Rev 109 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 104 | hidnplayr | 1 | ; Automated dhcp client |
| 336 | hidnplayr | 2 | ; v 1.3 |
| 104 | hidnplayr | 3 | ; |
| 336 | hidnplayr | 4 | ; with thanks to authors of DHCP client for menuetos: Mike Hibbet |
| 104 | hidnplayr | 5 | ; |
| 336 | hidnplayr | 6 | ; by HidnPlayr & Derpenguin |
| 104 | hidnplayr | 7 | |
| 336 | hidnplayr | 8 | |
| 104 | hidnplayr | 9 | TIMEOUT equ 60 ; in seconds |
| 336 | hidnplayr | 10 | BUFFER equ 1024 |
| 11 | __DEBUG__ equ 1 |
||
| 12 | __DEBUG_LEVEL__ equ 1; 1 = all, 2 = errors |
||
| 104 | hidnplayr | 13 | |
| 14 | use32 |
||
| 15 | org 0x0 |
||
| 16 | |||
| 17 | db 'MENUET01' ; 8 byte id |
||
| 18 | dd 0x01 ; header version |
||
| 19 | dd START ; start of code |
||
| 20 | dd IM_END ; size of image |
||
| 21 | dd I_END ; memory for app |
||
| 22 | dd I_END ; esp |
||
| 23 | dd 0x0 , 0x0 ; I_Param , I_Icon |
||
| 24 | |||
| 336 | hidnplayr | 25 | ;include 'macros.inc' |
| 26 | include 'eth.inc' |
||
| 27 | include 'debug-fdo.inc' |
||
| 104 | hidnplayr | 28 | |
| 29 | |||
| 336 | hidnplayr | 30 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; |
| 31 | ; CONFIGURATION FOR LINK-LOCAL ; |
||
| 32 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; |
||
| 33 | ; ; |
||
| 34 | PROBE_WAIT equ 1 ; second (initial random delay) ; |
||
| 35 | PROBE_MIN equ 1 ; second (minimum delay till repeated probe) ; |
||
| 36 | PROBE_MAX equ 2 ; seconds (maximum delay till repeated probe) ; |
||
| 37 | PROBE_NUM equ 3 ; (number of probe packets) ; |
||
| 38 | ; ; |
||
| 39 | ANNOUNCE_NUM equ 2 ; (number of announcement packets) ; |
||
| 40 | ANNOUNCE_INTERVAL equ 2 ; seconds (time between announcement packets) ; |
||
| 41 | ANNOUNCE_WAIT equ 2 ; seconds (delay before announcing) ; |
||
| 42 | ; ; |
||
| 43 | MAX_CONFLICTS equ 10 ; (max conflicts before rate limiting) ; |
||
| 44 | ; ; |
||
| 45 | RATE_LIMIT_INTERVAL equ 60 ; seconds (delay between successive attempts) ; |
||
| 46 | ; ; |
||
| 47 | DEFEND_INTERVAL equ 10 ; seconds (min. wait between defensive ARPs) ; |
||
| 48 | ; ; |
||
| 49 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; |
||
| 104 | hidnplayr | 50 | |
| 51 | |||
| 336 | hidnplayr | 52 | START: ; start of execution |
| 53 | |||
| 54 | mov eax,40 ; Report events |
||
| 55 | mov ebx,10000000b ; Only Stack |
||
| 104 | hidnplayr | 56 | int 0x40 |
| 57 | |||
| 336 | hidnplayr | 58 | mov eax,52 ; first, enable the stack (packet driver) |
| 104 | hidnplayr | 59 | mov ebx,2 |
| 60 | mov ecx,0x00000383 |
||
| 61 | int 0x40 |
||
| 62 | |||
| 336 | hidnplayr | 63 | DEBUGF 1,"DHCP: Stack Initialized.\n" |
| 104 | hidnplayr | 64 | |
| 336 | hidnplayr | 65 | eth.status eax ; Read the Stack status |
| 66 | test eax,eax ; if eax is zero, no driver was found |
||
| 67 | jnz @f |
||
| 68 | DEBUGF 1,"DHCP: No Card detected\n" |
||
| 69 | jmp close |
||
| 104 | hidnplayr | 70 | |
| 336 | hidnplayr | 71 | @@: |
| 72 | DEBUGF 1,"DHCP: Detected card: %x\n",eax |
||
| 73 | @@: |
||
| 74 | eth.check_cable eax |
||
| 75 | test al,al |
||
| 76 | jnz @f |
||
| 77 | DEBUGF 1,"DHCP: Ethernet Cable not connected\n" |
||
| 104 | hidnplayr | 78 | |
| 336 | hidnplayr | 79 | mov eax,5 |
| 80 | mov ebx,500 ; loop until cable is connected (check every 5 sec) |
||
| 81 | int 0x40 |
||
| 104 | hidnplayr | 82 | |
| 336 | hidnplayr | 83 | jmp @r |
| 104 | hidnplayr | 84 | |
| 85 | @@: |
||
| 336 | hidnplayr | 86 | DEBUGF 1,"DHCP: Ethernet Cable status: %d\n",al |
| 104 | hidnplayr | 87 | |
| 336 | hidnplayr | 88 | eth.read_mac MAC |
| 89 | DEBUGF 1,"DHCP: MAC address: %x-%x-%x-%x-%x-%x\n",[MAC]:2,[MAC+1]:2,[MAC+2]:2,[MAC+3]:2,[MAC+4]:2,[MAC+5]:2 |
||
| 104 | hidnplayr | 90 | |
| 336 | hidnplayr | 91 | ; jmp apipa ; comment this out if you want to skip DHCP and continue with link-local |
| 104 | hidnplayr | 92 | |
| 336 | hidnplayr | 93 | ;*************************************************************************** |
| 94 | ; |
||
| 95 | ; DHCP rubish starts here |
||
| 96 | ; |
||
| 97 | ;*************************************************************************** |
||
| 104 | hidnplayr | 98 | |
| 99 | |||
| 100 | |||
| 336 | hidnplayr | 101 | eth.check_port 68,eax ; Check if port 68 is available |
| 102 | cmp eax,1 |
||
| 103 | je @f |
||
| 104 | |||
| 105 | DEBUGF 1,"DHCP: Port 68 is already in use.\n" |
||
| 106 | jmp close |
||
| 107 | |||
| 108 | @@: |
||
| 109 | eth.open_udp 68,67,-1,[socketNum] ; open socket (local,remote,ip,socket) |
||
| 110 | DEBUGF 1,"DHCP: Socket opened: %d\n",eax |
||
| 111 | ; Setup the first msg we will send |
||
| 112 | mov byte [dhcpMsgType], 0x01 ; DHCP discover |
||
| 113 | mov dword [dhcpLease], esi ; esi is still -1 (-1 = forever) |
||
| 114 | |||
| 115 | mov eax,26 |
||
| 116 | mov ebx,9 |
||
| 117 | int 0x40 |
||
| 118 | imul eax,100 |
||
| 119 | mov [currTime],eax |
||
| 120 | |||
| 104 | hidnplayr | 121 | ;*************************************************************************** |
| 122 | ; Function |
||
| 123 | ; buildRequest |
||
| 124 | ; |
||
| 125 | ; Description |
||
| 126 | ; Creates a DHCP request packet. |
||
| 127 | ; |
||
| 128 | ;*************************************************************************** |
||
| 129 | buildRequest: |
||
| 336 | hidnplayr | 130 | xor eax,eax ; Clear dhcpMsg to all zeros |
| 104 | hidnplayr | 131 | mov edi,dhcpMsg |
| 336 | hidnplayr | 132 | mov ecx,BUFFER |
| 104 | hidnplayr | 133 | cld |
| 134 | rep stosb |
||
| 135 | |||
| 136 | mov edx, dhcpMsg |
||
| 137 | |||
| 138 | mov [edx], byte 0x01 ; Boot request |
||
| 139 | mov [edx+1], byte 0x01 ; Ethernet |
||
| 140 | mov [edx+2], byte 0x06 ; Ethernet h/w len |
||
| 141 | mov [edx+4], dword 0x11223344 ; xid |
||
| 336 | hidnplayr | 142 | mov eax,[currTime] |
| 143 | mov [edx+8], eax ; secs, our uptime |
||
| 104 | hidnplayr | 144 | mov [edx+10], byte 0x80 ; broadcast flag set |
| 336 | hidnplayr | 145 | |
| 146 | mov eax, dword [MAC] ; first 4 bytes of MAC |
||
| 147 | mov [edx+28],dword eax |
||
| 148 | mov ax, word [MAC+4] ; last 2 bytes of MAC |
||
| 149 | mov [edx+32],word ax |
||
| 150 | |||
| 104 | hidnplayr | 151 | mov [edx+236], dword 0x63538263 ; magic number |
| 152 | |||
| 336 | hidnplayr | 153 | mov [edx+240], word 0x0135 ; option DHCP msg type |
| 104 | hidnplayr | 154 | mov al, [dhcpMsgType] |
| 155 | mov [edx+240+2], al |
||
| 156 | |||
| 336 | hidnplayr | 157 | mov [edx+240+3], word 0x0433 ; option Lease time = infinity |
| 104 | hidnplayr | 158 | mov eax, [dhcpLease] |
| 159 | mov [edx+240+5], eax |
||
| 160 | |||
| 336 | hidnplayr | 161 | mov [edx+240+9], word 0x0432 ; option requested IP address |
| 162 | mov eax, [dhcpClientIP] |
||
| 163 | mov [edx+240+11], eax |
||
| 104 | hidnplayr | 164 | |
| 336 | hidnplayr | 165 | mov [edx+240+15], word 0x0437 ; option request list |
| 104 | hidnplayr | 166 | mov [edx+240+17], dword 0x0f060301 |
| 167 | |||
| 336 | hidnplayr | 168 | cmp [dhcpMsgType], byte 0x01 ; Check which msg we are sending |
| 104 | hidnplayr | 169 | jne br001 |
| 170 | |||
| 336 | hidnplayr | 171 | mov [edx+240+21], byte 0xff ; "Discover" options |
| 104 | hidnplayr | 172 | |
| 336 | hidnplayr | 173 | mov [dhcpMsgLen], dword 262 ; end of options marker |
| 104 | hidnplayr | 174 | jmp ctr000 |
| 175 | |||
| 336 | hidnplayr | 176 | br001: ; "Request" options |
| 104 | hidnplayr | 177 | |
| 336 | hidnplayr | 178 | mov [edx+240+21], word 0x0436 ; server IP |
| 104 | hidnplayr | 179 | mov eax, [dhcpServerIP] |
| 180 | mov [edx+240+23], eax |
||
| 181 | |||
| 336 | hidnplayr | 182 | mov [edx+240+27], byte 0xff ; end of options marker |
| 104 | hidnplayr | 183 | |
| 184 | mov [dhcpMsgLen], dword 268 |
||
| 185 | |||
| 186 | ctr000: |
||
| 187 | |||
| 336 | hidnplayr | 188 | eth.write_udp [socketNum],[dhcpMsgLen],dhcpMsg ; write to socket ( send broadcast request ) |
| 104 | hidnplayr | 189 | |
| 336 | hidnplayr | 190 | mov eax, dhcpMsg ; Setup the DHCP buffer to receive response |
| 191 | mov [dhcpMsgLen], eax ; Used as a pointer to the data |
||
| 104 | hidnplayr | 192 | |
| 336 | hidnplayr | 193 | mov eax,23 ; wait here for event (data from remote) |
| 194 | mov ebx,TIMEOUT*10 |
||
| 104 | hidnplayr | 195 | int 0x40 |
| 196 | |||
| 336 | hidnplayr | 197 | eth.poll [socketNum] |
| 104 | hidnplayr | 198 |