Changed log to be human readable for byte protocols

Added Renderer Interface for readable logging of specific protocols

res/values/renderer.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<resources>
+
+    <string-array name="renderer">
+        <item>MySQL</item>
+        <item>SMB</item>
+        <item>TELNET</item>
+    </string-array>
+
+</resources>

src/de/tudarmstadt/informatik/hostage/commons/HelperUtils.java

@@ -240,15 +240,28 @@ public final class HelperUtils {
 	}
 	
 	
-	public static String bytesToHex(byte[] bytes) {
+	public static String byteToHexString(byte[] bytes) {
 		char[] hexArray = "0123456789ABCDEF".toCharArray();
-	    char[] hexChars = new char[bytes.length * 2];
 	    int v;
-	    for ( int j = 0; j < bytes.length; j++ ) {
+	    StringBuffer buffer = new StringBuffer();
+	    for(int j = 0; j < bytes.length; j++ ) {
 	        v = bytes[j] & 0xFF;
-	        hexChars[j * 2] = hexArray[v >>> 4];
-	        hexChars[j * 2 + 1] = hexArray[v & 0x0F];
+	        buffer.append(hexArray[v >>> 4]);
+	        buffer.append(hexArray[v & 0x0F]);
+	        if(j < bytes.length-1) buffer.append(", ");
 	    }
-	    return new String(hexChars);
+	    return buffer.toString();
+	}
+	
+	public static byte[] hexStringToByte(String string) {
+		char[] hexArray = "0123456789ABCDEF".toCharArray();
+	    int v;
+	    String[] hexStrings = string.split(", ");
+	    byte[] bytes = new byte[hexStrings.length];
+	    for(int j = 0; j < hexStrings.length; j++ ) {
+	    	bytes[j] = (byte) ((Character.digit(hexStrings[j].charAt(0), 16) << 4)
+                    + Character.digit(hexStrings[j].charAt(1), 16));
+	    }
+	    return bytes;
 	}
 }

src/de/tudarmstadt/informatik/hostage/handler/ByteArrayHandlerImpl.java

@@ -11,6 +11,7 @@ import android.preference.PreferenceManager;
 
 import de.tudarmstadt.informatik.hostage.HoneyListener;
 import de.tudarmstadt.informatik.hostage.HoneyService;
+import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
 import de.tudarmstadt.informatik.hostage.io.ByteArrayReaderWriter;
 import de.tudarmstadt.informatik.hostage.io.ReaderWriter;
 import de.tudarmstadt.informatik.hostage.logging.Record.TYPE;
@@ -47,11 +48,11 @@ public class ByteArrayHandlerImpl extends AbstractHandler {
 
 		while (!thread.isInterrupted() && (inputLine = stream.read()) != null) {
 			outputLine = protocol.processMessage(inputLine);
-			log.write(createRecord(TYPE.RECEIVE, protocol.getRequestContent()));
+			log.write(createRecord(TYPE.RECEIVE, HelperUtils.byteToHexString(inputLine.get())));
 			if (outputLine != null) {
 				stream.write(outputLine);
 				for (ByteArray s : outputLine) {
-					log.write(createRecord(TYPE.SEND, s.toString()));
+					log.write(createRecord(TYPE.SEND, HelperUtils.byteToHexString(s.get())));
 				}
 			}
 			if (protocol.isClosed()) {

src/de/tudarmstadt/informatik/hostage/logging/Record.java

@@ -240,7 +240,7 @@ public class Record implements Serializable {
 				return String.format("{ \"sensor\":{\"type\": \"Honeypot\", \"name\": \"HOsTaGe\"}, \"type\": \"%s\", \"src\":{\"ip\": \"%s\", \"port\": %d}, \"dst\":{\"ip\": \"%s\", \"port\": %d} }", protocol + " server access", externalIP, remotePort, externalIP, localPort);
 			// ViewLogTable format: contains all important information about an attack.
 			case 2: 
-				return String.format("%d: %s\nIn %s\n(%s)\nFrom [%s:%d]\nTo [%s:%d]\nMessage: %s\n", attack_id, protocol, SSID, BSSID, remoteIP.getHostAddress(), remotePort, localIP.getHostAddress(), localPort, packet);
+				return String.format("%d: %s\nIn %s\n(%s)\nFrom [%s:%d]\nTo [%s:%d]\n", attack_id, protocol, SSID, BSSID, remoteIP.getHostAddress(), remotePort, localIP.getHostAddress(), localPort);
 			default:
 				return toString();
 		}

src/de/tudarmstadt/informatik/hostage/protocol/TELNET.java

@@ -181,8 +181,8 @@ public final class TELNET implements Protocol<ByteArray> {
 	}
 
 	/** options requested by the server */
-	private final byte[] optionRequest = {(byte) 0xff, (byte) 0xfb, 0x03,
-										(byte) 0xff, (byte) 0xfb, 0x01};
+	private final byte[] optionRequest = {(byte) 0xff, (byte) 0xfb, 0x03,	//will suppress go ahead
+										(byte) 0xff, (byte) 0xfb, 0x01};	//will echo
 	//session token prefix, mid and suffix
 	private final byte[] sessionPrefix = {0x1b, 0x5d, 0x30, 0x3b};
 	private final byte[] sessionMiddle = {0x40, 0x72, 0x61, 0x73, 

src/de/tudarmstadt/informatik/hostage/render/DefaultRenderer.java

@@ -0,0 +1,12 @@
+package de.tudarmstadt.informatik.hostage.render;
+
+import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
+
+public class DefaultRenderer implements ProtocolRenderer {
+
+	@Override
+	public String render(String packet) {
+		return packet;
+	}
+
+}

src/de/tudarmstadt/informatik/hostage/render/MySQLRenderer.java

@@ -0,0 +1,5 @@
+package de.tudarmstadt.informatik.hostage.render;
+
+public class MySQLRenderer {
+
+}

src/de/tudarmstadt/informatik/hostage/render/ProtocolRenderer.java

@@ -0,0 +1,6 @@
+package de.tudarmstadt.informatik.hostage.render;
+
+public interface ProtocolRenderer {
+
+	String render(String packet);
+}

src/de/tudarmstadt/informatik/hostage/render/SMBRenderer.java

@@ -0,0 +1,93 @@
+package de.tudarmstadt.informatik.hostage.render;
+
+import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
+
+public class SMBRenderer implements ProtocolRenderer {
+
+	@Override
+	public String render(String packet) {
+		byte[] bytes = HelperUtils.hexStringToByte(packet);
+		String command = "Command: " + getCommandString(bytes[8]);
+		return command;
+	}
+		
+	private String getCommandString(byte cmd) {
+		switch(cmd) {
+		case 0x00: return "SMB_COM_CREATE_DIRECTORY";
+		case 0x01: return "SMB_COM_DELETE_DIRECTORY";
+		case 0x02: return "SMB_COM_OPEN";
+		case 0x03: return "SMB_COM_CREATE";
+		case 0x04: return "SMB_COM_CLOSE";
+		case 0x05: return "SMB_COM_FLUSH";
+		case 0x06: return "SMB_COM_DELETE";
+		case 0x07: return "SMB_COM_RENAME";
+		case 0x08: return "SMB_COM_QUERY_INFORMATION";
+		case 0x09: return "SMB_COM_SET_INFORMATION";
+		case 0x0A: return "SMB_COM_READ";
+		case 0x0B: return "SMB_COM_WRITE";
+		case 0x0C: return "SMB_COM_LOCK_BYTE_RANGE";
+		case 0x0D: return "SMB_COM_UNLOCK_BYTE_RANGE";
+		case 0x0E: return "SMB_COM_CREATE_TEMPORARY";
+		case 0x0F: return "SMB_COM_CREATE_NEW";
+		case 0x10: return "SMB_COM_CHECK_DIRECTORY";
+		case 0x11: return "SMB_COM_PROCESS_EXIT";
+		case 0x12: return "SMB_COM_SEEK";
+		case 0x13: return "SMB_COM_LOCK_AND_READ";
+		case 0x14: return "SMB_COM_WRITE_AND_UNLOCK";
+		case 0x1A: return "SMB_COM_READ_RAW";
+		case 0x1B: return "SMB_COM_READ_MPX";
+		case 0x1C: return "SMB_COM_READ_MPX_SECONDARY";
+		case 0x1D: return "SMB_COM_WRITE_RAW";
+		case 0x1E: return "SMB_COM_WRITE_MPX";
+		case 0x1F: return "SMB_COM_WRITE_MPX_SECONDARY";
+		case 0x20: return "SMB_COM_WRITE_COMPLETE";
+		case 0x21: return "SMB_COM_QUERY_SERVER";
+		case 0x22: return "SMB_COM_SET_INFORMATION2";
+		case 0x23: return "SMB_COM_QUERY_INFORMATION2";
+		case 0x24: return "SMB_COM_LOCKING_ANDX";
+		case 0x25: return "SMB_COM_TRANSACTION";
+		case 0x26: return "SMB_COM_TRANSACTION_SECONDARY";
+		case 0x27: return "SMB_COM_IOCTL";
+		case 0x28: return "SMB_COM_IOCTL_SECONDARY";
+		case 0x29: return "SMB_COM_COPY";
+		case 0x2A: return "SMB_COM_MOVE";
+		case 0x2B: return "SMB_COM_ECHO";
+		case 0x2C: return "SMB_COM_WRITE_AND_CLOSE";
+		case 0x2D: return "SMB_COM_OPEN_ANDX";
+		case 0x2E: return "SMB_COM_READ_ANDX";
+		case 0x2F: return "SMB_COM_WRITE_ANDX";
+		case 0x30: return "SMB_COM_NEW_FILE_SIZE";
+		case 0x31: return "SMB_COM_CLOSE_AND_TREE_DISC";
+		case 0x32: return "SMB_COM_TRANSACTION2";
+		case 0x33: return "SMB_COM_TRANSACTION2_SECONDARY";
+		case 0x34: return "SMB_COM_FIND_CLOSE2";
+		case 0x35: return "SMB_COM_FIND_NOTIFY_CLOSE";
+		case 0x70: return "SMB_COM_TREE_CONNECT";
+		case 0x71: return "SMB_COM_TREE_DISCONNECT";
+		case 0x72: return "SMB_COM_NEGOTIATE";
+		case 0x73: return "SMB_COM_SESSION_SETUP_ANDX";
+		case 0x74: return "SMB_COM_LOGOFF_ANDX";
+		case 0x75: return "SMB_COM_TREE_CONNECT_ANDX";
+		case (byte)0x80: return "SMB_COM_QUERY_INFORMATION_DISK";
+		case (byte)0x81: return "SMB_COM_SEARCH";
+		case (byte)0x82: return "SMB_COM_FIND";
+		case (byte)0x83: return "SMB_COM_FIND_UNIQUE";
+		case (byte)0x84: return "SMB_COM_FIND_CLOSE";
+		case (byte)0xA0: return "SMB_COM_NT_TRANSACT";
+		case (byte)0xA1: return "SMB_COM_NT_TRANSACT_SECONDARY";
+		case (byte)0xA2: return "SMB_COM_NT_CREATE_ANDX";
+		case (byte)0xA4: return "SMB_COM_NT_CANCEL";
+		case (byte)0xA5: return "SMB_COM_NT_RENAME";
+		case (byte)0xC0: return "SMB_COM_OPEN_PRINT_FILE";
+		case (byte)0xC1: return "SMB_COM_WRITE_PRINT_FILE";
+		case (byte)0xC2: return "SMB_COM_CLOSE_PRINT_FILE";
+		case (byte)0xC3: return "SMB_COM_GET_PRINT_QUEUE";
+		case (byte)0xD8: return "SMB_COM_READ_BULK";
+		case (byte)0xD9: return "SMB_COM_WRITE_BULK";
+		case (byte)0xDA: return "SMB_COM_WRITE_BULK_DATA";
+		case (byte)0xFF: return "SMB_COM_NONE";
+		default: return "Unknown Command";
+		}
+	}
+
+}

src/de/tudarmstadt/informatik/hostage/render/TELNETRenderer.java

@@ -0,0 +1,5 @@
+package de.tudarmstadt.informatik.hostage.render;
+
+public class TELNETRenderer {
+
+}

src/de/tudarmstadt/informatik/hostage/render/ViewLogRenderer.java

@@ -0,0 +1,29 @@
+package de.tudarmstadt.informatik.hostage.render;
+
+import de.tudarmstadt.informatik.hostage.R;
+import de.tudarmstadt.informatik.hostage.ui.MainActivity;
+
+public class ViewLogRenderer {
+	
+	public static String render(String protocol, String packet) {		
+		return getRenderer(protocol).render(packet);
+	}
+	
+	private static ProtocolRenderer getRenderer(String protocol) {
+		String[] protocols = MainActivity.getContext().getResources().getStringArray(R.array.renderer);
+		String packageName = ProtocolRenderer.class.getPackage().getName();
+		ProtocolRenderer renderer = new DefaultRenderer();
+
+		for (String prot : protocols) {
+			try {
+				if(protocol.equals(prot)) renderer = (ProtocolRenderer) Class.forName(
+						String.format("%s.%s", packageName, protocol+"Renderer"))
+						.newInstance();
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+		}
+		return renderer;
+	}
+
+}

src/de/tudarmstadt/informatik/hostage/ui/ViewLogTable.java

@@ -1,7 +1,9 @@
 package de.tudarmstadt.informatik.hostage.ui;
 
+import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
 import de.tudarmstadt.informatik.hostage.logging.DatabaseHandler;
 import de.tudarmstadt.informatik.hostage.logging.Record;
+import de.tudarmstadt.informatik.hostage.render.ViewLogRenderer;
 import android.app.Activity;
 import android.os.Bundle;
 import android.widget.ScrollView;
@@ -17,11 +19,12 @@ public class ViewLogTable extends Activity{
 	protected void onCreate(Bundle savedInstanceState) {
 		super.onCreate(savedInstanceState);
 		DatabaseHandler dbh = new DatabaseHandler(getBaseContext());
-		String log = "";
+		StringBuffer log = new StringBuffer();
 		//Create a log entry for every attack in the Database
-		for(Record record: dbh.getAllReceivedRecordsOfEachAttack())
-		{
-			log = log + record.toString(2) + "\n";
+		for(Record record: dbh.getAllReceivedRecordsOfEachAttack()) {
+			log.append(record.toString(2));
+			log.append(ViewLogRenderer.render(record.getProtocol(), record.getPacket()));
+			log.append("\n");
 		}
 		
 		ScrollView scroll = new ScrollView(this);