suricata
SshHeader_ Struct Reference

#include <app-layer-ssh.h>

Data Fields

uint32_t pkt_len
 
uint8_t padding_len
 
uint8_t msg_code
 
uint16_t banner_len
 
uint8_t buf [6]
 
uint8_t buf_offset
 
uint8_t flags
 
uint32_t record_left
 
uint8_t * proto_version
 
uint8_t * software_version
 
uint8_t * banner_buffer
 

Detailed Description

From SSH-TRANSP rfc

SSH Bunary packet structure: uint32 packet_length byte padding_length byte[n1] payload; n1 = packet_length - padding_length - 1 byte[n2] random padding; n2 = padding_length byte[m] mac (Message Authentication Code - MAC); m = mac_length

So we are going to do a header struct to store the lenghts and msg_code (inside payload, if any)

Definition at line 51 of file app-layer-ssh.h.

Field Documentation

uint8_t* SshHeader_::banner_buffer

Definition at line 62 of file app-layer-ssh.h.

uint16_t SshHeader_::banner_len

Definition at line 55 of file app-layer-ssh.h.

uint8_t SshHeader_::buf[6]

Definition at line 56 of file app-layer-ssh.h.

uint8_t SshHeader_::buf_offset

Definition at line 57 of file app-layer-ssh.h.

uint8_t SshHeader_::flags
uint8_t SshHeader_::msg_code

Definition at line 54 of file app-layer-ssh.h.

uint8_t SshHeader_::padding_len

Definition at line 53 of file app-layer-ssh.h.

uint32_t SshHeader_::pkt_len

Definition at line 52 of file app-layer-ssh.h.

uint8_t* SshHeader_::proto_version

Definition at line 60 of file app-layer-ssh.h.

Referenced by DetectSshVersionRegister(), JsonSshLogJSON(), and RegisterSSHParsers().

uint32_t SshHeader_::record_left

Definition at line 59 of file app-layer-ssh.h.

uint8_t* SshHeader_::software_version

The documentation for this struct was generated from the following file: