IKEv1 Parser
<?php | |
define('IND',' '); | |
function hex2bin( $str ) { | |
$sbin = ""; | |
$len = strlen( $str ); | |
for ( $i = 0; $i < $len; $i += 2 ) { | |
$sbin .= pack( "H*", substr( $str, $i, 2 ) ); | |
} | |
return $sbin; | |
} | |
function take(&$str, $num) { | |
$s = substr($str, 0, $num); | |
$str = substr($str, $num); | |
return $s; | |
} | |
function to_int8($bin) { | |
$r = unpack('C', $bin); | |
return $r[1]; | |
} | |
function to_int16($bin) { | |
$r = unpack('n', $bin); | |
return $r[1]; | |
} | |
function read_attributes($str) { | |
$res = array(); | |
while (strlen($str) > 0) { | |
$attrtype = to_int16(take($str, 2)); | |
if ($attrtype & 0x8000) { | |
$attrval = to_int16(take($str, 2)); | |
$attrtype &= ~0x8000; | |
} else { | |
$attrlen = to_int16(take($str, 2)); | |
$attrval = take($str, $attrlen); | |
} | |
$res[] = array($attrtype,$attrval); | |
} | |
return $res; | |
} | |
function def($a,$d) { | |
return (!$a)?$d:$a; | |
} | |
function attr2str($attr) { | |
return join("\n", array_map(function($a) { | |
list($k,$v) = $a; | |
$ks = def(array_search($k, array( | |
'SA Life Type' => 1, | |
'SA Life Duration' => 2, | |
'Group Description' => 3, | |
'Encapsulation Mode' => 4, | |
'Authentication Algorithm' => 5, | |
'Key Length' => 6, | |
'Key Rounds' => 7, | |
'Compress Dictionary Size' => 8, | |
'Compress Private Algorithm' => 9, | |
'ECN Tunnel' => 10, | |
'Extended (64-bit) Sequence Number' => 11, | |
'Authentication Key Length' => 12, | |
'Signature Encoding Algorithm' => 13, | |
'Address Preservation' => 14, | |
'SA Direction' => 15 | |
)), $k); | |
if (is_string($v)) { | |
return $ks.':'.bin2hex($v); | |
} else switch($k) { | |
case 5: | |
$v = def(array_search($v, array( | |
'Reserved' => 0, | |
'HMAC-MD5' => 1, | |
'HMAC-SHA' => 2, | |
'DES-MAC' => 3, | |
'KPDK' => 4, | |
'HMAC-SHA2-256' => 5, | |
'HMAC-SHA2-384' => 6, | |
'HMAC-SHA2-512' => 7, | |
'HMAC-RIPEMD' => 8, | |
'AES-XCBC-MAC' => 9, | |
'SIG-RSA' => 10, | |
'AES-128-GMAC' => 11, | |
'AES-192-GMAC' => 12, | |
'AES-256-GMAC' => 13 | |
)), $v); | |
break; | |
} | |
return $ks.':'.$v; | |
}, $attr)); | |
} | |
function read_transform(&$str) { | |
$last = to_int8(take($str, 1)); | |
$res = to_int8(take($str, 1)); | |
$size = to_int16(take($str, 2)); | |
$tnr = to_int8(take($str, 1)); | |
$tid = to_int8(take($str, 1)); | |
$res2 = to_int16(take($str, 2)); | |
$saattrib = take($str, $size - 8); | |
$attribs = read_attributes($saattrib); | |
$transform = def(array_search($tid,array( | |
'RESERVED' => 0, | |
'ESP_DES_IV64' => 1, | |
'ESP_DES' => 2, | |
'ESP_3DES' => 3, | |
'ESP_RC5' => 4, | |
'ESP_IDEA' => 5, | |
'ESP_CAST' => 6, | |
'ESP_BLOWFISH' => 7, | |
'ESP_3IDEA' => 8, | |
'ESP_DES_IV32' => 9, | |
'ESP_RC4' => 10, | |
'ESP_NULL' => 11, | |
'ESP_AES-CBC' => 12, | |
'ESP_AES-CTR' => 13, | |
'ESP_AES-CCM_8' => 14, | |
'ESP_AES-CCM_12' => 15, | |
'ESP_AES-CCM_16' => 16, | |
'Unassigned' => 17, | |
'ESP_AES-GCM_8' => 18, | |
'ESP_AES-GCM_12' => 19, | |
'ESP_AES-GCM_16' => 20, | |
'ESP_SEED_CBC' => 21, | |
'ESP_CAMELLIA' => 22, | |
'ESP_NULL_AUTH_AES-GMAC' => 23 | |
)),'###'); | |
echo IND."Transform #$tnr: $transform($tid)<br>"; | |
echo IND.IND.str_replace("\n",'<br>'.IND.IND, attr2str($attribs)).'<br>'; | |
return !$last; | |
} | |
function read_proposal(&$str) { | |
$last = to_int8(take($str, 1)); | |
$flag = to_int8(take($str, 1)); | |
$size = to_int16(take($str, 2)); | |
$pnr = to_int8(take($str, 1)); | |
$protoid = to_int8(take($str, 1)); | |
$spisize = to_int8(take($str, 1)); | |
$transforms = to_int8(take($str, 1)); | |
$spi = take($str, $spisize); | |
$protocol = '###'; | |
switch($protoid) { | |
case 0: $protocol='RESERVED'; break; | |
case 1: $protocol='IKE'; break; | |
case 2: $protocol='AH'; break; | |
case 3: $protocol='ESP'; break; | |
default: { | |
if ($protoid >= 4 && $protoid<=200) $protocol='IANA'; | |
if ($protoid >= 201 && $protoid<=255) $protocol='PRIVATE'; | |
} | |
} | |
echo "Proposal #$pnr ($size) $protocol($protoid) with $transforms transforms <br>"; | |
for ($t=0; $t<=$transforms; $t++) { | |
if (read_transform(&$str)) | |
break; | |
} | |
} | |
function run($hexstr) { | |
$hexstr = str_replace(array("\r","\n",' '),'', $hexstr); | |
$bin = hex2bin($hexstr); | |
while ($bin != '') { | |
read_proposal($bin); | |
} | |
} | |
$hex = <<<END | |
00000624 0103042d 22f5f130 03000024 010c0000 80040001 80060100 80050001 | |
80030001 80010001 00020004 00000e10 03000024 020c0000 80040001 80060100 | |
80050002 80030001 80010001 00020004 00000e10 03000024 030c0000 80040001 | |
80060100 80050005 80030001 80010001 00020004 00000e10 03000024 040c0000 | |
80040001 80060100 80050006 80030001 80010001 00020004 00000e10 03000024 | |
050c0000 80040001 80060100 80050007 80030001 80010001 00020004 00000e10 | |
03000024 060c0000 80040001 800600c0 80050001 80030001 80010001 00020004 | |
00000e10 03000024 070c0000 80040001 800600c0 80050002 80030001 80010001 | |
00020004 00000e10 03000024 080c0000 80040001 800600c0 80050005 80030001 | |
80010001 00020004 00000e10 03000024 090c0000 80040001 800600c0 80050006 | |
80030001 80010001 00020004 00000e10 03000024 0a0c0000 80040001 800600c0 | |
80050007 80030001 80010001 00020004 00000e10 03000024 0b0c0000 80040001 | |
80060080 80050001 80030001 80010001 00020004 00000e10 03000024 0c0c0000 | |
80040001 80060080 80050002 80030001 80010001 00020004 00000e10 03000024 | |
0d0c0000 80040001 80060080 80050005 80030001 80010001 00020004 00000e10 | |
03000024 0e0c0000 80040001 80060080 80050006 80030001 80010001 00020004 | |
00000e10 03000024 0f0c0000 80040001 80060080 80050007 80030001 80010001 | |
00020004 00000e10 03000024 10070000 80040001 80060100 80050001 80030001 | |
80010001 00020004 00000e10 03000024 11070000 80040001 80060100 80050002 | |
80030001 80010001 00020004 00000e10 03000024 12070000 80040001 80060100 | |
80050005 80030001 80010001 00020004 00000e10 03000024 13070000 80040001 | |
80060100 80050006 80030001 80010001 00020004 00000e10 03000024 14070000 | |
80040001 80060100 80050007 80030001 80010001 00020004 00000e10 03000024 | |
15070000 80040001 800600c0 80050001 80030001 80010001 00020004 00000e10 | |
03000024 16070000 80040001 800600c0 80050002 80030001 80010001 00020004 | |
00000e10 03000024 17070000 80040001 800600c0 80050005 80030001 80010001 | |
00020004 00000e10 03000024 18070000 80040001 800600c0 80050006 80030001 | |
80010001 00020004 00000e10 03000024 19070000 80040001 800600c0 80050007 | |
80030001 80010001 00020004 00000e10 03000024 1a070000 80040001 80060080 | |
80050001 80030001 80010001 00020004 00000e10 03000024 1b070000 80040001 | |
80060080 80050002 80030001 80010001 00020004 00000e10 03000024 1c070000 | |
80040001 80060080 80050005 80030001 80010001 00020004 00000e10 03000024 | |
1d070000 80040001 80060080 80050006 80030001 80010001 00020004 00000e10 | |
03000024 1e070000 80040001 80060080 80050007 80030001 80010001 00020004 | |
00000e10 03000020 1f030000 80040001 80050001 80030001 80010001 00020004 | |
00000e10 03000020 20030000 80040001 80050002 80030001 80010001 00020004 | |
00000e10 03000020 21030000 80040001 80050005 80030001 80010001 00020004 | |
00000e10 03000020 22030000 80040001 80050006 80030001 80010001 00020004 | |
00000e10 03000020 23030000 80040001 80050007 80030001 80010001 00020004 | |
00000e10 03000020 24060000 80040001 80050001 80030001 80010001 00020004 | |
00000e10 03000020 25060000 80040001 80050002 80030001 80010001 00020004 | |
00000e10 03000020 26060000 80040001 80050005 80030001 80010001 00020004 | |
00000e10 03000020 27060000 80040001 80050006 80030001 80010001 00020004 | |
00000e10 03000020 28060000 80040001 80050007 80030001 80010001 00020004 | |
00000e10 03000020 29020000 80040001 80050001 80030001 80010001 00020004 | |
00000e10 03000020 2a020000 80040001 80050002 80030001 80010001 00020004 | |
00000e10 03000020 2b020000 80040001 80050005 80030001 80010001 00020004 | |
00000e10 03000020 2c020000 80040001 80050006 80030001 80010001 00020004 | |
00000e10 00000020 2d020000 80040001 80050007 80030001 80010001 00020004 | |
00000e10 04000018 d317a53b fdb1d7f0 2f1e5dfd 4429cb9f 83628212 05000064 | |
6859a101 8ad6cc9f f3ea74de 4d89fcd3 98683b82 10ae1878 8727f456 e6043a92 | |
2bafc513 e3c45836 c36dfc17 a4d3ad6e 9b3237bd 098c918c d3f05a5b df68ffce | |
972829d5 47a23f23 4fb605ad e22ed5ab bfd4f556 77390149 efe69dd4 1741b43c | |
0500000c 01000000 8d2ce13b 00000010 04000000 00000000 00000000 | |
END; | |
echo '<code>'; | |
run($hex); | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment