Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 18:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/src/analyzer/protocol/ssh/ssh-analyzer.pac
Vlad Grigorescu 78b5f6b94b BinPAC SSH analyzer basic functionality.
2014-04-02 23:03:24 -04:00

25 lines
639 B
JavaScript
Raw Blame History

# Generated by binpac_quickstart
refine flow SSH_Flow += {
function proc_ssh_version(msg: SSH_Version): bool
%{
BifEvent::generate_ssh_version(connection()->bro_analyzer(), connection()->bro_analyzer()->Conn(), ${msg.is_orig},
bytestring_to_val(${msg.version}));
return true;
%}
function proc_newkeys(): bool
%{
connection()->bro_analyzer()->ProtocolConfirmation();
return true;
%}
};
refine typeattr SSH_Version += &let {
proc: bool = $context.flow.proc_ssh_version(this);
};
refine typeattr SSH_Message += &let {
proc_newkeys: bool = $context.flow.proc_newkeys() &if(msg_type == SSH_MSG_NEWKEYS);
};
Reference in a new issue View git blame Copy permalink