-
-
[原创]ORACLE 10G 11G TNS协议 DATA 部分解析
-
发表于:
2011-2-23 21:25
8785
-
[原创]ORACLE 10G 11G TNS协议 DATA 部分解析
不多说。有用的人就拿走。没用的人就随便看看吧。上代码。
用于解析ORACLE TNS协议。DATA部分。
解释一下参数
int GetCmdList(unsigned char *data, int cb, char *cmdList)
data 为 DATA 的指针。 cb为DATA部分数据长度。cmdList 为返回 SQL语句指针。
剩下的怎么解析的就自己看代码明白吧。
int GetCmdList(unsigned char *data, int cb, char *cmdList)
{
int i = 0, x = 0, j = 0, cbSql = 0, iLocation = 0;
for (i = 0; i < cb; i++)
{
if (*(unsigned short int *)&data[i] != 0x0100)
continue;
i++;
if (data[i] == 0x01)
{
if (data[i + 1] == 0xfe) x = 2;
else x = 1;
j = data[i + x];
if (x == 2 && cbSql != 0) j = cbSql + 2;
FILE* fpdump = fopen("/usr/local/src/oracle/dbdump.txt", "a+");
fprintf(fpdump, "j = %02X i = %02X x = %02X cbSql = %02X data[i + x] = %d data[i + x + j + 1] = %d data[i + x + j + 2] = %d data[i + x + j + 3] = %d\n\n",
j, i, x, cbSql, data[i + x], data[i + x + j + 1], data[i + x + j + 2], data[i + x + j + 3]);
if (*(unsigned short int *)&data[i + x + j + 1] == 0x0101)
{
int k;
for (k = 0; k < j + x + 2; k++)
{
fprintf(fpdump, "%02X ", (unsigned char)data[i + k]);
if ((k + 1) % 16 == 0)
fprintf(fpdump, "\n");
}
fputc('\n', fpdump);
for (k = 0; k < j + x + 2; k++)
{
fprintf(fpdump, "%c", (unsigned char)data[i + k]);
}
fputc('\n', fpdump);
fputc('\n', fpdump);
if (j > 5)
{
strcpy(cmdList, &data[i + x + 1]);
char * p = strrchr(cmdList, 0x0a);
if (p) *p = NULL;
int y = 0;
for (y = 0; y < strlen(cmdList); y++)
{
if (cmdList[y] < 0x20)
{
strcpy(&cmdList[y], &cmdList[y + 1]);
}
}
iLocation = i + x + 1;
return iLocation;
}
if (j == 1) cbSql = data[i + x + 1];
i = i + x + j + 2;
}
fclose(fpdump);
}
}
return iLocation;
}
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法