Merge pull request #1 from CoreSecurity/master

update last version

.appveyor.yml

@@ -1,6 +1,6 @@
 # AppVeyor configuration based on https://github.com/guedou/scapy-appveyor/blob/master/appveyor.yml
 
-version: "v0.1.14.dev0-{build}"
+version: "v0.1.15.dev0-{build}"
 
 environment:
 
@@ -26,7 +26,7 @@ install:
   - "%PYTHON%\\python.exe -m pip install Sphinx==1.4.5"
   # Set path
   - "set PYTHONPATH=%APPVEYOR_BUILD_FOLDER%"
-  - "set PATH=%APPVEYOR_BUILD_FOLDER%;%PATH%"
+  - "set PATH=%APPVEYOR_BUILD_FOLDER%;%PYTHON%;%PYTHON%\\Scripts;%PATH%"
   # Copy WinPcap libraries so scapy can found them
   - "copy C:\\Windows\\System32\\Npcap\\wpcap.dll %APPVEYOR_BUILD_FOLDER%"
   - "copy C:\\Windows\\System32\\Npcap\\packet.dll %APPVEYOR_BUILD_FOLDER%"

.travis.yml

@@ -2,6 +2,9 @@
 
 language: python
 
+dist: trusty
+sudo: false
+
 matrix:
     include:
         - os: linux
@@ -17,18 +20,19 @@ matrix:
         - os: osx
           language: generic
 
-sudo: false
-
 addons:
     apt:
         packages:
             - pandoc
             - texlive-base
 
 before_script:
-  # Install system requirements for OSX (pylibpcap and libdnet)
-  - if [ ${TRAVIS_OS_NAME} == "osx" ]; then brew install --with-python libdnet; fi
-  - if [ ${TRAVIS_OS_NAME} == "osx" ]; then brew install https://raw.githubusercontent.com/secdev/scapy/master/.travis/pylibpcap.rb; fi
+  # Install system requirements for OSX (pylibpcap, libdnet and pandoc)
+  - if [ ${TRAVIS_OS_NAME} == "osx" ]; then
+      brew install --with-python libdnet;
+      brew install https://raw.githubusercontent.com/secdev/scapy/master/.travis/pylibpcap.rb;
+      brew install pandoc;
+    fi
 
 install:
   - pip install .

ChangeLog.md

@@ -2,9 +2,20 @@ Changelog
 =========
 
 
-v0.1.14 - XXXX-XX-XX
+v0.1.15 - 2017-XX-XX
 --------------------
 
+- `bin/pysapcar`: Added options for creating a new archive and appending files to an existing one.
+- `pysap/SAPMS.py`: Added Message Server Domain field, MS J2EE Cluster/Header/Service packets. Thanks Albert Zedlitz!
+- `examples/rfc_monitor.py`: Added `noop` command in the monitor and version command line option.
+- `examples/ms_*.py`: Added command line option to specify Message Server Domain.
+
+
+v0.1.14 - 2017-10-04
+--------------------
+
+- Added initial support for handling SNC frames and some of their fields.
+- `pysap/SAPNC.py`: Added fields for SNCFrames and helper wrapper/unwrapper functions.
 - `pysap/SAPRouter.py`: Fixed route request for more than one SAP Router when using the native proxy.
 - `pysap/SAPRouter.py`: Allow route strings to use lowercase separator chars (e.g. "/h/host/s/port").
 - `pysap/SAPRouter.py`: Allow a `SAPRoutedStreamSocket` to bypass the NI layer if no route was specified but talk mode
@@ -16,8 +27,12 @@ v0.1.14 - XXXX-XX-XX
 - `examples/diag_login_screen_info.py`: Script was improved by better printing technical information and
   outputting login screen text items (language, input fields, login text) ([\#14](https://github.com/CoreSecurity/pysap/pull/14)).
   Thanks [@gelim](https://github.com/gelim)!.
+- `examples/diag_login_brute_force.py`: Script was improved to handle currently logged in users
+  ([\#16](https://github.com/CoreSecurity/pysap/pull/16)). Thanks [@hnzlmnn](https://github.com/hnzlmnn)!.
 - `example/router/admin.py`: Improved client list table display and fixed timestamps ([\#12](https://github.com/CoreSecurity/pysap/issues/12)).
   Thanks [@gelim](https://github.com/gelim)!.
+- `examples/ms_dump_param.py`: New example script to list Message Server parameters and check them against a list of
+  expected values ([\#15](https://github.com/CoreSecurity/pysap/pull/15)). Thanks [@iggy38](https://github.com/iggy38)!
 - `examples/ms_dos_exploit.py`: New example script to check for [CVE-2017-5997](https://erpscan.com/advisories/erpscan-16-038-sap-message-server-http-remote-dos/)
   DoS vulnerability on Message Server and fixed at [SAP Note 2358972](https://launchpad.support.sap.com/#/notes/2358972)
   ([\#10](https://github.com/CoreSecurity/pysap/pull/10)). Thanks [@vah13](https://github.com/vah13) and [@gelim](https://github.com/gelim)!

MANIFEST.in

@@ -3,6 +3,7 @@ include ChangeLog.md
 include COPYING
 include README.md
 include requirements.txt
+include requirements-docs.txt
 include requirements-optional.txt
 
 # Include header files

README.md

@@ -4,13 +4,12 @@ pysap - Python library for crafting SAP's network protocols packets
 [![Build Status](https://travis-ci.org/CoreSecurity/pysap.svg?branch=master)](https://travis-ci.org/CoreSecurity/pysap)
 [![Build status](https://ci.appveyor.com/api/projects/status/189ohb2wsqjwgkbw?svg=true)](https://ci.appveyor.com/project/CoreSecurity/pysap)
 [![Code Health](https://landscape.io/github/CoreSecurity/pysap/master/landscape.svg)](https://landscape.io/github/CoreSecurity/pysap/master)
-[![Code Issues](http://www.quantifiedcode.com/api/v1/project/53b997e2c9054c5ab44782614c572358/badge.svg)](http://www.quantifiedcode.com/app/project/53b997e2c9054c5ab44782614c572358)
 [![Latest Version](https://img.shields.io/pypi/v/pysap.svg)](https://pypi.python.org/pypi/pysap/)
 [![Documentation Status](http://readthedocs.org/projects/pysap/badge/?version=latest)](http://pysap.readthedocs.io/en/latest/?badge=latest)
 
 Copyright (C) 2012-2017 by Martin Gallo, Core Security
 
-Version 0.1.14.dev0 (XXX 2017)
+Version 0.1.15.dev0 (XXX 2017)
 
 
 Overview
@@ -79,21 +78,23 @@ more details.
 Authors
 -------
 
-The library was designed and developed by Martin Gallo from the Security
-Consulting Services team of Core Security.
+The library was designed and developed by Martin Gallo from Core Security's CoreLabs.
 
 ### Contributors ###
 
 Contributions made by:
 
-  * Florian Grunow
+  * Florian Grunow ([@0x79](https://twitter.com/0x79))
   * Scott Walsh ([@invisiblethreat](https://github.com/invisiblethreat))
   * Joris van de Vis ([@jvis](https://twitter.com/jvis))
   * Victor Portal Gonzalez
   * Dmitry Yudin ([@ret5et](https://github.com/ret5et))
   * Hans-Christian Esperer ([@hce](https://github.com/hce))
   * Vahagn Vardanyan ([@vah13](https://github.com/vah13))
   * Mathieu Geli ([@gelim](https://github.com/gelim))
+  * Yvan Genuer ([@iggy38](https://github.com/iggy38))
+  * Malte Heinzelmann ([@hnzlmnn](https://github.com/hnzlmnn))
+  * Albert Zedlitz
 
 
 Contact

bin/pysapcar

@@ -39,11 +39,17 @@ except ImportError:
 
 pysapcar_usage = """Usage:
 
+create archive with specified files:
+pysapcar -c[v][f archive] [file1 file2 [/n filename] ...]
+
 list the contents of an archive:
 pysapcar -t[v][f archive] [file1 file2 ...]
 
 extract files from an archive:
-pysapcar -x[v][f archive] [file1 file2....]
+pysapcar -x[v][f archive] [file1 file2 ...]
+
+append files to an archive:
+pysapcar -a[v][f archive] [file1 file2 [/n filename] ...]
 
 """
 
@@ -71,8 +77,10 @@ class PySAPCAR(object):
         parser = OptionParser(usage=pysapcar_usage, description=description, epilog=epilog)
 
         # Commands
+        parser.add_option("-c", dest="create", action="store_true", help="Create archive with specified files")
         parser.add_option("-x", dest="extract", action="store_true", help="Extract files from an archive")
         parser.add_option("-t", dest="list", action="store_true", help="List the contents of an archive")
+        parser.add_option("-a", dest="append", action="store_true", help="Append files to an archive")
         parser.add_option("-f", dest="filename", help="Archive filename", metavar="FILE")
 
         misc = OptionGroup(parser, "Misc options")
@@ -111,6 +119,10 @@ class PySAPCAR(object):
         # Check the mode the archive file should be opened
         if options.list or options.extract:
             self.mode = "r"
+        elif options.create:
+            self.mode = "w"
+        elif options.append:
+            self.mode = "r+"
         else:  # default to read mode
             self.mode = "r"
 
@@ -128,7 +140,9 @@ class PySAPCAR(object):
 
         # Execute the action
         try:
-            if options.list:
+            if options.create or options.append:
+                self.append(options, args)
+            elif options.list:
                 self.list(options, args)
             elif options.extract:
                 self.extract(options, args)
@@ -164,6 +178,35 @@ class PySAPCAR(object):
         for filename in files:
             yield filename
 
+    def append(self, options, args):
+        """Appends a file to the archive file.
+        """
+
+        if len(args) < 1:
+            self.logger.error("pysapcar: no files specified for appending")
+            return
+
+        # Open the archive file
+        sapcar = self.open_archive()
+        if not sapcar:
+            return
+
+        while len(args):
+            filename = filename_in_archive = args.pop(0)
+
+            print args
+            if len(args) >= 2 and args[0] == "/n":
+                args.pop(0)
+                filename_in_archive = args.pop(0)
+
+            sapcar.add_file(filename, archive_filename=filename_in_archive)
+            if filename != filename_in_archive:
+                self.logger.info("d %s (original name %s)", filename_in_archive, filename)
+            else:
+                self.logger.info("d %s", filename)
+
+        sapcar.write()
+
     def list(self, options, args):
         """List files inside the archive file and print their
         attributes: permissions, size, timestamp and filename.

docs/dev/index.rst

@@ -29,13 +29,25 @@ The build process requires several packages and libraries to be available. The o
 
 For example, installation on a Ubuntu box would require the following commands::
 
-   $ sudo apt install pandoc texlive-base
+    $ sudo apt install pandoc texlive-base
 
 Python packages can be installed using ::
 
     $ pip install pysap[docs]
 
 
+Notebooks
+---------
+
+Documentation include a graphical representation of the most commonly used protocol packets and file formats. This
+graphical representations are built using `Scapy <http://www.secdev.org/projects/scapy/>`_,
+`The Jupyter Notebook <https://ipython.org/notebook.html>`_ , `nbconvert <https://github.com/jupyter/nbconvert>`_ and
+`nbsphinx <https://github.com/spatialaudio/nbsphinx/>`_.
+
+Jupyter notebooks containig the protocol packets' representation can be re-build using the following command::
+
+   $ python setup.py notebooks
+
 
 Code contributions
 ------------------