vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-05 19:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
2462 commits 9 branches 12 tags 263 MiB
Commit graph

570 commits

Author SHA1 Message Date
Luca Deri
d318285cae Added HTTP check 2020-06-07 09:46:27 +02:00
Luca Deri
801c9481cb Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants) 2020-06-06 11:29:03 +02:00
Luca Deri
605d548d4a removed obsolete yahoo plugin 2020-06-06 09:38:19 +02:00
Luca Deri
597d6e5d60
Merge pull request #913 from yskcg/fix_segment_fault_dev 
Fix segment fault dev
 2020-06-05 16:57:46 +02:00
ysk
40550073ef fix segment fault cause by the ssl.server_names when it may NULL 2020-06-03 11:19:37 +08:00
Luca Deri
dc5b4cbde0 Reworked ndpi_strncasestr 2020-05-31 18:50:25 +02:00
Luca Deri
b6eef17e54 Added check to avoid producing alerts for known protocol on unknown port when using TLS 2020-05-30 19:33:13 +02:00
Luca Deri
61066fb106 Added check for heap buffer overflow read 2020-05-29 21:43:06 +02:00
Luca Deri
9c3bfeca80 Added support for Encrypted TLS SNI dissection 
https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
 2020-05-28 17:44:18 +02:00
Luca Deri
030e9dddb7 Extended the cache for services that need to be reconciled such as Microsoft Teams 
Added JSON-formatted Microsoft list of IP/services
 2020-05-27 12:40:35 +02:00
Luca Deri
bbbc5fdbae Added memory boundary checks 2020-05-22 07:24:02 +02:00
Luca Deri
c02b00e0ce MS Teams uses as underlying protocol for voice/video. This commit adds the ability 
to mark as MS Teams all Skype traffic made by a host with active MS Teams flows
 2020-05-21 00:06:22 +02:00
Luca Deri
c375782b96 Added check for binary scripts 
Added NDPI_HTTP_NUMERIC_IP_HOST risk
ndpi_risk moved to 32 bit
 2020-05-15 22:49:55 +02:00
loures
baddfbb6c3 Extend packet struct with Content-Disposition HTTP header field 
and improve HTTP binary transfer mime type check
 2020-05-14 12:47:22 +02:00
Luca Deri
e5e69d0f7a Added the ability to detect when a known protocol is using a non-standard port 
Added check to spot executables exchanged via HTTP
 2020-05-10 21:25:38 +02:00
Luca Deri
39ae57e6a3 Cleaned hyperscan leftover 
Added further hyperscan hooks
 2020-05-08 18:24:07 +02:00
Luca Deri
4a09b4efa0 Added TLS issuerDN and subjectDN 2020-05-07 18:44:51 +02:00
Luca Deri
6a1b8baa00 Fixed category matching 2020-05-06 23:50:35 +02:00
Luca Deri
2ccd2c204b API cleanup for indetifying explicitly in automa's what we're searching (protocol or category) 
Removed hyperscan support that is apperently unused
 2020-05-06 23:19:59 +02:00
Luca Deri
263547e77d Updated automa API to use 32 bit values splits from protocol/categpry 2020-05-06 21:57:32 +02:00
Luca Deri
84f66b4d6b Introduced custom protocols with IP and (optional) port support 
Example

- Single IP address
  ip:213.75.170.11@CustomProtocol

- IP address with CIDR
  ip:213.75.170.11/32@CustomProtocol

- IP address with CIDR and port
  ip:213.75.170.11/32:443@CustomProtocol

Please note that there are some restrictions on the port
usage. They have been listed in example/protos.txt
 2020-05-06 12:51:44 +02:00
Luca Deri
7855e0318d Various fixes to patricia tree handling 2020-05-06 11:13:57 +02:00
Luca Deri
48282369e2 False positive fixes 2020-05-06 01:34:55 +02:00
Luca Deri
427002d14f Reworked protocol handling chnging it is u_int16_t 2020-05-06 00:31:40 +02:00
Luca Deri
4148c5e065 Removed now obsolete MSN protocol 
Added nats.io protocol dissector
 2020-05-03 18:20:21 +02:00
Leonn Paiva
780dc8d1e7 💡 implement websocket protocol dissector 2020-04-26 02:53:12 -03:00
Alfredo Cardigliano
4d746dabe9 Enable IEC 60870-5-104 dissector 2020-04-24 15:31:44 +00:00
Luca Deri
0b702c20d3 Warning fix 2020-04-22 18:52:36 +02:00
Leonn Paiva
6769168d89 🐛 use protocol_was_guessed in ndpi_detection_giveup 2020-04-22 03:48:12 -03:00
Leonn Paiva
4d5ca2c473 🆒 code ident & style 2020-04-22 03:40:55 -03:00
Luca Deri
711ba99eaa Added detection of Microsoft Teams 2020-04-16 15:23:07 +02:00
Philippe Antoine
c1f9f05d33 Adds tls check before reading memory 2020-04-15 16:22:16 +02:00
Philippe Antoine
cf47ba234a Use ndpi_handle_ipv6_extension_headers in reader_util 2020-04-15 16:19:57 +02:00
Luca Deri
afdae85b30 Restored ndpi_get_api_version() prototype 2020-04-15 09:06:02 +02:00
Luca Deri
63c4eaae9b Invalid function definition fix 2020-04-13 22:40:20 +02:00
Nardi Ivan
a60854bae6 Fix some debug messages 2020-04-08 15:15:34 +02:00
Nardi Ivan
b40732d8a5 Fix an harmless memory leak 
Leak introduced in 90e08b35, while fixing #845
 2020-04-08 15:15:34 +02:00
Luca Deri
db8497778d Fixes #853 and adds a self check for duplicates 2020-04-07 19:17:37 +02:00
Luca Deri
0d223ada3f Compilation fix 2020-03-27 08:46:03 +01:00
Luca Deri
890e8644ac
Merge pull request #861 from havup/dev 
pull request with s7comm
 2020-03-27 08:38:44 +01:00
emanuele-f
9cf016c5f1 Fix ndpi_get_api_version version truncation 2020-03-25 14:00:47 +01:00
havup
ac17e0bea7
Update ndpi_main.c 2020-03-25 19:06:36 +08:00
havup
4d95dae2ae
Update ndpi_main.c 2020-03-25 19:05:49 +08:00
Zied Aouini
5a0f609086 Add ndpi_flow_tcp_struct and ndpi_flow_udp_struct api calls. 2020-02-21 15:49:46 +01:00
Luca Deri
080e23e30e
Merge pull request #846 from catenacyber/fuzzofix 
Fix various buffer over reads
 2020-02-19 22:55:18 +01:00
Luca Deri
edce5a8c1f Fix for disabling guess when not requested 2020-02-19 12:24:26 +01:00
Philippe Antoine
ee979ac14a Fix kerberos leak 2020-02-18 13:32:20 +01:00
Luca Deri
37121a9b58 Added protocol range check 2020-02-17 19:34:47 +01:00
emanuele-f
3fa61a394b Fix little leak on the proto_defaults strdup 2020-02-12 17:15:01 +01:00
Luca Deri
5cad39f0e8 Added export of TLS supported version in TLS header 2020-02-07 23:26:03 +01:00