h: 0dZddlZddlZddlmZmZddlmZmZm Z ddlm Z ddlm Z m Z m Z ddlmZddlmZmZdd lmZd Zd Zd d ddZdddZddddZdddZddddZddd d!d"d#d$Zd%dd&d'd!d(d)d*d+d,d- Zd.d/d0d1d2d3d4d5d6Zd7d8iZd7d9iZ Gd:d;eZ!Gd<d=eZ"Gd>d?eZ#d@d%dAdBd&dCddDdEdFd)dG Z$dHdIdJdKdLdMZ%GdNdOeZ&GdPdQeZ'dRdSdTdUZ(dVdKdLdWZ)GdXdYeZ*GdZd[eZ+Gd\d]eZ,Gd^d_eZ-Gd`dae-Z.eee.dbceee.dbdee.e!d7dbeee.e"d7dbfe/dgkrddhl0m1Z1e1e2dijdSdS)kz[ TACACS Based on tacacs+ v6 draft https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06 N)Packet bind_layers) ByteEnumField ByteFieldIntField)FieldListField) FieldLenFieldConditionalField StrLenField)TCPchborb)conftestcxdd}ttkrtj}|t jd||||t jd|||||}|z ttkdfdttDS)z| Obfuscation methodology from section 3.7 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-3.7 !Iz!BBc3K|]<}tt|t|z V=dSNr ).0ipadpays X/mounts/lovelace/software/anaconda3/lib/python3.11/site-packages/scapy/contrib/tacacs.py zobfuscate..8sDLLqCCF c#a&kk122LLLLLLr) lenhashlibmd5updatestructpackencodedigestjoinrange)rsecret session_idversionseqcurr_padmsgrs` @r obfuscater-s CH c((SXX  kmm 6;tZ00111 6==??### 6;ugs33444 8::<< x c((SXX   88LLLLLE#c((OOLLL L LLrRootUserMinimum)rTacacszTacacs+)r2Authentication Authorization Accounting)r2 UnencryptedzSingle Connection)r2Loginz Change PasszSend Authentication)r2r8r;ASCIIPAPCHAPARAPMSCHAPMSCHAPv2)r2r8r9r;NoneEnablePPPPTRCMDX25NASIFwProxy) rr2r8r9r;rCrD PASSFAILGETDATAGETUSERGETPASSRESTARTERRORFOLLOW)r2r8r9r;rCrDrMr2NOECHOABORTcpeZdZdZdZeddeeddeeddeedde e dd d d e d d d d e dd d d e dd d d e e d ddde ddde ddde dddg Z d S)TacacsAuthenticationStartz Tacacs authentication start body from section 4.1 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-4.1 z Tacacs Authentication Start Bodyactionr2priv_lvl authen_typeauthen_serviceuser_lenN!Buserfmt length_ofport_lenport rem_addr_lenrem_addrdata_lendatac|jSrraxs rz"TacacsAuthenticationStart.s RSR\r length_fromc|dkS)Nrmrps rrrz"TacacsAuthenticationStart.s a2grc|jSrrgrps rrrz"TacacsAuthenticationStart.rc|jSrrirps rrrz"TacacsAuthenticationStart.Q^rc|jSrrkrps rrrz"TacacsAuthenticationStart.ryr)__name__ __module__ __qualname____doc__namerTACACSAUTHENACTIONTACACSPRIVLEVELTACACSAUTHENTYPETACACSAUTHENSERVICEr r r fields_descrvrrr\r\qs< .D =1.@AA =Q@@ =3CDD =!116IJJ =TtvNNN =TtvNNN =4:VVV =TtvNNN##KKH\H\$]$]$]$5$577;vr7K7KLLL;z2;S;STTT;vr7K7KLLL NKKKrr\c eZdZdZdZeddeeddeeddd d ed dd d e d dde d ddgZ dS)TacacsAuthenticationReplyz Tacacs authentication reply body from section 4.2 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-4.2 z Tacacs Authentication Reply Bodystatusr2flagsrserver_msg_lenN!H server_msgrdrkrlrmc|jSrrrps rrrz"TacacsAuthenticationReply. qGWrrsc|jSrr~rps rrrz"TacacsAuthenticationReply.ryr) rrrrrrTACACSREPLYPASSTACACSREPLYFLAGSr r rrvrrrrs .D =1o>> =!-=>> =!14T\ZZZ =TtvNNN;|R=W=WXXX;vr7K7KLLL NKKKrrc eZdZdZdZeddddedddd ed d eedd d ed d dgZ dS)TacacsAuthenticationContinuez Tacacs authentication continue body from section 4.3 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-4.3 z#Tacacs Authentication Continue Body user_msg_lenNruser_msgrdrkrlrr2rmc|jSr)rrps rrrz%TacacsAuthenticationContinue.r|rrsc|jSrr~rps rrrz%TacacsAuthenticationContinue.ryr) rrrrrr rTACACSCONTINUEFLAGSr rrvrrrrs 1D =4:VVV =TtvNNN =!-@AA;z2;S;STTT;vr7K7KLLL NKKKrrzNot Setz Kerberos 5LineLocalGuestRadiusz Kerberos 4) rr2r8r9r;rCrDrN zPass Addz Pass replFailErrorFollow)r2r8rr!cveZdZdZdZeddeeddeeddeedde e d d d d e dd d d e dd d d e dd d de dge ddde d dde ddde dddg ZdZd S)TacacsAuthorizationRequestz Tacacs authorization request body from section 5.1 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-5.1 z!Tacacs Authorization Request Body authen_methodrr^r2r_r`raNrbrcrdrgrhrirjarg_cnt arg_len_listrecount_ofrmc|jSrrpkts rrrz#TacacsAuthorizationRequest.#+rrsc|jSrrorps rrrz#TacacsAuthorizationRequest.ryrc|jSrrxrps rrrz#TacacsAuthorizationRequest.ryrc|jSrr{rps rrrz#TacacsAuthorizationRequest.r|rc>|jdkrtStjSNrrTacacsPacketArgumentsr padding_layerselfrs rguess_payload_classz.TacacsAuthorizationRequest.guess_payload_class ."iiA6F6F.E.EGGG;vr7K7KLLL;vr7K7KLLL;z2;S;STTT VK"""""rrc eZdZdZdZeddeedddd ed dd d eddd d edge ddde d dde dddgZ dZ dS)TacacsAuthorizationReplyz Tacacs authorization reply body from section 5.2 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-5.2 zTacacs Authorization Reply BodyrrrNrbrrrrrrdrkrlrmc|jSrrrs rrrz!TacacsAuthorizationReply.rrrsc|jSrrrps rrrz!TacacsAuthorizationReply.rrc|jSrr~rps rrrz!TacacsAuthorizationReply.ryrc>|jdkrtStjSrrrs rrz,TacacsAuthorizationReply.guess_payload_classrr) rrrrrrTACACSAUTHORSTATUSr rrr rrrvrrrrs -D =1.@AA =Dd^TTT =!14T\ZZZ =TtvNNN!>."iiA6F6F.E.EGGG;|R=W=WXXX;vr7K7KLLLNK"""""rrStartStopWatchdog)r8r;rNSuccess)r2r8rceZdZdZdZeddeeddeeddeedde ed de e d d d d e dd d de dd d de dd d de dge ddded ddedddedddg ZdZd S)TacacsAccountingRequestz Tacacs accounting request body from section 6.1 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-6.1 zTacacs Accounting Request Bodyrrrr^r2r_r`raNrbrcrdrgrhrirjrrrrmc|jSrrrs rrrz TacacsAccountingRequest.rrrsc|jSrrorps rrrz TacacsAccountingRequest.ryrc|jSrrxrps rrrz TacacsAccountingRequest.ryrc|jSrr{rps rrrz TacacsAccountingRequest.r|rc>|jdkrtStjSrrrs rrz+TacacsAccountingRequest.guess_payload_class!rr)rrrrrrTACACSACNTFLAGSrrrrr rrr rrrvrrrrsd ,D =!_== =!5EFF =Q@@ =3CDD =!116IJJ =TtvNNN =TtvNNN =4:VVV =Dd^TTT!>."iiA6F6F.E.EGGG;vr7K7KLLL;vr7K7KLLL;z2;S;STTT VK"""""rrc eZdZdZdZeddddedddd ed deedd d ed d d gZ dS)TacacsAccountingReplyz Tacacs accounting reply body from section 6.2 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-6.2 zTacacs Accounting Reply BodyrNrrrdrkrlrrmc|jSrrrps rrrzTacacsAccountingReply.4rrrsc|jSrr~rps rrrzTacacsAccountingReply.5ryr) rrrrrr rTACACSACNTSTATUSr rrvrrrr's *D =!14T\ZZZ =TtvNNN =41ABB;|R=W=WXXX;vr7K7KLLL NKKKrrcHeZdZdZdgZdZedddgZdZd Z d S) rzx Class defined to handle the arguments listed at the end of tacacs+ Authorization and Accounting packets. _lenzArguments in Tacacs+ packetrlrmc|jSr)rrs rrrzTacacsPacketArguments.Cs38rrsc|j}d}t|tr!|j}|dz }t|t!|j||_|SNrr2) underlayer isinstancerrr)rscurrs r pre_dissectz!TacacsPacketArguments.pre_dissectEs^o 344 .C FA344 $Q' rc|j}d}t|tr!|j}|dz }t|t!|dz|jkrtStjSr)rrrrrr)rrrrs rrz)TacacsPacketArguments.guess_payload_classQsjo 344 .C FA344  q53;  ( (!!rN) rrrr __slots__rr rrrrvrrrr8sgI (D;vr7K7KLLLMK    " " " " "rrceZdZdZdZdS)TacacsClientPacketz Super class for tacacs packet in order to get them unencrypted Obfuscation methodology from section 3.7 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-3.7 cj|jdkr't|t|j|j|j}|Sr)rr-SECRETr(r)r*rs r post_dissectzTacacsClientPacket.post_dissectis- :??C$,QQC rN)rrrrrrvrrrr_s-rrc eZdZdZdZeddeeddeeddedd e e d d e d d gZ d Z dZ dZdZd S) TacacsHeaderzy Tacacs Header packet from section 3.8 https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-06#section-3.8 z Tacacs Headerr)r4typer2r*rrr(lengthNc|jdkr|jdzdkrtStt jd|ddt |ddkrtStt jd|ddt |ddkrtS|jdkr|jdzdkrtStS|jd kr|jdzdkrtStStjS) Nr2r8rbbbbr;rNz!hhrCr9)rr*rsumr!unpackrr\rrrrrr raw_layer)rpayloads rrz TacacsHeader.guess_payload_classs 9>>x!|q  006=166773wqrr{;K;KKK00V]5'"1"+66773wqrr{;K;KKK33 9>>x!|q  //- - 9>>x!|q  ,,* *~rc|j/|r-|ddtjdt|z}|jdkr't |t |j|j|j }||zS)Nrr) rr!r"rrr-rr(r)r*)rprs r post_buildzTacacsHeader.post_buildsd ; 3 #2#T3s88444A :??C$,QQC3wrc6tjd|jS)NI)r!r"r()rs rhashretzTacacsHeader.hashrets{3000rct|to2|j|jdzko|j|jko|j|jkS)Nr2)rrr*rr()rothers ranswerszTacacsHeader.answerssN5,//4EIM)4 UZ'45#33 5r)rrrrrr TACACSVERSION TACACSTYPEr TACACSFLAGSrrrrrrrvrrrrqs D =C?? =J779UA&& =![998L!,,8Hd++ -K<   11155555rr1)dport)sport)rr)rr__main__)interactztacacs+)mydictmybanner)3rr!r scapy.packetrr scapy.fieldsrrrrr r r scapy.layers.inetr scapy.compatrr scapy.configrrr-rrrrrrrrrrr\rrrrrrrrrrrrrr scapy.mainrglobalsrvrrrs  ,,,,,,,,;;;;;;;;;;''''''EEEEEEEEEE!!!!!!!!!!!!!! MMM:!!!! "   %'' !&.00! ##!!"   # % %!!x='lNNNNNNNN2NNNNNNNN$NNNNN6NNN*!#  $   $$ !" $$""""""""<"""""v""": ""! "" """""f""">NNNNNFNNN"$"$"$"$"$"F$"$"$"N$B5B5B5B5B5%B5B5B5J CR(((( CR(((( L3!2FFFF L3!2FFFF z###### HGGII 222222r