vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-05 19:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
2687 commits 9 branches 12 tags 263 MiB
Commit graph

600 commits

Author SHA1 Message Date
Luca Deri
9f431f9218
Merge pull request #985 from lnslbrty/add/SOAP 
Added support for SOAP.
 2020-08-19 21:49:12 +02:00
Toni Uhlig
8e93f48c43
Added support for SOAP. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-08-18 16:21:26 +02:00
Luca Deri
98a9afc40c Added support for discord 2020-08-16 10:01:40 +02:00
Luca Deri
9edddee0b7 Fixes invalid detection on traffic on non standard ports 2020-08-12 11:08:28 +02:00
Luca Deri
d5cac570d6 Improved DGA detection algoritm 2020-08-11 17:13:40 +02:00
Luca Deri
dfa9dd66c0 Added case-insensitive substring matching 2020-08-10 19:36:43 +02:00
Luca Deri
e16675b700 Added new traffic category for connectivity check detection 2020-08-04 18:09:13 +02:00
Luca Deri
a828ac0191 Tiny changes for TLS block lenght dissection 2020-07-29 22:36:27 +02:00
Luca Deri
32bd3d7a59 TLS dissection improvements 2020-07-28 01:06:38 +02:00
Luca Deri
439558f6a3 Improved bin clustering 2020-07-22 23:56:50 +02:00
Luca Deri
879cec94b2 User agent detection improvements 2020-07-21 12:06:34 +02:00
Luca Deri
6e1dcba9dd Indendentation fix 2020-07-16 17:56:37 +02:00
ysk
69ca98ca35 1:add free pointer NULL check;2:fix xbox and teredo protocol detected error when use the commm udp port 3544 2020-07-16 16:07:04 +08:00
ysk
35f1c362b9 add improved boundary check and check malloc return is NULL 2020-07-10 17:49:35 +08:00
Luca Deri
db707e0829
Merge pull request #932 from IvanNardi/log 
Log
 2020-07-07 14:43:32 +02:00
Nardi Ivan
c08693fda5 Incorporated some feedback 2020-07-01 20:16:16 +02:00
Luca Deri
cf9c0b96b8 Indent 2020-06-30 16:25:53 +02:00
Alfredo Cardigliano
ea6332e004 Fix segfault on ndpi_guess_protocol_id with flow = null 2020-06-30 15:54:52 +02:00
Nardi Ivan
d6a97219ea Fix use-after-free in http content parsing 2020-06-28 12:05:12 +02:00
Nardi Ivan
3669c14afd DNP3: add missing initialization 2020-06-28 12:05:12 +02:00
Luca Deri
8566288e43 Added malformed packet risk support 2020-06-26 22:37:52 +02:00
Nardi Ivan
56d87186f7 Fix compilation with --enable-debug-messages flag 
NDPI_LOG* macros dereference ndpi_detection_module_struct object which is
private to ndpi library (via NDPI_LIB_COMPILATION define). So we can't use
them outside the library itself, i.e. in ndpiReader code
Therefore, in files in example/, convert all (rare) uses of NDPI_LOG* macros
to a new very simple macro, private to ndpiReader program. If necessary,
such macro may be improved.

According to a comment in ndpi_define.h, each dissector must define its own
NDPI_CURRENT_PROTO macro before including ndpi_api.h file
 2020-06-26 12:04:02 +02:00
Toni Uhlig
6a9f5e4f7c
Fixed use after free caused by dangling pointer 
* This fix also improved RCE Injection detection

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-21 20:05:38 +02:00
Luca Deri
63670927e7 Fixed API documentation: packet tiestamp is expressed in milliseconds 2020-06-18 14:15:18 +02:00
Luca Deri
b2c24558c5 DGA detection improvements 2020-06-18 00:17:30 +02:00
Luca Deri
46d96e7f32 Added checks for DGA detection 2020-06-17 19:46:37 +02:00
Toni Uhlig
da37f2444f
Implemented proprietary AnyDesk protocol 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-17 01:23:03 +02:00
Luca Deri
0ddc3a0052 Fixed invalid assignment (typo) 2020-06-14 09:37:56 +02:00
Luca Deri
38e4910636 Added improved boundary check 2020-06-14 09:29:52 +02:00
Luca Deri
55364ef0b4 Added DGA risk for names that look like a DGA 2020-06-11 18:51:53 +02:00
Luca Deri
d318285cae Added HTTP check 2020-06-07 09:46:27 +02:00
Luca Deri
801c9481cb Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants) 2020-06-06 11:29:03 +02:00
Luca Deri
605d548d4a removed obsolete yahoo plugin 2020-06-06 09:38:19 +02:00
Luca Deri
597d6e5d60
Merge pull request #913 from yskcg/fix_segment_fault_dev 
Fix segment fault dev
 2020-06-05 16:57:46 +02:00
ysk
40550073ef fix segment fault cause by the ssl.server_names when it may NULL 2020-06-03 11:19:37 +08:00
Luca Deri
dc5b4cbde0 Reworked ndpi_strncasestr 2020-05-31 18:50:25 +02:00
Luca Deri
b6eef17e54 Added check to avoid producing alerts for known protocol on unknown port when using TLS 2020-05-30 19:33:13 +02:00
Luca Deri
61066fb106 Added check for heap buffer overflow read 2020-05-29 21:43:06 +02:00
Luca Deri
9c3bfeca80 Added support for Encrypted TLS SNI dissection 
https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
 2020-05-28 17:44:18 +02:00
Luca Deri
030e9dddb7 Extended the cache for services that need to be reconciled such as Microsoft Teams 
Added JSON-formatted Microsoft list of IP/services
 2020-05-27 12:40:35 +02:00
Luca Deri
bbbc5fdbae Added memory boundary checks 2020-05-22 07:24:02 +02:00
Luca Deri
c02b00e0ce MS Teams uses as underlying protocol for voice/video. This commit adds the ability 
to mark as MS Teams all Skype traffic made by a host with active MS Teams flows
 2020-05-21 00:06:22 +02:00
Luca Deri
c375782b96 Added check for binary scripts 
Added NDPI_HTTP_NUMERIC_IP_HOST risk
ndpi_risk moved to 32 bit
 2020-05-15 22:49:55 +02:00
loures
baddfbb6c3 Extend packet struct with Content-Disposition HTTP header field 
and improve HTTP binary transfer mime type check
 2020-05-14 12:47:22 +02:00
Luca Deri
e5e69d0f7a Added the ability to detect when a known protocol is using a non-standard port 
Added check to spot executables exchanged via HTTP
 2020-05-10 21:25:38 +02:00
Luca Deri
39ae57e6a3 Cleaned hyperscan leftover 
Added further hyperscan hooks
 2020-05-08 18:24:07 +02:00
Luca Deri
4a09b4efa0 Added TLS issuerDN and subjectDN 2020-05-07 18:44:51 +02:00
Luca Deri
6a1b8baa00 Fixed category matching 2020-05-06 23:50:35 +02:00
Luca Deri
2ccd2c204b API cleanup for indetifying explicitly in automa's what we're searching (protocol or category) 
Removed hyperscan support that is apperently unused
 2020-05-06 23:19:59 +02:00
Luca Deri
263547e77d Updated automa API to use 32 bit values splits from protocol/categpry 2020-05-06 21:57:32 +02:00