From 00857abf2c008b77f3e1d9eba9505b1b22239543 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Fri, 10 Sep 2021 22:00:04 +0200 Subject: Added new risk for clear text credentials --- src/lib/protocols/ftp_control.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/lib/protocols/ftp_control.c') diff --git a/src/lib/protocols/ftp_control.c b/src/lib/protocols/ftp_control.c index 7bf35e719..55ea192b0 100644 --- a/src/lib/protocols/ftp_control.c +++ b/src/lib/protocols/ftp_control.c @@ -41,7 +41,8 @@ static void ndpi_int_ftp_control_add_connection(struct ndpi_detection_module_str /* *************************************************************** */ -static int ndpi_ftp_control_check_request(struct ndpi_flow_struct *flow, +static int ndpi_ftp_control_check_request(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow, const u_int8_t *payload, size_t payload_len) { #ifdef FTP_DEBUG @@ -52,6 +53,7 @@ static int ndpi_ftp_control_check_request(struct ndpi_flow_struct *flow, ndpi_user_pwd_payload_copy((u_int8_t*)flow->protos.ftp_imap_pop_smtp.username, sizeof(flow->protos.ftp_imap_pop_smtp.username), 5, payload, payload_len); + ndpi_set_risk(ndpi_struct, flow, NDPI_CLEAR_TEXT_CREDENTIALS); return 1; } @@ -602,7 +604,8 @@ static void ndpi_check_ftp_control(struct ndpi_detection_module_struct *ndpi_str if(flow->ftp_control_stage == 0) { NDPI_LOG_DBG2(ndpi_struct, "FTP_CONTROL stage 0: \n"); - if((payload_len > 0) && ndpi_ftp_control_check_request(flow, packet->payload, payload_len)) { + if((payload_len > 0) && ndpi_ftp_control_check_request(ndpi_struct, + flow, packet->payload, payload_len)) { NDPI_LOG_DBG2(ndpi_struct, "Possible FTP_CONTROL request detected, we will look further for the response..\n"); -- cgit v1.2.3