function PrintPacketPayload($data, $encode_type, $output_type) { if ($output_type == 1) { printf("\n<PRE class='nowrapspace' style='text-align:left;color:white;background:#545454;padding:6px;margin:0px;font-family:courier,monospace;font-size:13px;'>\n"); } /* print the packet based on encoding type */ if ($encode_type == "1") { $payload = PrintBase64PacketPayload($data, $output_type); } else { if ($encode_type == "0") { if (isset($_GET['asciiclean']) && $_GET['asciiclean'] == 1 || isset($_COOKIE['asciiclean']) && $_COOKIE['asciiclean'] == "clean" && !isset($_GET['asciiclean'])) { // Print clean ascii display $payload = PrintCleanHexPacketPayload($data, $output_type); } else { $payload = PrintHexPacketPayload($data, $output_type); } } else { if ($encode_type == "2") { $payload = PrintAsciiPacketPayload($data, $output_type); } } } if ($output_type == 1) { echo "{$payload}\n</PRE>\n"; } return $payload; }
function PrintPacketPayload($data, $encode_type, $output_type) { if ($output_type == 1) { printf("\n<PRE>\n"); } /* print the packet based on encoding type */ if ($encode_type == "1") { $payload = PrintBase64PacketPayload($data, $output_type); } else { if ($encode_type == "0") { if (isset($_GET['asciiclean']) && $_GET['asciiclean'] == 1 || isset($_COOKIE['asciiclean']) && $_COOKIE['asciiclean'] == "clean" && !isset($_GET['asciiclean'])) { // Print clean ascii display $payload = PrintCleanHexPacketPayload($data, $output_type); } else { $payload = PrintHexPacketPayload($data, $output_type); } } else { if ($encode_type == "2") { $payload = PrintAsciiPacketPayload($data, $output_type); } } } if ($output_type == 1) { echo "{$payload}\n</PRE>\n"; } return $payload; }
if ($portscan_payload_in_signature == 1) { /* fetch from payload portscan open port number */ if (stristr($current_sig_txt, "(portscan) Open Port")) { $sql2 = "SELECT data_payload FROM data WHERE sid='" . $myrow["sid"] . "' AND cid='" . $myrow["cid"] . "'"; $result2 = $db->baseExecute($sql2); $myrow_payload = $result2->baseFetchRow(); $result2->baseFreeRows(); $myrow_payload = PrintCleanHexPacketPayload($myrow_payload[0], 2); $current_sig = $current_sig . str_replace("Open Port", "", $myrow_payload); } else { if (stristr($current_sig_txt, "(portscan) TCP Portscan") || stristr($current_sig_txt, "(portscan) UDP Portscan")) { $sql2 = "SELECT data_payload FROM data WHERE sid='" . $myrow["sid"] . "' AND cid='" . $myrow["cid"] . "'"; $result2 = $db->baseExecute($sql2); $myrow_payload = $result2->baseFetchRow(); $result2->baseFreeRows(); $myrow_payload = PrintCleanHexPacketPayload($myrow_payload[0], 2); $current_sig = $current_sig . stristr(stristr($myrow_payload, "Port/Proto Range"), ": "); } } } $rowid = $qs->GetCurrentView() * $show_rows + $i; $tmpsig = explode("##", $current_sig); if ($tmpsig[1] != "") { $antes = $tmpsig[0]; $despues = $tmpsig[1]; } else { $antes = ""; $despues = $current_sig; } // 5- Source IP Address if ($current_sip32 != "") {