static int print_intf(const struct intf_entry *entry, void *arg) { int i; printf("%s:", entry->intf_name); printf(" flags=0x%x<%s>", entry->intf_flags, flags2string(entry->intf_flags)); if (entry->intf_mtu != 0) printf(" mtu %d", entry->intf_mtu); printf("\n"); if (entry->intf_addr.addr_type == ADDR_TYPE_IP) { if (entry->intf_dst_addr.addr_type == ADDR_TYPE_IP) { printf("\tinet %s --> %s\n", addr_ntoa(&entry->intf_addr), addr_ntoa(&entry->intf_dst_addr)); } else printf("\tinet %s\n", addr_ntoa(&entry->intf_addr)); } if (entry->intf_link_addr.addr_type == ADDR_TYPE_ETH) printf("\tlink %s\n", addr_ntoa(&entry->intf_link_addr)); for (i = 0; i < entry->intf_alias_num; i++) printf("\talias %s\n", addr_ntoa(&entry->intf_alias_addrs[i])); return (0); }
static int pyextend_populate_connections(struct tuple *hdr, void *arg) { PyObject *pArgs = arg, *pValue; struct addr src, dst; addr_pack(&src, ADDR_TYPE_IP, IP_ADDR_BITS, &hdr->ip_src, IP_ADDR_LEN); addr_pack(&dst, ADDR_TYPE_IP, IP_ADDR_BITS, &hdr->ip_dst, IP_ADDR_LEN); pValue = Py_BuildValue("{sssssisisisi}", "src", addr_ntoa(&src), "dst", addr_ntoa(&dst), "sport", hdr->sport, "dport", hdr->dport, "received", hdr->received, "sent", hdr->sent); if (pValue == NULL) { PyErr_Print(); syslog(LOG_ERR, "%s: failed to build argument list", __func__); exit(EXIT_FAILURE); } /* pValue reference stolen here */ PyList_Append(pArgs, pValue); return (0); }
static int test_ping(void) { struct pkt *pkt; struct timeval tv; printf("ping: "); fflush(stdout); ping->pkt_icmp_msg->echo.icmp_id = rand_uint16(ctx.rnd); pkt = pkt_dup(ping); pkt->pkt_ip->ip_id = rand_uint16(ctx.rnd); ip_checksum(pkt->pkt_ip, pkt->pkt_end - pkt->pkt_eth_data); pcap_filter(ctx.pcap, "icmp[0] = 0 and src %s and dst %s", addr_ntoa(&ctx.dst), addr_ntoa(&ctx.src)); send_pkt(pkt); for (tv = read_tv; (pkt = recv_pkt(&tv)) != NULL; tv = read_tv) { if (memcmp(&pkt->pkt_icmp_msg->echo, &ping->pkt_icmp_msg->echo, 8) == 0) break; } printf("%s\n", pkt ? timeval_ntoa(&tv) : "no reply"); return (0); }
int print_route_entry(const struct route_entry *re, void *cp) { const struct addr *dst; const struct addr *gw; dst = &re->route_dst; gw = &re->route_gw; printf("%s -> %s\n", addr_ntoa(dst), addr_ntoa(gw)); return(0); }
static int test_frag(char *overlap, int drop) { struct timeval tv, save_tv = read_tv; struct pkt *pkt; struct icmp_msg_echo *echo; char *frag_argv[4]; if (overlap != NULL) printf("frag-%s: ", overlap); else if (drop) printf("frag-timeout (please wait): "); else printf("frag: "); fflush(stdout); ping->pkt_ip->ip_id = rand_uint16(ctx.rnd); ping->pkt_icmp_msg->echo.icmp_id = rand_uint16(ctx.rnd); pkt = pkt_dup(ping); ip_checksum(pkt->pkt_ip, pkt->pkt_end - pkt->pkt_eth_data); TAILQ_INSERT_TAIL(&ctx.pktq, pkt, pkt_next); frag_argv[0] = "ip_frag"; frag_argv[1] = "8"; frag_argv[2] = overlap; frag_argv[3] = NULL; mod_ip_frag.open(overlap ? 3 : 2, frag_argv, NULL); mod_ip_frag.apply(NULL, &ctx.pktq, NULL); if (drop) { pkt = TAILQ_LAST(&ctx.pktq, pktq); TAILQ_REMOVE(&ctx.pktq, pkt, pkt_next); pkt_free(pkt); save_tv.tv_sec = FRAG_TIMEOUT; } pcap_filter(ctx.pcap, "icmp[0] = %d and src %s and dst %s", drop ? 11 : 0, addr_ntoa(&ctx.dst), addr_ntoa(&ctx.src)); send_pktq(&ctx.pktq); for (tv = save_tv; (pkt = recv_pkt(&tv)) != NULL; tv = save_tv) { if (drop) { echo = (struct icmp_msg_echo *) (pkt->pkt_icmp_msg->timexceed.icmp_ip + IP_HDR_LEN + ICMP_HDR_LEN); } else { echo = &pkt->pkt_icmp_msg->echo; } if (echo->icmp_id == ping->pkt_icmp_msg->echo.icmp_id) break; } printf("%s\n", pkt ? timeval_ntoa(&tv) : "no reply"); return (0); }
SV * intf_c2sv(IntfEntry *entry) { HV *out = newHV(); SV *out_ref = newRV_noinc((SV *)out); char *sAddr, *sDstAddr, *sLnkAddr; hv_store(out, "intf_len", 8, newSViv(entry->intf_len), 0); hv_store(out, "intf_name", 9, newSVpv(entry->intf_name, 0), 0); hv_store(out, "intf_type", 9, newSViv(entry->intf_type), 0); hv_store(out, "intf_flags", 10, newSViv(entry->intf_flags), 0); hv_store(out, "intf_mtu", 8, newSViv(entry->intf_mtu), 0); sAddr = addr_ntoa(&(entry->intf_addr)); if (sAddr == NULL) { hv_store(out, "intf_addr", 9, &PL_sv_undef, 0); } else { hv_store(out, "intf_addr", 9, newSVpv(sAddr, 0), 0); } sDstAddr = addr_ntoa(&(entry->intf_dst_addr)); if (sDstAddr == NULL) { hv_store(out, "intf_dst_addr", 13, &PL_sv_undef, 0); } else { hv_store(out, "intf_dst_addr", 13, newSVpv(sDstAddr, 0), 0); } sLnkAddr = addr_ntoa(&(entry->intf_link_addr)); if (sLnkAddr == NULL) { hv_store(out, "intf_link_addr", 14, &PL_sv_undef, 0); } else { hv_store(out, "intf_link_addr", 14, newSVpv(sLnkAddr, 0), 0); } hv_store(out, "intf_alias_num", 14, newSViv(entry->intf_alias_num), 0); if (entry->intf_alias_num > 0) { int i; AV *aliases = newAV(); SV *aliases_ref = newRV_noinc((SV *)aliases); for (i=0; i<entry->intf_alias_num; i++) { char *alias = addr_ntoa(&(entry->intf_alias_addrs[i])); if (alias != NULL) { av_push(aliases, newSVpv(alias, 0)); } } hv_store(out, "intf_alias_addrs", 16, aliases_ref, 0); } else { hv_store(out, "intf_alias_addrs", 16, newRV_noinc((SV *)newAV()), 0); } return out_ref; }
int telnet_makeconnect(struct bufferevent *bev, struct argument *arg) { extern struct addr *socks_dst_addr; struct evbuffer *input = EVBUFFER_INPUT(bev); struct telnet_state *state = arg->a_state; ip_addr_t address; socks_resolveaddress("www.google.com", &address); if (evbuffer_find(input, CCPROXY, strlen(CCPROXY)) != NULL) { state->response = "telnet-proxy: CCproxy"; state->connect_wait = "OK!"; evbuffer_add_printf(EVBUFFER_OUTPUT(bev), "open %s:80\r\n", addr_ntoa(socks_dst_addr)); bufferevent_enable(bev, EV_WRITE); return (1); } else if (evbuffer_find(input, GATEWAY1, strlen(GATEWAY1)) != NULL) { state->response = "telnet-proxy: Gateway"; state->connect_wait = "Connected to:"; evbuffer_add_printf(EVBUFFER_OUTPUT(bev), "%s:80\r\n", addr_ntoa(socks_dst_addr)); bufferevent_enable(bev, EV_WRITE); return (1); } else if (evbuffer_find(input, GATEWAY2, strlen(GATEWAY2)) != NULL) { state->response = "telnet-proxy: Gateway"; /* * We do not get a connection confirmation, just the echoed * string. So, we wait for the echo and then send our command. */ state->connect_wait = ":80"; evbuffer_add_printf(EVBUFFER_OUTPUT(bev), "%s:80\r\n", addr_ntoa(socks_dst_addr)); bufferevent_enable(bev, EV_WRITE); return (1); } else if (evbuffer_find(input, WINGATE, strlen(WINGATE)) != NULL) { state->response = "telnet-proxy: WinGate"; state->connect_wait = "...Connected"; evbuffer_add_printf(EVBUFFER_OUTPUT(bev), "%s:80\r\n", addr_ntoa(socks_dst_addr)); bufferevent_enable(bev, EV_WRITE); return (1); } else if (EVBUFFER_LENGTH(input) > 512) { return (-1); } return (0); }
SV * route_c2sv(RouteEntry *entry) { HV *out = newHV(); SV *out_ref = newRV_noinc((SV *)out); char *dst, *gw; if (entry != NULL) { dst = addr_ntoa(&(entry->route_dst)); dst == NULL ? hv_store(out, "route_dst", 9, &PL_sv_undef, 0) : hv_store(out, "route_dst", 9, newSVpv(dst, 0), 0); gw = addr_ntoa(&(entry->route_gw)); gw == NULL ? hv_store(out, "route_gw", 8, &PL_sv_undef, 0) : hv_store(out, "route_gw", 8, newSVpv(gw, 0), 0); } return out_ref; }
char * spammer_key_print(void *key, size_t keylen) { struct addr addr; addr_pack(&addr, ADDR_TYPE_IP, IP_ADDR_BITS, key, IP_ADDR_LEN); return (addr_ntoa(&addr)); }
in_addr_t anubis_lookup_ip_address(const char *expression) { //get param char *buffer = anubis_parse_param("lookup_ip_address", expression); if(!buffer) return 0; if(!strcasecmp(buffer, "ff:ff:ff:ff:ff:ff") || !strcasecmp(buffer, "Broadcast")) { return INADDR_BROADCAST; }//end if else { arp_t *handle = arp_open(); struct arp_entry arp_entry = {0}; if(!handle) { anubis_perror("arp_open()"); return 0; }//end if addr_pton(buffer, &arp_entry.arp_ha); int ret = arp_loop(handle, arp_lookup_ip_address_callback, (void *)&arp_entry); if(ret == 1) { char *ip_address = addr_ntoa(&arp_entry.arp_pa); arp_close(handle); return anubis_ip_aton(ip_address); }//end if else { anubis_err("lookup_ip_address(): \"%s\" is not found\n", buffer); arp_close(handle); return 0; }//end else }//end else }//end anubis_lookup_ip_address
char * ip_ntoa(const ip_addr_t *ip) { struct addr a; addr_pack(&a, ADDR_TYPE_IP, IP_ADDR_BITS, ip, IP_ADDR_LEN); return (addr_ntoa(&a)); }
char * ip6_ntoa(const ip6_addr_t *ip6) { struct addr a; addr_pack(&a, ADDR_TYPE_IP6, IP6_ADDR_BITS, ip6->data, IP6_ADDR_LEN); return (addr_ntoa(&a)); }
char * eth_ntoa(const eth_addr_t *eth) { struct addr a; addr_pack(&a, ADDR_TYPE_ETH, ETH_ADDR_BITS, eth->data, ETH_ADDR_LEN); return (addr_ntoa(&a)); }
static void arpd_init(char *dev, int naddresses, char **addresses) { struct bpf_program fcode; char filter[1024], ebuf[PCAP_ERRBUF_SIZE], *dst; intf_t *intf; dst = arpd_expandips(naddresses, addresses); if ((arpd_arp = arp_open()) == NULL) err(1, "arp_open"); if ((intf = intf_open()) == NULL) err(1, "intf_open"); if (dev == NULL) { if ((dev = pcap_lookupdev(ebuf)) == NULL) errx(1, "pcap_lookupdev: %s", ebuf); } arpd_ifent.intf_len = sizeof(arpd_ifent); strncpy(arpd_ifent.intf_name, dev, sizeof(arpd_ifent.intf_name) - 1); arpd_ifent.intf_name[sizeof(arpd_ifent.intf_name) - 1] = '\0'; if (intf_get(intf, &arpd_ifent) < 0) err(1, "intf_get"); if (arpd_ifent.intf_addr.addr_type != ADDR_TYPE_IP || arpd_ifent.intf_link_addr.addr_type != ADDR_TYPE_ETH) errx(1, "bad interface configuration: not IP or Ethernet"); arpd_ifent.intf_addr.addr_bits = IP_ADDR_BITS; snprintf(filter, sizeof(filter), "arp %s%s%s and not ether src %s", dst ? "and (" : "", dst ? dst : "", dst ? ")" : "", addr_ntoa(&arpd_ifent.intf_link_addr)); if ((arpd_pcap = pcap_open_live(dev, 128, 0, 500, ebuf)) == NULL) errx(1, "pcap_open_live: %s", ebuf); if (pcap_compile(arpd_pcap, &fcode, filter, 1, 0) < 0 || pcap_setfilter(arpd_pcap, &fcode) < 0) errx(1, "bad pcap filter: %s", pcap_geterr(arpd_pcap)); #if defined(BSD) && defined(BIOCIMMEDIATE) { int on = 1; if (ioctl(pcap_fileno(arpd_pcap), BIOCIMMEDIATE, &on) < 0) err(1, "BIOCIMMEDIATE"); } #endif if ((arpd_eth = eth_open(dev)) == NULL) errx(1, "eth_open"); #ifndef LOG_PERROR #define LOG_PERROR 0 #endif openlog("arpd", LOG_PERROR|LOG_PID|LOG_CONS, LOG_DAEMON); syslog(LOG_INFO, "listening on %s: %s", dev, filter); }
tun_t * tun_open(struct addr *src, struct addr *dst, int mtu) { tun_t *tun; char cmd[512]; int ppa; if ((tun = calloc(1, sizeof(*tun))) == NULL) return (NULL); tun->fd = tun->ip_fd = tun->if_fd = -1; if ((tun->fd = open(DEV_TUN, O_RDWR, 0)) < 0) return (tun_close(tun)); if ((tun->ip_fd = open(DEV_IP, O_RDWR, 0)) < 0) return (tun_close(tun)); if ((ppa = ioctl(tun->fd, TUNNEWPPA, ppa)) < 0) return (tun_close(tun)); if ((tun->if_fd = open(DEV_TUN, O_RDWR, 0)) < 0) return (tun_close(tun)); if (ioctl(tun->if_fd, I_PUSH, "ip") < 0) return (tun_close(tun)); if (ioctl(tun->if_fd, IF_UNITSEL, (char *)&ppa) < 0) return (tun_close(tun)); if (ioctl(tun->ip_fd, I_LINK, tun->if_fd) < 0) return (tun_close(tun)); snprintf(tun->name, sizeof(tun->name), "tun%d", ppa); snprintf(cmd, sizeof(cmd), "ifconfig %s %s/32 %s mtu %d up", tun->name, addr_ntoa(src), addr_ntoa(dst), mtu); if (system(cmd) < 0) return (tun_close(tun)); return (tun); }
static void arpd_send(eth_t *eth, int op, struct addr *sha, struct addr *spa, struct addr *tha, struct addr *tpa) { u_char pkt[ETH_HDR_LEN + ARP_HDR_LEN + ARP_ETHIP_LEN]; eth_pack_hdr(pkt, tha->addr_eth, sha->addr_eth, ETH_TYPE_ARP); arp_pack_hdr_ethip(pkt + ETH_HDR_LEN, op, sha->addr_eth, spa->addr_ip, tha->addr_eth, tpa->addr_ip); if (op == ARP_OP_REQUEST) { syslog(LOG_DEBUG, "%s: who-has %s tell %s", __func__, addr_ntoa(tpa), addr_ntoa(spa)); } else if (op == ARP_OP_REPLY) { syslog(LOG_INFO, "arp reply %s is-at %s", addr_ntoa(spa), addr_ntoa(sha)); } if (eth_send(eth, pkt, sizeof(pkt)) != sizeof(pkt)) syslog(LOG_ERR, "couldn't send packet: %m"); }
void http_makeconnect(struct bufferevent *bev, struct argument *arg) { extern struct addr *socks_dst_addr; ip_addr_t address; socks_resolveaddress("www.google.com", &address); evbuffer_add_printf(EVBUFFER_OUTPUT(bev), "CONNECT %s:80 HTTP/1.0\r\n" "\r\n", addr_ntoa(socks_dst_addr), SSHUSERAGENT); bufferevent_enable(bev, EV_WRITE); }
SV * fw_c2sv(FwRule *rule) { HV *out = newHV(); SV *out_ref = newRV_noinc((SV *)out); AV *sport, *dport; char *src, *dst; int i; hv_store(out, "fw_device", 9, newSVpv(rule->fw_device, 0), 0); hv_store(out, "fw_op", 5, newSViv(rule->fw_op), 0); hv_store(out, "fw_dir", 6, newSViv(rule->fw_dir), 0); hv_store(out, "fw_proto", 8, newSViv(rule->fw_proto), 0); src = addr_ntoa(&(rule->fw_src)); if (src == NULL) { hv_store(out, "fw_src", 6, &PL_sv_undef, 0); } else { hv_store(out, "fw_src", 6, newSVpv(src, 0), 0); } dst = addr_ntoa(&(rule->fw_dst)); if (dst == NULL) { hv_store(out, "fw_dst", 6, &PL_sv_undef, 0); } else { hv_store(out, "fw_dst", 6, newSVpv(dst, 0), 0); } sport = newAV(); dport = newAV(); for (i=0; i<2; i++) { av_push(sport, newSViv(rule->fw_sport[i])); av_push(dport, newSViv(rule->fw_dport[i])); } hv_store(out, "fw_sport", 8, newRV_noinc((SV *)sport), 0); hv_store(out, "fw_dport", 8, newRV_noinc((SV *)dport), 0); return out_ref; }
static int arpd_lookup(struct addr *addr) { struct arp_entry arpent; int error; if (addr_cmp(addr, &arpd_ifent.intf_addr) == 0) { syslog(LOG_DEBUG, "%s: %s at %s", __func__, addr_ntoa(addr), addr_ntoa(&arpd_ifent.intf_link_addr)); return (0); } memcpy(&arpent.arp_pa, addr, sizeof(*addr)); error = arp_get(arpd_arp, &arpent); if (error == -1) { syslog(LOG_DEBUG, "%s: no entry for %s", __func__, addr_ntoa(addr)); } else { syslog(LOG_DEBUG, "%s: %s at %s", __func__, addr_ntoa(addr), addr_ntoa(&arpent.arp_ha)); } return (error); }
static void addr_store_dump(struct addr_store *store) { int i; struct addr_list *node; for (i = 0; i < ADDR_STORE_NUM_BUCKETS; i++) { node = store->buckets[i]; if (node) printf("Bucket #%i:\n", i); while (node) { printf("\t%s\n", addr_ntoa(node->addr, store)); node = node->next; } } }
void http_makerequest(struct bufferevent *bev, struct argument *arg, const char *word, int fqdn) { extern struct addr *socks_dst_addr; ip_addr_t address; socks_resolveaddress("www.google.com", &address); evbuffer_add_printf(EVBUFFER_OUTPUT(bev), "GET %s%s/search?hl=en&ie=UTF-8&oe=UTF-8&q=%s&btnG=Google+Search HTTP/1.0\r\n" "Host: www.google.com\r\n" "User-Agent: %s\r\n" "\r\n", fqdn ? "http://" : "", fqdn ? addr_ntoa(socks_dst_addr) : "", word, SSHUSERAGENT); bufferevent_enable(bev, EV_WRITE); }
int main(int argc, char* argv[]) { if (getuid() != 0) { printf("You need to be root\n"); return 1; } route_t* router = route_open(); struct route_entry entry; addr_pton("8.8.8.8", &entry.route_dst); route_get(router, &entry); printf("gateway is %s\n", addr_ntoa(&entry.route_gw)); route_close(router); return 0; }
void retrans(struct my_pkthdr *h, u_char *pack ) { struct eth_hdr *ethhdr; struct ip_hdr *iphdr; struct tcp_hdr *tcphdr; struct addr srcad, srcha; char sip[32],smac[32]; int n; ethhdr = (struct eth_hdr *)pack; iphdr = (struct ip_hdr *)(pack+ETH_HDR_LEN); tcphdr= (struct tcp_hdr *)(pack+ETH_HDR_LEN+TCP_HDR_LEN); addr_pack(&srcha,ADDR_TYPE_ETH,ETH_ADDR_BITS,&(ethhdr->eth_src),ETH_ADDR_LEN); addr_pack(&srcad,ADDR_TYPE_IP,IP_ADDR_BITS,&(iphdr->ip_src),IP_ADDR_LEN); if((strcmp(addr_ntoa(&srcha),ahw)==0)){ // Replace source address with my address and destination address memcpy( ðhdr->eth_src, &reat_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_src, &reat_ip.addr_ip, IP_ADDR_LEN); // Replace destination address with other client if ( addr_cmp( &srcad, &aad ) == 0 ) { memcpy( ðhdr->eth_dst, &revi_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_dst, &revi_ip.addr_ip, IP_ADDR_LEN); }else{ memcpy( ðhdr->eth_dst, &reat_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_dst, &reat_ip.addr_ip, IP_ADDR_LEN); } /* if(modify_tcp_header(&tcphdr,tcphdr->th_sport,tcphdr->th_dport,next_seq,next_ack,tcphdr->th_flags,tcphdr->th_win,tcphdr->th_sum,tcphdr->th_urp,2)<0){ // return; } if(modify_tcp_header(&tcphdr,tcphdr->th_sport,tcphdr->th_dport,next_seq,next_ack,tcphdr->th_flags,tcphdr->th_win,tcphdr->th_sum,tcphdr->th_urp,3)<0){ // return; }*/ ip_checksum((void *)iphdr, ntohs(iphdr->ip_len)); n = eth_send(e,pack,h->len); //n=ip_send(e,pack,h->len); if ( n != h->len ) { fprintf(stderr,"Partial packet transmission %d/%d\n",n,h->len); } else { fprintf(stdout, "Packet Transmission Successfull %d %d\n", n, h->len); } } }
std::ostream & Hosts::trace(std::ostream & os) const { for (Hostset::const_iterator i = m_hosts.begin(); i != m_hosts.end(); ++i) os << addr_ntoa(*i) << '\n'; return os; }
void retrans(struct my_pkthdr *h, u_char *pack ) { struct eth_hdr *ethhdr; struct ip_hdr *iphdr; struct addr srcad, srcha; char sip[32],smac[32]; int n; ethhdr = (struct eth_hdr *)pack; iphdr = (struct ip_hdr *)(pack + ETH_HDR_LEN); /* DELETE ME WHEN FINISHED struct addr ad; struct addr mad, mha; // my ip, mac struct addr vad, vha, vprt; // victim ip, mac struct addr aad, aha, aprt; // attacker ip, mac struct addr revi_ip, revi_mac; // replay victim ip, mac struct addr reat_ip, reat_mac; // replay attacker ip, mac char mip[32], mhw[32]; // my ip, mac char vip[32], vhw[32], vpt[32]; // victim ip, mac char aip[32], ahw[32], apt[32]; // attacker ip, mac char rvip[32], rvmc[32]; // replay victim ip, mac char ratip[32], ratmac[32]; // replay attacker ip, mac*/ // Get source addresses from packet (mac and ip) addr_pack(&srcha,ADDR_TYPE_ETH,ETH_ADDR_BITS,&(ethhdr->eth_src),ETH_ADDR_LEN); addr_pack(&srcad,ADDR_TYPE_IP,IP_ADDR_BITS,&(iphdr->ip_src),IP_ADDR_LEN); if((strcmp(addr_ntoa(&srcha),vhw)==0)){ // Replace source address with my address and destination address memcpy( ðhdr->eth_src, &revi_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_src, &revi_ip.addr_ip, IP_ADDR_LEN); // Replace destination address with other client if ( addr_cmp( &srcad, &vad ) == 0 ) { memcpy( ðhdr->eth_dst, &reat_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_dst, &reat_ip.addr_ip, IP_ADDR_LEN); }else{ memcpy( ðhdr->eth_dst, &revi_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_dst, &revi_ip.addr_ip, IP_ADDR_LEN); } // Compute both ip and tcp checksums ip_checksum((void *)iphdr, ntohs(iphdr->ip_len)); // Send packet n = eth_send(e,pack,h->len); if ( n != h->len ) { fprintf(stderr,"Partial packet transmission %d/%d\n",n,h->len); } else { fprintf(stdout, "Packet Transmission Successfull %d %d\n", n, h->len); } } if((strcmp(addr_ntoa(&srcha),ahw)==0)){ // Replace source address with my address and destination address memcpy( ðhdr->eth_src, &reat_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_src, &reat_ip.addr_ip, IP_ADDR_LEN); // Replace destination address with other client if ( addr_cmp( &srcad, &aad ) == 0 ) { memcpy( ðhdr->eth_dst, &revi_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_dst, &revi_ip.addr_ip, IP_ADDR_LEN); }else{ memcpy( ðhdr->eth_dst, &reat_mac.addr_eth, ETH_ADDR_LEN); memcpy( &iphdr->ip_dst, &reat_ip.addr_ip, IP_ADDR_LEN); } // Compute both ip and tcp checksums ip_checksum((void *)iphdr, ntohs(iphdr->ip_len)); // Send packet n = eth_send(e,pack,h->len); if ( n != h->len ) { fprintf(stderr,"Partial packet transmission %d/%d\n",n,h->len); } else { fprintf(stdout, "Packet Transmission Successfull %d %d\n", n, h->len); } } }
u_int8_t *anubis_lookup_mac_address(const char *expression, const char *device) { //get param char *buffer = anubis_parse_param("lookup_mac_address", expression); if(!buffer) return NULL; if(!strcasecmp(buffer, "255.255.255.255") || !strcasecmp(buffer, "Broadcast")) { return (u_int8_t *)"\xff\xff\xff\xff\xff\xff"; }//end if else if(!strncasecmp(buffer, "224.", 4) || !strncasecmp(buffer, "239.", 4)) { char mac_address[MAC_ADDRSTRLEN] = {0}; int byte1 = 1, byte2 = 0, byte3 = 0, byte4 = 0; if(sscanf(buffer, "%d.%d.%d.%d", &byte1, &byte2, &byte3, &byte4) != 4) { anubis_err("lookup_mac_address(): \"%s\" is not found\n", buffer); return NULL; }//end if snprintf(mac_address, sizeof(mac_address), "01:00:5e:%02x:%02x:%02x", byte2, byte3, byte4); return anubis_mac_aton(mac_address); }//end if multicast else { arp_t *handle = arp_open(); struct arp_entry arp_entry = {0}; int arping = 0; if(!handle) { anubis_perror("arp_open()"); return NULL; }//end if addr_pton(buffer, &arp_entry.arp_pa); AGAIN: if(arp_get(handle, &arp_entry) == 0) { char *mac_address = addr_ntoa(&arp_entry.arp_ha); arp_close(handle); if(arping) { anubis_verbose("Found \"%s\" at \"%s\"\n", buffer, mac_address); }//end if found return anubis_mac_aton(mac_address); }//end if else { if(arping) { anubis_err("lookup_mac_address(): \"%s\" is not found\n", buffer); arp_close(handle); return NULL; }//end if else { //try to arping anubis_verbose("MAC address of \"%s\" is not found in the ARP cache, trying to arping \"%s\"\n", buffer, buffer); pid_t pid = fork(); if(pid == 0) { FILE *temp_out_stream = out_stream; FILE *temp_err_stream = err_stream; int out_fail = 0; int err_fail = 0; out_stream = anubis_null_stream(); err_stream = anubis_null_stream(); if(!out_stream) { out_stream = temp_out_stream; out_fail = 1; }//end if if(!err_stream) { err_stream = temp_err_stream; err_fail = 1; }//end if //arping 3 three times for(int i = 0 ; i < 3 ; i++) anubis_arping(device, buffer); anubis_wait_microsecond(800000); //wait 800 ms //restore if(!out_fail) { fclose(out_stream); out_stream = temp_out_stream; }//end if if(!err_fail) { fclose(err_stream); err_stream = temp_err_stream; }//end if exit(0); }//end if else if(pid < 0) { anubis_perror("fork()"); }//end if #ifdef __CYGWIN__ wait(0); #else wait(NULL); #endif //wait fork finish arping = 1; goto AGAIN; } }//end else }//end else }//end anubis_lookup_mac_address
static void fragroute_init(const char *dst, const char *outfile) { struct arp_entry arpent; struct intf_entry ifent; struct route_entry rtent; #ifdef WIN32 WSADATA wsdata; if (WSAStartup(MAKEWORD(2, 2), &wsdata) != 0) err(1, "couldn't initialize Winsock"); SetConsoleCtrlHandler(fragroute_signal, TRUE); #else signal(SIGINT, fragroute_signal); signal(SIGTERM, fragroute_signal); #endif if (addr_aton(dst, &ctx.dst) < 0) err(1, "destination address invalid"); if (ctx.dst.addr_bits != IP_ADDR_BITS) errx(1, "only /32 destinations supported at this time"); pkt_init(128); event_init(); // event_sigcb = fragroute_close; if ((ctx.arp = arp_open()) == NULL || (ctx.intf = intf_open()) == NULL || (ctx.route = route_open()) == NULL) err(1, "couldn't open kernel networking interfaces"); /* Find outgoing interface, addresses, and MTU. */ ifent.intf_len = sizeof(ifent); if (intf_get_dst(ctx.intf, &ifent, &ctx.dst) < 0) err(1, "couldn't determine outgoing interface"); memcpy(&ctx.src, &ifent.intf_addr, sizeof(ctx.src)); ctx.src.addr_bits = IP_ADDR_BITS; memcpy(&ctx.smac, &ifent.intf_link_addr, sizeof(ctx.smac)); ctx.mtu = ifent.intf_mtu; /* Open outgoing interface for sending. */ if ((ctx.eth = eth_open(ifent.intf_name)) == NULL) err(1, "couldn't open %s for sending", ifent.intf_name); /* Find destination MAC address. */ memcpy(&arpent.arp_pa, &ctx.dst, sizeof(arpent.arp_pa)); if (arp_get(ctx.arp, &arpent) < 0) { memcpy(&rtent.route_dst, &ctx.dst, sizeof(rtent.route_dst)); if (route_get(ctx.route, &rtent) < 0) err(1, "no route to %s", addr_ntoa(&rtent.route_dst)); memcpy(&arpent.arp_pa, &rtent.route_gw, sizeof(arpent.arp_pa)); if (arp_get(ctx.arp, &arpent) < 0) err(1, "no ARP entry for %s", addr_ntoa(&arpent.arp_pa)); } memcpy(&ctx.dmac, &arpent.arp_ha, sizeof(ctx.dmac)); /* Setup our tunnel. */ if ((ctx.tun = tun_open(&ctx.src, &ctx.dst, ctx.mtu)) == NULL) err(1, "couldn't initialize tunnel interface"); ctx.dfile = NULL; if (outfile && ((ctx.dfile = pcap_dump_open(ctx.tun->pcap, outfile)) == NULL)) err(1, "couldn't open pcap dump file"); tun_register(ctx.tun, fragroute_process, &ctx); }
static int test_ip_opt(void) { struct pkt *pkt; struct timeval tv; struct ip_opt opts[IP_OPT_MAX]; int i, len, max; printf("ip-opt: "); fflush(stdout); memset(&opts, 0, sizeof(opts)); max = 0; opts[max].opt_type = IP_OPT_SEC; opts[max].opt_len = IP_OPT_LEN + 9; max++; opts[max].opt_type = IP_OPT_LSRR; opts[max].opt_len = IP_OPT_LEN + 1 + 4; opts[max].opt_data.rr.ptr = 8; opts[max].opt_data.rr.iplist[0] = ping->pkt_ip->ip_src; max++; opts[max].opt_type = IP_OPT_TS; opts[max].opt_len = IP_OPT_LEN + 1 + 1 + 4; opts[max].opt_data.ts.ptr = 5; opts[max].opt_data.ts.flg = IP_OPT_TS_TSONLY; max++; opts[max].opt_type = IP_OPT_ESEC; opts[max].opt_len = IP_OPT_LEN; max++; opts[max].opt_type = IP_OPT_CIPSO; opts[max].opt_len = IP_OPT_LEN; max++; opts[max].opt_type = IP_OPT_RR; opts[max].opt_len = IP_OPT_LEN + 1 + 4; opts[max].opt_data.rr.ptr = 4; max++; opts[max].opt_type = IP_OPT_SATID; opts[max].opt_len = IP_OPT_LEN + 2; max++; opts[max].opt_type = IP_OPT_SSRR; opts[max].opt_len = IP_OPT_LEN + 1 + 4; opts[max].opt_data.rr.ptr = 8; opts[max].opt_data.rr.iplist[0] = ping->pkt_ip->ip_src; max++; pcap_filter(ctx.pcap, "icmp and src %s and dst %s", addr_ntoa(&ctx.dst), addr_ntoa(&ctx.src)); ping->pkt_icmp_msg->echo.icmp_id = rand_uint16(ctx.rnd); for (i = 0; i < max; i++) { pkt = pkt_dup(ping); pkt->pkt_ip->ip_id = rand_uint16(ctx.rnd); pkt->pkt_icmp_msg->echo.icmp_seq = opts[i].opt_type; len = ip_add_option(pkt->pkt_ip, PKT_BUF_LEN - ETH_HDR_LEN + IP_HDR_LEN, IP_PROTO_IP, &opts[i], opts[i].opt_len); pkt->pkt_end += len; ip_checksum(pkt->pkt_ip, pkt->pkt_end - pkt->pkt_eth_data); send_pkt(pkt); } i = 0; for (tv = read_tv; (pkt = recv_pkt(&tv)) != NULL; tv = read_tv) { if (pkt->pkt_icmp->icmp_type == ICMP_ECHOREPLY && pkt->pkt_icmp_msg->echo.icmp_id == ping->pkt_icmp_msg->echo.icmp_id) { i = IP_OPT_NUMBER(pkt->pkt_icmp_msg->echo.icmp_seq); printf("%s ", optnames[i]); } } printf("%s\n", i ? "" : "none"); return (0); }
static int test_ip_tracert(void) { struct timeval tv; struct hop hops[IP_TTL_DEFAULT]; struct pkt *pkt; struct icmp_msg_echo *echo; int i, hopcnt, max_ttl; printf("ip-tracert: "); fflush(stdout); pcap_filter(ctx.pcap, "icmp[0] = 0 and src %s and dst %s", addr_ntoa(&ctx.dst), addr_ntoa(&ctx.src)); ping->pkt_icmp_msg->echo.icmp_id = rand_uint16(ctx.rnd); pkt = pkt_dup(ping); pkt->pkt_ip->ip_id = rand_uint16(ctx.rnd); ip_checksum(pkt->pkt_ip, pkt->pkt_end - pkt->pkt_eth_data); send_pkt(pkt); tv = read_tv; if ((pkt = recv_pkt(&tv)) == NULL) { printf("no reply\n"); return (0); } /* XXX - guess remote stack's starting TTL */ for (i = 2; pkt->pkt_ip->ip_ttl > i; i <<= 1) ; if ((max_ttl = i - pkt->pkt_ip->ip_ttl + 1) > IP_TTL_DEFAULT) max_ttl = IP_TTL_DEFAULT; printf("%s, %d hops max\n", ip_ntoa(&ping->pkt_ip->ip_dst), max_ttl); pcap_filter(ctx.pcap, "icmp and dst %s", addr_ntoa(&ctx.src)); for (i = 1; i < max_ttl + 1; i++) { pkt = pkt_dup(ping); pkt->pkt_ip->ip_id = rand_uint16(ctx.rnd); pkt->pkt_ip->ip_ttl = i; pkt->pkt_icmp_msg->echo.icmp_seq = htons(i); ip_checksum(pkt->pkt_ip, pkt->pkt_end - pkt->pkt_eth_data); send_pkt(pkt); usleep(42); /* XXX */ } memset(&hops, 0, sizeof(hops)); hopcnt = 0; for (tv = read_tv; (pkt = recv_pkt(&tv)) != NULL; tv = read_tv) { if ((pkt->pkt_icmp->icmp_type == ICMP_TIMEXCEED || pkt->pkt_icmp->icmp_type == ICMP_UNREACH) && pkt->pkt_end - pkt->pkt_eth_data >= (IP_HDR_LEN + ICMP_LEN_MIN) * 2) { echo = (struct icmp_msg_echo *) (pkt->pkt_icmp_msg->timexceed.icmp_ip + IP_HDR_LEN + ICMP_HDR_LEN); } else if (pkt->pkt_icmp->icmp_type == ICMP_ECHOREPLY) { echo = &pkt->pkt_icmp_msg->echo; } else continue; if (echo->icmp_id != ping->pkt_icmp_msg->echo.icmp_id) continue; i = ntohs(echo->icmp_seq); addr_pack(&hops[i].addr, ADDR_TYPE_IP, IP_ADDR_BITS, &pkt->pkt_ip->ip_src, IP_ADDR_LEN); memcpy(&hops[i].icmp, pkt->pkt_icmp, ICMP_HDR_LEN); hops[i].ttl = pkt->pkt_ip->ip_ttl; hopcnt++; if (pkt->pkt_ip->ip_src == ping->pkt_ip->ip_dst) break; } for (i = 1; i < hopcnt + 1; i++) { if (hops[i].addr.addr_type == ADDR_TYPE_IP) { printf("%2d %s (%d)\n", i, addr_ntoa(&hops[i].addr), hops[i].ttl); } else printf("%2d *\n", i); } return (0); }
int main(int argc, char *argv[]) { struct intf_entry ifent; intf_t *intf; int i, tests; char *cmd; if (argc < 3) usage(); for (tests = 0, i = 1; i < argc - 1; i++) { cmd = argv[i]; if (strcmp(cmd, "all") == 0) tests = ~0; else if (strcmp(cmd, "ping") == 0) tests |= TEST_PING; else if (strcmp(cmd, "ip-opt") == 0) tests |= TEST_IP_OPT; else if (strcmp(cmd, "ip-tracert") == 0) tests |= TEST_IP_TRACERT; else if (strcmp(cmd, "frag") == 0) tests |= TEST_FRAG; else if (strcmp(cmd, "frag-new") == 0) tests |= TEST_FRAG_NEW; else if (strcmp(cmd, "frag-old") == 0) tests |= TEST_FRAG_OLD; else if (strcmp(cmd, "frag-timeout") == 0) tests |= TEST_FRAG_TIMEOUT; else usage(); } if (addr_aton(argv[i], &ctx.dst) < 0) err(1, "invalid host %s", argv[i]); if ((intf = intf_open()) == NULL) err(1, "couldn't open interface handle"); ifent.intf_len = sizeof(ifent); if (intf_get_dst(intf, &ifent, &ctx.dst) < 0) err(1, "couldn't find interface for %s", addr_ntoa(&ctx.dst)); memcpy(&ctx.src, &ifent.intf_addr, sizeof(ctx.src)); ctx.src.addr_bits = IP_ADDR_BITS; intf_close(intf); if ((ctx.ip = ip_open()) == NULL) err(1, "couldn't open raw IP interface"); if ((ctx.pcap = pcap_open(ifent.intf_name)) == NULL) err(1, "couldn't open %s for sniffing", ifent.intf_name); if ((ctx.dloff = pcap_dloff(ctx.pcap)) < 0) err(1, "couldn't determine link layer offset"); ctx.rnd = rand_open(); pkt_init(16); TAILQ_INIT(&ctx.pktq); ping = pkt_new(); ip_pack_hdr(ping->pkt_ip, 0, IP_HDR_LEN + 8 + 24, 666, 0, IP_TTL_DEFAULT, IP_PROTO_ICMP, ctx.src.addr_ip, ctx.dst.addr_ip); icmp_pack_hdr_echo(ping->pkt_icmp, ICMP_ECHO, ICMP_CODE_NONE, 666, 1, "AAAAAAAABBBBBBBBCCCCCCCC", 24); ping->pkt_end = ping->pkt_eth_data + IP_HDR_LEN + 8 + 24; pkt_decorate(ping); if ((tests & TEST_PING) != 0) test_ping(); if ((tests & TEST_IP_OPT) != 0) test_ip_opt(); if ((tests & TEST_IP_TRACERT) != 0) test_ip_tracert(); if ((tests & TEST_FRAG) != 0) test_frag(NULL, 0); if ((tests & TEST_FRAG_NEW) != 0) test_frag("new", 0); if ((tests & TEST_FRAG_OLD) != 0) test_frag("old", 0); if ((tests & TEST_FRAG_TIMEOUT) != 0) test_frag(NULL, 1); rand_close(ctx.rnd); pcap_close(ctx.pcap); ip_close(ctx.ip); exit(0); }