[Bro-Dev] #1011: username/password authentication for SOCKS5
Bro Tracker
bro at tracker.bro.org
Mon May 27 07:20:31 PDT 2013
#1011: username/password authentication for SOCKS5
------------------------+-------------------
Reporter: nicolas | Type: Patch
Status: new | Priority: Low
Milestone: Bro2.2 | Component: Bro
Version: git/master | Keywords:
------------------------+-------------------
Patch the bug explained below :
It appears using the username authentication with SOCKS 5.
After the client and the server have chosen the username authentication,
the client has to send the following packet :
Client request (RFC 1929) :
+----+------+----------+------+----------+
|VER | ULEN | UNAME | PLEN | PASSWD |
+----+------+----------+------+----------+
| 1 | 1 | 1 to 255 | 1 | 1 to 255 |
+----+------+----------+------+----------+
Here the first byte must be 0x1, it specifies the version of the
authentication mechanisme, not the SOCKS version (0x5) like in all
others packets.
However in the socks-protocol.pac the type SOCKS_Version never parses
data if the first byte is 0x1, and it goes to an error.
--
Ticket URL: <http://tracker.bro.org/bro/ticket/1011>
Bro Tracker <http://tracker.bro.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list