               } else {
                      printf("\nno Radius Acc Req, skipped\n");
                      return;
               }
            } else {
               printf("\nno Radius just skipped\n\n");
               return;
            }
        } else {
            printf("\nno UDP just skipped\n\n");
            return;
        }
    } else {
           printf("\nnot IP packet\n\n");
           return;
    }


    radauth(rad_hdr,rad_payload,share,newauth);
    for(i=0;i<16;i++){
        if(0==i) strcpy(auth,itoh(rad_hdr->auth[i]));
        if(0!=i) strcat(auth,itoh(rad_hdr->auth[i]));
    }

    if( !memcmp(auth,newauth,32)){
        printf("\n\tProvided password matched = %s",share);
    } else {
        printf("\n\tProvided password not matched = %s",share);
    }
    printf("\n\tCalced Radius Authenticator = %s",newauth);
    printf("\n\tRemote Radius Authenticator = %s",auth);
    printf("\n\tRadius Packet Payload Dump =\n");

    length=SWAPSHORT(rad_hdr->rad_length);
    
//printf("\n");

    PRINT_HEX(length,udp_payload);
    printf("\n\n");
}


void radauth(const struct radhdr *header, const u_char *payload,u_char *key,u_char *hash_output)
{
    u_char *rawstring, temp[5], *output,tmp[2];
    u_int i=0,j=0;
    u_int16_t length=0;
    length=SWAPSHORT(header->rad_length);

    temp[0]=header->code;
    temp[1]=header->pkt_id;
    temp[2]=(u_int8_t)((length&0xff)>>8);
    temp[3]=(u_int8_t)(length&0xff);

    
//length=length-20;



    rawstring=(u_char *)malloc(length+strlen(key)+1);
    memcpy(rawstring,temp,4);

    for(j=0;j<16;j++) rawstring[4+j]='\0';

    memcpy(rawstring+20,payload,length-20);
    memcpy(rawstring+length,key,strlen(key));
    output=MDBuffer(rawstring,length+strlen(key));


    memcpy(hash_output,output,33);

    free(rawstring);
    return;
}

u_char *itoh(u_int8_t int1)
{
    static u_char output[3];

    u_int8_t test=int1&0xf;
    if(test<=9)
    {
        output[1]=0x30+test;
    }else output[1]=0x30+0x27+test;

    test=(int1&0xf0)>>4;
    if(test<=9)
    {
        output[0]=0x30+test;
    }else output[0]=0x30+0x27+test;
    output[2]='\0';
    return output;
}


 
md5lib.h 如下:
 
char* MDString  (char *);
/*输入任意一个字符串,经过md5算法处理后,返回结果:一个定长(32个字符)
字符串 */
char * MDBuffer (char *, unsigned int);
/*
    对任意内存区域进行MD5算法计算,并同时给出内存区域长度
*/
char* MDFile  (char *);
/*输入任意一个文件名,文件内容经过md5算法处理后,返回结果:一个定长
(32个字符)字符串 */
char* hmac_md5(char* text, char* key);
/*输入任意一个字符串text,和一个用做密钥的字符串key,经过hmac_md5算法处
理,返回处理结果:一个定长字符串(32个字符)*/
 
 
修正过的 md5lib.c 如下:
 

/* MD5lib.h - md5 library
 */


/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
rights reserved.

RSA Data Security, Inc. makes no representations concerning either
the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is"
without express or implied warranty of any kind.

These notices must be retained in any copies of any part of this
documentation and/or software.
 */


/* The following makes MD default to MD5 if it has not already been
  defined with C compiler flags.
 */



#include <stdio.h>
#include <time.h>
#include <string.h>

#define MD 5

/* GLOBAL.H - RSAREF types and constants
 */


/* PROTOTYPES should be set to one if and only if the compiler supports
  function argument prototyping.
  The following makes PROTOTYPES default to 0 if it has not already
  been defined with C compiler flags.
 */

#ifndef PROTOTYPES
#define PROTOTYPES 0
#endif

/* POINTER defines a generic pointer type */
typedef unsigned char *POINTER;

/* UINT2 defines a two byte word */
typedef unsigned short int UINT2;

/* UINT4 defines a four byte word */
typedef unsigned long int UINT4;

/* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
  returns an empty list.
 */

#if PROTOTYPES
#define PROTO_LIST(list) list
#else
#define PROTO_LIST(list) ()
#endif


 
/* Length of test block, number of test blocks.
 */

#define TEST_BLOCK_LEN 1000
#define TEST_BLOCK_COUNT 1000



/* Constants for MD5Transform routine.
 */

#define S11 7
#define S12 12
#define S13 17
#define S14 22
#define S21 5
#define S22 9
#define S23 14
#define S24 20
#define S31 4
#define S32 11
#define S33 16
#define S34 23
#define S41 6
#define S42 10
#define S43 15
#define S44 21

char* MDString PROTO_LIST ((char *));
char* MDBuffer PROTO_LIST((char *, unsigned int));
char* MDFile PROTO_LIST ((char *));
char* hmac_md5(char* text, char* key);

typedef struct {
  UINT4 state[4]; /* state (ABCD) */
  UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */
  unsigned char buffer[64]; /* input buffer */
} MD5_CTX;

/*void MD5Init PROTO_LIST ((MD5_CTX *));
void MD5Update PROTO_LIST
  ((MD5_CTX *, unsigned char *, unsigned int));
void MD5Final PROTO_LIST ((unsigned char [16], MD5_CT X *));

static void MD5Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
static void Encode PROTO_LIST
  ((unsigned char *, UINT4 *, unsigned int));
static void Decode PROTO_LIST
  ((UINT4 *, unsigned char *, unsigned int));
static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
*/

static unsigned char PADDING[64] = {
  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};

/* F, G, H and I are basic MD5 functions.
 */

#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
#define H(x, y, z) ((x) ^ (y) ^ (z))
#define I(x, y, z) ((y) ^ ((x) | (~z)))

/* ROTATE_LEFT rotates x left n bits.
 */

#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))

/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
Rotation is separate from addition to prevent recomputation.
 */

#define FF(a, b, c, d, x, s, ac) \
(a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
 (a) += (b);

#define GG(a, b, c, d, x, s, ac)\
 (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac);\
 (a) = ROTATE_LEFT ((a), (s));\
 (a) += (b);

#define HH(a, b, c, d, x, s, ac) \
 (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
 (a) = ROTATE_LEFT ((a), (s)); \
 (a) += (b);

#define II(a, b, c, d, x, s, ac) \
 (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
 (a) = ROTATE_LEFT ((a), (s)); \
 (a) += (b);

void MD5Init (MD5_CTX *context);
void MD5Update(MD5_CTX *context, unsigned char *input,unsigned int inputLen);

void MD5Final (unsigned char digest[16], MD5_CTX *context);
static void MD5Transform (UINT4 [4], unsigned char [64]) ;
static void Encode(unsigned char *, UINT4 *, unsigned int);
static void Decode (UINT4 *, unsigned char *, unsigned int);
static void MD5_memcpy(POINTER, POINTER, unsigned int);
static void MD5_memset(POINTER, int, unsigned int);

/* MD5 initialization. Begins an MD5 operation, writing a new context.
 */

void MD5Init (MD5_CTX *context)
                                        /* context */
{
  context->count[0] = context->count[1] = 0;
  
/* Load magic initialization constants.
*/

  context->state[0] = 0x67452301;
  context->state[1] = 0xefcdab89;
  context->state[2] = 0x98badcfe;
  context->state[3] = 0x10325476;
}

/* MD5 block update operation. Continues an MD5 message-digest
  operation, processing another message block, and updating the
  context.
 */

void MD5Update (MD5_CTX *context, unsigned char *input,unsigned int inputLen )
                                         /* context */
                              /* input block */
                     /* length of input block */
{
  unsigned int i, index, partLen;

  /* Compute number of bytes mod 64 */
  index = (unsigned int)((context->count[0] >> 3) & 0x3F);

  /* Update number of bits */
  if ((context->count[0] += ((UINT4)inputLen << 3))
  < ((UINT4)inputLen << 3))
 context->count[1]++;
  context->count[1] += ((UINT4)inputLen >> 29);

  partLen = 64 - index;

  
/* Transform as many times as possible.
*/

  if (inputLen >= partLen) {
 MD5_memcpy
   ((POINTER)&context->buffer[index], (POINTER)input, partLen);
 MD5Transform (context->state, context->buffer);

 for (i = partLen; i + 63 < inputLen; i += 64)
   MD5Transform (context->state, &input[i]);

 index = 0;
  }
  else
 i = 0;

  /* Buffer remaining input */
  MD5_memcpy
 ((POINTER)&context->buffer[index], (POINTER)&input[i],
  inputLen-i);
}

/* MD5 finalization. Ends an MD5 message-digest operation, writing the
  the message digest and zeroizing the context.
 */

void MD5Final (unsigned char digest[16], MD5_CTX *context)
                       /* message digest */
                                        /* context */
{
  unsigned char bits[8];
  unsigned int index, padLen;

  /* Save number of bits */
  Encode (bits, context->count, 8);

  
/* Pad out to 56 mod 64.
*/

  index = (unsigned int)((context->count[0] >> 3) & 0x3f);
  padLen = (index < 56) ? (56 - index) : (120 - index);
  MD5Update (context,(unsigned char*) PADDING, padLen);

  /* Append length (before padding) */
  MD5Update (context, bits, 8);
  /* Store state in digest */
  Encode (digest, context->state, 16);

  
/* Zeroize sensitive information.
*/

  MD5_memset ((POINTER)context, 0, sizeof (*context));
}

/* MD5 basic transformation. Transforms state based on block.
 */

static void MD5Transform (UINT4 state[4],
unsigned char block[64])

{
int i=0;

 UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];

  Decode (x, block, 64);

  /* Round 1 */
  FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
  FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
  FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
  FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
  FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
  FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
  FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
  FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
  FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
  FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
  FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
  FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
  FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
  FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
  FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
  FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */

 /* Round 2 */
  GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
  GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
  GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
  GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
  GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
  GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
  GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
  GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
  GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
  GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
  GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
  GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
  GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
  GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
  GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
  GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */

  /* Round 3 */
  HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
  HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
  HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
  HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
  HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
  HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
  HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
  HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
  HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
  HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
  HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
  HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
  HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
  HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
  HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
  HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */

  /* Round 4 */
  II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
  II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
  II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
  II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
  II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
  II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
  II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
  II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
  II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
  II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
  II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
  II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
  II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
  II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
  II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
  II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */

  state[0] += a;
  state[1] += b;
  state[2] += c;
  state[3] += d;

  
/* Zeroize sensitive information.
  */

  MD5_memset ((POINTER)x, 0, sizeof (x));
}

/* Encodes input (UINT4) into output (unsigned char). Assumes len is
  a multiple of 4.
 */

static void Encode (unsigned char *output,
UINT4 *input,
unsigned int len)

{
  unsigned int i, j;

  for (i = 0, j = 0; j < len; i++, j += 4) {
 output[j] = (unsigned char)(input[i] & 0xff);
 output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
 output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
 output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
  }
}

/* Decodes input (unsigned char) into output (UINT4). Assumes len is
  a multiple of 4.
 */

static void Decode (UINT4 *output,
unsigned char *input,
unsigned int len)

{
  unsigned int i, j;

  for (i = 0, j = 0; j < len; i++, j += 4)
 output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
   (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
}

/* Note: Replace "for loop" with standard memcpy if possible.
 */


static void MD5_memcpy (POINTER output,
POINTER input,
unsigned int len)

{
  unsigned int i;

  for (i = 0; i < len; i++)
  output[i] = input[i];
}

/* Note: Replace "for loop" with standard memset if possible.
 */

static void MD5_memset (POINTER output,
int value,
unsigned int len)

{
  unsigned int i;

  for (i = 0; i < len; i++)
 ((char *)output)[i] = (char)value;
}

/* Digests a string and prints the result.
 */

char* MDString (char *string)

{
  MD5_CTX context;
  unsigned char digest[16];
  char output1[32];
 static char output[33]={""};
  unsigned int len = strlen (string);
  int i;
  MD5Init (&context);
  MD5Update (&context, (unsigned char*)string, len);
  MD5Final (digest, &context);

  for (i = 0; i < 16; i++)
 {sprintf(&(output1[2*i]),"%02x",(unsigned char)digest[i]);
  sprintf(&(output1[2*i+1]),"%02x",(unsigned char)(digest[i]<<4));
  }
  for(i=0;i<32;i++)
  output[i]=output1[i];
  return output;
}

char* MDBuffer (char *string, unsigned int length)

{
  MD5_CTX context;
  unsigned char digest[16];
  char output1[32];
 static char output[33]={""};
  unsigned int len = length;
  int i;
  MD5Init (&context);
  MD5Update (&context, (unsigned char*)string, len);
  MD5Final (digest, &context);

  for (i = 0; i < 16; i++)
 {sprintf(&(output1[2*i]),"%02x",(unsigned char)digest[i]);
  sprintf(&(output1[2*i+1]),"%02x",(unsigned char)(digest[i]<<4));
  }
  for(i=0;i<32;i++)
  output[i]=output1[i];
  return output;
}




/* Digests a file and prints the result.
 */

char* MDFile (char *filename)

{ static char output[33]={""};
  FILE *file;
  MD5_CTX context;
  int len;
  unsigned char buffer[1024], digest[16];
  int i;
  char output1[32];
  if ((file = fopen (filename, "rb")) == NULL)
   { printf ("%s can't be openedn", filename);
    return 0;
   }
  else {
       MD5Init (&context);
     while (len = fread (buffer, 1, 1024, file))
       MD5Update (&context, buffer, len);
    MD5Final (digest, &context);
    fclose (file);
    for (i = 0; i < 16; i++)
     {sprintf(&(output1[2*i]),"%02x",(unsigned char)digest[i]);
        sprintf(&(output1[2*i+1]),"%02x",(unsigned char)(digest[i]<<4));
          }
        for(i=0;i<32;i++)
       output[i]=output1[i];
        return output;
       }
}

char* hmac_md5(char* text,char* key)
{
        char digest[16];
        char output1[32];
         static char output[33]={""};
        MD5_CTX context;
        unsigned char k_ipad[65];
/* inner padding -
                                      * key XORd with ipad
                                      */

        unsigned char k_opad[65];
/* outer padding -
                                      * key XORd with opad
                                      */

        unsigned char tk[16];
        int i;
        int text_len = strlen (text);
        int key_len=strlen(key);
        /* if key is longer than 64 bytes reset it to key=MD5(key) */
        if (key_len > 64) {

                MD5_CTX tctx;

                MD5Init(&tctx);
                MD5Update(&tctx,(unsigned char*) key, key_len);
                MD5Final(tk, &tctx);

                key = (char*)tk;
                key_len = 16;
        }

        
/*
         * the HMAC_MD5 transform looks like:
         *
         * MD5(K XOR opad, MD5(K XOR ipad, text))
         *
         * where K is an n byte key
         * ipad is the byte 0x36 repeated 64 times
         * opad is the byte 0x5c repeated 64 times
         * and text is the data being protected
         */


        /* start out by storing key in pads */

        
/*bzero( k_ipad, sizeof k_ipad);
          bzero( k_opad, sizeof k_opad);
        */


        for(i=0;i<65;i++)
        k_ipad[i]=(unsigned char)0;
        for(i=0;i<65;i++)
        k_opad[i]=(unsigned char)0;

        
/*bcopy( key, k_ipad, key_len);
          bcopy( key, k_opad, key_len);
         */

         for(i=0;i<key_len;i++)
        {k_ipad[i]=(unsigned char)key[i];
         k_opad[i]=(unsigned char)key[i];
         }

        /* XOR key with ipad and opad values */
        for (i=0; i<64; i++) {
                k_ipad[i] ^= 0x36;
                k_opad[i] ^= 0x5c;
        }
        
/*
         * perform inner MD5
         */

        MD5Init(&context);
/* init context for 1st
                                              * pass */

        MD5Update(&context, k_ipad, 64); /* start with inner pad */
        MD5Update(&context, (unsigned char*)text, text_len);
/* then text of datagram

*/

        MD5Final((unsigned char*)digest, &context); /* finish up 1st pass */
        
/*
         * perform outer MD5
         */

        MD5Init(&context);
/* init context for 2nd
                                              * pass */

        MD5Update(&context, k_opad, 64); /* start with outer pad */
        MD5Update(&context,(unsigned char*) digest, 16);
/* then results of 1st
                                              * hash */

        MD5Final((unsigned char*)digest, &context); /* finish up 2nd pass */
        for (i = 0; i < 16; i++)
        {sprintf(&(output1[2*i]),"%02x",(unsigned char)digest[i]);
         sprintf(&(output1[2*i+1]),"%02x",(unsigned char)(digest[i]<<4));
          }
        for(i=0;i<32;i++)
        output[i]=output1[i];
        return output;
}

 
 
zenith 2008/04/05
 
 
 
此工具是本人基于Winpcap软件包开发,使用前请先到上下载winpcap软件包并安装到系统中。
 
工具使用方式,radius.exe <目标文件> <测试密码>
 
当前版本,只接受Radius Account Request的数据包的认证字密码测试。
目标文件为 windump/tcpdump格式的抓包文件。其他格式,可以通过ethereal进行转换后使用。
 
能自动鉴别和过虑其他无用的数据包。
 
文件: radius.zip
大小: 113KB
下载: 下载
 
 
 
詹尼士 2006/4/28
阅读(5744) | 评论(1) | 转发(0) |
给主人留下些什么吧!~~