diff options
| author | Campus <fci1908@gmail.com> | 2018-09-05 16:10:07 +0200 |
|---|---|---|
| committer | Campus <fci1908@gmail.com> | 2018-09-05 16:10:07 +0200 |
| commit | 225826ce83c224000a8c5f8e72cb33a1f2559fd9 (patch) | |
| tree | 80166c5edd16439c8a4228677f4cd5d50f794793 | |
| parent | 0c3989b40f48fda7d3e0e92c97a16c2d2cf1889a (diff) | |
FIX: dropbox dissector. UPD: updated pcap file with new dropbox pkts
| -rw-r--r-- | src/lib/protocols/dropbox.c | 2 | ||||
| -rw-r--r-- | tests/pcap/dropbox.pcap | bin | 329062 -> 104124 bytes | |||
| -rw-r--r-- | tests/result/dropbox.pcap.out | 58 |
3 files changed, 17 insertions, 43 deletions
diff --git a/src/lib/protocols/dropbox.c b/src/lib/protocols/dropbox.c index b987ba253..d981c76b3 100644 --- a/src/lib/protocols/dropbox.c +++ b/src/lib/protocols/dropbox.c @@ -51,7 +51,7 @@ static void ndpi_check_dropbox(struct ndpi_detection_module_struct *ndpi_struct, if((packet->udp->source == dropbox_port) && (packet->udp->dest == dropbox_port)) { if(payload_len > 2) { - if(strncmp((const char *)packet->payload, "{\"host_int\"", 11) == 0) { + if(strstr((const char *)packet->payload, "\"host_int\"") != NULL) { NDPI_LOG_INFO(ndpi_struct, "found dropbox\n"); ndpi_int_dropbox_add_connection(ndpi_struct, flow, 0); diff --git a/tests/pcap/dropbox.pcap b/tests/pcap/dropbox.pcap Binary files differindex 6e950826e..9824eb6ed 100644 --- a/tests/pcap/dropbox.pcap +++ b/tests/pcap/dropbox.pcap diff --git a/tests/result/dropbox.pcap.out b/tests/result/dropbox.pcap.out index 10fb21cb6..a015f4d46 100644 --- a/tests/result/dropbox.pcap.out +++ b/tests/result/dropbox.pcap.out @@ -1,43 +1,17 @@ -MDNS 16 1648 1 -SSDP 140 61108 22 -Dropbox 1104 246122 16 +Dropbox 848 90532 15 - 1 TCP 192.168.1.105:44949 <-> 54.240.174.31:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][64 pkts/12228 bytes <-> 74 pkts/85074 bytes][client: client-cf.dropbox.com][server: client-cf.dropbox.com] - 2 TCP 192.168.1.105:47747 <-> 108.160.172.225:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][28 pkts/12486 bytes <-> 26 pkts/14946 bytes][client: d.dropbox.com] - 3 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] - 4 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] - 5 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] - 6 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] - 7 UDP 192.168.1.254:50828 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][44 pkts/19936 bytes -> 0 pkts/0 bytes] - 8 TCP 192.168.1.105:59975 <-> 108.160.172.204:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][18 pkts/3562 bytes <-> 16 pkts/14464 bytes][client: client.dropbox.com][server: *.dropbox.com] - 9 TCP 192.168.1.105:46394 <-> 162.125.17.131:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][12 pkts/2338 bytes <-> 10 pkts/9054 bytes][client: notify.dropbox.com][server: *.dropbox.com] - 10 TCP 192.168.1.105:36226 <-> 108.160.172.195:80 [proto: 7.121/HTTP.Dropbox][cat: Cloud/13][10 pkts/2170 bytes <-> 10 pkts/1758 bytes][Host: log.getdropbox.com] - 11 UDP 192.168.1.101:1650 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.1.101:2141 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 13 UDP 192.168.1.101:2873 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.1.101:3412 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 15 UDP 192.168.1.101:3547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.1.101:3959 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 17 UDP 192.168.1.101:4169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.1.101:4171 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.1.101:4625 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.1.101:4974 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.1.106:57268 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2632 bytes -> 0 pkts/0 bytes] - 22 UDP 192.168.1.106:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][16 pkts/1648 bytes -> 0 pkts/0 bytes] - 23 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] - 24 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com] - 26 UDP 192.168.1.101:1280 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 27 UDP 192.168.1.101:1346 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 28 UDP 192.168.1.101:1908 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.1.101:2159 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 30 UDP 192.168.1.101:2169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 31 UDP 192.168.1.101:2544 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 32 UDP 192.168.1.101:2604 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.1.101:2991 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 34 UDP 192.168.1.101:3731 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 35 UDP 192.168.1.101:3777 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 36 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com] - 37 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com] - 38 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com] - 39 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com] + 1 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] + 2 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] + 3 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] + 4 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] + 5 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] + 6 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] + 7 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com] + 8 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com] + 9 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com] + 10 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com] + 11 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com] + 12 UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes] + 13 UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes] + 14 UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes] + 15 UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes] |