ft/skyscraper8
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Reintroduced old IPv4 packet finding method as a fallback.
Some checks failed
🚀 Pack skyscraper8 / make-zip (push) Failing after 4m6s
Details

Browse Source
This commit is contained in:
feyris-tan 2026-01-10 16:30:53 +01:00
parent 805fafaa75
commit fb34d7d21c
5 changed files with 3369 additions and 3320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
skyscraper8/GS/IPv4PacketBruteforce.cs Normal file
View File

@ -0,0 +1,47 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using log4net;
using log4net.Repository.Hierarchy;
using skyscraper5.Skyscraper;
using skyscraper8.GSE;
namespace skyscraper8.GS
{
internal class IPv4PacketBruteforce : IMisHandler
{
public IPv4PacketBruteforce(GsContextDto context)
{
Context = context ?? throw new ArgumentNullException(nameof(context));
logger = LogManager.GetLogger(String.Format("{0} MIS {1}", System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.Name, context.GetMisId()));
}
private ILog logger;
private bool notified;
public GsContextDto Context { get; set; }
public void PushFrame(BBHeader bbHeader, ReadOnlySpan<byte> readOnlySpan)
{
List<byte[]> packets = IpPacketFinder.LookForIpPackets(readOnlySpan);
if (packets == null)
return;
if (packets.Count == 0)
return;
if (!notified)
{
logger.InfoFormat("Found valid IP traffic on MIS {0}.", Context.GetMisId());
notified = true;
}
foreach (byte[] packet in packets)
{
Context.IpOutput.OnIpDatagram(0x0118, packet);
}
}
}
}

2
skyscraper8/GS/MisHandlerProxy.cs
View File

@ -147,6 +147,8 @@ class MisHandlerProxy : IMisHandler
} }
} }
logger.WarnFormat("MIS {0} has an unknown stream type. The IP packet detection algorithm from older skyscraper8 versions will be used. For further analysis, please consider submitting a sample of this stream.", Context.GetMisId());
misHandler = new IPv4PacketBruteforce(Context);
return false; return false;
} }

6
skyscraper8/Skyscraper/IpPacketFinder.cs
View File

@ -52,7 +52,7 @@ namespace skyscraper5.Skyscraper
return null; return null;
} }
public static List<byte[]> LookForIpPackets(byte[] gsPacket) public static List<byte[]> LookForIpPackets(ReadOnlySpan<byte> gsPacket)
{ {
List<byte[]> result = null; List<byte[]> result = null;
@ -65,7 +65,7 @@ namespace skyscraper5.Skyscraper
if (gsPacket[offset] == 0x45) if (gsPacket[offset] == 0x45)
{ {
Array.Copy(gsPacket, offset, ipBuffer, 0, ipBuffer.Length); ipBuffer = gsPacket.Slice(offset, 20).ToArray();
InternetHeader ipv4 = new(ipBuffer); InternetHeader ipv4 = new(ipBuffer);
if (!ipv4.ChecksumValid) if (!ipv4.ChecksumValid)
continue; continue;
@ -76,7 +76,7 @@ namespace skyscraper5.Skyscraper
int packetLength = payloadEnd - offset; int packetLength = payloadEnd - offset;
byte[] finalPacket = new byte[packetLength]; byte[] finalPacket = new byte[packetLength];
Array.Copy(gsPacket, offset, finalPacket, 0, packetLength); finalPacket = gsPacket.Slice(offset, packetLength).ToArray();
if (result == null) if (result == null)
result = new List<byte[]>(); result = new List<byte[]>();
result.Add(finalPacket); result.Add(finalPacket);

2
skyscraper8/VersionInfo.cs
View File

@ -4,7 +4,7 @@ namespace skyscraper8;
public class VersionInfo public class VersionInfo
{ {
private const int PUBLIC_RELEASE = 16; private const int PUBLIC_RELEASE = 17;
public static int GetPublicReleaseNumber() public static int GetPublicReleaseNumber()
{ {