void nemesis_ip(int argc, char **argv)
{
const char *module = "IP Packet Injection";
nemesis_maketitle(title, module, version);
if (argc > 1 && !strncmp(argv[1], "help", 4))
ip_usage(argv[0]);
if (nemesis_seedrand() < 0)
fprintf(stderr, "ERROR: Unable to seed random number generator.\n");
ip_initdata();
ip_cmdline(argc, argv);
ip_validatedata();
ip_verbose();
if (got_payload)
{
#if defined(WIN32)
if (builddatafromfile(IP_LINKBUFFSIZE, &pd, (const char *)payloadfile,
(const u_int32_t)PAYLOADMODE) < 0)
#else
if (builddatafromfile(((got_link == 1) ? IP_LINKBUFFSIZE :
IP_RAWBUFFSIZE), &pd, (const char *)payloadfile,
(const u_int32_t)PAYLOADMODE) < 0)
#endif
ip_exit(1);
}
if (got_ipoptions)
{
if (builddatafromfile(OPTIONSBUFFSIZE, &ipod,
(const char *)ipoptionsfile, (const u_int32_t)OPTIONSMODE) < 0)
ip_exit(1);
}
if (buildip(ðerhdr, &iphdr, &pd, &ipod, device) < 0)
{
puts("\nIP Injection Failure");
ip_exit(1);
}
else
{
puts("\nIP Packet Injected");
ip_exit(0);
}
}
static int
get_fds(char *ip_arg, int *i_fd, int *o_fd)
{
char *ep;
/*
* Crack ip_arg -- it's of the form #.#, where the first number is the
* file descriptor from the screen, the second is the file descriptor
* to the screen.
*/
if (!ip_arg || !isdigit((unsigned char)ip_arg[0]))
goto usage;
*i_fd = strtol(ip_arg, &ep, 10);
if (ep[0] != '.' || !isdigit((unsigned char)ep[1]))
goto usage;
*o_fd = strtol(++ep, &ep, 10);
if (ep[0] != '\0') {
usage: ip_usage();
return 1;
}
return 0;
}
static void ip_cmdline(int argc, char **argv)
{
int opt, i;
u_int32_t addr_tmp[6];
char *ip_options;
extern char *optarg;
extern int optind;
#if defined(ENABLE_PCAPOUTPUT)
#if defined(WIN32)
ip_options = "d:D:F:H:I:M:O:p:P:S:t:T:vWZ?";
#else
ip_options = "d:D:F:H:I:M:O:p:P:S:t:T:vW?";
#endif
#else
#if defined(WIN32)
ip_options = "d:D:F:H:I:M:O:p:P:S:t:T:vZ?";
#else
ip_options = "d:D:F:H:I:M:O:p:P:S:t:T:v?";
#endif
#endif
while ((opt = getopt(argc, argv, ip_options)) != -1)
{
switch (opt)
{
case 'd': /* Ethernet device */
#if defined(WIN32)
if (nemesis_getdev(atoi(optarg), &device) < 0)
{
fprintf(stderr, "ERROR: Unable to lookup device: '%d'.\n",
atoi(optarg));
ip_exit(1);
}
#else
if (strlen(optarg) < 256)
{
device = strdup(optarg);
got_link = 1;
}
else
{
fprintf(stderr, "ERROR: device %s > 256 characters\n",
optarg);
ip_exit(1);
}
#endif
break;
case 'D': /* destination IP address */
if ((nemesis_name_resolve(optarg,
(u_int32_t *)&iphdr.ip_dst.s_addr )) < 0)
{
fprintf(stderr, "ERROR: Invalid destination IP address: "
"\"%s\".\n", optarg);
ip_exit(1);
}
break;
case 'F': /* IP fragmentation options */
if (parsefragoptions(&iphdr, optarg) < 0)
ip_exit(1);
break;
case 'H': /* Ethernet source address */
memset(addr_tmp, 0, sizeof(addr_tmp));
sscanf(optarg, "%02X:%02X:%02X:%02X:%02X:%02X", &addr_tmp[0],
&addr_tmp[1], &addr_tmp[2], &addr_tmp[3], &addr_tmp[4],
&addr_tmp[5]);
for (i = 0; i < 6; i++)
etherhdr.ether_shost[i] = (u_int8_t)addr_tmp[i];
break;
case 'I': /* IP ID */
iphdr.ip_id = xgetint16(optarg);
break;
case 'M': /* Ethernet destination address */
memset(addr_tmp, 0, sizeof(addr_tmp));
sscanf(optarg, "%02X:%02X:%02X:%02X:%02X:%02X", &addr_tmp[0],
&addr_tmp[1], &addr_tmp[2], &addr_tmp[3], &addr_tmp[4],
&addr_tmp[5]);
for (i = 0; i < 6; i++)
etherhdr.ether_dhost[i] = (u_int8_t)addr_tmp[i];
break;
case 'O': /* IP options file */
if (strlen(optarg) < 256)
{
ipoptionsfile = strdup(optarg);
got_ipoptions = 1;
}
else
{
fprintf(stderr, "ERROR: IP options file %s > 256 "
"characters.\n", optarg);
ip_exit(1);
}
break;
case 'p': /* IP protocol */
iphdr.ip_p = xgetint8(optarg);
break;
case 'P': /* payload file */
if (strlen(optarg) < 256)
{
payloadfile = strdup(optarg);
got_payload = 1;
}
else
{
fprintf(stderr, "ERROR: payload file %s > 256 characters\n",
optarg);
ip_exit(1);
}
break;
case 'S': /* source IP address */
if ((nemesis_name_resolve(optarg,
(u_int32_t *)&iphdr.ip_src.s_addr )) < 0)
{
fprintf(stderr, "ERROR: Invalid source IP address: \"%s\"."
"\n", optarg);
ip_exit(1);
}
break;
case 't': /* IP type of service */
iphdr.ip_tos = xgetint8(optarg);
break;
case 'T': /* IP time to live */
iphdr.ip_ttl = xgetint8(optarg);
break;
case 'v':
verbose++;
if (verbose == 1)
nemesis_printtitle((const char *)title);
break;
#if defined(WIN32)
case 'Z':
if ((ifacetmp = pcap_lookupdev(errbuf)) == NULL)
perror(errbuf);
PrintDeviceList(ifacetmp);
ip_exit(1);
#endif
case '?': /* FALLTHROUGH */
default:
ip_usage(argv[0]);
break;
}
}
argc -= optind;
argv += optind;
return;
}
int
ip_main(int argc, char *argv[])
{
struct ip_hdr *ip;
struct addr addr;
u_char *p, buf[IP_LEN_MAX]; /* XXX */
char *name, *value;
int c, len;
srand(time(NULL));
ip = (struct ip_hdr *)buf;
ip->ip_hl = 5;
ip->ip_v = 4;
ip->ip_tos = 0;
ip->ip_id = rand() & 0xffff;
ip->ip_off = 0;
ip->ip_ttl = IP_TTL_MAX;
ip->ip_p = rand() & 0xff;
ip->ip_sum = 0;
ip->ip_src = rand();
ip->ip_dst = rand();
for (c = 1; c + 1 < argc; c += 2) {
name = argv[c];
value = argv[c + 1];
if (strcmp(name, "tos") == 0)
ip->ip_tos = atoi(value);
else if (strcmp(name, "id") == 0)
ip->ip_id = ntohs(atoi(value));
else if (strcmp(name, "off") == 0) {
if (off_aton(value, &ip->ip_off) < 0)
ip_usage();
} else if (strcmp(name, "ttl") == 0)
ip->ip_ttl = atoi(value);
else if (strcmp(name, "proto") == 0) {
if (proto_aton(value, &ip->ip_p) < 0)
ip_usage();
} else if (strcmp(name, "src") == 0) {
if (addr_aton(value, &addr) < 0)
ip_usage();
ip->ip_src = addr.addr_ip;
} else if (strcmp(name, "dst") == 0) {
if (addr_aton(value, &addr) < 0)
ip_usage();
ip->ip_dst = addr.addr_ip;
} else
ip_usage();
}
argc -= c;
argv += c;
if (argc != 0)
ip_usage();
if (isatty(STDIN_FILENO))
errx(1, "can't read IP payload from tty");
p = buf + IP_HDR_LEN;
len = sizeof(buf) - (p - buf);
while ((c = read(STDIN_FILENO, p, len)) > 0) {
p += c;
len -= c;
}
len = p - buf;
ip->ip_len = htons(len);
ip_checksum(buf, len);
if (write(STDOUT_FILENO, buf, len) != len)
err(1, "write");
return (0);
}
