1#!/usr/bin/env python3 2# Set env variable "ADDRESS" with BMC IP 3 4import os 5import socket 6import time 7from socket import AF_INET, SOCK_DGRAM 8 9sock = socket.socket(AF_INET, SOCK_DGRAM) 10 11bmcAddr = os.environ.get("ADDRESS", "127.0.0.1") 12addr = (bmcAddr, 427) 13 14print("Invalid Lang Tag Length, large payload") 15payload = ( 16 b"\x02" # Version 17 + b"\x09" # Function ID: SRVTYPERQST 18 + b"\x00" * 2 # Ignored Length bytes? 19 + b"\xff" # Length 20 + b"\x00" * 2 # Flags 21 + b"\x00" * 3 # Ext 22 + b"\x00" * 2 # XID 23 + b"\xff" * 2 # Language Tag Length 24 + b"A" * 65000 # Language Tag 25) 26ret = sock.sendto(payload, addr) 27 28time.sleep(3) 29 30print("Large Lang Tag Length, large payload") 31payload = ( 32 b"\x02" # Version 33 + b"\x09" # Function ID: SRVTYPERQST 34 + b"\x00" * 2 # Ignored Length bytes? 35 + b"\xff" # Length 36 + b"\x00" * 2 # Flags 37 + b"\x00" * 3 # Ext 38 + b"\x00" * 2 # XID 39 + b"\xfd\xe8" # Language Tag Length 40 + b"A" * 65000 # Language Tag 41) 42ret = sock.sendto(payload, addr) 43 44time.sleep(3) 45 46print("Invalid Lang Tag Length, small payload") 47payload = ( 48 b"\x02" # Version 49 + b"\x09" # Function ID: SRVTYPERQST 50 + b"\x00" * 2 # Ignored Length bytes? 51 + b"\xff" # Length 52 + b"\x00" * 2 # Flags 53 + b"\x00" * 3 # Ext 54 + b"\x00" * 2 # XID 55 + b"\xff" * 2 # Language Tag Length 56 + b"A" * 200 # Language Tag 57) 58ret = sock.sendto(payload, addr) 59 60time.sleep(3) 61 62print("Large Lang Tag Length, small payload") 63payload = ( 64 b"\x02" # Version 65 + b"\x09" # Function ID: SRVTYPERQST 66 + b"\x00" * 2 # Ignored Length bytes? 67 + b"\xff" # Length 68 + b"\x00" * 2 # Flags 69 + b"\x00" * 3 # Ext 70 + b"\x00" * 2 # XID 71 + b"\xfd\xe8" # Language Tag Length 72 + b"A" * 200 # Language Tag 73) 74ret = sock.sendto(payload, addr) 75 76time.sleep(3) 77 78print("Invalid Lang Tag Length (overflow)") 79payload = ( 80 b"\x02" # Version 81 + b"\x09" # Function ID: SRVTYPERQST 82 + b"\x00" * 2 # Ignored Length bytes? 83 + b"\xff" # Length 84 + b"\x00" * 2 # Flags 85 + b"\x00" * 3 # Ext 86 + b"\x00" * 2 # XID 87 + b"\x00\x20" # Language Tag Length 88 + b"A" * 10 # Language Tag 89) 90ret = sock.sendto(payload, addr) 91 92time.sleep(3) 93 94print("slptool findsrvtypes") 95payload = ( 96 b"\x02" # Version 97 + b"\x09" # Function ID: SRVTYPERQST 98 + b"\x00" * 2 # Ignored Length bytes? 99 + b"\x1d" # Length 100 + b"\x00" * 2 # Flags 101 + b"\x00" * 3 # Ext 102 + b"\x74\xe2" # XID 103 + b"\x00\x02" # Language Tag Length 104 + b"\x65\x6e" # Language Tag (en) 105 + b"\x00\x00\xff\xff\x00\x07\x44\x45\x46\x41\x55\x4c\x54" 106) 107ret = sock.sendto(payload, addr) 108 109time.sleep(5) 110 111print("slptool findsrvs service:obmc_console") 112payload = ( 113 b"\x02" # Version 114 + b"\x01" # Function ID: SRVTYPERQST 115 + b"\x00" * 2 # Ignored Length bytes? 116 + b"\x35" # Length 117 + b"\x00" * 2 # Flags 118 + b"\x00" * 3 # Ext 119 + b"\xe5\xc2" # XID 120 + b"\x00\x02" # Language Tag Length 121 + b"\x65\x6e" # Language Tag (en) 122 + b"\x00\x00" # PR List Length 123 + b"\x00\x14service:obmc_console" # Service 124 + b"\x00\x07\x44\x45\x46\x41\x55\x4c\x54" # Scope 125 + b"\x00\x00\x00\x00" # Predicate and SLP SPI Length 126) 127ret = sock.sendto(payload, addr) 128