netw-ib-ox-ag-5.39.0/0000755000000000000000000000000011776302046012672 5ustar rootrootnetw-ib-ox-ag-5.39.0/INSTALLWINDOWS.TXT0000600000000000000000000000243411776302045015446 0ustar rootroot Installation under Windows There are 2 ways to install netwib, netwox and netwag : - automatic installation: This is easy. - step by step installation: If automatic installation does not work, use a step by step procedure to spot the problem. Automatic: ========== - Install WinPCAP version >= 3.0 yourself from http://winpcap.polito.it/ - Install Tcl/Tk yourself from ftp://ftp.activestate.com/ActiveTcl/Windows/ - Run netwib/netwox/netwag automatic installer : ./installwindows.exe [it asks some questions] Step by step: ============= WINPCAP - Install WinPCAP version >= 3.0 yourself from http://winpcap.polito.it/ TCL/TK - Install Tcl/Tk yourself from ftp://ftp.activestate.com/ActiveTcl/Windows/ NETWIB (for developers only) - Read src/netwib-bin_windows/INSTALL.TXT, and install it. - Copy src/netwib-doc_html/ where you want. NETWOX - Read src/netwox-bin_windows/INSTALL.TXT, and install it. - Copy src/netwox-doc_html/ where you want. NETWAG - Read src/netwag-bin_windows/INSTALL.TXT, and install it. - Copy src/netwag-doc_html/ where you want. END - Now, you can run: netwag539 [Read netwag-doc_html/html/lessons.html] netwox539 [Read netwox-doc_html/html/examples.html] netw-ib-ox-ag-5.39.0/INSTALLUNIX.TXT0000600000000000000000000000420611776302045015076 0ustar rootroot Installation under Unix There are 2 ways to install netwib, netwox and netwag : - automatic installation: This is easy. - step by step installation: If automatic installation does not work, use a step by step procedure to spot the problem. Automatic: ========== - Install libpcap yourself (download it from http://www.tcpdump.org/ or use a package for your system) - Install libnet yourself (download it from http://www.packetfactory.net/libnet or use a package for your system) - Install Tcl/Tk yourself (download it from http://www.tcl.tk/ or use a package for your system) - Run netwib/netwox/netwag automatic installer : ./installunix.sh [it asks some questions] Step by step: ============= LIBPCAP - Install libpcap yourself (download it from http://www.tcpdump.org/ or use a package for your system) LIBNET - Install libnet yourself (download it from http://www.packetfactory.net/libnet or use a package for your system) NETWIB # cd src/netwib-src/ # less INSTALLUNIX.TXT # cd src/ # ./genemake # make # make install [must be root to run this command] # cd ../../../ NETWOX # cd src/netwox-src/ # less INSTALLUNIX.TXT # cd src/ # ./genemake # make # make install [must be root to run this command] # cd ../../../ TCL/TK - Install Tcl/Tk yourself (download it from http://www.tcl.tk/ or use a package for your system) NETWAG # cd src/netwag-src/ # less INSTALL.TXT # cd src/ # ./genemake # make # make install [must be root to run this command] # cd ../../../ DOCUMENTATION - Directories netwib-doc_html, netwox-doc_html and netwag-doc_html contains documentation. You can copy them where you want. For example: # mkdir /usr/local/doc/netw539 # cp -R src/netwib-doc_html/ /usr/local/doc/netw539 # cp -R src/netwox-doc_html/ /usr/local/doc/netw539 # cp -R src/netwag-doc_html/ /usr/local/doc/netw539 END - Now, you can run: netwag [Read netwag-doc_html/html/lessons.html] netwox [Read netwox-doc_html/html/examples.html] netw-ib-ox-ag-5.39.0/src/0000755000000000000000000000000011776302040013453 5ustar rootrootnetw-ib-ox-ag-5.39.0/src/netwox-doc_html/0000755000000000000000000000000011776302040016566 5ustar rootrootnetw-ib-ox-ag-5.39.0/src/netwox-doc_html/html/0000755000000000000000000000000011776302040017532 5ustar rootrootnetw-ib-ox-ag-5.39.0/src/netwox-doc_html/html/examples.html0000644000000000000000000004474011776302040022247 0ustar rootroot netwox examples


I suggest you to read this document and to run each command in order to understand how to use netwox. Note that you have to adapt device names, IP addresses and Ethernet addresses for them to work on your computers.


Preliminary notes

Netwox needs, for some tools, the be run with administrator privileges.

Netwox currently only supports Ethernet/PPP networks for low level actions (sniff, spoof). However, every kind of network is supported for high level actions (clients, servers, etc.).


Main usage

The main syntax is : 
# netwox toolnumber [parameters ...]
For example : 
# netwox 23
# netwox 23 --extended
# netwox 23 -e
To obtain help about tool 23, run : 
# netwox 23 --help
To obtain help and full description about tool 23, run : 
# netwox 23 --help2

Netwag

This documentation covers netwox, which is a command line utility. Netwag is a graphical front end to netwox. It has some advantages such as easy parameter selection (open netwag, double-click on a tool (for example 7), and a form appears for easy generation of parameters).

Interactive help mode

When using netwox without parameters, it enters interactive help mode. Netwox interactive help mode allows users to find/run needed tool.
Here is one example of tool selection : 
# netwox
########## MAIN MENU
 0 - leave netwox
 3 - search tools
 a + information
 b + network protocol
 c + application protocol
 d + sniff
 e + spoof
 f + record
 g + client
 h + server
 i + tools not related to network
 j + administrators' tools
 k + attack tools
Select a node (key in 03abcdefghijk): d
########## sniff
 0 - leave netwox
 1 - go to main menu
 2 - go to previous menu
 3 - search tools
 a - 7:Sniff
 b - 10:Sniff and display network statistics
 c - 11:Sniff and verify checksums
 d - 13:Obtain DLT type for sniff and spoof for each device
Select a node (key in 0123abcd)> a

Here is how to use this tool:
Title: Sniff
Note:
Usage: netwox 7 [-d device] [-f filter] [-r] [-p] [-i] [-t] [-s] [-H encode] [-D
 encode] [-o file_dst] [-R recordencode] [-c uint32] [-C uint32]
 Name                           Description (defaultvalue)
 --help                         display this help
 --kbd                          ask missing parameters from keyboard
 --argfile file                 ask missing parameters from file
 -d|--device device             device name (Eth0)
 -f|--filter filter             pcap filter ()
 -r|--rawip|+r|--no-rawip       sniff at IP level (0)
 -p|--pause|+p|--no-pause       can pause (0)
 -i|--ipreas|+i|--no-ipreas     reassemble IP packets (0)
 -t|--tcpreord|+t|--no-tcpreord reorder TCP packets (0)
 -s|--screen|+s|--no-screen     display to screen (1)
 -H|--hdrencode encode          header encoding type for screen (array)
 -D|--dataencode encode         data encoding type for screen (dump)
 -o|--outfile file_dst          save in record file (dstfile.txt)
 -R|--recordencode recordencode encoding type for record file (bin)
 -c|--split-size uint32         maximum size of record in kb (0)
 -C|--split-age uint32          maximum age of record in seconds (0)
Example: netwox 7
Now, some examples are described. If they do not correspond to your needs, use the interactive help mode (or netwag's search) to find the appropriate one.

Tool 1 : local configuration

# netwox 1
################################### Devices ###################################
nu dev   ethernet_hwtype   mtu   real_device_name
1  Lo0   loopback          1500  Loopback
2  Eth0  00:01:01:01:01:01 1500  \Device\3COM
##################################### IP ######################################
nu ip             /netmask                    ppp point_to_point_with
1  127.0.0.1      /255.0.0.0                  0
2  192.168.1.2    /255.255.254.0              0
############################## ArpCache/Neighbor #############################
nu ethernet          ip
2  00:01:01:01:01:01 192.168.1.2
2  00:02:02:02:02:02 192.168.1.254
#################################### Routes ###################################
nu destination    /netmask         source              gateway           metric
1  127.0.0.1      /255.255.255.255 local                                      0
2  192.168.1.2    /255.255.255.255 local                                      0
2  192.168.1.0    /255.255.255.0   192.168.1.2                                0
2  0.0.0.0        /0.0.0.0         192.168.1.2         192.168.1.254          1
In this example, we see the loopback device (Lo0), and network card Eth0 (whose real name is \Device\3COM).
The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254.
The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254.

Tool 3 : print information about a hostname

# netwox 3 host1
IP address:  192.168.1.1
Hostname:    host1
Hostnames:   host1
Eth address: 00:01:01:01:01:01
This tool obtains the IP address of host1.
Moreover, if host1 is on the LAN, we obtain its Ethernet address.
Here is another example :
# netwox 3 192.168.1.1
# netwox 3 -q 192.168.1.1
# netwox 3 --query 192.168.1.1
IP address:  192.168.1.1
Hostname:    host1
Hostnames:   host1
Eth address: 00:01:01:01:01:01

Tool 87 : real tcp client

# netwox 87 192.168.1.2 21
220 host2 FTP server
QUIT
221 Goodbye.
This tool is a tcp client. This commands permits to connect on the FTP server on port 21 at address 192.168.1.2. This command is equivalent to "telnet 192.168.1.2 21".
Here is another example downloading a web page (port 80 of www.server.com) :
# netwox 87 www.server.com 80
GET / HTTP/1.0
_here_enter_one_blank_line_
HTTP/1.1 200 OK
Date: Sat, 12 Jan 2002 08:43:27 GMT
[...]
Data from keyboard or network can also be encoded or decoded : 
# netwox 87 192.168.1.2 21 -encode "dump"
32 32 30 20  46 54 50 20  0d 0a                        # 220 FTP..
QUIT
32 32 31 20  47 6f 6f 64  62 79 65 2e  0d 0a           # 221 Goodbye...

Tool 87 : virtual tcp client

When tool 87 is called with a device, a source/destination address, it will act as a virtual client.
A real client/server uses IP address and Ethernet address of the current computer (they are classical sockets).
A virtual client/server uses spoofed IP address and Ethernet address. For example, a virtual tcp client behaves like this :
  - spoof a syn packet
  - sniff the syn-ack from the server
  - spoof a ack packet to terminate the handshake
  - then, it behaves exactly like a real client

In order to create a virtual client connecting on a server (for example connecting on port 25 of 192.168.1.2) located on the LAN, you have to :
  - know the local device name to use (can be obtained with "netwox 1"). For example Eth0.
  - choose one false Ethernet address to use. For example aa:bb:cc:dd:ee:ff.
  - know the ethernet address of the computer (netwox 3 192.168.1.2). For example 00:02:02:02:02:02.
  - choose one false IP address (it should not be used by another computer). For example 192.168.1.3.
  - choose a random port. For example 1234.
Here is this example : 
# 87 -d "Eth0" -E "aa:bb:cc:dd:ee:ff " -e "00:02:02:02:02:02" -I "192.168.1.3" -i "192.168.1.2" -p "25"
[...]

In order to create a virtual client connecting on a server (for example connecting on port 25 of 192.168.1.2) not located on the LAN, you have to :
  - know the local device name to use (can be obtained with "netwox 1"). For example eth0.
  - choose one false Ethernet address to use. For example aa:bb:cc:dd:ee:ff.
  - know the ethernet address of the router (netwox 3 192.168.1.254). For example 00:FE:FE:FE:FE:FE.
  - choose one false IP address (it should not be used by another computer). For example 192.168.1.3.
  - choose a random port. For example 1234.
Here is this example : 
# 87 -d "Eth0" -E "aa:bb:cc:dd:ee:ff " -e "00:FE:FE:FE:FE:FE" -I "192.168.1.3" -i "192.168.1.2" -p "25"
[...]

Two simple modes for virtual clients were presented. Depending on your needs, they can be adapted.

Tool 89 : real tcp server

This tool creates a listening tcp server. It can be used to communicate between two computers.
For example, computer host1 can run tool 89, and computer host2 can run tool 87. In this example, we choose to listen on port 1234 : 
On host1 :                           On host2, then run :
# netwox 89 1234
                                     # netwox 87 host1 1234
_write_ Hello _newline_
                                     Hello
                                     _write_ Hi _newline_
Hi
                                     _write_ Hola _newline_
Hola
[...]

Tool 7 : sniff packets and display them

This tool displays packets of the network. You have to select the device on which to intercept packets.
# netwox 7
 ETH_____________________________________________________________________.
 | 00:01:01:01:01:01 vers 00:02:02:02:02:02         type : 0x0800        |
 |_______________________________________________________________________|
 IP______________________________________________________________________.
 |version |  ihl   |       tos       |              totlen               |
 |___ 4___|___ 5___|_______  0_______|____________0054h=   84____________|
 |                id                 |xxDfMf         fragoffset          |
 |____________061Dh= 1565____________|0_0_0__________0000h=    0_________|
 |       ttl       |    protocol     |          header checksum          |
 |_____40h= 64_____|_____01h=  1_____|_______________DF38h_______________|
 |                                source                                 |
 |______________________________192.168.1.1______________________________|
 |                              destination                              |
 |______________________________192.168.1.2______________________________|
 ICMP_(echo request)_____________________________________________________.
 |      type       |      code       |             checksum              |
 |_____08h=  8_____|_____00h=  0_____|____________2829h=10281____________|
 65 01 01 00  91 04 40 3C  AC 91 01 00  08 09 0A 0B     # e.....@<........
[...]

Generally, on network with a lot of flow, sniff intercepts too much packets. If you want to restrict sniffed packet, use a filter.
Basic item of a bpf filter are :
  host 1.2.3.4
  net 192.168.10
  net 192.168.10.0 mask 255.255.255.0
  net 192.168.10.0/24
  port 21
  dst host 1.2.3.4
  src port 2345
  ether host a:b:c:d:e:f ("ether a:b:c:d:e:f" is not working)
  ether src aa:bb:cc:dd:ee:ff
  ip
  arp
  rarp
  tcp
  icmp
  udp
Here are filter examples :
  host 1.2.3.4
  net 192.168 and icmp
  host 1.2.3.4 or dst port 80
  (udp or tcp) and not host 1.2.3.4
Now, just an example with a filter : 
# netwox 7 -f "host 192.168.1.1"
[...]

Tool 7 : sniff packets and save them in a record

Sometimes, we want to sniff packet and to save them in a file (a "record"). 
# netwox 7 -p -o thefile -R "mixed_wrap"
Press q to exit. Press p to pause.

Tool 15 : display a record

With tool 7, we've saved Ethernet data in the file 'thefile'. This tool permits to display its contents.
# netwox 15 -f thefile
[...]

Tool 14 : spoof a record

We can also resend data of a record :
# netwox 15 -f thefile
[...]
Generally, we want to modify data before resending it. So, the file has to be edited. The procedure is quite simple :
  - edit thefile to change the packets
  - use tool 15 to ensure packets are correctly modified
  - use tool 14 to send new packets

Tool 36 : {Ethernet,IP,TCP} spoof specified by user

This example spoofs a SYN packet :
# netwox 36 -d "Eth0" -a "1:2:3:4:5:6" -b "7:8:9:a:b:c" -l "1.2.3.4" -m "5.6.7.8" -o "1234" -p "80" -C
Ethernet________________________________________________________________.
| 01:02:03:04:05:06->07:08:09:0A:0B:0C type:0x0800                      |
|_______________________________________________________________________|
IP______________________________________________________________________.
|version |  ihl   |       tos       |              totlen               |
|___4____|___5____|_____0x00=0______|_____________0x0028=40_____________|
|                id                 |  DfMf          offsetfrag         |
|____________0x095A=2394____________|0_0_0____________0x0000=0__________|
|       ttl       |    protocol     |             checksum              |
|_____0x00=0______|_____0x06=6______|______________0xA163_______________|
|                                source                                 |
|________________________________1.2.3.4________________________________|
|                              destination                              |
|________________________________5.6.7.8________________________________|
TCP_____________________________________________________________________.
|            source port            |         destination port          |
|____________0x04D2=1234____________|_____________0x0050=80_____________|
|                                seqnum                                 |
|_________________________0x40EC052C=1089209644_________________________|
|                                acknum                                 |
|_____________________________0x00000000=0______________________________|
|  doff  |reserved CwEcUrAc PsRsSyFi|              window               |
|___5____|0_0_0_0__0_0_0_0__0_0_1_0_|_____________0x0000=0______________|
|             checksum              |              urgptr               |
|___________0x5495=21653____________|_____________0x0000=0______________|

Tool 59 : tcp traceroute

The traceroute tool list routers located on the way to go to a computer.
For example, with the following architecture, computer 192.168.1.1 has to go through two routers before reaching 192.168.30.2 :
 ,____.    ,________.    ,________.    ,____.
 | 192|    |192  192|    |192  192|    |192 |
 | 168|____|168  168|____|168  168|____|168 |
 |   1|    |1     20|    |20    30|    |30  |
 |   1|    |254    1|    |2      1|    |2   |
 `----'    `--------'    `--------'    `----'
Tool 59 traces route to reach a computer with an open tcp port. For example, to reach computer 192.168.30.2 with a web server (port 80), with a limit of 30 hops : 
# netwox 59 192.168.30.2 -p 80 -t 30
  1 : 192.168.1.254
  2 : 192.168.20.2
  3 : 192.168.30.2
Destination reached.
If we use a closed port, we obtain : 
# netwox 59 192.168.30.2 -p 81 -t 30
  1 : 192.168.1.254
  2 : 192.168.20.2
  3 : 192.168.30.2
Destination reached.
Note : the TCP port 81 is closed (a reset was received).
If computer is unreachable, we obtain : 
# netwox 59 192.168.30.2 -p 80 -t 30
  1 : 192.168.1.254
  2 : 192.168.20.2
  3 : 192.168.20.2 : destination unreachable - host
  4 : 192.168.20.2 : destination unreachable - host
If the number of hops is too small, we obtain : 
# netwox 59 192.168.30.2 -p 81 -t 2
  1 : 192.168.1.254
  2 : 192.168.20.2
maxttl(2) was too short to reach the destination

Tool 49 : icmp ping

This tool checks if a computer can be reached.
If the computer is on the LAN, we obtain it's Ethernet address :
# netwox 49 192.168.1.2
[...]

Tool 73 : answer to ARP/ping request for a computer

Tool 73 simulate the presence of a computer.
For example, to simulate the computer 192.168.1.3 with Ethernet address aa:bb:cc:dd:ee:ff, enter : 
# netwox 73 -i 192.168.1.3-e aa:bb:cc:dd:ee:ff
Then, from another computer, enter : 
# ping 192.168.1.3
or
# netwox 49 192.168.1.3

Tool 67 : scan of IP range, for TCP port range

Sometimes, we do not know which ports are open on a computer. This tools scans a computer and lists open TCP ports.
For example, to scan tcp ports between 20 and 25 of 192.168.1.2 :
# netwox 67 -i 192.168.1.2 -p 20-25
192.168.1.2 - 21 : open
192.168.1.2 - 22 : open
192.168.1.2 - 10 : timeout

Tool 30 : convert a file from dos to unix

Then end of line of Windows and Unix are different. Tool 30 is a utility to convert files : 
# netwox 30 filein fileout
# netwox 30 --src-file filein --dst-file fileout

Using Tcl scripting language

Sometimes, we want to use netwox tools in a loop. Under Unix, this can be done using a Shell or Perl script. Under Windows the Tcl language is often the only available solution (Tcl is installed if you installed netwag, which is recommended under Windows).
Here is a sample Tcl script :
#!/usr/bin/wish
for {set i 0} {$i < 3} {incr i} {
  puts "\nTesting $i"
  set ipad "192.168.0.$i"
  if [catch {exec netwox 3 $ipad} data] {
    puts "Error during exec : $data"
  } else {
    puts $data
  }
}
exit

Conclusion

Other tools are described here. If you've carefully read current document, you should be able to use them.

Availability

Toolbox netwox is available at :
http://ntwox.sourceforge.net/
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/html/tutorials.html0000644000000000000000000000762411776302040022457 0ustar rootroot Those documentations describe networking topics. Some are easy to read, but other are not : choose the one which corresponds to your feeling.
If your question is not answered in those docs, use a search engine.
If you know a good documentation which should be listed here, drop me a note.

Network protocols

Application protocols

Sniffing and spoofing

Miscellaneous

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/html/routerandfw.html0000644000000000000000000004344011776302040022765 0ustar rootroot
Testing a router or firewall


Introduction

The life of a router is punctuated by several important steps : In each case, network tests are needed to validate administrator's choices. For example : The aim of this article is to present a method for testing routers and firewalls. In this document, we only use the term "router", but the described method can also be applied to stateful inspection firewalls, packet filtering firewalls, proxy firewalls, etc.

Basic idea

The basic idea about tests is to send a packet on one side of the router.
Then, on the other side :

Method

We do not present a generic high level method. Indeed, every network administrator has its own way to setup a device or to solve a problem.
We emphasis on the low level method by presenting key points, which can be linked together in order to construct the high level method of every person. The key points are : Using only these 3 key points, an administrator can test a network.

Tool used

In order to illustrate examples, the free network testing tool netwox is used. Netwox is available at :
http://ntwox.sourceforge.net/

Other tools or network libraries (tcpdump, snoop, ipsend, netcat, telnet, libnet, libpcap, etc.) can also be used, but netwox incorporates all we need in one program.

How to send a packet ?

Well, it depends on protocols supported by our network. For example, in this paper, we focus on IP over Ethernet, and ICMP/UDP/TCP.

Which kind of packets to send ?

The kind of sent packets depends on several factors :

What's the difference between IP level and Ethernet level ?

When a packet is sent at IP level, the local IP stack : So, the user doesn't have to bother with Ethernet. However, this method doesn't allow to do tricky stuff with Ethernet, and sometimes with IP itself because the sender IP stack rejects the packet.
When a packet is sent at Ethernet level, it is directly sent on the network without going through the IP stack. It is more complicated because the user has to set Ethernet addresses, but can allow to do tricky things. To obtain the Ethernet address of a computer on the LAN, use "netwox 3" : 
# netwox 3 192.168.10.2
  IP address:  192.168.10.2
  Hostname:    computer2
  Hostnames:   computer2,computer2.example.com
  Eth address: 00:40:95:46:11:23
Don't forget that the destination Ethernet address has to be set to :

How to send an ICMP packet at IP level ?

We can use "netwox 41" : 
# netwox 41 --ip4-src "192.168.10.1" --ip4-dst "192.168.11.3" --icmp-type "8" \
  --icmp-code "0" --icmp-data "12345678 'my data'"
IP______________________________________________________________________.
|version |  ihl   |       tos       |              totlen               |
|___4____|___5____|_____0x00=0______|_____________0x0023=35_____________|
|                id                 |  DfMf          offsetfrag         |
|___________0x3DB4=15796____________|0_0_0____________0x0000=0__________|
|       ttl       |    protocol     |             checksum              |
|_____0x00=0______|_____0x01=1______|______________0xE6D1_______________|
|                                source                                 |
|_____________________________192.168.10.1______________________________|
|                              destination                              |
|_____________________________192.168.11.3______________________________|
ICMP4_echo request______________________________________________________.
|      type       |      code       |             checksum              |
|_____0x08=8______|_____0x00=0______|___________0x3F01=16129____________|
12 34 56 78  6d 79 20 64  61 74 61                     # .4Vxmy data
To obtain help about parameters, just enter "netwox 41 --help"

How to send an ICMP packet at Ethernet level ?

We can use "netwox 37" : 
# netwox 37 --device Eth0 --eth-src 00:40:33:E0:2C:42 --eth-dst 00:40:95:46:41:BC \
  --ip4-src "192.168.10.1" --ip4-dst "192.168.11.3" --icmp-type "8" --icmp-code "0" \
  --icmp-data "12345678 'my data'"
Ethernet________________________________________________________________.
| 00:40:33:E0:2C:42->00:40:95:46:41:BC type:0x0800                      |
|_______________________________________________________________________|
IP______________________________________________________________________.
|version |  ihl   |       tos       |              totlen               |
|___4____|___5____|_____0x00=0______|_____________0x0023=35_____________|
|                id                 |  DfMf          offsetfrag         |
|___________0xCCE7=52455____________|0_0_0____________0x0000=0__________|
|       ttl       |    protocol     |             checksum              |
|_____0x00=0______|_____0x01=1______|______________0x579E_______________|
|                                source                                 |
|_____________________________192.168.10.1______________________________|
|                              destination                              |
|_____________________________192.168.11.3______________________________|
ICMP4_echo request______________________________________________________.
|      type       |      code       |             checksum              |
|_____0x08=8______|_____0x00=0______|___________0x3F01=16129____________|
12 34 56 78  6d 79 20 64  61 74 61                     # .4Vxmy data
Following command is equivalent, but is less easy to understand. 
# netwox 37 -d Eth0 -a 00:40:33:E0:2C:42 -b 00:40:95:46:41:BC -l 192.168.10.1 \
  -m 192.168.11.3 -o 8 -p 0 -q "12345678 'my data'"

How to send an UDP packet at Ethernet level ?

We can use "netwox 35" : 
# netwox 35 -d "Eth0" -a "1:2:3:4:5:6" -b "7:8:9:a:b:c" -l "1.2.3.4" \
  -m "5.6.7.8" -o "1234" -p "53"
Ethernet________________________________________________________________.
| 01:02:03:04:05:06->07:08:09:0A:0B:0C type:0x0800                      |
|_______________________________________________________________________|
IP______________________________________________________________________.
|version |  ihl   |       tos       |              totlen               |
|___4____|___5____|_____0x00=0______|_____________0x001C=28_____________|
|                id                 |  DfMf          offsetfrag         |
|___________0x95D5=38357____________|0_0_0____________0x0000=0__________|
|       ttl       |    protocol     |             checksum              |
|_____0x00=0______|_____0x11=17_____|______________0x14E9_______________|
|                                source                                 |
|________________________________1.2.3.4________________________________|
|                              destination                              |
|________________________________5.6.7.8________________________________|
UDP_____________________________________________________________________.
|            source port            |         destination port          |
|____________0x04D2=1234____________|_____________0x0035=53_____________|
|              length               |             checksum              |
|_____________0x0008=8______________|___________0xEAC3=60099____________|
Now you are familiar with netwox, do not hesitate to use netwag :
- run netwag
- click on Search notebook
- at the right, there is "[*] show all [ ] search [.....]"
- in [.....], enter "udp"
- the list of tool will shrink
- select line "35 : Spoof EthernetIp4Udp"
- click on Run notebook
- click on Form sub-notebook
- enter values
- press on Generate (or "Run it")
- press on Run (or "Run it")

How to send a TCP packet at Ethernet level ?

We can use "netwox 36" : 
# netwox 36 -d "Eth0" -a "1:2:3:4:5:6" -b "7:8:9:a:b:c" -l "1.2.3.4" \
  -m "5.6.7.8" -p "80" -C
Ethernet________________________________________________________________.
| 01:02:03:04:05:06->07:08:09:0A:0B:0C type:0x0800                      |
|_______________________________________________________________________|
IP______________________________________________________________________.
|version |  ihl   |       tos       |              totlen               |
|___4____|___5____|_____0x00=0______|_____________0x0028=40_____________|
|                id                 |  DfMf          offsetfrag         |
|___________0xAB70=43888____________|0_0_0____________0x0000=0__________|
|       ttl       |    protocol     |             checksum              |
|_____0x00=0______|_____0x06=6______|______________0xFF4C_______________|
|                                source                                 |
|________________________________1.2.3.4________________________________|
|                              destination                              |
|________________________________5.6.7.8________________________________|
TCP_____________________________________________________________________.
|            source port            |         destination port          |
|____________0x04D2=1234____________|_____________0x0050=80_____________|
|                                seqnum                                 |
|_________________________0x512355F1=1361270257_________________________|
|                                acknum                                 |
|_____________________________0x00000000=0______________________________|
|  doff  |reserved CwEcUrAc PsRsSyFi|              window               |
|___5____|0_0_0_0__0_0_0_0__0_0_1_0_|_____________0x0000=0______________|
|             checksum              |              urgptr               |
|___________0xF398=62360____________|_____________0x0000=0______________|

How to verify the arrival of a packet ?

To check if a packet arrives on a network, we have to use a sniffer. We might however encounter problems :
To display packets "netwox 7" can be used : 
# netwox 7
 ETH_____________________________________________________________________.
 | 00:40:33:e0:c2:24 vers 00:40:95:46:14:cb         type : 0x0800        |
 |_______________________________________________________________________|
 IP______________________________________________________________________.
 |version |  ihl   |       tos       |              totlen               |
 |___ 4___|___ 5___|_______  0_______|____________0054h=   84____________|
 |                id                 |xxDfMf         fragoffset          |
 |____________0052h=   82____________|0_0_0__________0000h=    0_________|
 |       ttl       |    protocol     |          header checksum          |
 |_____40h= 64_____|_____01h=  1_____|_______________E502h_______________|
 |                                source                                 |
 |______________________________192.168.10.1_____________________________|
 |                              destination                              |
 |______________________________192.168.10.3_____________________________|
 ICMP____________________________________________________________________.
 |      type       |      code       |             checksum              |
 |_____08h=  8_____|_____00h=  0_____|____________AA90h=43664____________|
 A1 02 00 00  7B D7 E1 3A  61 57 03 00  08 09 0A 0B     # ....{..:aW......
 0C 0D 0E 0F  10 11 12 13  14 15 16 17  18 19 1A 1B     # ................
 1C 1D 1E 1F  20 21 22 23  24 25 26 27  28 29 2A 2B     # ...~ !"#$%&'()*+
 2C 2D 2E 2F  30 31 32 33  34 35 36 37                  # ,-./01234567

Various displaying methods can be selected (use netwag to learn which values can be put in parameter --hdrencode or --dataencode).

How to simulate a testing computer ?

When computer A wants to reach computer B :
So, when we simulate a computer, we have to answer to ARP requests, in order to inform other computers. For example, to simulate the presence of 192.168.10.2, and saying its Ethernet address is 12:34:56:78:90:ab, we can use : 
# netwox 73 -i 192.168.10.2 -e 12:34:56:78:90:ab

First example

In this example, we want to verify that : Both 192.168.10.1 and 192.168.11.3 are "real" computers (we do not have to simulate them)

So, the testing procedure is :

Second example

In this example, we want to verify that : The computer 192.168.10.1 is "real" and 192.168.11.4 is simulated with Ethernet address 12:34:12:34:12:34. So, the testing procedure is :

Third example

In this example, we want to verify that : The computer 192.168.10.2 is simulated with Ethernet address 12:34:12:34:12:34. The computer 192.168.11.3 is real. So, the testing procedure is :

Other examples

Several other examples could be written using the same methods. This is left as an exercise for the reader.

Conclusion

Validating the configuration of a router is a long task, mainly if we want to verify the security of the device. The knowledge of key points, and the usage of generic tools can however simplify administrators' job. This paper only described the tests which can be done. Using these tests and they knowledge, administrators can elaborate their own method to configure or secure a router or a firewall.

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/html/um.html0000644000000000000000000000253111776302040021042 0ustar rootroot netwox user's manual



Synopsis

  netwox number --help
    Show simple help for tool number number.

  netwox number --help2
    Show description for tool number number.

  netwox number [ parameters... ]
    Run tool number number.

  netwox
    Enter interactive help mode (search and run tools).

Some examples

  netwox 23 --help
    Show help for tool number 23.

  netwox 23 --help2
    Show full description for tool number 23.

  netwox 23
    Run tool 23 without parameters.

  netwox 23 --extended
  netwox 23 -e
    Run tool 23 with parameter -e or --extended which are synonyms.

You can find more examples here.

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/html/sendip6.html0000644000000000000000000002246111776302040021775 0ustar rootroot

Sending IPv6 packets to check firewall rules

Introduction

IP version 6 is available in most recent products such as routers, firewalls and operating systems.

Administrators and security professionals are faced to new challenges when configuring or checking an IPv6 implementation. They need IPv6 compatible tools.

Network testing requires two simple components : a tool to send network packets, and a sniffer to intercept and display them.

Most sniffers already recognize IPv6 packets (Ethereal, tcpdump, etc.).

This article describes netwox toolbox which can be used to send IPv6 packets.

Learning

It is important to note that computer sending IPv6 packets must use an Ethernet LAN, or already be IPv6 compatible. As the latter is less common, we send Ethernet frames containing IPv6 packets. Tools must be ran as root (Administrator under Windows) to have privileges to send Ethernet frames. Finally, we suppose both computers are on the same LAN (do not have routers between them).

The first example is a TCP packet over IPv6 over Ethernet. Install netwox or netwag and run as root:

  # netwox 142 --device "Eth0" --eth-dst "0:8:9:a:b:c" --ip6-src "fec0:0:0:1::1" --ip6-dst "fec0:0:0:1::2" --tcp-src "1234" --tcp-dst "80" --tcp-syn
Following packet is sent:

Ethernet________________________________________________________.
| 00:11:22:33:44:55->00:08:09:0A:0B:0C type:0x86DD              |
|_______________________________________________________________|
IP______________________________________________________________.
|version| traffic class |              flow label               |
|___6___|_______0_______|___________________0___________________|
|        payload length         |  next header  |   hop limit   |
|___________0x0014=20___________|____0x06=6_____|_______0_______|
|                            source                             |
|_________________________fec0:0:0:1::1_________________________|
|                          destination                          |
|_________________________fec0:0:0:1::2_________________________|
TCP_____________________________________________________________.
|          source port          |       destination port        |
|__________0x04D2=1234__________|___________0x0050=80___________|
|                            seqnum                             |
|_____________________0x686F31E7=1752117735_____________________|
|                            acknum                             |
|_________________________0x00000000=0__________________________|
| doff  |r|r|r|r|C|E|U|A|P|R|S|F|            window             |
|___5___|0|0|0|0|0|0|0|0|0|0|1|0|___________0x0000=0____________|
|           checksum            |            urgptr             |
|__________0x12E4=4836__________|___________0x0000=0____________|
Ethernet and IP header indicates that destination Ethernet address is 0:8:9:a:b:c, source IPv6 address is fec0:0:0:1::1 and destination IPv6 address is fec0:0:0:1::2.

To learn about possible parameters for tool number 142, run:

  # netwox 142 --help
  # netwox 142 --help2

Real world example

Suppose we want to check if a host has its firewall correctly configured to block some IPv6 packets destined to itself. Its IPv6 address is fec0:0:0:1::2. Its Ethernet address is 0:8:9:a:b:c (obtained with "netwox 3 fec0:0:0:1::2"). Suppose port 80/tcp is allowed for computer fec0:0:0:1::1, but all other ports and computers are blocked.

We simulate computer fec0:0:0:1::1 using another computer on the LAN. This computer does not need to be IPv6 compatible because we directly send IPv6 packet without using computer's IP stack. This computer has Ethernet address 00:11:22:33:44:55 (can be real or random). All command listed below are to be run on this computer.

First, we send a TCP SYN packet destined to port 80 of firewall. It is accepted because port 80 is open, so server sends back a TCP SYN-ACK packet. In order to send this SYN-ACK, server first asks for client Ethernet address using ICMP6 neighbor solicitation (IPv4 uses ARP). So we need 2 more tools: one to answer to Ethernet requests, and the other to see the SYN-ACK.

Netwox contains one tool to simulate the presence of a computer. This tool automatically answers to Ethernet requests. Open another window and keep running:

 # netwox 73 --device "Eth0" --ips "fec0:0:0:1::1" --eths "00:11:22:33:44:55"
This command answers "computer fec0:0:0:1::1 has Ethernet address 00:11:22:33:44:55" to every question.

Then open another window and run a sniffer (netwox in this example, but it can be Ethereal):

 # netwox 7 -p --device "Eth0"
Send the IPv6 packet destined to port 80 and see what happens in the sniffer window (don't forget to change source port "--tcp-src" for each call, for example incrementing it):

 # netwox 142 --device "Eth0" --eth-src "00:11:22:33:44:55" --eth-dst "0:8:9:a:b:c" --ip6-src "fec0:0:0:1::1" --ip6-dst "fec0:0:0:1::2" --tcp-src "1235" --tcp-dst "80" --tcp-syn
If port 80 is open, the sniffer will display a SYN-ACK. Here is an extract of a TCP header containing flags Ack and Syn set to 1:

| doff  |r|r|r|r|C|E|U|A|P|R|S|F|            window             |
|___5___|0|0|0|0|0|0|0|1|0|0|1|0|__________0x1680=5760__________|
Meaning of receiving a SYN-ACK packet is "port 80 is open, and you are allowed to connect".

Send an IPv6 packet destined to port 81 ("--tcp-dst 81"). Depending on firewall configuration, we receive a RST (flag R set in the TCP header) or nothing, and firewall's log contains an alert message. If a SYN-ACK is received, then firewall is badly configured because port 81 is open and available.

Now, we can pick another client address such as fec0:0:0:1::3 and check everything is forbidden.

Other tools

Tools 140 to 147 of netwox send UDP, ICMP or raw IPv6 packets. Depending on firewall rule to check, they can also be used.

 # netwox 141 --device "Eth0" --eth-src "00:11:22:33:44:55" --eth-dst "0:8:9:a:b:c" --ip6-src "fec0:0:0:1::1" --ip6-dst "fec0:0:0:1::2" --udp-src "1236" --udp-dst "80"
Ethernet________________________________________________________.
| 00:11:22:33:44:55->00:08:09:0A:0B:0C type:0x86DD              |
|_______________________________________________________________|
IP______________________________________________________________.
|version| traffic class |              flow label               |
|___6___|_______0_______|___________________0___________________|
|        payload length         |  next header  |   hop limit   |
|___________0x0008=8____________|____0x11=17____|_______0_______|
|                            source                             |
|_________________________fec0:0:0:1::1_________________________|
|                          destination                          |
|_________________________fec0:0:0:1::2_________________________|
UDP_____________________________________________________________.
|          source port          |       destination port        |
|__________0x04D4=1236__________|___________0x0050=80___________|
|            length             |           checksum            |
|___________0x0008=8____________|_________0xFD33=64819__________|

 # netwox 143 --device "Eth0" --eth-src "00:11:22:33:44:55" --eth-dst "0:8:9:a:b:c" --ip6-src "fec0:0:0:1::1" --ip6-dst "fec0:0:0:1::2" --icmp-type "128" --icmp-code "0"
Ethernet________________________________________________________.
| 00:11:22:33:44:55->00:08:09:0A:0B:0C type:0x86DD              |
|_______________________________________________________________|
IP______________________________________________________________.
|version| traffic class |              flow label               |
|___6___|_______0_______|___________________0___________________|
|        payload length         |  next header  |   hop limit   |
|___________0x0008=8____________|____0x3A=58____|_______0_______|
|                            source                             |
|_________________________fec0:0:0:1::1_________________________|
|                          destination                          |
|_________________________fec0:0:0:1::2_________________________|
ICMP6_echo request______________________________________________.
|     type      |     code      |           checksum            |
|___0x80=128____|____0x00=0_____|__________0x065B=1627__________|
|              id               |            seqnum             |
|_________0xCD94=52628__________|_________0xAE46=44614__________|
| data:                                                         |
|_______________________________________________________________|

Conclusion

Ability to send an IPv6 packet is an elementary step for solving network problems or checking configurations. Netwox contains tools to achieve this step. Netwox also provides clients and servers supporting IPv6 : FTP client, web client, etc.

Download

Netwox comes with netwag, a graphical front-end, which is easier to use than command line tools. It depends on libpcap, libnet and netwib libraries.

You can download netwox at :
http://ntwox.sourceforge.net/
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/images/0000755000000000000000000000000011776302040020033 5ustar rootrootnetw-ib-ox-ag-5.39.0/src/netwox-doc_html/images/banner_netwox.jpg0000644000000000000000000010030111776302040023401 0ustar rootrootJFIFHHCreated with The GIMPCC<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?02O_‚@@_7Yfρ>1~/|_|Ywt\m-k5 DĐwh|Xִ{>'um+'|Gx^L,NޝC\moZjʗƛ= "K L ͨBSij,\vdyeL9ʲZaٞ,^hPByZNUT{R}.}@" *Vbpܑ^) HԳGuYr%B}I;-UrՔ[RZO =ů#&߆źĶw*M%Mmey{&"kH焪m7#oM?oD$ =im/ΑX  yi,IcJo5kE -kN5C̿X`[-ц%7[D%H#|Tn9yxCYXirI{}&l&L |˄1C 3j?wO(g)%m> x#Hk6Qii[j6 eXe`Nj8Ҟ" /k-S[9F1[&Ϧ3,\ 4'_|) Υ$^x-JSYZ< Kax>C,4m䉞9 BUo<>) xh^ дGޑK-B9xQ+j6>wl&uk7׶S ]"G|0nX?/|)'Mt Iew-5֡:K=̒]ʱCFH !?ѩԡ:j0 *1%(Ӭoe™fbr|,;2Nii%~՞ri_< >? 7A|2|Ywqm]5.mԊr\^$vC !.ޟ[_w?Q܍qV-?/FZ6ڷ1 *H.jK/ [ eX?Y:3U:}O 9h}ޭj擥Iuj|;aD7Iqyyu{h#,Ң kۓ J.l?O(=5xz+¾1_6U)V\C{zb[H|@?v_ OG/)0_|nwh#<0Eׁ>1JVVt1fH2$f)k ;p^ ?oEOogMmw+Y<wiBhχu5+eP/=׏ ^$?౞&-" os) Տ|_{E<-*y.#_{upv65o%? gUI,@?ڨs3 Gׇ,zO$H?9/w9g+~|{s~꿵WMkwK)4ҮVDž4^!&䭼>h?W e',AOس#nǏi_ xo+7ǟ?Z7c{_P|)Ѽ3 մ:|&<Z!ë\鿍Q5c 5 Z/FşAZ. j)4Fm^^Z}m4[B+"7~W3P??ck?x[ix Ě~x-;VnLo_B^m77J {,_GOF*ƾ #X|)~ "/7'_cE%+1n~}:)}ωMkog*ic/bzD4jf?u~Ddd4Nxї@~Q/OuO?:g]/,_6-gwS[}l jfmbO6VS\%k_V|b?|!t_C7?~ j#X:ej_iGĦX*eӥ?@;:w?N=5,쨠rTRX>r~^"</z_:v_ZM@K{+:̚·?1=χd`9x'B=sJ;_?|AO{k1]7U+أm M|_ROtfeX_~7ս?gwD.gaYG`ͤyx%\\E_J o[?cH徉-<3<ׂn-Wr i߽i/`A8-'??jw_^ԴO'cxLx`D]91\jZn7+K{ Gix>-T%u4Yo|<}+M[Naլ/-Z\4&Ky헇w-_WǍu[A?WHa>kkK{>O:E5]o  =៏O|1m3Vg+_ /o43 oG"|QW__u  {7Ɲ?S{B ]/W6km_~ }08X3̷p9ELֆJ#,f]ᰵrGXJ<.WVTҩʷⳊ˩4̝BU.ERqѦ_9}SG|$u|<Rlٌ.???8~_ 3~˾>Zς{P|IiZcoCDž5-m?:>-ėp_Iya_vzO~zzj:ggrx⟊Kk;]nN¾IS^1 o+O{___[j~/e_#'5/YE֮=t[} ? 0\F8zF9 %tkƕ:)IӫM8Jw0ϳ,FeᰓFPSzn(|* wwa獼#xkI?QUNմ}_LQ/oO(g Ao_?iQg9u$M+ݾ#x x.msڷ[V gKhWkYқz<%hGzx^f}Z?d('N/.b x %_R~OoWYI ]jz籽m(8֝1eX|Li:|#[x+[τy8A|}?Pnjl٬`+[L0ӫxSOVW\6Tkj~>.lF /Du-3M.I /bx~,x7'|Zuz5uZ++]OMj:]^ߤ%4 4S|n,p`jR RJYPZVJLD`Bme%g>K3%Tq5Y5^m(ҫ sISM7E~|~Mi J/Ư:g x ³j ڦ:7:g-r8}FMrEXac ˱1ѥ8.IN%(V֭1ʱ2vg t[iTN|t!/li4џ~9ፍ>.uGݥK\7P\yK7M31k_~<ď_OwmexEo.t?}ieupt[\F̩"2 7şI^msBŽ/UO [Ylj%7pWMkW_hU~jI?|qxF?hw^,m{ͬj:eZA]"FT6tVRsTS$꒎A4Kֻ߂x6ҵxZouyxU38W`1\ GpJ٥$^ݏ3<s]l&&7K!?gE?EMgƻ4*O_Fѵ[wO5x>ewNFZsщoX< ;suWQ_ L1w᧶m6A#ZJZHOkv_|ֹ?[_?kvcCkj^95 hַZ.][zeoz#Dl;dgn#K(eyox(ae^9lOϒSKR'*RgW3[ze߁zKiQ}j:$aw .W iREM"@-Oj!ξ%xbEhuݳA53qn=ӣ:zmEbI,G؇?'wOD<XYxsE-յ;bIeӭ$eVbۉivH=am4K=mmbydK<5qa@Uɉ6?K}^9a,VcԱo,6JP+Et7xQo㱿 #N)}W*c8Qֆ+% 5*߳JsQ傉{C8f uwgğh-%ԓGĺ_VVs?ðj7pҳG l+yӪ+;K[HWdV[Ļkk1ڪYe9'da#kAGm92~xIY%['>2CAZt-N[MIW? t[ ?< g Dh7\Ÿ"Ӭ[I.(|aM|vZxCƞ1կY~nM|W"?8f2p~+4kﴏk_'u} \үa- 曫iwQ3G=RJ; zU+RU BO'P*;l욝m?٢t}زO-K,~gt[cФ5_[_J] ?FǗ c>9~z[_SMㆡ[ tX&~SӮ4 4{..%#hkυ:- _??EEO' gú #_iZ}Zfe{1~~w?#2e}(]W?|4֟˟5Zk B RcylfNg?O |} >.x/Ɨ%zy>,x;cOR4 G5$Io/O/tcV_ښn~E~ߴ?ĸim4|w^9Ǘkk+"S+6?E=_g?<) +u|'o3~M+7k0hgX\]]E&oh@?{?@ !OGG+_PÍ~w>De sohZ{KP6o4u(2AK7POD>~,k[|@$?SekE GNѭfCo-ka+P~L?ऍ?>+{RXbc٣Wm|E=owT}g~$Zkxu]#ǣC3C-?|G1{ 4oƿMWPe6оWD?K>g{H[Qgm4OkO_?$=]~ 3KͅyO>.j^ӣk OI?KRk2- x_k4V' 7ĚͳZiw\|[),w,58#l=dNĩ?$%ρt? 5-h2[kRNHb#U(o~rk<4=~׾)U|jn @"jD.xȒWh$ n$wM'G_ӟs^&Pq o ÞaLpyvYpxb%*NmEG5:9.Ws*;9NrE%e}ݶ&xh9k;\[ 'u dG'W Fm<9%3j̳I#Fhm^[Xim׷EmkgikMsusq;$0H,3*GO?Gk6 &<=g |"߄^©㟳|Es^k.%bYm[>[e̳/W*N/8Rc>NMStkaIa!Rg/N3p%,F7B/rIQ[iVGN6Op%??Px9W~#3şk";xK:iPFV8m,4@R0_,3,ZNڗFz,cګ`<%\X'FHm!k[Ks^8k<\Qdω8N5qkS&lN.u!K NEHZ`08B#VSK1iGVܚoK33BO*'«bI|(绸Ѿ'FXOIY^,MZx@ԯҴA?K/Z'Ɵj_>"_j~,5 B\ >[yσ%ß |)ll=<åi|;4ڮ г??Q?v9H5x/kz6e,~i6g/>J=GR iޑWa4+G(:7_|Cob~'~'Qj:Ρ;' ym6i ;Y-3Ò:I.$0eoS[Ez~ۉxw#xHi常ƥJxuq4/)JxD],ERnMJlOC(V𕝨W̔ut_,zUS|=x{G%׆?:&XzNXe6$QFGKzץZ؊+שRj%VZJjN\*T')Nsۓmɽ[}%ʒI$[Y$K)7ڞykmCgccci ]]'oJ|ji㿄>l5 "PW Uc$Weޅrue4so"M0@1"|aO߉Zg_ k/Z_(Ҽc[*ZStk>)-/a#xeu03hύI?ھ?i?%|X.\?[Wn\} -*{OӒ$ .7:ܟpf &NG6=w?iO 5hVnzy~Щqgesv, Z\G/.{Ӵ_غ?u/ i Z0hZލN44mGLԭfQi _ 1V7V xaxNW^%NMoHcngxəgm~Ro¯~*5~.,~oGT֚|/n +##-#RΡ(>{\\:? A~:'Ӿ?S6'oxsJ(bN៊7\4j^;gOCwq~ȟ/ I|]/?hW]5OXV} _Qz5|QoY_(>?F<xto9Ou/wD?:p< / jp |*nMs_'`uijZ ߢ\t6ԼCy|7jWks'5Κ躎Ҵ& ]_Fymd7#?f/#G=,xNk+r\ZShдuN:lkMfHtɥj%^*xL ʹna[NѥTZJ*K+4pY 0=|5Wlר3C_VU0܍R Y(;Uog}?`x⯉4?ejZߊw KI&,5R@Яn4S QߴM -е/[m$+-VGQ/t똯-^H$EfGR8=?y~a˲f /ˣW].wKW$jEAYݦi3q5.-3<Qc*WB7㋒lFU7Ԟh~|j|%ơsOıG=նm-Α|pFNc F_'_~~̟ 韵O?lM8R ~Eү|oUO ^ mR[U-%o4mF{ psa6x* {J*Xz}+l':skxc/Ce (y-]Oؖºu8kDO >gvcKˋy:&gar{LR½WNXU(2o|u9gLd 2.jk9­*xL9g<[ߴOCo{Cshph_蚿# m_Z)"G2O¿7e%O{|M?7zO S>* >qjw~l閬~lJyCcQsaҧ8d凒bN.58t6Poh]jKްKY>5m%x!\-6>ig@?V|;=mxZ< /ˍ`|5<60!j=jw7?14φ8,nG!:Ŵ9H1>m]I?⯌?$x;Zw,>2v5 p&4FKy3Eag,i|N|i࿊>F}VŖK5:yqmTd[;'ioï/}gjWV%k#Cj:5_ _,q<倹S2lEB~!5bUlo4/Χc7lIJfgg `o>n0Y}5ݼRywY |Wǂ|e%,aGnʟ!O-9X%)+_Sv_Zʛˇ +AgYY[4eYcZT._PIi-4MwK9vs$Ẵys Ќ}Eq%ҧ_ҳi0''>x7_7cxsDOҴ:b4Ieyn.%2\\5IJJuWդI$VIh[$VZhjTRjZg**TJ'')snRmm5X/g%"CU~__h*__?o:BzF'?WM5xw;i(-/Ÿ NMgwFـ|S֊k> I/?gOߴ#𭿅|GO:4qEƹuG]jͥOs=5%' T__|ptZ>2vRǶrjItKӧ_Iijv~LmHb_?n_?|v1?ګ;4 }G|BK|E5KKwՀ^/qH[y/)>>qu|mĿ~1''5t|T?fwW֚6tvjKy7?K//?V>'N2~@/ŏ?(6_xwO+i5էφ -}5ijRN_NOS⏉:gBׁ/`6kwLxygL5}:0&ygv>2~ |Uw~TWPh>!/ŏ'R2>_k/ܩo"{V쿒572/>hfY"VzM퇆3G Rm9GjeC5?)Dx@w:?z:,YI-Ķi>ݧ\j%CL~osky{5mn/dI~_edor~ҟ|#k=Z ׺kW/Y+< *qys[mѼS V,S?<},N2[< 6GZ\1ΰ?x|CXTJ25tPxh\QҞ]J)h+ջJژZ8/ehxUnG?zեK'@_|9vkF?k~!M/%ú&/Q?M9g/u3νhj6 tltiu x6;mRovo=●/ڗ㟇.=ƿtMld|, JMKŚ5]& P.OfH[nEh.  z}?5? Q6\%8AGDՇ%F*ORK}J_=%W8kB.ypJN0i4[rn;? ˞࿃>2V2W>#_|PLJ5? k'߈|#xWQ.j2x;63_Uoک_xK|Au?X4 38@h7~<#8Ns.,ix!hz犵%NW.o Kq$7ח;439i%;xA<y.{w]p'e)q ,0|)>+h7eՏπ'm4o .5xN 5aj:Z_> R$iO n?_|I¿57yG <5I=U}6wϨv:9[6iK6뉵V ky- ?%lVOna"~[|J|`>V&{ j;p&˳-cgQGU\<ܡ8v.[ pnzU_eZhNs#JY8ݨ=_?b?(d/QU̿m~ x.:mðxP5 3K׈4N@ԵkGKK~v$ߋ|e'?Y?}_TmA-~XVxC! _^8`| ˼F\Cql=\1|;撫ZBy~[Z8l-i}_ *oo:tի)9%:tc5U#EVQ湚W$.=ӑ o!A5z?hxg R[M~!./;m ZtC|f43L6^OoxHҿ3xq(K?M-UKmj 8qz҅|6ƕZPS媝'^ P9 .̱x𣇯)ףN2QPhJ|HK/_ > 8|Uூ>|9c|T~4-qiH漲-.jrVjRH,yoh.|h: [zQVkKdg ~5úx+O.+Wpheti edӨv;))I]>-1eɩ*04R*YQqE\\JS7C8|a?jG%x71:4v>uhDG$DwTf th$@Ps_><|kYw<oup {jM^zU:vbm5tlG MqP|=I#[5Izx!)ZU(bVhFERkN+r[Y5x3^g< ~KYuyUcaZ0ФV1ƼQ+r~ןi ;?GkxO;ٿom@\?}ח F˓i\O t~4ÈSma?gwX?eSsG?#Hg϶`- l;Ļ^B?c_~,77WWZ߃WW4)o.I; )"Wmv,{0Yq g.fjWW '5MT䬙ߗ} /x-eUJΥ*~Ҧԍ7uRprVw'w|e-|e~k^F6ah >h"ilE$Λ.?4룾m}c 3]W9}_c&Ǻ¿X/ MԼ;_x]:CγnJ5ױ,Žh2Cڷ.ڠ>u|Z9e1zoc:(bQS 63F LYaZNL?0EFr X%g?uόP_ǿ xb/MN/#{u^/^[_>̺U⫛<[ۯ| xDi/$B]իM$,q@I~~>P1kh|ED= ~ Ě|'&}MO+)=ƛq˯Co6Z]{S9cld-[ľ K+|rw0ҼImj/]OPM^K5mqjٚ Wش۟Xj5GT<VL|dSХn.\FM.YO3n_W4:Z?_xe(TƓt2 ;He 2K4Jʑj쪪X p~Ɵ|n>|8g/DKn| ύ Q< 4?h&ּR9XdQ̊Z_ߵJX|E?x{Zό)M՟"Ή4x#}?RoY3V,.l"xc |5C'k3!~MwզklȽN1{j gymxs_pf?N1ϲ\,$L 7$ FU8UeOjUKNu-Z:'?^֕gӫFՕ9՜ƫF*W'6Z&^,𷄬bԼS-ÚuiYi6]_ieWF,5;ohi_3y[}2E|5No> #_T3K\&zWu_\_/W-b}g^E7WR~(gw5Jc>=aI9Z|Z==?w.oyG:u \^m-Kºn W7spIOE|a0*o/?K1Q6m`3N69$UgUOP®%΄y1yܰO:oGRΜbݪTJ^]ܭ7>/ZxOƞ5մ"A״^x .Eaw<] Bo`c_Go#&Z/%~_~'YkW}vPlNg4%}˻{84nx\֭ mJ[Ua}1qo짅2.+ o,6 =2dQnj.VZ'R-UdʓS6|%JpbhƅY)REUE=RI&f(:O)H~?ϊ>#Gt#kK?D+X᧷myKkuYT&| ~%GL<h;n`xR\5}fSX5&m8>+<ਟ>|@}SZ xwLmo> 7Ț&"|Hmm#k8̱s&ҹk/? |Jh[ĆH KPTKڤ2Z*e UYqGN?fx|snyGyw< Ya)Ckc]%ڀ"&Henk$qo$߷~cZU Zo>T<)˴.tۈĚjd`m-(XUa/~ަ5Dnz8L, srTZm^ \yQ)eQX>8RM^T{n>/^e$O|_>֎wWϥA3W<:R+I%ܬ?_?#oyw:C{ɴl[:GB'_z@@=F{k/?g߁zZy?t G5mba%rrcrr kKXpx/,(.S#˷:zjӛyl'Ox_^"|):< ivZ> ɏ1෶F| 'qdž)<*',.qb>|咅:ؘsaFj(կ`ҷ)PԊOh=IFRWk$0_?TI)Uy--u &]3Kg:ɞK qYKui,?\r6~Ğ]LRMBՌF ou/+&"@24`ȷ׶Gw{ 3< wtG?+Î7VmwVG(o'7!mS5񲪒Q?i:z:ml??dM^!' |G ʸafs]Z &yA1|MGx/] E`mci3]\[녱3Ej\ObApk}֕i} u;H/.b 9m爐 Ice$yχ𖬺~xC֢϶4 h2 6;1&1he%_xsqh4.NͱEN..?\# s*PNU4wqk*p߹xW}qjx]$u>IG"jZ_*4 %Ɲ cOPmWIvIcۨs[3n>/^e$O|_>֎wWϥA3W<:R+I% =~h, |7G7S=-PZq ]'E֧7nk?sOU-Ο=ӻõ.igm5C}o|6B}3͚kgYhDK6Xmm VE0[E 0¡",qG*hQ=$[_ s*ҫ^"-kEΥx%h7)JSbײ̳,<]r֪Օ׏4|`ۻϬSMkD}NNn$vZxeL1fy8@ EJÿ)}U!{>添O7Onm:$\o#ĵCr"K]/Kf8omF)/{#!~qt/&`Ov[ N[L[{" ۭO0Dx/hwJ4-Nǘi[#>Xl [Y%o ([\JSXʴSVFMSQq/iSgtХTn?kU~5ARZdڂ V-Y :%}؟֯o,$>?~Ɵ|SSZZM̺fq2/u# =iQJj!QFQi)7JO2d3 N214aV0|KG}SkEWv"?য়? K캟Oo Ooz폋UnolO4[K{o9-Ds]Z\4wsG"Z3|q׭K TU\;JKIh#ῃß+?7Û^Uj~o5+[3xN/涴y5/2߷ǿ~~?mGx/Rb~(x/úAj,k>X/VLVƯ _zgM}^¹zɩdkc+aW]^tNdkCMq6<8v#a'NW; R<=xʏ-6KK4Dtx~xN_:·?x^[^xoOžyc<,޶eB8\F/2:؈ԡJ*1DE*^)6G_h2Ἧ+O}ks;aOf#3 u>,Oj5xSK^-m|Kq&fu5چ"j؋QA 9¸L&83v"Pb=SQ\QswJױy_2\q1eW1y`(J3X[F*qJ.d6[i/ iSO !+|[xoS񎛿~2f3S[)|<(͑v~0Rcƈj8gG| _}xZk`PB_MG;k w?\ qʖgξ-*(U\0R"5t&[4fs+blr*˖T٫QrT-'wbza7ǟ·zωWW >+ڼZm'u;]q_Pt5i!嶻ؗ><#|=x]>8WWе kZZ?گ;0|]29GxFG> %յ[ղ#Zr T+g= 3.0 - install netwox ------------------------------- | STEP 1 : winpcap | ------------------------------- If winpcap isn't installed on your system, download it from : http://winpcap.polito.it/ Version 3.0, or superior, is needed. Follow the given instructions in order to install it. After installing winpcap, you should test if it is working properly. If you do not want to bother testing, you can directly go to step 2. To test winpcap's installation, you need to download windump : http://windump.polito.it/ Then, in a console window, if you enter "\directory...\windump", network packet will be displayed (for example, you can ping another computer and see the packets). Once windump displays network packets, you can go to step2. If you have a problem downloading, installing winpcap, or running windump, read the faq at : http://winpcap.polito.it/ http://windump.polito.it/ If you still have a problem, contact Winpcap's developers. I cannot help you, because I do not maintain this code. Note: If winpcap is not installed, netwib will work, but without sniffing or spoofing features. ------------------------------ | STEP 2 : netwox | ------------------------------ ----- Windows 95, 98, Me ----- Generally, %WINDIR% is "C:\Windows". You have to : - copy "netwib539.dll" to "%WINDIR%\System\netwib539.dll". - open a ms-dos console : Start - Run - "command" - in this console, enter : echo %PATH% This command lists the directories in your path. For example, "%WINDIR%\Command\" is in your path. exit This command closes the ms-dos console - copy "netwox539.exe" in one of the directories of your path (for example you can chose "%WINDIR%\Command\") ------ Windows NT, 2000 ------ Generally, %WINDIR% is "C:\WINNT". You have to : - copy "netwib539.dll" to "%WINDIR%\System32\netwib539.dll". - open a ms-dos console : Start - Run - "cmd" - in this console, enter : echo %PATH% This command lists the directories in your path. For example, "%WINDIR%\System32\" is in your path. exit This command closes the ms-dos console - copy "netwox539.exe" in one of the directories of your path (for example you can chose "%WINDIR%\System32\") --------- Windows XP --------- Generally, %WINDIR% is "C:\Windows". You have to : - copy "netwib539.dll" to "%WINDIR%\System32\netwib539.dll". - open a ms-dos console : Start - Run - "cmd" - in this console, enter : echo %PATH% This command lists the directories in your path. For example, "%WINDIR%\System32\" is in your path. exit This command closes the ms-dos console - copy "netwox539.exe" in one of the directories of your path (for example you can chose "%WINDIR%\System32\") netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/problemreport.txt0000600000000000000000000000241411776302045023040 0ustar rootroot If you find errors, thanks for contacting me. For every bug report, try to indicate : - netwib/netwox/netwag version - libpcap/winpcap version - libnet version (Unix only) - result of the command : netwox 2 - system (uname -a under unix) - command or error environment - how to reproduce the error - the patch, if you wrote one - other information you may think useful As of June 2012, my email address is : laurentconstantin@free.fr How to create a patch (Unix only) ? - Solution 1 : One file was modified : compare the modified file with the original file : diff -ub file.c.original file.c > /tmp/file.c.patch - Solution 2 : Several files were modified : compare the modified directory with the original directory : diff -urbaN netwib-5.39.0-src netwib-5.39.0-src.modified > /tmp/dir.patch - Suggestion : If you haven't done the changes, use preferably this method : cd ../.. cp -R netwib-5.39.0-src netwib-5.39.0-src.modified cd netwib-5.39.0-src.modified [do your modifications, compilations, tests, etc.] cd .. diff -urbaN netwib-5.39.0-src netwib-5.39.0-src.modified > /tmp/dir.patch Then, I'll apply the patch with : patch -Nbp1 < file.c.patch patch -Nbp0 < dir.patch netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/probleminstallwindows.txt0000600000000000000000000000120011776302045024576 0ustar rootroot Network toolbox netwox ------------------------------------------- | KNOWN PROBLEMS | ------------------------------------------- This file describes known problems (incompatibilities, unsupported features, errors, etc.). If you seek help (usage help, examples, etc.), it's better to read netwib-5.39.0-doc_html.tgz or netwox-5.39.0-doc_html.tgz. Problems described in this file are (if you encounter an unknown problem, thanks for contacting me, as explained in ./doc/problemreport.txt): Currently, there is nothing to say. netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/probleminstallunix.txt0000600000000000000000000000220211776302045024072 0ustar rootroot Network toolbox netwox ------------------------------------------- | KNOWN PROBLEMS | ------------------------------------------- This file describes known problems (incompatibilities, unsupported features, errors, etc.). If you seek help (usage help, examples, etc.), it's better to read netwib-5.39.0-doc_html.tgz or netwox-5.39.0-doc_html.tgz. You can also use "man netwib" or "man netwox". Problems described in this file are (if you encounter an unknown problem, thanks for contacting me, as explained in ./doc/problemreport.txt): WHILE EXECUTING ./GENEMAKE 1: ./genemake: Permission denied. ------------------------------------------------------------------------------- Problem 1: Problem synthesis: ./genemake: Permission denied. Environment affected by the problem: All What's causing the problem: file-5.39.0-src.tgz wasn't uncompressed with a good program. Solution: Use: tar -zxvf file-5.39.0-src.tgz or gunzip file-5.39.0-src.tgz ; tar -xvf file-5.39.0-src.tar netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/addonetoolunix.txt0000600000000000000000000000143311776302045023200 0ustar rootroot This file explains how to add a tool in netwox. If you want to compile netwox, you're not reading the good file. Read ../INSTALLUNIX.TXT. If you want to compile a small program with netwib, it's easier than what's explained here : read netwib-5.39.0-src/doc/compilunix.txt. For example, to add tool number 4, modifying tool 3, the procedure is : - cp tools/000003.c tools/000004.c - edit tools/000004.c and replace "000004" by "000003" - modify tools/000004.c to match your needs - add two lines in tools.h - add one line in tools.list - run ./genemake - run make If this tool needs a new module named foobar, also do : - vi modules/foobar.c (to create it) - vi modules/foobar.h (to create it) - add module in modules.h - run ./genemake - run make netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/problemusagewindows.txt0000600000000000000000000004764611776302045024264 0ustar rootroot Network toolbox netwox ------------------------------------------- | KNOWN PROBLEMS | ------------------------------------------- This file describes known problems (incompatibilities, unsupported features, errors, etc.). If you seek help (usage help, examples, etc.), it's better to read netwib-5.39.0-doc_html.tgz or netwox-5.39.0-doc_html.tgz. Problems described in this file are (if you encounter an unknown problem, thanks for contacting me, as explained in ./doc/problemreport.txt): PROBLEMS CAUSED BY THE SYSTEM 1: [Windows] Display is slow. 2: [Windows 95] At netwib end, the modem link stops. 3: [Windows XP] Converting an IP address to a hostname returns a bad value. PROBLEMS CAUSED BY LIBPCAP OR WINPCAP 4: [Windows] Several tools of netwox doesn't seem to work. 5: [Windows] Sniff does not work with a modem 6: [Windows] Popup: The dynamic library wpcap.dll was not found. [Note: I'am not sure about the exact error message because I do not have access to an English computer] PROBLEMS CAUSED BY NETWIB'S DESIGN 7: Why running 'netwox 1' ? 8: Several tools do not work. 9: Network configuration is incorrect. 10: Error messages contains inaccurate hints 11: Netwib is slow. PROBLEMS CAUSED BY NETWOX'S DESIGN 12: Some tools does not fully work. 13: Some protocols are not fully implemented. 14: Some tools are not provided. 15: The name "netwox539" is too long to enter. ------------------------------------------------------------------------------- Problem 1: Problem synthesis: Display is slow. Environment affected by the problem: Windows What's causing the problem: In a msdos console, we cannot print more than 100 lines per seconds. Solution 1: Redirect output in a file: commandname > file However in this case, we do not see when data has to be entered. Solution 2: Use tools, or printprofiles, less verbose. ------------------------------------------------------------------------------- Problem 2: Problem synthesis: At netwib end, the modem link stops. Environment affected by the problem: Windows 95 with a modem What's causing the problem: At the end of a program, references to unused object are freed. It's the case for the low level driver of WinPcap (packet.sys). Unfortunately, as explained in WinPcap FAQ, Windows also stops the modem connection. So, at the end of netwox, the phone line stops. Solution 1: Installation of: - Windows Sockets 2 Update, and - Dialup Networking 1.3 Update might resolv this problem. Those updates are available here: - http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/default.asp - http://www.microsoft.com/Windows95/downloads/contents/WURecommended/S_WUNetworking/dun13win95/Default.asp Solution 2: You can contact WinPcap developers to help them to write a driver/dll not having this problem. Additional note (march 2004): Windows 9x is no more supported by WinPcap developers. ------------------------------------------------------------------------------- Problem 3: Problem synthesis: Converting an IP address to a hostname returns a bad value. Environment affected by the problem: Windows XP What's causing the problem: Functions netwib_ip_init_buf(...NETWIB_IP_DECODETYPE_HN...) use gethostbyaddr(). However, there is a bug in WindowsXP's implementation of gethostbyaddr, as described in Knowledge Base Q317936 of Microsoft. This bug appears when DNSorWINS and NetBIOSoverTCPIP are activated. Solution: Patch Q317936 corrects this problem. ------------------------------------------------------------------------------- Problem 4: Problem synthesis: Several tools of netwox doesn't seem to work. Environment affected by the problem: Windows What's causing the problem: Netwib depends on WinPcap. If WinPcap does not work, several features of netwib/netwox will not work. So, we have to ensure WinPcap works correctly. Solution: Install and test windump as described in INSTALL_FR.TXT. ------------------------------------------------------------------------------- Problem 5: Problem synthesis: Sniff does not work with a modem Environment affected by the problem: Windows What's causing the problem: WinPCAP is not designed to work with a modem. File netwox-5.39.0-doc-html.tgz/en/examples.html lists systems where modems are supported. Solution: If your system does not support modems, try to apply WinPCAP solution: http://winpcap.polito.it/misc/dialup.htm ------------------------------------------------------------------------------- Problem 6: Problem synthesis: Popup: The dynamic library wpcap.dll was not found. [Note: I'am not sure about the exact error message because I do not have access to an English computer] Environment affected by the problem: Windows What's causing the problem: WinPCAP is not installed. Solution: Download and install WinPCAP as described in INSTALL.TXT or INSTALLWINDOWS.TXT. ------------------------------------------------------------------------------- Problem 7: Problem synthesis: Why running 'netwox 1' ? Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 8: Problem synthesis: Several tools do not work. Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 9: Problem synthesis: Network configuration is incorrect. Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 10: Problem synthesis: Error messages contains inaccurate hints Environment affected by the problem: All What's causing the problem: Implementing a cross platform compatible error handling is almost impossible (errno, h_errno, GetLatError, WSAGetLastError). The solution chosen in netwib is to leave those error codes untouched. So, if they were previously set by another error, this error will still be present. For example: Error 1099: error in foobar() hint: errno = 19 = No such device hint: h_errno = 2 = Host name lookup failure If function foobar sets errno read errno, else read h_errno. Solution: Just ignore the hint which seems inaccurate. ------------------------------------------------------------------------------- Problem 11: Problem synthesis: Netwib is slow. Environment affected by the problem: All What's causing the problem: I choose to create a modular library, easy to use. One of the consequence is the high level structuration of netwib. So, it is slower than a low level programming interface. Solution 1: Using records (netwib_io_init_record_xyz), you can construct your packets, save them, and then send them. Solution 2: You can also use only low level functions of netwib, and create your specific code around. If its still too slow, you should not use netwib and use directly system's functions, or buy a new computer ;) ------------------------------------------------------------------------------- Problem 12: Problem synthesis: Some tools does not fully work. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 13: Problem synthesis: Some protocols are not fully implemented. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 14: Problem synthesis: Some tools are not provided. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 15: Problem synthesis: The name "netwox539" is too long to enter. Environment affected by the problem: All What's causing the problem: I choose the name "netwox" followed by its version number. However, you may think that pressing those keys is too long. Solution: You just need to copy netwox539 or to create a link: - Unix: ln -s /usr/local/bin/netwox539 /usr/local/bin/nx - Windows: copy netwox539.exe nx.exe netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/unimplemented.txt0000600000000000000000000000172611776302045023017 0ustar rootroot Laurent CONSTANTIN's network toolbox (netwox) ----------------------------------- ------------------------------- | UNIMPLEMENTED IN NETWOX | ------------------------------- Netwox's objective is to contain a lot of tools. Some are not fully implemented at 100%. Indeed, some features are not frequently needed. This file describes features which are not expected to be implemented. File todo.txt includes the ones which are planned for next months. * IP OPTIONS : Only options of RFC 791 are implemented. Others, are dealt as a byte array. * Sniffer : Decoded protocols are : - Ethernet - IP - IP options (rfc 791) - ICMP (rfc 792) - UDP - TCP - ARP/RARP * Performance : Most tools are monothread. So, they are not very fast to do repetitive tasks. Do not hesitate to contact me if you need the presented points. netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/problemusagebin.txt0000600000000000000000000004764611776302045023342 0ustar rootroot Network toolbox netwox ------------------------------------------- | KNOWN PROBLEMS | ------------------------------------------- This file describes known problems (incompatibilities, unsupported features, errors, etc.). If you seek help (usage help, examples, etc.), it's better to read netwib-5.39.0-doc_html.tgz or netwox-5.39.0-doc_html.tgz. Problems described in this file are (if you encounter an unknown problem, thanks for contacting me, as explained in ./doc/problemreport.txt): PROBLEMS CAUSED BY THE SYSTEM 1: [Windows] Display is slow. 2: [Windows 95] At netwib end, the modem link stops. 3: [Windows XP] Converting an IP address to a hostname returns a bad value. PROBLEMS CAUSED BY LIBPCAP OR WINPCAP 4: [Windows] Several tools of netwox doesn't seem to work. 5: [Windows] Sniff does not work with a modem 6: [Windows] Popup: The dynamic library wpcap.dll was not found. [Note: I'am not sure about the exact error message because I do not have access to an English computer] PROBLEMS CAUSED BY NETWIB'S DESIGN 7: Why running 'netwox 1' ? 8: Several tools do not work. 9: Network configuration is incorrect. 10: Error messages contains inaccurate hints 11: Netwib is slow. PROBLEMS CAUSED BY NETWOX'S DESIGN 12: Some tools does not fully work. 13: Some protocols are not fully implemented. 14: Some tools are not provided. 15: The name "netwox539" is too long to enter. ------------------------------------------------------------------------------- Problem 1: Problem synthesis: Display is slow. Environment affected by the problem: Windows What's causing the problem: In a msdos console, we cannot print more than 100 lines per seconds. Solution 1: Redirect output in a file: commandname > file However in this case, we do not see when data has to be entered. Solution 2: Use tools, or printprofiles, less verbose. ------------------------------------------------------------------------------- Problem 2: Problem synthesis: At netwib end, the modem link stops. Environment affected by the problem: Windows 95 with a modem What's causing the problem: At the end of a program, references to unused object are freed. It's the case for the low level driver of WinPcap (packet.sys). Unfortunately, as explained in WinPcap FAQ, Windows also stops the modem connection. So, at the end of netwox, the phone line stops. Solution 1: Installation of: - Windows Sockets 2 Update, and - Dialup Networking 1.3 Update might resolv this problem. Those updates are available here: - http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/default.asp - http://www.microsoft.com/Windows95/downloads/contents/WURecommended/S_WUNetworking/dun13win95/Default.asp Solution 2: You can contact WinPcap developers to help them to write a driver/dll not having this problem. Additional note (march 2004): Windows 9x is no more supported by WinPcap developers. ------------------------------------------------------------------------------- Problem 3: Problem synthesis: Converting an IP address to a hostname returns a bad value. Environment affected by the problem: Windows XP What's causing the problem: Functions netwib_ip_init_buf(...NETWIB_IP_DECODETYPE_HN...) use gethostbyaddr(). However, there is a bug in WindowsXP's implementation of gethostbyaddr, as described in Knowledge Base Q317936 of Microsoft. This bug appears when DNSorWINS and NetBIOSoverTCPIP are activated. Solution: Patch Q317936 corrects this problem. ------------------------------------------------------------------------------- Problem 4: Problem synthesis: Several tools of netwox doesn't seem to work. Environment affected by the problem: Windows What's causing the problem: Netwib depends on WinPcap. If WinPcap does not work, several features of netwib/netwox will not work. So, we have to ensure WinPcap works correctly. Solution: Install and test windump as described in INSTALL_FR.TXT. ------------------------------------------------------------------------------- Problem 5: Problem synthesis: Sniff does not work with a modem Environment affected by the problem: Windows What's causing the problem: WinPCAP is not designed to work with a modem. File netwox-5.39.0-doc-html.tgz/en/examples.html lists systems where modems are supported. Solution: If your system does not support modems, try to apply WinPCAP solution: http://winpcap.polito.it/misc/dialup.htm ------------------------------------------------------------------------------- Problem 6: Problem synthesis: Popup: The dynamic library wpcap.dll was not found. [Note: I'am not sure about the exact error message because I do not have access to an English computer] Environment affected by the problem: Windows What's causing the problem: WinPCAP is not installed. Solution: Download and install WinPCAP as described in INSTALL.TXT or INSTALLWINDOWS.TXT. ------------------------------------------------------------------------------- Problem 7: Problem synthesis: Why running 'netwox 1' ? Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 8: Problem synthesis: Several tools do not work. Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 9: Problem synthesis: Network configuration is incorrect. Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 10: Problem synthesis: Error messages contains inaccurate hints Environment affected by the problem: All What's causing the problem: Implementing a cross platform compatible error handling is almost impossible (errno, h_errno, GetLatError, WSAGetLastError). The solution chosen in netwib is to leave those error codes untouched. So, if they were previously set by another error, this error will still be present. For example: Error 1099: error in foobar() hint: errno = 19 = No such device hint: h_errno = 2 = Host name lookup failure If function foobar sets errno read errno, else read h_errno. Solution: Just ignore the hint which seems inaccurate. ------------------------------------------------------------------------------- Problem 11: Problem synthesis: Netwib is slow. Environment affected by the problem: All What's causing the problem: I choose to create a modular library, easy to use. One of the consequence is the high level structuration of netwib. So, it is slower than a low level programming interface. Solution 1: Using records (netwib_io_init_record_xyz), you can construct your packets, save them, and then send them. Solution 2: You can also use only low level functions of netwib, and create your specific code around. If its still too slow, you should not use netwib and use directly system's functions, or buy a new computer ;) ------------------------------------------------------------------------------- Problem 12: Problem synthesis: Some tools does not fully work. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 13: Problem synthesis: Some protocols are not fully implemented. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 14: Problem synthesis: Some tools are not provided. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 15: Problem synthesis: The name "netwox539" is too long to enter. Environment affected by the problem: All What's causing the problem: I choose the name "netwox" followed by its version number. However, you may think that pressing those keys is too long. Solution: You just need to copy netwox539 or to create a link: - Unix: ln -s /usr/local/bin/netwox539 /usr/local/bin/nx - Windows: copy netwox539.exe nx.exe netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/probleminstallbin.txt0000600000000000000000000000120011776302045023654 0ustar rootroot Network toolbox netwox ------------------------------------------- | KNOWN PROBLEMS | ------------------------------------------- This file describes known problems (incompatibilities, unsupported features, errors, etc.). If you seek help (usage help, examples, etc.), it's better to read netwib-5.39.0-doc_html.tgz or netwox-5.39.0-doc_html.tgz. Problems described in this file are (if you encounter an unknown problem, thanks for contacting me, as explained in ./doc/problemreport.txt): Currently, there is nothing to say. netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/problemusageunix.txt0000600000000000000000000010244411776302045023541 0ustar rootroot Network toolbox netwox ------------------------------------------- | KNOWN PROBLEMS | ------------------------------------------- This file describes known problems (incompatibilities, unsupported features, errors, etc.). If you seek help (usage help, examples, etc.), it's better to read netwib-5.39.0-doc_html.tgz or netwox-5.39.0-doc_html.tgz. You can also use "man netwib" or "man netwox". Problems described in this file are (if you encounter an unknown problem, thanks for contacting me, as explained in ./doc/problemreport.txt): PROBLEMS CAUSED BY THE SYSTEM 1: [Linux] Segmentation fault while converting from IP address to ethernet address. [problem in /etc/nsswitch.conf] 2: [Linux] Segmentation fault while converting from IP address to ethernet address. [problem in /etc/ethers] 3: While spoofing at IP level, some packets refuse to be emitted. 4: While spoofing at IP level, some packets emitted doesn't have the same values in the header that the ones we specified. 5: Error 1001: error in sendto() 6: [Linux] When we send a lot of packets at IP level (with netwib_io_init_spoof_ip), there is a saturation of the system. 7: [FreeBSD] cannot sniff. 8: [FreeBSD] cannot spoof. 9: [FreeBSD] /dev/bpfii: Device not configured. 10: [FreeBSD] /dev/bpfii: No such file or directory. 11: [xBSD] Packets emitted to the network always have the ethernet address of the board, instead of having the address specified in the packet. 12: [Linux] The computer local's address is added and the end of an IP option of type "record route" or "timestamp". 13: [Linux] The sniff doesn't work. 14: [Linux] Display of an error in module net-pf-17 in /var/log/messages. PROBLEMS CAUSED BY LIBPCAP OR WINPCAP 15: [Linux] Display of "linux socket: Too many open files" while calling exit(). 16: [Linux] Display of "kernel: program uses obsolete (PF_INET,SOCK_PACKET)" in "/var/log/messages". This is a warning only. PROBLEMS CAUSED BY NETWIB'S DESIGN 17: Why running 'netwox 1' ? 18: Several tools do not work. 19: Network configuration is incorrect. 20: Error messages contains inaccurate hints 21: Netwib is slow. PROBLEMS CAUSED BY NETWOX'S DESIGN 22: Some tools does not fully work. 23: Some protocols are not fully implemented. 24: Some tools are not provided. 25: The name "netwox539" is too long to enter. 26: [Unix] Netwox can be insecure. ------------------------------------------------------------------------------- Problem 1: Problem synthesis: Segmentation fault while converting from IP address to ethernet address. [problem in /etc/nsswitch.conf] Environment affected by the problem: Glibc-2.?? (<2.2.1) with "nisplus" or "db" in /etc/nsswitch.conf What's causing the problem: The problem arises when calling the function ether_hostton, and when the entry "nisplus" or "db" is in /etc/nsswitch.conf. Indeed, there is an error in glibc source (glibc-2.1.3): nis/nss_nisplus/nisplus-ethers.c, line 234: there is "if (name != NULL)" instead of "if (name == NULL)" Note: an email was sent to glibc developers. They applied a patch in glibc 2.2.1. Solution 1: Edit /etc/nsswitch.conf to replace the line: ethers: _here_nisplus_or_nis_or_db_is_written_ files by: ethers: files Indeed, the problems disappears when removing "nis", "nisplus" or "db". You should then execute "genemake" again (and compile and install) to ensure that netwib will use ether_hostton. Solution 2: Install glibc > 2.2.1. ------------------------------------------------------------------------------- Problem 2: Problem synthesis: Segmentation fault while converting from IP address to ethernet address. [problem in /etc/ethers] Environment affected by the problem: /etc/ethers empty What's causing the problem: The problem arises when /etc/ethers exists, but is empty. Indeed, there is an error in glibc source (glibc-2.1.3): inet/ether_hton.c, line 76: fct has only four parameters, instead of five Note: an email was sent to glibc developers. They applied a patch in glibc 2.2.1. Solution 1: Remove the file /etc/ethers if it doesn't contain any line. Solution 2: Install glibc > 2.2.1. ------------------------------------------------------------------------------- Problem 3: Problem synthesis: While spoofing at IP level, some packets refuse to be emitted. Environment affected by the problem: Linux with IP firewalling Solaris FreeBSD [I guess the problem exists in almost every environment] What's causing the problem: Commonly, there are two levels of spoof: - ethernet level: we specify ethernet address, ip address, etc. - ip level: we specify ip address, etc. and the system is in charge of finding the corresponding ethernet address The problem exists because some systems try to ensure that the packet is legitimate before sending it. If the system thinks the packet is incorrect, it will throw it, or it will modify our values before sending it. Solution 1: A generic solution consists in spoofing at ethernet level, to move around the system using netwib_io_init_spoof_ipeth or netwib_io_init_spoof_eth. Solution 2: Under Linux, you have to compile the kernel without IP firewalling to be allowed to emit incorrect packets. ------------------------------------------------------------------------------- Problem 4: Problem synthesis: While spoofing at IP level, some packets emitted doesn't have the same values in the header that the ones we specified. Environment affected by the problem: Linux with IP firewalling Solaris FreeBSD [I guess the problem exists in almost every environment] What's causing the problem: Commonly, there are two levels of spoof: - ethernet level: we specify ethernet address, ip address, etc. - ip level: we specify ip address, etc. and the system is in charge of finding the corresponding ethernet address The problem exists because some systems try to ensure that the packet is legitimate before sending it. If the system thinks the packet is incorrect, it will throw it, or it will modify our values before sending it. Solution 1: A generic solution consists in spoofing at ethernet level, to move around the system using netwib_io_init_spoof_ipeth or netwib_io_init_spoof_eth. Solution 2: Under Linux, you have to compile the kernel without IP firewalling to be allowed to emit incorrect packets. ------------------------------------------------------------------------------- Problem 5: Problem synthesis: Error 1001: error in sendto() Environment affected by the problem: Linux with IP firewalling Solaris FreeBSD [I guess the problem exists in almost every environment] What's causing the problem: Commonly, there are two levels of spoof: - ethernet level: we specify ethernet address, ip address, etc. - ip level: we specify ip address, etc. and the system is in charge of finding the corresponding ethernet address The problem exists because some systems try to ensure that the packet is legitimate before sending it. If the system thinks the packet is incorrect, it will throw it, or it will modify our values before sending it. Solution 1: A generic solution consists in spoofing at ethernet level, to move around the system using netwib_io_init_spoof_ipeth or netwib_io_init_spoof_eth. Solution 2: Under Linux, you have to compile the kernel without IP firewalling to be allowed to emit incorrect packets. ------------------------------------------------------------------------------- Problem 6: Problem synthesis: When we send a lot of packets at IP level (with netwib_io_init_spoof_ip), there is a saturation of the system. Environment affected by the problem: Linux probably other systems What's causing the problem: When using the function netwib_io_init_spoof_ip, we give the packet to the system, and we leave it doing its jobs. If the ethernet destination/router address cannot be determined, the system keeps the packet. Theses packets, for which system thinks it we be able to send them later, will take memory. If we are trying to do a denial of service, and the packets stay in our system, which will saturate (for example, in 10 seconds). So we have to ensure the packets are really sent when we do a denial of service. On powerful computers, I also saw the system accepting more packets than it could really send. This is another cause of saturation. Solution 1: (destination computer is on the LAN) - If the destination computer exists on the LAN, verify it is in the ARP cache ("arp -an"). Otherwise, try to ping it. - If the destination computer doesn't exists, you have to create a fake arp entry ("arp -s computer a:a:a:a:a:a"). Solution 2: (destination computer is after a router) - First, the router must be in the ARP cache ("arp -an"). Otherwise, try to ping it. - Then, verify your routes ("netstat -rn") and try to ping the destination. Solution 3: (configuration OK, but powerful computer) The main problem is that there is no way to known if the kernel is saturating because of our packets. When there is the error (errno==ENOBUFS), it is far too late. One solution is to slow down the sending process using netwib_time_sleep_sec. For example, we can sleep after each thousand packets sent. But, the sleep time depends on the system (cpu, memory, network board, etc.). If you find a good solution to this problem, please contact me. ------------------------------------------------------------------------------- Problem 7: Problem synthesis: cannot sniff. Environment affected by the problem: FreeBSD What's causing the problem: bpf is not compiled in the kernel, or only a few bpfii are available. So we cannot sniff or spoof at Ethernet level. Solution: You have to compile your kernel with bpf support writing the following in /usr/src/sys/i386/KERNEL: "pseudo-device bpfilter 4" Then, you have to create the bpfii cd /dev sh MAKEDEV bpf0 (if it doesn't already exists) sh MAKEDEV bpf1 sh MAKEDEV bpf2 sh MAKEDEV bpf3 Note: in this example, 4 bpf are created; we can use more. ------------------------------------------------------------------------------- Problem 8: Problem synthesis: cannot spoof. Environment affected by the problem: FreeBSD What's causing the problem: bpf is not compiled in the kernel, or only a few bpfii are available. So we cannot sniff or spoof at Ethernet level. Solution: You have to compile your kernel with bpf support writing the following in /usr/src/sys/i386/KERNEL: "pseudo-device bpfilter 4" Then, you have to create the bpfii cd /dev sh MAKEDEV bpf0 (if it doesn't already exists) sh MAKEDEV bpf1 sh MAKEDEV bpf2 sh MAKEDEV bpf3 Note: in this example, 4 bpf are created; we can use more. ------------------------------------------------------------------------------- Problem 9: Problem synthesis: /dev/bpfii: Device not configured. Environment affected by the problem: FreeBSD What's causing the problem: bpf is not compiled in the kernel, or only a few bpfii are available. So we cannot sniff or spoof at Ethernet level. Solution: You have to compile your kernel with bpf support writing the following in /usr/src/sys/i386/KERNEL: "pseudo-device bpfilter 4" Then, you have to create the bpfii cd /dev sh MAKEDEV bpf0 (if it doesn't already exists) sh MAKEDEV bpf1 sh MAKEDEV bpf2 sh MAKEDEV bpf3 Note: in this example, 4 bpf are created; we can use more. ------------------------------------------------------------------------------- Problem 10: Problem synthesis: /dev/bpfii: No such file or directory. Environment affected by the problem: FreeBSD What's causing the problem: bpf is not compiled in the kernel, or only a few bpfii are available. So we cannot sniff or spoof at Ethernet level. Solution: You have to compile your kernel with bpf support writing the following in /usr/src/sys/i386/KERNEL: "pseudo-device bpfilter 4" Then, you have to create the bpfii cd /dev sh MAKEDEV bpf0 (if it doesn't already exists) sh MAKEDEV bpf1 sh MAKEDEV bpf2 sh MAKEDEV bpf3 Note: in this example, 4 bpf are created; we can use more. ------------------------------------------------------------------------------- Problem 11: Problem synthesis: Packets emitted to the network always have the ethernet address of the board, instead of having the address specified in the packet. Environment affected by the problem: FreeBSD 3.1, 3.5, OpenBSD 2.x [FreeBSD 4.x is not concerned] What's causing the problem: The kernel doesn't allow to spoof ethernet address. Solution: The directory ../src/port/freebsd (or ../src/port/openbsd) contains a kernel patch/module. The patch has to be applied, or the module has to be activated. Read the README file present in such directories. ------------------------------------------------------------------------------- Problem 12: Problem synthesis: The computer local's address is added and the end of an IP option of type "record route" or "timestamp". Environment affected by the problem: Linux kernel inferior to 2.1 What's causing the problem: While sniffing a packet containing IP options "record route" or "timestamp", which is done by libpcap, the local computer adds its own address at the end of the list. This seems to be logical, but when we sniff we want to see what is really on the network. The libpcap library uses a {PF_INET,SOCK_PACKET} socket, and this implementation is incorrect. Solution 1: Kernel after 2.1 doesn't have this problem. Solution 2: Install libpcap > 0.6 available at http://www.tcpdump.org/. ------------------------------------------------------------------------------- Problem 13: Problem synthesis: The sniff doesn't work. Environment affected by the problem: Linux What's causing the problem: The kernel has to be compiled with "packet socket" (CONFIG_PACKET) to be able to sniff. Solution: You have to compile your kernel with "packet socket": - select 'Packet socket' in the menu 'Networking options' of 'make xconfig', or - edit /usr/src/linux/.config to define: CONFIG_PACKET=y The kernel then needs to be compiled and installed. ------------------------------------------------------------------------------- Problem 14: Problem synthesis: Display of an error in module net-pf-17 in /var/log/messages. Environment affected by the problem: Linux What's causing the problem: The kernel has to be compiled with "packet socket" (CONFIG_PACKET) to be able to sniff. Solution: You have to compile your kernel with "packet socket": - select 'Packet socket' in the menu 'Networking options' of 'make xconfig', or - edit /usr/src/linux/.config to define: CONFIG_PACKET=y The kernel then needs to be compiled and installed. ------------------------------------------------------------------------------- Problem 15: Problem synthesis: Display of "linux socket: Too many open files" while calling exit(). Environment affected by the problem: Linux with libpcap 0.5 What's causing the problem: The function "linux_restore_ifr" of "pcap-linux.c" is called at the end of the program ("atexit()"). This function uses a file descriptor, but never closes it. Note: An email was sent to libpcap's developers. Solution 1: Install libpcap > 0.6 available at http://www.tcpdump.org/. Solution 2: If you use libpcap<0.6, you have to modify the function "linux_restore_ifr" of "pcap-linux.c": void linux_restore_ifr(void) { register int fd; fd = socket(PF_INET, SOCK_PACKET, htons(0x0003)); if (fd < 0) fprintf(stderr, "linux socket: %s", pcap_strerror(errno)); else if (ioctl(fd, SIOCSIFFLAGS, &saved_ifr) < 0) fprintf(stderr, "linux SIOCSIFFLAGS: %s", pcap_strerror(errno)); /*and here, a close was missing*/ close(fd); /*added by Laurent, in libpcap*/ } Then you have to compile and install libpcap. ------------------------------------------------------------------------------- Problem 16: Problem synthesis: Display of "kernel: program uses obsolete (PF_INET,SOCK_PACKET)" in "/var/log/messages". This is a warning only. Environment affected by the problem: Linux kernel superior to 2.1 libpcap up to 0.5rel2 What's causing the problem: The libpcap library uses a {PF_INET,SOCK_PACKET} socket. This kind of socket is considered as obsolete by the kernel. Note: an email was sent to libpcap's developers. Solution 1: As this is a warning only message, it can be ignored. Solution 2: Install libpcap > 0.6 available at http://www.tcpdump.org/. ------------------------------------------------------------------------------- Problem 17: Problem synthesis: Why running 'netwox 1' ? Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 18: Problem synthesis: Several tools do not work. Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 19: Problem synthesis: Network configuration is incorrect. Environment affected by the problem: All What's causing the problem: Obtaining the configuration (device, arp cache, routes) of the local computer is an important step of netwib. Several tools need this configuration to be accurate. Different kinds of network cards, modems, operating systems, etc. exist. So, it's possible that your computer contains unrecognized hardware. In this case, several netwox tools would be unusable. For these reasons, the first tool to use is 'netwox 1' to ensure correct configuration setting. Here is a correct example (taken on Linux): ################################### Devices ################################ nu dev ethernet_hwtype mtu real_device_name 1 Lo0 loopback 3924 lo 2 Eth0 aa:aa:aa:aa:aa:aa 1500 eth0 3 Eth1 bb:bb:bb:bb:bb:bb 1500 eth1 ##################################### IP ################################### nu ip /netmask ppp point_to_point_with 1 127.0.0.1 /255.0.0.0 0 2 192.168.1.1 /255.255.255.0 0 3 192.168.2.1 /255.255.255.0 0 3 192.168.3.1 /255.255.255.0 0 ############################## ArpCache/Neighbor ########################### nu ethernet ip 2 aa:aa:aa:aa:aa:aa 192.168.1.1 3 bb:bb:bb:bb:bb:bb 192.168.2.1 3 bb:bb:bb:bb:bb:bb 192.168.3.1 2 cc:cc:cc:cc:cc:cc 192.168.1.254 #################################### Routes ################################ nu destination /netmask source gateway metric 1 127.0.0.1 /255.255.255.255 local 0 2 192.168.1.1 /255.255.255.255 local 0 3 192.168.2.1 /255.255.255.255 local 0 3 192.168.3.1 /255.255.255.255 local 0 2 192.168.10.0 /255.255.255.0 192.168.1.1 0 3 192.168.21.0 /255.255.255.0 192.168.2.1 0 3 192.168.31.0 /255.255.255.0 192.168.1.1 0 1 127.0.0.0 /255.0.0.0 127.0.0.1 0 2 0.0.0.0 /0.0.0.0 192.168.1.1 192.168.1.254 0 In this example, we see the loopback device (lo, or Lo0, number 1), and two network cards (eth0 and eth1, respectively number 2 and 3). Network card 2 has IP address 192.168.1.1, and network card 3 has two IP addresses (192.168.2.1 and 192.168.3.1). The arp table contains permanent entries, and the dynamic entry for the router 192.168.1.254. The routing table first contains entries to access local devices, then network connected to the local devices, and finally the default router 192.168.1.254. Solution: As I cannot have access to your hardware, you have to send me information about your configuration in order to help netwib's improvements. Run: netwox 2 > resultfile Then, send me the file 'resultfile', along with configuration information (ifconfig, ipconfig /all, arp -a, route print, netstat -rn, winipcfg /all /batch file.out, winipcfg, network card type, modem type, etc.). Thanks. ------------------------------------------------------------------------------- Problem 20: Problem synthesis: Error messages contains inaccurate hints Environment affected by the problem: All What's causing the problem: Implementing a cross platform compatible error handling is almost impossible (errno, h_errno, GetLatError, WSAGetLastError). The solution chosen in netwib is to leave those error codes untouched. So, if they were previously set by another error, this error will still be present. For example: Error 1099: error in foobar() hint: errno = 19 = No such device hint: h_errno = 2 = Host name lookup failure If function foobar sets errno read errno, else read h_errno. Solution: Just ignore the hint which seems inaccurate. ------------------------------------------------------------------------------- Problem 21: Problem synthesis: Netwib is slow. Environment affected by the problem: All What's causing the problem: I choose to create a modular library, easy to use. One of the consequence is the high level structuration of netwib. So, it is slower than a low level programming interface. Solution 1: Using records (netwib_io_init_record_xyz), you can construct your packets, save them, and then send them. Solution 2: You can also use only low level functions of netwib, and create your specific code around. If its still too slow, you should not use netwib and use directly system's functions, or buy a new computer ;) ------------------------------------------------------------------------------- Problem 22: Problem synthesis: Some tools does not fully work. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 23: Problem synthesis: Some protocols are not fully implemented. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 24: Problem synthesis: Some tools are not provided. Environment affected by the problem: All What's causing the problem: Netwox's development contains several branches, each one having its own priority. I cannot develop everything in one day:). So, my priorities might not be the same as yours. Moreover, only frequently used part of protocols are implemented. Solution 1: Read todo.txt to obtain list of action to be done. Solution 2: Read unimplemented.txt to obtain the list of unimplemented stuff. Solution 3: Contact-me to explain your needs. ------------------------------------------------------------------------------- Problem 25: Problem synthesis: The name "netwox539" is too long to enter. Environment affected by the problem: All What's causing the problem: I choose the name "netwox" followed by its version number. However, you may think that pressing those keys is too long. Solution: You just need to copy netwox539 or to create a link: - Unix: ln -s /usr/local/bin/netwox539 /usr/local/bin/nx - Windows: copy netwox539.exe nx.exe ------------------------------------------------------------------------------- Problem 26: Problem synthesis: Netwox can be insecure. Environment affected by the problem: All What's causing the problem: Some tools require root privileges (for example capturing packets with tool 7). A bug occurring with root privileges can compromise the system. In order to protect system, programs generally separate privileges in two distinct process (or loose privileges if they are not needed anymore). This kind of architecture is too complicated to implement for simple tools such as netwox ones. Solution 1: Netwox or netwag can be run in chroot jails. You can create your own jail, or take ideas from script netwox-src/misc/unix/chroot/chroot.sh (Linux). As a final note, tcpdump, Ethereal, nmap, etc are not separating privileges. So, they can also be added in the same jail. Solution 2: Use capabilities. netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/addonetoolwindows.txt0000600000000000000000000000154311776302045023711 0ustar rootroot This file explains how to add a tool in netwox. If you want to compile netwox, you're not reading the good file. Read ../INSTALLWINDOWS.TXT. If you want to compile a small program with netwib, it's easier than what's explained here : read netwib-5.39.0-src/doc/compilwindows.txt or netwib-5.39.0-bin_windows/doc/compil.txt. For example, to add tool number 4, modifying tool 3, the procedure is : - copy tools/000003.c tools/000004.c - edit tools/000004.c and replace "000004" by "000003" - modify tools/000004.c to match your needs - add two lines in tools.h - add one line in tools.list - add tools/000004.c in Visual project If this tool needs a new module named foobar, also do : - vi modules/foobar.c (to create it) - vi modules/foobar.h (to create it) - add module in modules.h - add modules/foobar.c in Visual project netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/installsrcunix.txt0000600000000000000000000000206711776302045023232 0ustar rootroot ------------------------------- | INTRODUCTION | ------------------------------- Note : if you encounter problems, read ./doc/probleminstallunix.txt There are 2 steps : - compile and install netwib [if not already installed] - compile and install netwox ------------------------------ | STEP 1 : netwib | ------------------------------ If netwib isn't installed on your system, you have to do it : http://ntwib.sourceforge.net/ Installation procedure for netwib is explained in downloaded files. ----------------------------- | STEP 2 : netwox | ----------------------------- - "cd src" (to go in source directory) - ./genemake (to generate Makefile) - "make" (to compile netwox) - "make install" (to install netwox in the PATH. You need to be root to achieve this command) netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/presentation.txt0000600000000000000000000000067211776302045022663 0ustar rootrootToolbox netwox helps to find and solve network problems. It provides 223 tools : - udp/tcp clients/servers - spoofing - sniffing - address conversion - etc. Netwox is mainly oriented towards network administrators and security auditors. Some tools are only a simplified implementation, while others are very sophisticated. Read ./unimplemented.txt for more information. Netwox is available under the GNU GPL license. netw-ib-ox-ag-5.39.0/src/netwox-doc_html/txt/installsrcwindows.txt0000600000000000000000000000621711776302045023742 0ustar rootroot ------------------------------- | INTRODUCTION | ------------------------------- This package permits to COMPILE netwox539.exe. If you seek a pre-compiled version, download netwox-5.39.0-bin_windows.tgz. Note : if you encounter problems, read ./doc/probleminstallwindows.txt There are 2 steps : - compile and install netwib [if not already installed] - compile and install netwox ------------------------------ | STEP 1 : netwib | ------------------------------ If netwib isn't installed on your system, you have to do it : http://ntwib.sourceforge.net/ Installation procedure for netwib is explained in downloaded files. ----------------------------- | STEP 2 : netwox | ----------------------------- You need a compiler : - Visual C++ (tested with version 6) - Dev-C++/Mingw32 (tested with version 5 beta) Rename "src/def_windows.h" to "src/def.h". Rename "src/netwib_windows.h" to "src/netwib.h". Visual C++ procedure : - Open the Workspace file "src/compil/windows/netwox/netwox.dsw". - Select Release (instead of Debug) as "Active Configuration" under Build. - Open the menu "Setup", "Settings...". Then, select "C/C++", select category "Preprocessor". In the field "Additional include directories", there is "..\..\..\..\..\netwib-bin_windows\include". Change this value to "C:\netwib\include" (this is the directory's name where you put netwib's includes during netwib's installation). Press "OK". - Open the menu "Setup", "Settings...". Then, select "Link", select category "Input". In the field "Additional library path", there is "..\..\..\..\..\netwib-bin_windows\lib". Change this value to "C:\netwib\lib" (this is the directory's name where you put netwib's lib during netwib's installation). Press "OK". - Press F7 key, to build everything. - The following file should be generated : src/compil/windows/netwox/Release/netwox539.exe - So, we obtain netwox539.exe. Dev-C++ procedure : - Open the project file "src/compil/devcpp/netwox.dev". - Open the menu "Project", "Project options", "Parameters", "Directories". In the field "Include Directories" there is "..\..\..\..\..\src\ netwib-bin_windows\include". Change this value to "C:\netwib\include" (this is the directory's name where you put netwib's includes during netwib's installation). Press "OK". - Open the menu "Project", "Project options", "Parameters". In the field "Linker" there is "../../../../netwib-bin_windows /lib/libnetwib539.a". Change this value to "C:\netwib\lib\libnetwib539.a" (this is the directory's name where you put netwib's lib during netwib's installation, followed by the library file). Press "OK". - Press Ctrl-F9 key, to build everything. - The following files should be generated : src/compil/devcpp/out/netwox539.exe - So, we obtain netwox539.exe. Copy netwox539.exe in a directory of your path (for example, "%WINDIR%\Command\" or "%WINDIR%\System32\"). netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/0000755000000000000000000000000011776302040017726 5ustar rootrootnetw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/100.html0000644000000000000000000000534011776302040021116 0ustar rootroot Tool 100: TELNET client executing one or several commands

Tool 100: TELNET client executing one or several commands

Description:

  This tool runs shell commands on a remote TELNET server.
  First, it logins, then it runs commands, and finally, it logouts.
  For example: netwox 23 -l bob --kbd-w id hostname pwd ls
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  rsh

Usage:

  netwox 100 -i ip -l login -w password [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32] [cmd1 cmd2 ...]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-l|--login login login  
-w|--password password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 23
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 100 -i "5.6.7.8" -l "" -w "" cmd1 cmd2 ...

  netwox 100 --dst-ip "5.6.7.8" --login "" --password "" cmd1 cmd2 ...

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/132.html0000644000000000000000000000640611776302040021127 0ustar rootroot Tool 132: Brute force http client (proxy password)

Tool 132: Brute force http client (proxy password)

Description:

  This tool successively tries couples of login and passwords in order
  to find matching authentication credentials.
  This tool tries to find password of web proxy (basic authentication).
  
  Parameter --uri is the uri/url requested.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --login defines the logins to try. To check several logins,
  parameter --login-file is the file containing logins (one per line).
  Parameter --password-file is the file containing passwords (1/line).
  Parameter --stopatfirst indicates to stop when first match is found.
  Parameter --numthread defines the number of threads (simultaneous
  running checks) to use.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  web

Usage:

  netwox 132 -u uri -p ip [-P port] [-L login] -w file [-l file] [-U useragent] [-T uint32] [-s|+s] [-n uint32] [-v|+v]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://server/private/
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-L|--login login login  
-w|--password-file file password file passwordfile.txt
-l|--login-file file login file loginfile.txt
-U|--user-agent useragent user agent Mozilla/5.0
-T|--timeout uint32 timeout in milliseconds 60000
-s|--stopatfirst|+s|--no-stopatfirst stop at first valid login found  
-n|--numthread uint32 number of threads to launch 5
-v|--verbose|+v|--no-verbose be verbose This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 132 -u "http://server/private/" -p "5.6.7.8" -w "passwordfile.txt"

  netwox 132 --uri "http://server/private/" --proxy-ip "5.6.7.8" --password-file "passwordfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/3.html0000644000000000000000000000426211776302040020762 0ustar rootroot Tool 3: Display information about an IP address or a hostname

Tool 3: Display information about an IP address or a hostname

Description:

  This tool obtains addresses of a computer.
  For example, from an IP address, obtain hostname and Ethernet address.
  For example, from a hostname, obtain IP address and Ethernet address.
  
  Parameter --title displays title in front of each result.
  Parameter --ip displays IP address.
  Parameter --host displays main hostname.
  Parameter --hosts displays list of hostnames (one IP address can have
  several hostnames).
  Parameter --eth displays Ethernet address.
  If no option (ip, host, hosts, eth) is set, they are all displayed.
  Parameter --all displays information about a list of addresses (for
  example 'netwox 3 -a 192.168.0.0/24').
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof (for Ethernet addresses resolving).

Synonyms:

  ethernet, ip4, ip6, mac, resolve, show

Usage:

  netwox 3 -q hostname [-t|+t] [-i|+i] [-h|+h] [-H|+H] [-e|+e] [-a|+a]

Parameters:

parameter description example
-q|--query hostname IP address or hostname www.example.com
-t|--title|+t|--no-title display titles  
-i|--ip|+i|--no-ip obtain IP address  
-h|--host|+h|--no-host obtain hostname  
-H|--hosts|+H|--no-hosts obtain hostnames  
-e|--eth|+e|--no-eth obtain Ethernet address  
-a|--all|+a|--no-all display all IP addresses  

Examples:

  netwox 3 -q "www.example.com"

  netwox 3 --query "www.example.com"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/172.html0000644000000000000000000000553311776302040021133 0ustar rootroot Tool 172: List articles range of a newsgroup

Tool 172: List articles range of a newsgroup

Description:

  This tool lists the range number of articles provided by a newsgroup.
  This range is expressed as 'min max'. If max is lesser than min, this
  NNTPserver does does have any message for this newsgroup.
  
  Parameter --newsgroup sets the newsgroup name.
  Parameters --user and --pass defines the username and password.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 172 -i ip -g newsgroup [-u login] [-a password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-g|--newsgroup newsgroup newsgroup name comp.lang.c
-u|--user login username  
-a|--pass password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 119
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 172 -i "5.6.7.8" -g "comp.lang.c"

  netwox 172 --dst-ip "5.6.7.8" --newsgroup "comp.lang.c"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/128.html0000644000000000000000000000215311776302040021127 0ustar rootroot Tool 128: Split a file in smaller chunks

Tool 128: Split a file in smaller chunks

Description:

  This tool splits a file in chunks. For example, splitting a file in
  blocks of 1M44 permits to store it on several floppies. See also tool
  129.
  For example running 'netwox 128 file --chunk-size 100' will create
  several files named file.0, file.1, etc.

Synonyms:

  piece

Usage:

  netwox 128 -f file [-s uint32]

Parameters:

parameter description example
-f|--file file file srcfile.txt
-s|--chunk-size uint32 max chunk size in bytes 1400000

Examples:

  netwox 128 -f "srcfile.txt"

  netwox 128 --file "srcfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/120.html0000644000000000000000000000565111776302040021125 0ustar rootroot Tool 120: HTTP POST

Tool 120: HTTP POST

Description:

  This tool sends a HTTP request using method POST. HTTP protocol
  defines POST method to retrieve a document, giving some more
  parameters. For example, 'http://server/index.s?v=a1&v=2' can be
  converted to a POST request with '--uri http://server/index.s' and
  '--parameters v=a1&v=2'.
  Please note & is a special shell character, so it has to be escaped.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.
  Parameter --display-headers indicates to display reply headers.
  Parameter --file-headers indicates the filename where to store
  headers.
  Parameter --display-body indicates to display reply body.
  Parameter --file-body indicates the filename where to store body.

Synonyms:

  web

Usage:

  netwox 120 -u uri [-a data] [-s|+s] [-h|+h] [-b|+b] [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-H file] [-B file] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-a|--parameters data parameters  
-s|--display-status|+s|--no-display-status display statuscode to screen  
-h|--display-headers|+h|--no-display-headers display headers to screen  
-b|--display-body|+b|--no-display-body display body to screen  
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-H|--file-headers file file receiving headers filehdr.txt
-B|--file-body file file receiving body filebody.txt
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 120 -u "http://www.example.com/"

  netwox 120 --uri "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/219.html0000644000000000000000000000410611776302040021130 0ustar rootroot Tool 219: Compute cryptographic hash of a file (md5, sha, etc.)

Tool 219: Compute cryptographic hash of a file (md5, sha, etc.)

Description:

  This tool computes the cryptographic hash of a file (MD2, MD4.
  M5, RIPEMD-128, RIPEMD-160, SHA-1, SHA-224, SHA-356, SHA-384,
  SHA512)

Synonyms:

  md5sum

Usage:

  netwox 219 -f file [-t|+t] [-2|+2] [-4|+4] [-5|+5] [-C|+C] [-D|+D] [-E|+E] [-F|+F] [-G|+G] [-J|+J] [-K|+K]

Parameters:

parameter description example
-f|--src-file file source filename srcfile.txt
-t|--title|+t|--no-title display titles  
-2|--disp-md2|+2|--no-disp-md2 display md2  
-4|--disp-md4|+4|--no-disp-md4 display md4  
-5|--disp-md5|+5|--no-disp-md5 display md5  
-C|--disp-ripemd128|+C|--no-disp-ripemd128 display ripemd128  
-D|--disp-ripemd160|+D|--no-disp-ripemd160 display ripemd160  
-E|--disp-sha1|+E|--no-disp-sha1 display sha1  
-F|--disp-sha224|+F|--no-disp-sha224 display sha224  
-G|--disp-sha256|+G|--no-disp-sha256 display sha256  
-J|--disp-sha384|+J|--no-disp-sha384 display sha384  
-K|--disp-sha512|+K|--no-disp-sha512 display sha512  

Examples:

  netwox 219 -f "srcfile.txt"

  netwox 219 --src-file "srcfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/213.html0000644000000000000000000000206111776302040021120 0ustar rootroot Tool 213: Display a list of IP addresses

Tool 213: Display a list of IP addresses

Description:

  This tool displays a list of IP addresses. For example:
    --ips 1.2.3.4-1.2.3.6 --separator ","
  displays:
    1.2.3.4,1.2.3.5,1.2.3.6
  
  This tool is useful to generate IP addresses lists for other tools.
  
  See also tool 24 for other IP address conversions.

Usage:

  netwox 213 -i ips [-s data]

Parameters:

parameter description example
-i|--ips ips list of addresses to display all
-s|--separator data separator to use  

Examples:

  netwox 213 -i "all"

  netwox 213 --ips "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/155.html0000644000000000000000000000415311776302040021131 0ustar rootroot Tool 155: Network performance measurement : TCP server

Tool 155: Network performance measurement : TCP server

Description:

  This tool is a TCP server. Use tool 156 to connect to it and obtain a
  network performance measurement.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).

Synonyms:

  iperf

Usage:

  netwox 155 -P port [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4

Examples:

  netwox 155 -P "1234"

  netwox 155 --src-port "1234"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/16.html0000644000000000000000000000455411776302040021052 0ustar rootroot Tool 16: Convert a record

Tool 16: Convert a record

Description:

  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  
  This tool converts a record. For example, it can convert a pcap
  capture file to a mixed capture file.
  
  Parameter --src-file indicates the input record filename.
  Parameter --input-dlt defines the DLT of packets in input record (it
  depends on how it was sniffed, generally 'ether' (for Ethernet) or
  'raw' (if packet starts at IP header)). Full list is available through
  netwag or running tool 12.
  Parameter --dst-file indicates the output record filename.
  Parameter --output-dlt defines the DLT of packets to write in output
  record.
  Parameter --recordencode defines how to encode data in this record
  (suggested values: bin, pcap and mixed_wrap).

Synonyms:

  capture

Usage:

  netwox 16 -f file [-t dlt] -F file [-T dlt] [-r recordencode]

Parameters:

parameter description example
-f|--src-file file input record file srcfile.txt
-t|--input-dlt dlt dlt type of input record ether
-F|--dst-file file output record file dstfile.txt
-T|--output-dlt dlt dlt type of output record ether
-r|--recordencode recordencode encoding type for output record bin

Examples:

  netwox 16 -f "srcfile.txt" -F "dstfile.txt"

  netwox 16 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/34.html0000644000000000000000000000476411776302040021055 0ustar rootroot Tool 34: Spoof EthernetIp4 packet

Tool 34: Spoof EthernetIp4 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 34 [-d device] [-a eth] [-b eth] [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o mixed_data] [-p uint32] [-q uint32] [-r uint32] [-s uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--ip4-data mixed_data mixed data  
-p|--eth-type uint32 Ethernet type 2048
-q|--ip4-ihl uint32 IP4 ihl 5
-r|--ip4-totlen uint32 IP4 totlen 0
-s|--ip4-checksum uint32 IP4 checksum 0

Example:

  netwox 34

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/90.html0000644000000000000000000000460111776302040021045 0ustar rootroot Tool 90: UDP server

Tool 90: UDP server

Description:

  This tool listens on a UDP port. Use tool 88 to connect to it.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  Parameter --encode defines how to display data (common values: data,
  dump, mixed).
  Parameter --decode defines how keyboard data is entered (common
  values: data, mixed).

Synonyms:

  nc, netcat

Usage:

  netwox 90 -P port [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype] [-k decode] [-n encode]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-k|--decode decode how keyboard data is entered data
-n|--encode encode how network data is displayed data

Examples:

  netwox 90 -P "1234"

  netwox 90 --src-port "1234"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/161.html0000644000000000000000000001147611776302040021134 0ustar rootroot Tool 161: SNMP Trap

Tool 161: SNMP Trap

Description:

  This tool sends a TRAP to a SNMP server. It permits to alert a server.
  
  Parameter --version defines SNMP version to use (from 1 to 3).
  Versions 1 and 2 need --community parameter to set community name.
  Version 3 requires --username and --password. Parameter --authmd5
  indicates if md5 authentication is used. Parameters
  --authoritativeengineid, --authoritativeengineboots,
  --authoritativeenginetime, --contextengineid and --contextname are
  optional version 3 parameters.
  Parameter --display shows packets.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  snmptrap

Usage:

  netwox 161 -i ip [-c password] -r oid -a ip -s uint32 [-S uint32] -z uint32 -n oid -t oidtype -V data [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-m|+m] [-u login] [-w password] [-A mixed_data] [-B uint32] [-M uint32] [-C mixed_data] [-N data] [-T uint32] [-y|+y]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-c|--community password SNMPv1/v2 community public
-r|--enterprise oid enterprise .1.1
-a|--agent ip agent 192.168.100.200
-s|--traptype uint32 traptype 3
-S|--specifictrap uint32 specifictrap 0
-z|--timestamp uint32 timestamp 0
-n|--oidname oid oid name .1.2
-t|--oidtype oidtype oid type (i,s,m,n,o,a,c,g,t,M,u,U) s
-V|--oidvalue data oid value  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 162
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--version uint32 SNMP version (1, 2 or 3) 1
-m|--md5auth|+m|--no-md5auth SNMPv3 auth using MD5 This boolean is set.
Use + or --no- to unset it.
-u|--username login SNMPv3 username  
-w|--password password SNMPv3 password  
-A|--authoritativeengineid mixed_data SNMPv3 authoritativeengineid  
-B|--authoritativeengineboots uint32 SNMPv3 authoritativeengineboots 0
-M|--authoritativeenginetime uint32 SNMPv3 authoritativeenginetime 0
-C|--contextengineid mixed_data SNMPv3 contextengineid  
-N|--contextname data SNMPv3 contextname  
-T|--timeout uint32 timeout in ms 10000
-y|--display|+y|--no-display display packets  

Examples:

  netwox 161 -i "5.6.7.8" -r ".1.1" -a "192.168.100.200" -s "3" -z "0" -n ".1.2" -t "s" -V ""

  netwox 161 --dst-ip "5.6.7.8" --enterprise ".1.1" --agent "192.168.100.200" --traptype "3" --timestamp "0" --oidname ".1.2" --oidtype "s" --oidvalue ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/138.html0000644000000000000000000000214511776302040021131 0ustar rootroot Tool 138: Web spider (use configuration file created by tool 137)

Tool 138: Web spider (use configuration file created by tool 137)

Description:

  This tool spiders a HTTP or FTP url. 'Spidering' an url means to
  download the url, read the new urls it contains, download them, and so
  on recursively.
  It needs a configuration file created with tool 137.
  It decides which url to download base on rules in configuration file.

Synonyms:

  curl, wget

Usage:

  netwox 138 -f file

Parameters:

parameter description example
-f|--conffile file configuration file srcfile.txt

Examples:

  netwox 138 -f "srcfile.txt"

  netwox 138 --conffile "srcfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/197.html0000644000000000000000000000326411776302040021141 0ustar rootroot Tool 197: WHOIS client guessing server

Tool 197: WHOIS client guessing server

Description:

  This tool is a whois client.
  It obtains information about an object (generally a domain name).
  It tries to guess the best whois server.
  For example: netwox 197 --query enterprise.fr
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 197 -q hostname [-T uint32]

Parameters:

parameter description example
-q|--query hostname information to query www.example.com
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 197 -q "www.example.com"

  netwox 197 --query "www.example.com"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/110.html0000644000000000000000000000300611776302040021114 0ustar rootroot Tool 110: Ethernet bridge limiting flow

Tool 110: Ethernet bridge limiting flow

Description:

  This tool is an Ethernet bridge. It has to be run on a computer having
  two network cards. This computer cuts the network in two. It permits
  to limit the flow. This can be used to simulate a slow network in
  order to test an application.
  A --max12 or --max21 of 0 means no limitation.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 110 -d device -D device [-m uint32] [-M uint32] [-v|+v]

Parameters:

parameter description example
-d|--device1 device first device Eth0
-D|--device2 device second device Eth0
-m|--max12 uint32 max byte/sec from 1 to 2 0
-M|--max21 uint32 max byte/sec from 2 to 1 0
-v|--verbose|+v|--no-verbose verbose This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 110 -d "Eth0" -D "Eth0"

  netwox 110 --device1 "Eth0" --device2 "Eth0"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/217.html0000644000000000000000000000702711776302040021133 0ustar rootroot Tool 217: SMB/CIFS server

Tool 217: SMB/CIFS server

Description:

  This tool is a SMB/CIFS server. Microsoft Windows and Samba clients
  can be used to connect to this server, in order to access shared
  directory.
  
  When this tool is running, users can connect to it from Windows using
  \\1.2.3.4\share or \\server\share (might need to edit lmhost).
  
  This tool does not support filenames with accents nor with Unicode
  characters. It also has other limitations, but most users will not
  notice them (see smbser.h in source files).
  
  Parameter --rootdir defines the root directory for put and get file
  operations (cannot exit this root jail).
  Parameters --login and --password defines needed login and password.
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Synonyms:

  Samba

Usage:

  netwox 217 [-s smbshare] [-r dir] [-u login] [-w password] [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32] [-c ips] [-U|+U] [-V|+V] [-D|+D]

Parameters:

parameter description example
-s|--share smbshare share name share
-r|--rootdir dir root directory /tmp
-u|--user login username needed to access  
-w|--password password password needed to access  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--timeout uint32 timeout in milliseconds 600000
-c|--allowed-clients ips clients allowed to connect all
-U|--allow-put|+U|--no-allow-put allow put/write on server This boolean is set.
Use + or --no- to unset it.
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Example:

  netwox 217

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/64.html0000644000000000000000000000454611776302040021056 0ustar rootroot Tool 64: Traceroute on a specified IP protocol (EthIp spoof)

Tool 64: Traceroute on a specified IP protocol (EthIp spoof)

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends an IP only packet. There is no way to detect end (it
  depends on protocol), so user has to interrupt tool at end.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 64 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-p uint32] [-D mixed_data] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-p|--protocol uint32 ip protocol 1
-D|--ip4-data mixed_data mixed data  
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 64 -i "5.6.7.8"

  netwox 64 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/108.html0000644000000000000000000000501111776302040021121 0ustar rootroot Tool 108: List newsgroups available on a server

Tool 108: List newsgroups available on a server

Description:

  This tool lists newsgroups available on a NNTP server.
  
  Parameters --user and --pass defines the username and password.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 108 -i ip [-u login] [-a password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username  
-a|--pass password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 119
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 108 -i "5.6.7.8"

  netwox 108 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/6.html0000644000000000000000000000350611776302040020765 0ustar rootroot Tool 6: Display how to reach an IP address

Tool 6: Display how to reach an IP address

Description:

  This tool displays source and destination addresses used to reach a
  remote computer.
  It shows:
   - associated device
   - local/source IP address
   - IP address of host to reach
   - local/source Ethernet address
   - destination Ethernet address (address of gateway/router if computer
     is not on the local Ethernet LAN)
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof (for Ethernet addresses resolving).

Synonyms:

  device, gateway, ip4, ip6, mac, router

Usage:

  netwox 6 [-t|+t] [-d|+d] [-i|+i] [-I|+I] [-e|+e] [-E|+E] -q ip

Parameters:

parameter description example
-t|--title|+t|--no-title display titles  
-d|--device|+d|--no-device obtain device  
-i|--src-ip|+i|--no-src-ip obtain source IP  
-I|--dst-ip|+I|--no-dst-ip display destination IP  
-e|--src-eth|+e|--no-src-eth obtain source Eth  
-E|--dst-eth|+E|--no-dst-eth obtain destination Eth  
-q|--ip ip IP address 192.168.100.200

Examples:

  netwox 6 -q "192.168.100.200"

  netwox 6 --ip "192.168.100.200"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/61.html0000644000000000000000000000654711776302040021056 0ustar rootroot Tool 61: Traceroute UDP

Tool 61: Traceroute UDP

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends an UDP packet to a computer. If host permits UDP, it
  will send back an ICMP error (if port is closed), or send back nothing
  (if port is open). So, it's important to understand UDP port has to be
  closed for computer to return something.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 61 -i ip [-p port] [-s spoofip] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-s|--spoofip spoofip IP spoof initialization type best
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 61 -i "5.6.7.8"

  netwox 61 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/171.html0000644000000000000000000000261311776302040021126 0ustar rootroot Tool 171: DHCP client

Tool 171: DHCP client

Description:

  This tool obtains an IP address from a DHCP server.
  It sends a DISCOVER message, and wait for server replies. The first
  server to answer is accepted, and its proposed address is displayed.
  Then, it periodically updates in order to keep this address. Finally,
  when user presses Q key, address ie released.
  This tool permits to obtain an IP address on a DHCP network, in order
  to temporarily configure a host not supporting DHCP.
  
  Parameters --device and --eth-src permit to send message using a fake
  address.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 171 [-d device] [-e eth] [-T uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-e|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-T|--timeout uint32 timeout in ms 30000

Example:

  netwox 171

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/94.html0000644000000000000000000000623511776302040021056 0ustar rootroot Tool 94: TCP remote administration client (exec)

Tool 94: TCP remote administration client (exec)

Description:

  This tool runs a command on server of tool 93.
  
  Parameter --command contains the command to run. This command must
  have the full path. For example '/bin/sh -c ls', and not just 'ls'.
  Parameter --dst-file defines the file containing the result of
  command.
  Parameter --password defines the password (same as server's password).
  Parameter --cypher defines if data has to be encrypted. Please note
  this is not very strong. If known text is used, this algorithm can be
  cracked.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 94 -i ip -p port -c data [-F file] [-w password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-x|+x] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-c|--command data command to execute /bin/sh -c ls
-F|--dst-file file destination filename dstfile.txt
-w|--password password password netwox
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-x|--cypher|+x|--no-cypher if data is encrypted  
-T|--timeout uint32 timeout in seconds 100

Examples:

  netwox 94 -i "5.6.7.8" -p "80" -c "/bin/sh -c ls"

  netwox 94 --dst-ip "5.6.7.8" --dst-port "80" --command "/bin/sh -c ls"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/109.html0000644000000000000000000000604511776302040021132 0ustar rootroot Tool 109: Download one, or more, newsgroup messages

Tool 109: Download one, or more, newsgroup messages

Description:

  This tool downloads newsgroup messages.
  
  Parameter --newsgroup sets the newsgroup name.
  The messages to download are between --firstartnum and --lastartnum.
  Parameters --user and --pass defines the username and password.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  article

Usage:

  netwox 109 -i ip -g newsgroup -n uint32 [-N uint32] [-u login] [-a password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-g|--newsgroup newsgroup newsgroup name comp.lang.c
-n|--firstartnum uint32 first article number 1
-N|--lastartnum uint32 last article number 4294967295
-u|--user login username  
-a|--pass password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 119
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 109 -i "5.6.7.8" -g "comp.lang.c" -n "1"

  netwox 109 --dst-ip "5.6.7.8" --newsgroup "comp.lang.c" --firstartnum "1"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/117.html0000644000000000000000000000561611776302040021134 0ustar rootroot Tool 117: FTP client : del a directory recursively

Tool 117: FTP client : del a directory recursively

Description:

  This tool removes a directory, and all its sub-directories, of a FTP
  server.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 117 -i ip [-u login] [-a password] [-V|+V] -F dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-F|--remote-dir dir remote dir to delete mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 117 -i "5.6.7.8" -F "mydir"

  netwox 117 --dst-ip "5.6.7.8" --remote-dir "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/180.html0000644000000000000000000000675011776302040021134 0ustar rootroot Tool 180: SNTP client obtaining time

Tool 180: SNTP client obtaining time

Description:

  This tool queries a NTP/SNTP server in order to obtain time.
  We use SNTP because it is sufficient for requesting time.
  Displayed time is value of field Transmit_Timestamp from server,
  without adding the trip delay from server to client. So time is not
  really accurate, but it should be sufficient for most usages.
  Then, it can be used to set local clock (for example, under Unix,
  "date --set result_of_netwox_180_-u").
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Set --src-port to a random value greater than 1024 to use it
  without admin privilege.

Synonyms:

  date

Usage:

  netwox 180 -i ip [-r|+r] [-u|+u] [-h|+h] [-s|+s] [-n|+n] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-V uint32] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-r|--disp-rfc822|+r|--no-disp-rfc822 display rfc822 date This boolean is set.
Use + or --no- to unset it.
-u|--disp-unixdate|+u|--no-disp-unixdate display unix date(1) format  
-h|--disp-human|+h|--no-disp-human display human readable time  
-s|--disp-sec|+s|--no-disp-sec display seconds  
-n|--disp-secnsec|+n|--no-disp-secnsec display seconds and nanoseconds  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 123
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-V|--version uint32 protocol version 3
-T|--timeout uint32 timeout in milliseconds 2000

Examples:

  netwox 180 -i "5.6.7.8"

  netwox 180 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/8.html0000644000000000000000000000347711776302040020776 0ustar rootroot Tool 8: Sniff and display open ports

Tool 8: Sniff and display open ports

Description:

  This tool sniffs packets, and tries to decode TCP and UDP packets in
  order to retrieve port number they use.
  
  For UDP, spoofed packets are not checked.
  For TCP, only SYN-ACK are searched (so port scans are ignored).
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  
  This tool may need to be run with admin privilege in order to sniff.

Synonyms:

  capture

Usage:

  netwox 8 [-d device] [-f filter]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  

Example:

  netwox 8

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/194.html0000644000000000000000000000514711776302040021140 0ustar rootroot Tool 194: IDENT client creating a session and requesting its info

Tool 194: IDENT client creating a session and requesting its info

Description:

  This tool queries an IDENT server.
  It creates a TCP session to another port of the IDENT server, and
  obtains information about this TCP session. The port to connect to
  is --remoteport (for example 80, 22, 25, etc.).
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 194 -i ip -R port [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-R|--remoteport port remote port to query 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 113
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 194 -i "5.6.7.8" -R "80"

  netwox 194 --dst-ip "5.6.7.8" --remoteport "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/59.html0000644000000000000000000000646511776302040021064 0ustar rootroot Tool 59: Traceroute TCP

Tool 59: Traceroute TCP

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  tcptraceroute

Usage:

  netwox 59 -i ip [-p port] [-s spoofip] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-s|--spoofip spoofip IP spoof initialization type best
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 59 -i "5.6.7.8"

  netwox 59 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/223.html0000644000000000000000000000721311776302040021125 0ustar rootroot Tool 223: Forward an email

Tool 223: Forward an email

Description:

  This tool forwards an email. It connects on a SMTP server.
  
  Parameter --from sets From header.
  Parameter --from-name sets the name of user in From header.
  Parameter --subject sets Subject header
  Parameter --file-body is the file containing the body of message.
  Parameter --file-att is the file containing the attachment.
  Parameter --to sets To header.
  Parameter --mail-from sets the MAIL FROM SMTP value. If unset, --from
  is used.
  Parameter --rcpt-to sets the RCPR TO SMTP value. If unset, --to is
  used.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 223 -i ip -f email -r email -S data [-B file] -A file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-F email] [-R email] [-n data] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-f|--from email from address user@example.com
-r|--to email to address user2@example.fr
-S|--subject data email subject hello
-B|--file-body file file containing email body file-body.txt
-A|--file-fwd file file containing email to forward file-fwd.eml
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 25
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-F|--mail-from email mail from address me@example.com
-R|--rcpt-to email rcpt to address you@example.fr
-n|--from-name data from name  
-T|--timeout uint32 timeout in milliseconds 180000

Examples:

  netwox 223 -i "5.6.7.8" -f "user@example.com" -r "user2@example.fr" -S "hello" -A "file-fwd.eml"

  netwox 223 --dst-ip "5.6.7.8" --from "user@example.com" --to "user2@example.fr" --subject "hello" --file-fwd "file-fwd.eml"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/169.html0000644000000000000000000000122611776302040021134 0ustar rootroot Tool 169: Display simple network configuration easy to parse

Tool 169: Display simple network configuration easy to parse

Description:

  This tool displays local configuration.
  It's easier to parse than output of tool 1.
  Each line corresponds to an IP address. Thay have 3 columns: device
  name, IP address and Ethernet address (or text 'notether').
  
  This tool may need to be run with admin privilege in order to obtain
  full network configuration.

Usage:

  netwox 169
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/15.html0000644000000000000000000000461011776302040021042 0ustar rootroot Tool 15: Display content of a record

Tool 15: Display content of a record

Description:

  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  
  This tool reads packets stored in a record (capture file), and
  displays them.
  
  Parameter --file indicates the record filename.
  Parameter --dlt defines the DLT of packets in record (it depends on
  how it was sniffed, generally 'ether' (for Ethernet) or 'raw' (if
  packet starts at IP header)). Full list is available through netwag or
  running tool 12.
  Parameter --hdrencode and --dataencode defines how to display header
  and data/payload. Common useful values are: array, dump, synth,
  nothing, text. Full list is available through netwag or running tool
  12.
  Parameter --extended indicates to try to decode other protocols such
  as DNS or DHCP.

Synonyms:

  capture, frame, show

Usage:

  netwox 15 -f file [-t dlt] [-H encode] [-D encode] [-x|+x]

Parameters:

parameter description example
-f|--file file read from record file srcfile.txt
-t|--dlt dlt dlt type of data stored in record ether
-H|--hdrencode encode header encoding type array
-D|--dataencode encode data encoding type dump
-x|--extended|+x|--no-extended display other protocols This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 15 -f "srcfile.txt"

  netwox 15 --file "srcfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/162.html0000644000000000000000000001077711776302040021140 0ustar rootroot Tool 162: SNMP Trap2

Tool 162: SNMP Trap2

Description:

  This tool sends a TRAPv2 to a SNMP server. It permits to alert a
  server.
  
  Parameter --version defines SNMP version to use (from 1 to 3).
  Versions 1 and 2 need --community parameter to set community name.
  Version 3 requires --username and --password. Parameter --authmd5
  indicates if md5 authentication is used. Parameters
  --authoritativeengineid, --authoritativeengineboots,
  --authoritativeenginetime, --contextengineid and --contextname are
  optional version 3 parameters.
  Parameter --display shows packets.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  snmptrap

Usage:

  netwox 162 -i ip [-c password] -r oid -z uint32 -n oid -t oidtype -V data [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-m|+m] [-u login] [-w password] [-A mixed_data] [-B uint32] [-M uint32] [-C mixed_data] [-N data] [-T uint32] [-y|+y]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-c|--community password SNMPv1/v2 community public
-r|--enterprise oid enterprise .1.1
-z|--timestamp uint32 timestamp 0
-n|--oidname oid oid name .1.2
-t|--oidtype oidtype oid type (i,s,m,n,o,a,c,g,t,M,u,U) s
-V|--oidvalue data oid value  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 162
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--version uint32 SNMP version (1, 2 or 3) 1
-m|--md5auth|+m|--no-md5auth SNMPv3 auth using MD5 This boolean is set.
Use + or --no- to unset it.
-u|--username login SNMPv3 username  
-w|--password password SNMPv3 password  
-A|--authoritativeengineid mixed_data SNMPv3 authoritativeengineid  
-B|--authoritativeengineboots uint32 SNMPv3 authoritativeengineboots 0
-M|--authoritativeenginetime uint32 SNMPv3 authoritativeenginetime 0
-C|--contextengineid mixed_data SNMPv3 contextengineid  
-N|--contextname data SNMPv3 contextname  
-T|--timeout uint32 timeout in ms 10000
-y|--display|+y|--no-display display packets  

Examples:

  netwox 162 -i "5.6.7.8" -r ".1.1" -z "0" -n ".1.2" -t "s" -V ""

  netwox 162 --dst-ip "5.6.7.8" --enterprise ".1.1" --timestamp "0" --oidname ".1.2" --oidtype "s" --oidvalue ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/36.html0000644000000000000000000001066611776302040021055 0ustar rootroot Tool 36: Spoof EthernetIp4Tcp packet

Tool 36: Spoof EthernetIp4Tcp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 36 [-d device] [-a eth] [-b eth] [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o port] [-p port] [-q uint32] [-r uint32] [-s|+s] [-t|+t] [-u|+u] [-v|+v] [-w|+w] [-x|+x] [-y|+y] [-z|+z] [-A|+A] [-B|+B] [-C|+C] [-D|+D] [-E uint32] [-F uint32] [-G tcpopts] [-H mixed_data] [-I uint32] [-J uint32] [-K uint32] [-L uint32] [-M uint32] [-N uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--tcp-src port TCP src 1234
-p|--tcp-dst port TCP dst 80
-q|--tcp-seqnum uint32 TCP seqnum (rand if unset) 0
-r|--tcp-acknum uint32 TCP acknum 0
-s|--tcp-reserved1|+s|--no-tcp-reserved1 TCP reserved1  
-t|--tcp-reserved2|+t|--no-tcp-reserved2 TCP reserved2  
-u|--tcp-reserved3|+u|--no-tcp-reserved3 TCP reserved3  
-v|--tcp-reserved4|+v|--no-tcp-reserved4 TCP reserved4  
-w|--tcp-cwr|+w|--no-tcp-cwr TCP cwr  
-x|--tcp-ece|+x|--no-tcp-ece TCP ece  
-y|--tcp-urg|+y|--no-tcp-urg TCP urg  
-z|--tcp-ack|+z|--no-tcp-ack TCP ack  
-A|--tcp-psh|+A|--no-tcp-psh TCP psh  
-B|--tcp-rst|+B|--no-tcp-rst TCP rst  
-C|--tcp-syn|+C|--no-tcp-syn TCP syn  
-D|--tcp-fin|+D|--no-tcp-fin TCP fin  
-E|--tcp-window uint32 TCP window 0
-F|--tcp-urgptr uint32 TCP urgptr 0
-G|--tcp-opt tcpopts TCP options  
-H|--tcp-data mixed_data mixed data  
-I|--eth-type uint32 Ethernet type 2048
-J|--ip4-ihl uint32 IP4 ihl 5
-K|--ip4-totlen uint32 IP4 totlen 0
-L|--ip4-checksum uint32 IP4 checksum 0
-M|--tcp-doff uint32 TCP data offset 0
-N|--tcp-checksum uint32 TCP checksum 0

Example:

  netwox 36

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/144.html0000644000000000000000000000611311776302040021125 0ustar rootroot Tool 144: Spoof Ip6 packet

Tool 144: Spoof Ip6 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 144 [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-k mixed_data] [-a spoofip] [-e uint32]

Parameters:

parameter description example
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-k|--ip6-data mixed_data mixed data  
-a|--spoofip spoofip IP spoof initialization type best
-e|--ip6-payloadlength uint32 IP6 payload length 0

Example:

  netwox 144

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/23.html0000644000000000000000000000150411776302040021040 0ustar rootroot Tool 23: Display ASCII table

Tool 23: Display ASCII table

Description:

  This tool displays ASCII table.
  It shows values for characters 0 to 127 or 255.

Usage:

  netwox 23 [-e|+e] [-E|+E]

Parameters:

parameter description example
-e|--extended|+e|--no-extended also display extended chars  
-E|--all|+E|--no-all display all extended chars  

Example:

  netwox 23

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/79.html0000644000000000000000000000764211776302040021064 0ustar rootroot Tool 79: Acknowledge every TCP SYN

Tool 79: Acknowledge every TCP SYN

Description:

  This tool acknowledges every TCP-SYN. It is used to protect against
  scanning tools.
  For example, host 192.168.0.1 has a webserver on port 80. A scan will
  quickly find this open port. Dropping packets on other ports will slow
  the scan, but it will finally find port 80 open.
  This tool answers to TCP SYN (except for port 80), so from scanner
  viewpoint, all ports will be open. In this case, use netwox like this:
    netwox 79 --ips 192.168.0.1 --ports 1-79,81-65535
  Don't forget to DROP packets in kernel firewall, otherwise, scanner
  will see a SYN-ACK and a RST.
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  firewall

Usage:

  netwox 79 -i ips -p ports [-d device] [-f filter] [-s spoofip]

Parameters:

parameter description example
-i|--ips ips only answer to these IP all
-p|--ports ports only answer to these ports all
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-s|--spoofip spoofip IP spoof initialization type linkbraw

Examples:

  netwox 79 -i "all" -p "all"

  netwox 79 --ips "all" --ports "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/101.html0000644000000000000000000000661411776302040021124 0ustar rootroot Tool 101: Brute force telnet client

Tool 101: Brute force telnet client

Description:

  This tool successively tries couples of login and passwords in order
  to find matching authentication credentials.
  
  Parameter --login defines the logins to try. To check several logins,
  parameter --login-file is the file containing logins (one per line).
  Parameter --password-file is the file containing passwords (1/line).
  Parameter --stopatfirst indicates to stop when first match is found.
  Parameter --numthread defines the number of threads (simultaneous
  running checks) to use.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 101 -i ip [-L login] -w file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-l file] [-T uint32] [-s|+s] [-n uint32] [-v|+v]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-L|--login login login  
-w|--password-file file password file passwordfile.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 23
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-l|--login-file file login file loginfile.txt
-T|--timeout uint32 timeout in milliseconds 60000
-s|--stopatfirst|+s|--no-stopatfirst stop at first valid login found  
-n|--numthread uint32 number of threads to launch 5
-v|--verbose|+v|--no-verbose be verbose This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 101 -i "5.6.7.8" -w "passwordfile.txt"

  netwox 101 --dst-ip "5.6.7.8" --password-file "passwordfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/181.html0000644000000000000000000000423211776302040021126 0ustar rootroot Tool 181: SNTP server

Tool 181: SNTP server

Description:

  This tool is a SNTP server.
  It gives time to clients connecting to it.
  It uses no external time reference, but only local clock. All clients
  will synchronize on the same time, but this time might be inaccurate.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Usage:

  netwox 181 [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype]

Parameters:

parameter description example
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 123
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4

Example:

  netwox 181

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/47.html0000644000000000000000000000606511776302040021055 0ustar rootroot Tool 47: Spoof of packet samples : fragment, ip4opt:ipts

Tool 47: Spoof of packet samples : fragment, ip4opt:ipts

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IP4 options and can be fragmented before been sent.
  IP4 options contains an IP Timestamp option.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4 option, send

Usage:

  netwox 47 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 47

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/97.html0000644000000000000000000000451711776302040021062 0ustar rootroot Tool 97: SYSLOG client

Tool 97: SYSLOG client

Description:

  This tool sends a message to a SYSLOG server. It permits to log an
  event.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 97 -i ip [-y uint32] [-m data] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-y|--priority uint32 message's priority 0
-m|--message data message hello
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 514
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  

Examples:

  netwox 97 -i "5.6.7.8"

  netwox 97 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/176.html0000644000000000000000000000557311776302040021143 0ustar rootroot Tool 176: TFTP client : get a file and check its MD5

Tool 176: TFTP client : get a file and check its MD5

Description:

  This tool downloads a TFTP file and check its MD5.
  It ensures the server is working properly.
  
  Parameter --md5 is the expected md5sum.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 176 -i ip -F file -s md5 [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-m data] [-T uint32] [-R uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-F|--remote-file file remote file /etc/passwd
-s|--md5 md5 wanted md5 12345678901234567890123456789012
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 69
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-m|--mode data mode (octet or netascii) octet
-T|--timeout uint32 timeout in milliseconds 60000
-R|--retry uint32 number of retry 3

Examples:

  netwox 176 -i "5.6.7.8" -F "/etc/passwd" -s "12345678901234567890123456789012"

  netwox 176 --dst-ip "5.6.7.8" --remote-file "/etc/passwd" --md5 "12345678901234567890123456789012"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/45.html0000644000000000000000000000625411776302040021053 0ustar rootroot Tool 45: Spoof of packet samples : fragment, ip4opt:lsrr

Tool 45: Spoof of packet samples : fragment, ip4opt:lsrr

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IP4 options and can be fragmented before been sent.
  IP4 options contains a Loose Source Record Route option.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4 option, send

Usage:

  netwox 45 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-i ips] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-i|--ip4opt-ips ips IP addresses for LSRR 1.2.3.4,5.6.7.8
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 45

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/111.html0000644000000000000000000000557411776302040021131 0ustar rootroot Tool 111: FTP listing a directory

Tool 111: FTP listing a directory

Description:

  This tool lists the content of a FTP server directory.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --dir is the remote FTP directory name to list.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 111 -i ip [-u login] [-a password] [-V|+V] -D dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-D|--dir dir directory name /etc/
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 111 -i "5.6.7.8" -D "/etc/"

  netwox 111 --dst-ip "5.6.7.8" --dir "/etc/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/121.html0000644000000000000000000000475411776302040021131 0ustar rootroot Tool 121: HTTP PUT

Tool 121: HTTP PUT

Description:

  This tool sends a HTTP request using method PUT. HTTP protocol defines
  PUT method to store a document on a web server.
  
  Parameter --uri is the uri/url requested.
  Parameter --file-body defines the filename of file to store on web
  server.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.
  Parameter --display-headers indicates to display reply headers.
  Parameter --file-headers indicates the filename where to store
  headers.

Synonyms:

  upload, web

Usage:

  netwox 121 -u uri -B file [-s|+s] [-h|+h] [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-H file] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-B|--file-body file file containing body filebody.txt
-s|--display-status|+s|--no-display-status display statuscode to screen  
-h|--display-headers|+h|--no-display-headers display headers to screen  
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-H|--file-headers file file receiving headers filehdr.txt
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 121 -u "http://www.example.com/" -B "filebody.txt"

  netwox 121 --uri "http://www.example.com/" --file-body "filebody.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/153.html0000644000000000000000000000457511776302040021137 0ustar rootroot Tool 153: IRC client listing channels

Tool 153: IRC client listing channels

Description:

  This tool obtains the list of channels provided by an IRC server.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 153 -i ip -n login [-w password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-n|--nickname login nickname  
-w|--password password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 6667
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  

Examples:

  netwox 153 -i "5.6.7.8" -n ""

  netwox 153 --dst-ip "5.6.7.8" --nickname ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/60.html0000644000000000000000000000445311776302040021047 0ustar rootroot Tool 60: Traceroute TCP (EthIp spoof)

Tool 60: Traceroute TCP (EthIp spoof)

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  tcptraceroute

Usage:

  netwox 60 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-p port] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-p|--dst-port port destination port number 80
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 60 -i "5.6.7.8"

  netwox 60 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/193.html0000644000000000000000000000533611776302040021137 0ustar rootroot Tool 193: IDENT client requesting info about an open session

Tool 193: IDENT client requesting info about an open session

Description:

  This tool queries an IDENT server.
  It obtains information about a current TCP session between local
  computer and IDENT server computer. This current session is defined
  by --localport and --remoteport.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 193 -i ip -L port -R port [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-L|--localport port local port of session to query 1234
-R|--remoteport port remote port of session to query 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 113
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 193 -i "5.6.7.8" -L "1234" -R "80"

  netwox 193 --dst-ip "5.6.7.8" --localport "1234" --remoteport "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/37.html0000644000000000000000000000524511776302040021053 0ustar rootroot Tool 37: Spoof EthernetIp4Icmp4 packet

Tool 37: Spoof EthernetIp4Icmp4 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 37 [-d device] [-a eth] [-b eth] [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o uint32] [-p uint32] [-q uint32] [-r uint32] [-s uint32] [-t uint32] [-u uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--icmp-type uint32 ICMP type 0
-p|--icmp-code uint32 ICMP code 0
-q|--eth-type uint32 Ethernet type 2048
-r|--ip4-ihl uint32 IP4 ihl 5
-s|--ip4-totlen uint32 IP4 totlen 0
-t|--ip4-checksum uint32 IP4 checksum 0
-u|--icmp-checksum uint32 ICMP checksum 0

Example:

  netwox 37

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/190.html0000644000000000000000000000144011776302040021124 0ustar rootroot Tool 190: Make coffee

Tool 190: Make coffee

Description:

  This tool makes coffees requested by user.
  
  In case you don't understand: it's a joke/fun tool. Many users told
  me: 'Netwox is cool, but it does not make coffee'. Now, it does ;-)

Usage:

  netwox 190 [-n uint32]

Parameters:

parameter description example
-n|--numcups uint32 number of cups 1

Example:

  netwox 190

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/143.html0000644000000000000000000000424411776302040021127 0ustar rootroot Tool 143: Spoof EthernetIp6Icmp6 packet

Tool 143: Spoof EthernetIp6Icmp6 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 143 [-d device] [-a eth] [-b eth] [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-o uint32] [-p uint32] [-q uint32] [-e uint32] [-r uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-o|--icmp-type uint32 ICMP type 0
-p|--icmp-code uint32 ICMP code 0
-q|--eth-type uint32 Ethernet type 2048
-e|--ip6-payloadlength uint32 IP6 payload length 0
-r|--icmp-checksum uint32 ICMP checksum 0

Example:

  netwox 143

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/167.html0000644000000000000000000000551211776302040021134 0ustar rootroot Tool 167: TFTP server

Tool 167: TFTP server

Description:

  This tool is a TFTP server.
  
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  Parameter --rootdir defines the root directory for put and get file
  operations (cannot exit this root jail).
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Usage:

  netwox 167 [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-c ips] [-r dir] [-G|+G] [-U|+U] [-T uint32] [-R uint32]

Parameters:

parameter description example
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 69
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-c|--allowed-clients ips clients allowed to connect all
-r|--rootdir dir root directory /tmp
-G|--allow-get|+G|--no-allow-get allow get This boolean is set.
Use + or --no- to unset it.
-U|--allow-put|+U|--no-allow-put allow put This boolean is set.
Use + or --no- to unset it.
-T|--timeout uint32 timeout in milliseconds 10000
-R|--retry uint32 number of retry 3

Example:

  netwox 167

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/19.html0000644000000000000000000000417111776302040021050 0ustar rootroot Tool 19: Extract a range of packets from a record

Tool 19: Extract a range of packets from a record

Description:

  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  
  This tool extracts a range of packets from one record, and save them
  in another record. For example, it can extract packet number 2 to
  number 5.
  
  Parameter --src-file indicates the input record filename.
  Parameter --dst-file indicates the output record filename.
  Parameter --recordencode defines how to encode data in this record
  (suggested values: bin, pcap and mixed_wrap).

Synonyms:

  capture

Usage:

  netwox 19 -f file -F file [-r recordencode] [-s uint32] [-e uint32]

Parameters:

parameter description example
-f|--src-file file input record file srcfile.txt
-F|--dst-file file output record file dstfile.txt
-r|--recordencode recordencode encoding type for output record bin
-s|--start uint32 start packet (from 1) 0
-e|--end uint32 end packet (0=nolimit) 0

Examples:

  netwox 19 -f "srcfile.txt" -F "dstfile.txt"

  netwox 19 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/170.html0000644000000000000000000000477011776302040021133 0ustar rootroot Tool 170: TELNET server

Tool 170: TELNET server

Description:

  This tool is a TELNET server.
  It only permits to run simple text commands.
  Editors are not correctly supported.
  
  Parameters --login and --password defines needed login and password.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Usage:

  netwox 170 [-l login] [-w password] [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32] [-c ips] [-L|+L]

Parameters:

parameter description example
-l|--login login login needed to access  
-w|--password password password needed to access  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 23
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--timeout uint32 timeout in ms 180000
-c|--allowed-clients ips clients allowed to connect all
-L|--line-by-line|+L|--no-line-by-line line by line mode  

Example:

  netwox 170

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/84.html0000644000000000000000000000664411776302040021061 0ustar rootroot Tool 84: Sniff and send ICMP4/ICMP6 parameter problem

Tool 84: Sniff and send ICMP4/ICMP6 parameter problem

Description:

  This tool sends an ICMP error message when a packet matching filter
  is sniffed.
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 84 [-d device] [-f filter] [-c uint32] [-p uint32] [-i ip] [-s spoofip]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-c|--code uint32 ICMP code 0
-p|--pointer uint32 ICMP pointer 0
-i|--src-ip ip source IP address 192.168.100.200
-s|--spoofip spoofip IP spoof initialization type linkbraw

Example:

  netwox 84

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/209.html0000644000000000000000000000767711776302040021147 0ustar rootroot Tool 209: SMB/CIFS client: recursively delete a directory

Tool 209: SMB/CIFS client: recursively delete a directory

Description:

  This tool is a simple SMB/CIFS client recursively deleting a
  directory. This tool might be dangerous. Use with care.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 209 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--dirname dir directory name mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 209 -i "5.6.7.8" -s "C$" -f "mydir"

  netwox 209 --dst-ip "5.6.7.8" --share "C$" --dirname "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/125.html0000644000000000000000000000530011776302040021121 0ustar rootroot Tool 125: HTTP server

Tool 125: HTTP server

Description:

  This tool is a simple web server.
  
  Parameter --rootdir defines the root directory for put and get file
  operations (cannot exit this root jail).
  Parameters --login and --password defines the login and password which
  will be needed to connect on this server.
  Parameter --allowed-clients defines the list of computer allowed to
  connect on the web server.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Synonyms:

  web, apache

Usage:

  netwox 125 [-r dir] [-l login] [-L password] [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32] [-c ips]

Parameters:

parameter description example
-r|--rootdir dir root directory /tmp
-l|--login login login needed to access  
-L|--password password password needed to access  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 80
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--timeout uint32 timeout in ms 60000
-c|--allowed-clients ips clients allowed to connect all

Example:

  netwox 125

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/50.html0000644000000000000000000000350211776302040021040 0ustar rootroot Tool 50: Ping ICMP (EthIP spoof)

Tool 50: Ping ICMP (EthIP spoof)

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an ICMP Echo Request to a computer. If host is up and
  permitting ping, it will send back an ICMP Echo Reply.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 50 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 50 -i "5.6.7.8"

  netwox 50 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/141.html0000644000000000000000000000451211776302040021123 0ustar rootroot Tool 141: Spoof EthernetIp6Udp packet

Tool 141: Spoof EthernetIp6Udp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 141 [-d device] [-a eth] [-b eth] [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-o port] [-p port] [-q mixed_data] [-r uint32] [-e uint32] [-s uint32] [-t uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-o|--udp-src port UDP src 1234
-p|--udp-dst port UDP dst 80
-q|--udp-data mixed_data mixed data  
-r|--eth-type uint32 Ethernet type 2048
-e|--ip6-payloadlength uint32 IP6 payload length 0
-s|--udp-len uint32 UDP length 0
-t|--udp-checksum uint32 UDP checksum 0

Example:

  netwox 141

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/146.html0000644000000000000000000001201511776302040021125 0ustar rootroot Tool 146: Spoof Ip6Tcp packet

Tool 146: Spoof Ip6Tcp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 146 [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-o port] [-p port] [-q uint32] [-r uint32] [-s|+s] [-t|+t] [-u|+u] [-v|+v] [-w|+w] [-x|+x] [-y|+y] [-z|+z] [-A|+A] [-B|+B] [-C|+C] [-D|+D] [-E uint32] [-F uint32] [-G tcpopts] [-H mixed_data] [-a spoofip] [-e uint32] [-J uint32] [-K uint32]

Parameters:

parameter description example
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-o|--tcp-src port TCP src 1234
-p|--tcp-dst port TCP dst 80
-q|--tcp-seqnum uint32 TCP seqnum (rand if unset) 0
-r|--tcp-acknum uint32 TCP acknum 0
-s|--tcp-reserved1|+s|--no-tcp-reserved1 TCP reserved1  
-t|--tcp-reserved2|+t|--no-tcp-reserved2 TCP reserved2  
-u|--tcp-reserved3|+u|--no-tcp-reserved3 TCP reserved3  
-v|--tcp-reserved4|+v|--no-tcp-reserved4 TCP reserved4  
-w|--tcp-cwr|+w|--no-tcp-cwr TCP cwr  
-x|--tcp-ece|+x|--no-tcp-ece TCP ece  
-y|--tcp-urg|+y|--no-tcp-urg TCP urg  
-z|--tcp-ack|+z|--no-tcp-ack TCP ack  
-A|--tcp-psh|+A|--no-tcp-psh TCP psh  
-B|--tcp-rst|+B|--no-tcp-rst TCP rst  
-C|--tcp-syn|+C|--no-tcp-syn TCP syn  
-D|--tcp-fin|+D|--no-tcp-fin TCP fin  
-E|--tcp-window uint32 TCP window 0
-F|--tcp-urgptr uint32 TCP urgptr 0
-G|--tcp-opt tcpopts TCP options  
-H|--tcp-data mixed_data mixed data  
-a|--spoofip spoofip IP spoof initialization type best
-e|--ip6-payloadlength uint32 IP6 payload length 0
-J|--tcp-doff uint32 TCP data offset 0
-K|--tcp-checksum uint32 TCP checksum 0

Example:

  netwox 146

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/67.html0000644000000000000000000000605611776302040021057 0ustar rootroot Tool 67: Scan TCP

Tool 67: Scan TCP

Description:

  This tool checks if several TCP ports are open on host.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 67 -i ips -p ports [-s spoofip] [-m uint32] [-M uint32] [-u|+u] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-p|--ports ports list/range of port number all
-s|--spoofip spoofip IP spoof initialization type best
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 67 -i "1.2.3.4,5.6.7.8" -p "all"

  netwox 67 --ips "1.2.3.4,5.6.7.8" --ports "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/53.html0000644000000000000000000000605511776302040021051 0ustar rootroot Tool 53: Ping UDP

Tool 53: Ping UDP

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an UDP packet to a computer. If host permits UDP, it
  will send back an ICMP error (if port is closed), or send back nothing
  (if port is open). So, it's important to understand UDP port has to be
  closed for computer to return something.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 53 -i ip [-p port] [-s spoofip] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-s|--spoofip spoofip IP spoof initialization type best
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 53 -i "5.6.7.8"

  netwox 53 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/20.html0000644000000000000000000000507111776302040021040 0ustar rootroot Tool 20: Search for strings in packets from a record

Tool 20: Search for strings in packets from a record

Description:

  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  
  This tool searches a pattern in packets of a record, and saves
  matching packets in another record. The pattern can be a string, a
  mixed ('hello' 09 'bob'), or a regular expression.
  
  Parameter --src-file indicates the input record filename.
  Parameter --dst-file indicates the output record filename.
  Parameter --recordencode defines how to encode data in this record
  (suggested values: bin, pcap and mixed_wrap).

Synonyms:

  capture, find, match, ngrep, payload, text

Usage:

  netwox 20 -f file -F file [-r recordencode] -p data [-c|+c] [-S|+S] [-M|+M] [-R|+R]

Parameters:

parameter description example
-f|--src-file file input record file srcfile.txt
-F|--dst-file file output record file dstfile.txt
-r|--recordencode recordencode encoding type for output record bin
-p|--pattern data searched pattern  
-c|--case|+c|--no-case case sensitive  
-S|--string|+S|--no-string search string This boolean is set.
Use + or --no- to unset it.
-M|--mixed|+M|--no-mixed search mixed string  
-R|--regexp|+R|--no-regexp search regular expression  

Examples:

  netwox 20 -f "srcfile.txt" -F "dstfile.txt" -p ""

  netwox 20 --src-file "srcfile.txt" --dst-file "dstfile.txt" --pattern ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/21.html0000644000000000000000000000411411776302040021036 0ustar rootroot Tool 21: Convert a number

Tool 21: Convert a number

Description:

  This tool converts a number, from/to decimal, binary, octal and
  hexadecimal. For example:
    netwox 21 --hexa 3D4B
    netwox 21 --hexa 3D4B --disp-decimal

Synonyms:

  calc, binary, decimal, hexadecimal, octal

Usage:

  netwox 21 -n data [-d|+d] [-b|+b] [-o|+o] [-x|+x] [-c|+c] [-t|+t] [-D|+D] [-B|+B] [-O|+O] [-X|+X] [-C|+C]

Parameters:

parameter description example
-n|--number data number to convert 10
-d|--decimal|+d|--no-decimal number is decimal This boolean is set.
Use + or --no- to unset it.
-b|--binary|+b|--no-binary number is binary  
-o|--octal|+o|--no-octal number is octal  
-x|--hexadecimal|+x|--no-hexadecimal number is hexadecimal  
-c|--char|+c|--no-char number is a character  
-t|--title|+t|--no-title display titles  
-D|--disp-decimal|+D|--no-disp-decimal display decimal  
-B|--disp-binary|+B|--no-disp-binary display binary  
-O|--disp-octal|+O|--no-disp-octal display octal  
-X|--disp-hexadecimal|+X|--no-disp-hexadecimal display hexadecimal  
-C|--disp-char|+C|--no-disp-char display character  

Examples:

  netwox 21 -n "10"

  netwox 21 --number "10"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/32.html0000644000000000000000000000234111776302040021040 0ustar rootroot Tool 32: Spoof Ethernet packet

Tool 32: Spoof Ethernet packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 32 [-d device] [-a eth] [-b eth] [-c uint32] [-e mixed_data]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--eth-type uint32 Ethernet type 0
-e|--eth-data mixed_data Ethernet data  

Example:

  netwox 32

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/2.html0000644000000000000000000000107311776302040020756 0ustar rootroot Tool 2: Display debugging information

Tool 2: Display debugging information

Description:

  This tool displays internal information about netwox:
   - values for defines
   - how network configuration is retrieved
  Please, send this output when reporting a problem.
  
  This tool may need to be run with admin privilege in order to obtain
  full network configuration.

Usage:

  netwox 2
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/69.html0000644000000000000000000000623111776302040021054 0ustar rootroot Tool 69: Scan UDP

Tool 69: Scan UDP

Description:

  This tool checks if several UDP ports are open on host.
  This tool sends an UDP packet to a computer. If host permits UDP, it
  will send back an ICMP error (if port is closed), or send back nothing
  (if port is open). So, it's important to understand UDP port has to be
  closed for computer to return something.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 69 -i ips -p ports [-s spoofip] [-m uint32] [-M uint32] [-u|+u] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-p|--ports ports list/range of port number all
-s|--spoofip spoofip IP spoof initialization type best
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 69 -i "1.2.3.4,5.6.7.8" -p "all"

  netwox 69 --ips "1.2.3.4,5.6.7.8" --ports "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/73.html0000644000000000000000000000375211776302040021054 0ustar rootroot Tool 73: Simulate presence of a/several computer/s (arp and ping)

Tool 73: Simulate presence of a/several computer/s (arp and ping)

Description:

  This tool simulates the presence of a computer. It will answer to ARP
  requests and ping.
  Other hosts can 'see' this virtual computer, but it will not really
  exist. This tool is frequently used to answer ARP when a tool is
  sending packets with a spoofed IP address.
  Parameter --ips defines the fake IP address of this computer.
  Parameter --eths defines the fake Ethernet address of this computer.
  If --no-answer-arp or --no-answer-ping is set, tool does not answers
  to ARP/IP6NeighborDiscovery and ping.
  It works only on a Ethernet device.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  reply, virtual

Usage:

  netwox 73 [-d device] -i ips -e eths [-a|+a] [-p|+p]

Parameters:

parameter description example
-d|--device device device name Eth0
-i|--ips ips list/range of IP addresses 1.2.3.4
-e|--eths eths list/range of ethernet addresses 0:a:b:c:d:e
-a|--answer-arp|+a|--no-answer-arp answer ARP This boolean is set.
Use + or --no- to unset it.
-p|--answer-ping|+p|--no-answer-ping answer ICMP Echo Request This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 73 -i "1.2.3.4" -e "0:a:b:c:d:e"

  netwox 73 --ips "1.2.3.4" --eths "0:a:b:c:d:e"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/113.html0000644000000000000000000000600411776302040021120 0ustar rootroot Tool 113: FTP client : put a file

Tool 113: FTP client : put a file

Description:

  This tool stores a file to a FTP server.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  upload

Usage:

  netwox 113 -i ip [-u login] [-a password] [-V|+V] -f file -F file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-f|--local-file file local file srcfile.txt
-F|--remote-file file remote file file.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 113 -i "5.6.7.8" -f "srcfile.txt" -F "file.txt"

  netwox 113 --dst-ip "5.6.7.8" --local-file "srcfile.txt" --remote-file "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/174.html0000644000000000000000000000621611776302040021134 0ustar rootroot Tool 174: FTP client : get a file and check its MD5

Tool 174: FTP client : get a file and check its MD5

Description:

  This tool downloads a FTP file and check its MD5.
  It ensures the server is working properly.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --md5 is the expected md5sum.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 174 -i ip [-u login] [-a password] [-V|+V] -F file -m md5 [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-F|--remote-file file remote file /etc/passwd
-m|--md5 md5 wanted md5 12345678901234567890123456789012
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 174 -i "5.6.7.8" -F "/etc/passwd" -m "12345678901234567890123456789012"

  netwox 174 --dst-ip "5.6.7.8" --remote-file "/etc/passwd" --md5 "12345678901234567890123456789012"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/221.html0000644000000000000000000000171411776302040021123 0ustar rootroot Tool 221: Convert a base64 encoded file to a binary file

Tool 221: Convert a base64 encoded file to a binary file

Description:

  This tool converts a base64 encoded file to the original file.

Usage:

  netwox 221 -i file -o file

Parameters:

parameter description example
-i|--src-file file source filename srcfile.txt
-o|--dst-file file destination filename dstfile.txt

Examples:

  netwox 221 -i "srcfile.txt" -o "dstfile.txt"

  netwox 221 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/74.html0000644000000000000000000000202611776302040021046 0ustar rootroot Tool 74: Flood a host with random fragments

Tool 74: Flood a host with random fragments

Description:

  This tool sends a lot of random IP fragments to a host.
  It permits to check how a firewall behaves when receiving fragments
  which have to be ignored.
  
  This tool may need to be run with admin privilege in order to spoof.

Usage:

  netwox 74 -i ip [-p uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--protocol uint32 protocol (0=rand) 0

Examples:

  netwox 74 -i "5.6.7.8"

  netwox 74 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/149.html0000644000000000000000000000364711776302040021143 0ustar rootroot Tool 149: Ping ICMP6 Neighbor Discovery (EthIp spoof)

Tool 149: Ping ICMP6 Neighbor Discovery (EthIp spoof)

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an ICMP6 Neighbor Discovery request. If host is up, it
  will send back a Neighbor Discovery Reply.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  ip6

Usage:

  netwox 149 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IPv6 address fec0:0:0:1::2
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 149 -i "fec0:0:0:1::2"

  netwox 149 --dst-ip "fec0:0:0:1::2"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/203.html0000644000000000000000000000754511776302040021133 0ustar rootroot Tool 203: SMB/CIFS client: delete a file

Tool 203: SMB/CIFS client: delete a file

Description:

  This tool is a simple SMB/CIFS client deleting a file.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 203 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--filename file file name file.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 203 -i "5.6.7.8" -s "C$" -f "file.txt"

  netwox 203 --dst-ip "5.6.7.8" --share "C$" --filename "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/35.html0000644000000000000000000000551311776302040021047 0ustar rootroot Tool 35: Spoof EthernetIp4Udp packet

Tool 35: Spoof EthernetIp4Udp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 35 [-d device] [-a eth] [-b eth] [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o port] [-p port] [-q mixed_data] [-r uint32] [-s uint32] [-t uint32] [-u uint32] [-v uint32] [-w uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--udp-src port UDP src 1234
-p|--udp-dst port UDP dst 80
-q|--udp-data mixed_data mixed data  
-r|--eth-type uint32 Ethernet type 2048
-s|--ip4-ihl uint32 IP4 ihl 5
-t|--ip4-totlen uint32 IP4 totlen 0
-u|--ip4-checksum uint32 IP4 checksum 0
-v|--udp-len uint32 UDP length 0
-w|--udp-checksum uint32 UDP checksum 0

Example:

  netwox 35

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/57.html0000644000000000000000000000620611776302040021053 0ustar rootroot Tool 57: Traceroute ICMP

Tool 57: Traceroute ICMP

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends an ICMP Echo Request to a computer. If host is up and
  permitting ping, it will send back an ICMP Echo Reply.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 57 -i ip [-s spoofip] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--spoofip spoofip IP spoof initialization type best
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 57 -i "5.6.7.8"

  netwox 57 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/150.html0000644000000000000000000000271411776302040021125 0ustar rootroot Tool 150: Scan ICMP6 Neighbor Discovery

Tool 150: Scan ICMP6 Neighbor Discovery

Description:

  This tool checks if several hosts are up.
  This tool sends an ICMP6 Neighbor Discovery request. If host is up, it
  will send back a Neighbor Discovery Reply.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 150 -i ips [-u|+u] [-m uint32] [-M uint32] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses fec0::1,fec0::2
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 150 -i "fec0::1,fec0::2"

  netwox 150 --ips "fec0::1,fec0::2"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/49.html0000644000000000000000000000551411776302040021055 0ustar rootroot Tool 49: Ping ICMP

Tool 49: Ping ICMP

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an ICMP Echo Request to a computer. If host is up and
  permitting ping, it will send back an ICMP Echo Reply.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 49 -i ip [-s spoofip] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--spoofip spoofip IP spoof initialization type best
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 49 -i "5.6.7.8"

  netwox 49 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/48.html0000644000000000000000000000624311776302040021054 0ustar rootroot Tool 48: Spoof of packet samples : fragment, ip4opt:ippts

Tool 48: Spoof of packet samples : fragment, ip4opt:ippts

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IP4 options and can be fragmented before been sent.
  IP4 options contains an IP Prespecified Timestamp option.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4 option, send

Usage:

  netwox 48 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-i ip] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-i|--ip4opt-ip ip IP for IPPTS 192.168.100.200
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 48

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/83.html0000644000000000000000000000650511776302040021054 0ustar rootroot Tool 83: Sniff and send ICMP4/ICMP6 time exceeded

Tool 83: Sniff and send ICMP4/ICMP6 time exceeded

Description:

  This tool sends an ICMP error message when a packet matching filter
  is sniffed.
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 83 [-d device] [-f filter] [-c uint32] [-i ip] [-s spoofip]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-c|--code uint32 ICMP code 0
-i|--src-ip ip source IP address 192.168.100.200
-s|--spoofip spoofip IP spoof initialization type linkbraw

Example:

  netwox 83

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/208.html0000644000000000000000000001001711776302040021124 0ustar rootroot Tool 208: SMB/CIFS client: recursively put a directory

Tool 208: SMB/CIFS client: recursively put a directory

Description:

  This tool is a simple SMB/CIFS client recursively putting a directory.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 208 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f dir -F dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--localdirname dir local dir name /tmp
-F|--remotedirname dir remote dir name mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 208 -i "5.6.7.8" -s "C$" -f "/tmp" -F "mydir"

  netwox 208 --dst-ip "5.6.7.8" --share "C$" --localdirname "/tmp" --remotedirname "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/152.html0000644000000000000000000000514211776302040021125 0ustar rootroot Tool 152: Interactive IRC client

Tool 152: Interactive IRC client

Description:

  This tool is a simple interactive IRC client.
  Under Unix, press Control-R if a message is received during writing.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 152 -i ip -n login -u login [-w password] [-r data] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-n|--nickname login nickname  
-u|--username login username  
-w|--password password password  
-r|--realname data real name  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 6667
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  

Examples:

  netwox 152 -i "5.6.7.8" -n "" -u ""

  netwox 152 --dst-ip "5.6.7.8" --nickname "" --username ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/43.html0000644000000000000000000000607011776302040021045 0ustar rootroot Tool 43: Spoof of packet samples : fragment, ip4opt:noop

Tool 43: Spoof of packet samples : fragment, ip4opt:noop

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IP4 options and can be fragmented before been sent.
  IP4 options only contains NoOperations options.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4 option, send

Usage:

  netwox 43 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 43

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/93.html0000644000000000000000000000611711776302040021054 0ustar rootroot Tool 93: TCP remote administration server

Tool 93: TCP remote administration server

Description:

  This tool permits to remotely administer computer. Tools 94, 95 and 96
  will run a command, get a file and store a file on this server.
  
  Parameter --password defines password to use for connection.
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  Parameter --rootdir defines the root directory for put and get file
  operations (cannot exit this root jail).
  Setting --no-allow-exec, --no-allow-get or --no-allow-put restricts
  allowed operations.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.

Usage:

  netwox 93 -P port [-w password] [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype] [-c ips] [-r dir] [-T uint32] [-X|+X] [-G|+G] [-U|+U]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-w|--password password password netwox
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-c|--allowed-clients ips clients allowed to connect all
-r|--rootdir dir root directory /tmp
-T|--timeout uint32 timeout in seconds 60
-X|--allow-exec|+X|--no-allow-exec allow exec This boolean is set.
Use + or --no- to unset it.
-G|--allow-get|+G|--no-allow-get allow get This boolean is set.
Use + or --no- to unset it.
-U|--allow-put|+U|--no-allow-put allow put This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 93 -P "1234"

  netwox 93 --src-port "1234"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/4.html0000644000000000000000000000306111776302040020757 0ustar rootroot Tool 4: Display information about an Ethernet address

Tool 4: Display information about an Ethernet address

Description:

  This tool obtains addresses related to an Ethernet address.
  
  Parameter --title displays title in front of each result.
  Parameter --ip displays IP address.
  Parameter --host displays main hostname.
  Parameter --hosts displays list of hostnames (one IP address can have
  several hostnames).
  If no option (ip, host, hosts) is set, they are all displayed.

Synonyms:

  computer, hostname, mac, resolve, show

Usage:

  netwox 4 -e eth [-t|+t] [-i|+i] [-h|+h] [-H|+H]

Parameters:

parameter description example
-e|--eth eth ethernet address E0:69:95:6F:ED:9A
-t|--title|+t|--no-title display titles  
-i|--ip|+i|--no-ip obtain IP address  
-h|--host|+h|--no-host obtain hostname  
-H|--hosts|+H|--no-hosts obtain hostnames  

Examples:

  netwox 4 -e "E0:69:95:6F:ED:9A"

  netwox 4 --eth "E0:69:95:6F:ED:9A"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/115.html0000644000000000000000000000607711776302040021134 0ustar rootroot Tool 115: FTP client : get a directory recursively

Tool 115: FTP client : get a directory recursively

Description:

  This tool retrieves a directory, and all its sub-directories, from a
  FTP server.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  download

Usage:

  netwox 115 -i ip [-u login] [-a password] [-V|+V] -F dir -f dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-F|--remote-dir dir remote dir mydir
-f|--local-dir dir local dir /tmp/mydir2
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 115 -i "5.6.7.8" -F "mydir" -f "/tmp/mydir2"

  netwox 115 --dst-ip "5.6.7.8" --remote-dir "mydir" --local-dir "/tmp/mydir2"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/116.html0000644000000000000000000000604311776302040021126 0ustar rootroot Tool 116: FTP client : put a directory recursively

Tool 116: FTP client : put a directory recursively

Description:

  This tool stores a directory, and all its sub-directories, to a FTP
  server.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  upload

Usage:

  netwox 116 -i ip [-u login] [-a password] [-V|+V] -f dir -F dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-f|--local-dir dir local dir /tmp
-F|--remote-dir dir remote dir mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 116 -i "5.6.7.8" -f "/tmp" -F "mydir"

  netwox 116 --dst-ip "5.6.7.8" --local-dir "/tmp" --remote-dir "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/173.html0000644000000000000000000000615411776302040021134 0ustar rootroot Tool 173: Download overview of one, or more, newsgroup messages

Tool 173: Download overview of one, or more, newsgroup messages

Description:

  This tool downloads the overview of messages in a newsgroup.
  It uses a NNTP extension named XOVER.
  The overview contains article number, subject, author, date,
  message-id, references, byte count, and line count.
  
  Parameter --newsgroup sets the newsgroup name.
  Parameters --user and --pass defines the username and password.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 173 -i ip -g newsgroup -n uint32 [-N uint32] [-u login] [-a password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-g|--newsgroup newsgroup newsgroup name comp.lang.c
-n|--firstartnum uint32 first article number 1
-N|--lastartnum uint32 last article number 1
-u|--user login username  
-a|--pass password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 119
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 173 -i "5.6.7.8" -g "comp.lang.c" -n "1"

  netwox 173 --dst-ip "5.6.7.8" --newsgroup "comp.lang.c" --firstartnum "1"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/87.html0000644000000000000000000000513211776302040021053 0ustar rootroot Tool 87: TCP client

Tool 87: TCP client

Description:

  This tool connects to a TCP server. It's like telnet command.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  Parameter --encode defines how to display data (common values: data,
  dump, mixed).
  Parameter --decode defines how keyboard data is entered (common
  values: data, mixed).

Synonyms:

  nc, netcat

Usage:

  netwox 87 -i ip -p port [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-k decode] [-n encode]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-k|--decode decode how keyboard data is entered data
-n|--encode encode how network data is displayed data

Examples:

  netwox 87 -i "5.6.7.8" -p "80"

  netwox 87 --dst-ip "5.6.7.8" --dst-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/44.html0000644000000000000000000000606011776302040021045 0ustar rootroot Tool 44: Spoof of packet samples : fragment, ip4opt:rr

Tool 44: Spoof of packet samples : fragment, ip4opt:rr

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IP4 options and can be fragmented before been sent.
  IP4 options contains a Record Route option.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4 option, send

Usage:

  netwox 44 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 44

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/195.html0000644000000000000000000000451511776302040021137 0ustar rootroot Tool 195: IDENT server

Tool 195: IDENT server

Description:

  This tool is an IDENT server.
  If --username is set, it always reply 'USERID : UNIX :user'.
  If --username is unset, it always reply 'ERROR : HIDDEN-USER'.
  
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Usage:

  netwox 195 [-u login] [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32] [-c ips]

Parameters:

parameter description example
-u|--username login username to reply  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 113
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--timeout uint32 timeout in ms 60000
-c|--allowed-clients ips clients allowed to connect all

Example:

  netwox 195

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/27.html0000644000000000000000000000157211776302040021051 0ustar rootroot Tool 27: Compute MD5 of a file

Tool 27: Compute MD5 of a file

Description:

  This tool computes the MD5 checksum of a file.
  A MD5 checksum is a hash ensuring a file has not been corrupted.

Synonyms:

  hash, md5sum, verify

Usage:

  netwox 27 -f file

Parameters:

parameter description example
-f|--src-file file source filename srcfile.txt

Examples:

  netwox 27 -f "srcfile.txt"

  netwox 27 --src-file "srcfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/102.html0000644000000000000000000000665111776302040021126 0ustar rootroot Tool 102: Query a DNS server

Tool 102: Query a DNS server

Description:

  This tool queries a DNS server. For example, it can retrieve IP
  address associated to a hostname.
  Parameter --dst-ip defines the DNS server address. This server has to
  be authoritative for the query requested (or allow recursion, if
  --recurdesired is set).
  Parameter --name contains the name to query.
  Parameter --type indicates the requested information type.
  
  Example: 'netwox 102 server --name www.example.com --type a'
  Example: 'netwox 102 server --name 1.2.3.4 --type ptr'
  Example: 'netwox 102 server --name example.com --type mx'
  
  Parameter --tcp uses TCP instead of UDP. This is generally not
  allowed.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  dig, nslookup

Usage:

  netwox 102 -i ip -n hostname -y data [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-c data] [-u|+u] [-C|+C] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-n|--name hostname name to query www.example.com
-y|--type data type (a, ptr, ns, etc.) a
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 53
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-c|--class data class (in, ch, etc.) in
-u|--recurdesired|+u|--no-recurdesired recursion desired  
-C|--tcp|+C|--no-tcp if use TCP instead of UDP  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 102 -i "5.6.7.8" -n "www.example.com" -y "a"

  netwox 102 --dst-ip "5.6.7.8" --name "www.example.com" --type "a"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/12.html0000644000000000000000000000147211776302040021042 0ustar rootroot Tool 12: Display which values to use for netwox parameters

Tool 12: Display which values to use for netwox parameters

Description:

  This tool displays values to use for some netwox parameters.
  Some netwox parameters are not easy to guess. Netwag does not have
  this problem, because it lists accepted values.
  
  For example, running 'netwox 7 --help2' displays (extract)
   -R|--paraname recordencode ...
  This indicates parameter -R is of type 'recordencode'. Searching
  for recordencode in output of tool 12 will list all possible values
  (hexa, mixed, ...).

Synonyms:

  help, show

Usage:

  netwox 12
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/103.html0000644000000000000000000000520111776302040021115 0ustar rootroot Tool 103: Obtain version of a Bind DNS server

Tool 103: Obtain version of a Bind DNS server

Description:

  This tool requests the version of a Bind DNS server. Bind is a common
  Unix DNS server. It provides a method to request its versions.
  Please note, some server administrator change this field to hide their
  DNS server type.
  
  Parameter --tcp uses TCP instead of UDP. This is generally not
  allowed.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 103 -i ip [-C|+C] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-C|--tcp|+C|--no-tcp if use TCP instead of UDP  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 53
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 103 -i "5.6.7.8"

  netwox 103 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/85.html0000644000000000000000000000635011776302040021054 0ustar rootroot Tool 85: Sniff and send ICMP4 source quench

Tool 85: Sniff and send ICMP4 source quench

Description:

  This tool sends an ICMP error message when a packet matching filter
  is sniffed.
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 85 [-d device] [-f filter] [-i ip] [-s spoofip]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-i|--src-ip ip source IP address 192.168.100.200
-s|--spoofip spoofip IP spoof initialization type linkbraw

Example:

  netwox 85

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/222.html0000644000000000000000000000213511776302040021122 0ustar rootroot Tool 222: In a HMTL file, suppress links pointing to local urls

Tool 222: In a HMTL file, suppress links pointing to local urls

Description:

  This tool suppresses links to local urls/uris located in a HTML file.
  For example, a HTML file may contain http://s/, mailto:a@a, dir/file.
  In this case, only the first one (http://s/) is kept. Other tags are
  suppressed.

Usage:

  netwox 222 -i file -o file

Parameters:

parameter description example
-i|--src-file file input HTML file t.htm
-o|--dst-file file created HTML file out.htm

Examples:

  netwox 222 -i "t.htm" -o "out.htm"

  netwox 222 --src-file "t.htm" --dst-file "out.htm"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/77.html0000644000000000000000000000533411776302040021056 0ustar rootroot Tool 77: Check if seqnum are predictible

Tool 77: Check if seqnum are predictible

Description:

  This tool sends a lot of TCP SYN packets, and displays seqnum (ISN) in
  TCP SYN-ACK replies. This seqnum should be random, otherwise a blind
  spoofing attack is possible.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  isn

Usage:

  netwox 77 -i ip -p port [-s spoofip] [-w uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-s|--spoofip spoofip IP spoof initialization type linkbraw
-w|--max-wait uint32 maximum waiting time for answer (in msec) 1000

Examples:

  netwox 77 -i "5.6.7.8" -p "80"

  netwox 77 --dst-ip "5.6.7.8" --dst-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/139.html0000644000000000000000000000246211776302040021134 0ustar rootroot Tool 139: Web spider on command line (fully recursive)

Tool 139: Web spider on command line (fully recursive)

Description:

  This tool spiders a HTTP or FTP url. 'Spidering' an url means to
  download the url, read the new urls it contains, download them, and so
  on recursively.
  It stops when all url have been downloaded. So it is not suitable for
  web sites with outgoing web branches (use tool 210 or 138 instead).

Synonyms:

  curl, wget

Usage:

  netwox 139 -u uri [-r dir] [-v|+v]

Parameters:

parameter description example
-u|--url uri url to download http://www.example.com/
-r|--rootdir dir local root directory ./spider
-v|--verbose|+v|--no-verbose be verbose  

Examples:

  netwox 139 -u "http://www.example.com/"

  netwox 139 --url "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/126.html0000644000000000000000000000470111776302040021126 0ustar rootroot Tool 126: HTTP remote administration server

Tool 126: HTTP remote administration server

Description:

  This tool is a web server permitting clients to run a command.
  
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Synonyms:

  exec, run, web

Usage:

  netwox 126 [-l login] [-L password] [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32] [-c ips]

Parameters:

parameter description example
-l|--login login login needed to access  
-L|--password password password needed to access  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 80
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--timeout uint32 timeout in ms 60000
-c|--allowed-clients ips clients allowed to connect all

Example:

  netwox 126

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/177.html0000644000000000000000000000450011776302040021131 0ustar rootroot Tool 177: Check if a SMTP server is up

Tool 177: Check if a SMTP server is up

Description:

  This tool connects on a SMTP server, then, send a QUIT.
  It ensures the server is working properly.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 177 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 25
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 177 -i "5.6.7.8"

  netwox 177 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/160.html0000644000000000000000000001026411776302040021125 0ustar rootroot Tool 160: SNMP Walk

Tool 160: SNMP Walk

Description:

  This tool requests a WALK on a SNMP server. It permits to retrieve the
  value of one item, and of successive ones.
  
  Parameter --oid is the oid to query. An oid is for example
  '.1.3.6.1.2.1.1.4.0'.
  
  Parameter --version defines SNMP version to use (from 1 to 3).
  Versions 1 and 2 need --community parameter to set community name.
  Version 3 requires --username and --password. Parameter --authmd5
  indicates if md5 authentication is used. Parameters
  --authoritativeengineid, --authoritativeengineboots,
  --authoritativeenginetime, --contextengineid and --contextname are
  optional version 3 parameters.
  Parameter --display shows packets.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  snmpwalk

Usage:

  netwox 160 -i ip [-c password] -q oid [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-m|+m] [-u login] [-w password] [-A mixed_data] [-B uint32] [-M uint32] [-C mixed_data] [-N data] [-T uint32] [-y|+y]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-c|--community password SNMPv1/v2 community public
-q|--oid oid OID to query .0.1
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 161
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--version uint32 SNMP version (1, 2 or 3) 1
-m|--md5auth|+m|--no-md5auth SNMPv3 auth using MD5 This boolean is set.
Use + or --no- to unset it.
-u|--username login SNMPv3 username  
-w|--password password SNMPv3 password  
-A|--authoritativeengineid mixed_data SNMPv3 authoritativeengineid  
-B|--authoritativeengineboots uint32 SNMPv3 authoritativeengineboots 0
-M|--authoritativeenginetime uint32 SNMPv3 authoritativeenginetime 0
-C|--contextengineid mixed_data SNMPv3 contextengineid  
-N|--contextname data SNMPv3 contextname  
-T|--timeout uint32 timeout in ms 10000
-y|--display|+y|--no-display display packets  

Examples:

  netwox 160 -i "5.6.7.8" -q ".0.1"

  netwox 160 --dst-ip "5.6.7.8" --oid ".0.1"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/7.html0000644000000000000000000001135611776302040020770 0ustar rootroot Tool 7: Sniff

Tool 7: Sniff

Description:

  This tool captures network packets. It can display them, or save them
  in a file (named 'record' in netwox).
  
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --pause permits to press P (pause) or Q (quit) keys
  to pause or stop capture.
  Parameter --hdrencode and --dataencode defines how to display header
  and data/payload. Common useful values are: array, dump, synth,
  nothing, text. Full list is available through netwag or running tool
  12.
  Parameter --rawip indicates to ignore Ethernet/link layer, and start
  displaying at IP header.
  Parameter --extended indicates to try to decode other protocols such
  as DNS or DHCP.
  Parameter --ipreas tries to reassemble IP packets. This might miss
  packets.
  Parameter --tcpreord tries to reorder TCP flow (seqnum increments).
  This might miss packets.
  
  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  Parameter --outfile indicates the name of file where to store captured
  packets. Parameter --recordencode defines how to encode data in this
  file (suggested values: bin, pcap and mixed_wrap). Capture can
  automatically swap file using parameters --split-size or --split-age.
  The DLT (Data Link Type) of packets in this record will be 'raw' if
  --rawip is set, otherwise the sniff DLT obtained by tool 13.
  
  This tool may need to be run with admin privilege in order to sniff.

Synonyms:

  capture, ethereal, frame, pcap, snoop, tcpdump

Usage:

  netwox 7 [-d device] [-f filter] [-p|+p] [-H encode] [-D encode] [-r|+r] [-x|+x] [-i|+i] [-t|+t] [-s|+s] [-o file] [-R recordencode] [-c uint32] [-C uint32] [-Q|+Q]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-p|--pause|+p|--no-pause can pause  
-H|--hdrencode encode header encoding type for screen array
-D|--dataencode encode data encoding type for screen dump
-r|--rawip|+r|--no-rawip sniff at IP level  
-x|--extended|+x|--no-extended display other protocols This boolean is set.
Use + or --no- to unset it.
-i|--ipreas|+i|--no-ipreas reassemble IP packets  
-t|--tcpreord|+t|--no-tcpreord reorder TCP packets  
-s|--screen|+s|--no-screen display to screen This boolean is set.
Use + or --no- to unset it.
-o|--outfile file save in record file dstfile.txt
-R|--recordencode recordencode encoding type for record file bin
-c|--split-size uint32 maximum size of record in kb 0
-C|--split-age uint32 maximum age of record in seconds 0
-Q|--losepriv|+Q|--no-losepriv lose privileges to nobody user under Linux  

Example:

  netwox 7

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/14.html0000644000000000000000000000454211776302040021045 0ustar rootroot Tool 14: Spoof a record

Tool 14: Spoof a record

Description:

  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  
  This tool reads packets stored in a record, and send them to the
  network.
  
  Parameter --file indicates the record filename.
  Parameter --dlt defines the DLT of packets in record (it depends on
  how it was sniffed, generally 'ether' (for Ethernet) or 'raw' (if
  packet starts at IP header)). Full list is available through netwag or
  running tool 12.
  If dlt is not raw, parameter --device indicates the device to use.
  If dlt is raw, parameter --spoofip indicates how to send packets.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  capture, frame, send

Usage:

  netwox 14 -f file [-t dlt] [-s|+s] [-k|+k] [-d device] [-i spoofip]

Parameters:

parameter description example
-f|--file file read from record file srcfile.txt
-t|--dlt dlt dlt type of data stored in record ether
-s|--screen|+s|--no-screen display packets before sending them  
-k|--keypress|+k|--no-keypress press a key for each packet  
-d|--device device device for spoof (if dlt!=raw) Eth0
-i|--spoofip spoofip ip spoof type (if dlt==raw) best

Examples:

  netwox 14 -f "srcfile.txt"

  netwox 14 --file "srcfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/22.html0000644000000000000000000000561611776302040021047 0ustar rootroot Tool 22: Convert a string

Tool 22: Convert a string

Description:

  This tool converts a text, from/to text, hexadecimal, mixed, base64
  and md4/md5 (md4/md5 sum can only be computed).
  For example:
    netwox 22 --hexa 4142
    netwox 22 --hexa 4142 --disp-mixed

Synonyms:

  base64, hexadecimal, text, mixed, md5sum

Usage:

  netwox 22 -d data [-s|+s] [-h|+h] [-m|+m] [-b|+b] [-t|+t] [-S|+S] [-H|+H] [-M|+M] [-B|+B] [-2|+2] [-4|+4] [-5|+5] [-C|+C] [-D|+D] [-E|+E] [-F|+F] [-G|+G] [-J|+J] [-K|+K]

Parameters:

parameter description example
-d|--data data data to convert hello
-s|--string|+s|--no-string data is string This boolean is set.
Use + or --no- to unset it.
-h|--hexa|+h|--no-hexa data is hexa  
-m|--mixed|+m|--no-mixed data is mixed  
-b|--base64|+b|--no-base64 data is base64  
-t|--title|+t|--no-title display titles  
-S|--disp-string|+S|--no-disp-string display string  
-H|--disp-hexa|+H|--no-disp-hexa display hexa  
-M|--disp-mixed|+M|--no-disp-mixed display mixed  
-B|--disp-base64|+B|--no-disp-base64 display base64  
-2|--disp-md2|+2|--no-disp-md2 display md2  
-4|--disp-md4|+4|--no-disp-md4 display md4  
-5|--disp-md5|+5|--no-disp-md5 display md5  
-C|--disp-ripemd128|+C|--no-disp-ripemd128 display ripemd128  
-D|--disp-ripemd160|+D|--no-disp-ripemd160 display ripemd160  
-E|--disp-sha1|+E|--no-disp-sha1 display sha1  
-F|--disp-sha224|+F|--no-disp-sha224 display sha224  
-G|--disp-sha256|+G|--no-disp-sha256 display sha256  
-J|--disp-sha384|+J|--no-disp-sha384 display sha384  
-K|--disp-sha512|+K|--no-disp-sha512 display sha512  

Examples:

  netwox 22 -d "hello"

  netwox 22 --data "hello"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/99.html0000644000000000000000000000474311776302040021065 0ustar rootroot Tool 99: TELNET client

Tool 99: TELNET client

Description:

  This tool is a very simple implementation of a telnet client.
  In vi editor, keys jklm can be used instead of arrows.
  To have a better environment, run 'export TERM=vt100'.
  
  Parameter --line-by-line defines if client works line by line
  (obsolete, but it will work with all servers).
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 99 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-L|+L]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 23
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-L|--line-by-line|+L|--no-line-by-line line by line mode  

Examples:

  netwox 99 -i "5.6.7.8"

  netwox 99 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/41.html0000644000000000000000000000737511776302040021054 0ustar rootroot Tool 41: Spoof Ip4Icmp4 packet

Tool 41: Spoof Ip4Icmp4 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 41 [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o uint32] [-p uint32] [-a spoofip] [-r uint32] [-s uint32] [-t uint32] [-u uint32]

Parameters:

parameter description example
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--icmp-type uint32 ICMP type 0
-p|--icmp-code uint32 ICMP code 0
-a|--spoofip spoofip IP spoof initialization type best
-r|--ip4-ihl uint32 IP4 ihl 5
-s|--ip4-totlen uint32 IP4 totlen 0
-t|--ip4-checksum uint32 IP4 checksum 0
-u|--icmp-checksum uint32 ICMP checksum 0

Example:

  netwox 41

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/205.html0000644000000000000000000001000411776302040021115 0ustar rootroot Tool 205: SMB/CIFS client: get a file

Tool 205: SMB/CIFS client: get a file

Description:

  This tool is a simple SMB/CIFS client getting a file.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 205 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -F file -f file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-F|--remotefilename file remote file name file.txt
-f|--localfilename file local file name dstfile.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 205 -i "5.6.7.8" -s "C$" -F "file.txt" -f "dstfile.txt"

  netwox 205 --dst-ip "5.6.7.8" --share "C$" --remotefilename "file.txt" --localfilename "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/71.html0000644000000000000000000000257211776302040021051 0ustar rootroot Tool 71: Scan ARP

Tool 71: Scan ARP

Description:

  This tool checks if several hosts are up.
  This tool sends an ARP request. If host is up, it will send back an
  ARP Reply.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 71 -i ips [-m uint32] [-M uint32] [-u|+u] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 71 -i "1.2.3.4,5.6.7.8"

  netwox 71 --ips "1.2.3.4,5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/1.html0000644000000000000000000000473111776302040020761 0ustar rootroot Tool 1: Display network configuration

Tool 1: Display network configuration

Description:

  This tool displays network configuration:
   - the list of devices/interfaces:
      + nu: device number
      + dev: easy device name
      + eth_hw: Ethernet address or hardware type (if not Ethernet)
      + mtu: MTU (maximum size of packets)
      + real_dev: real device name
   - the list of IP addresses:
      + nu: device number of device associated to this address
      + ip: IP address
      + netmask: network mask
      + ppp: if true(1), this address is a Point To Point
      + ppp_with: if ppp, this is the address of remote endpoint
   - the IP4 ARP cache or IP6 neighbor (this contains Ethernet
     addresses for other computers)
      + nu: device number of device associated to this entry
      + eth: Ethernet address of computer
      + ip: IP address of computer
   - the routes
      + nu: device number of device associated to this entry
      + destination/netmask: destination addresses
      + source: source IP address, or local for a local route
      + gateway: gateway (first router) to use
      + metric: metric of route
  
  Parameter --device ask to display devices list.
  Parameter --ip ask to display ip list.
  Parameter --arpcache ask to display ARP cache and neighbors.
  Parameter --routes ask to display routes list.
  If no Parameter is set, they are all displayed.
  
  This tool may need to be run with admin privilege in order to obtain
  full network configuration.

Synonyms:

  address, arp, device, gateway, ifconfig, interface, ipconfig, mac, neighbor, netmask, route, show

Usage:

  netwox 1 [-d|+d] [-i|+i] [-a|+a] [-r|+r]

Parameters:

parameter description example
-d|--devices|+d|--no-devices display devices  
-i|--ip|+i|--no-ip display ip addresses  
-a|--arpcache|+a|--no-arpcache display arp cache and neighbors  
-r|--routes|+r|--no-routes display routes  

Example:

  netwox 1

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/206.html0000644000000000000000000001000411776302040021116 0ustar rootroot Tool 206: SMB/CIFS client: put a file

Tool 206: SMB/CIFS client: put a file

Description:

  This tool is a simple SMB/CIFS client putting a file.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 206 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f file -F file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--localfilename file local file name srcfile.txt
-F|--remotefilename file remote file name file.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 206 -i "5.6.7.8" -s "C$" -f "srcfile.txt" -F "file.txt"

  netwox 206 --dst-ip "5.6.7.8" --share "C$" --localfilename "srcfile.txt" --remotefilename "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/156.html0000644000000000000000000000527011776302040021133 0ustar rootroot Tool 156: Network performance measurement : TCP client

Tool 156: Network performance measurement : TCP client

Description:

  This tool connects on tool 155. It permits to measure throughput and
  jitter for TCP. So, tool 155 is ran on one computer, and tool 156 on
  another.
  
  Parameter --chunksize changes the size of data used for each step.
  Parameter --duration defines the duration of test in milliseconds.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  iperf

Usage:

  netwox 156 -i ip -p port [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-s uint32] [-u uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-s|--chunksize uint32 chunk size 500
-u|--duration uint32 test duration in ms 5000

Examples:

  netwox 156 -i "5.6.7.8" -p "80"

  netwox 156 --dst-ip "5.6.7.8" --dst-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/82.html0000644000000000000000000000653111776302040021052 0ustar rootroot Tool 82: Sniff and send ICMP4/ICMP6 destination unreachable

Tool 82: Sniff and send ICMP4/ICMP6 destination unreachable

Description:

  This tool sends an ICMP error message when a packet matching filter
  is sniffed.
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 82 [-d device] [-f filter] [-c uint32] [-i ip] [-s spoofip]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-c|--code uint32 ICMP code 0
-i|--src-ip ip source IP address 192.168.100.200
-s|--spoofip spoofip IP spoof initialization type linkbraw

Example:

  netwox 82

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/42.html0000644000000000000000000000571511776302040021051 0ustar rootroot Tool 42: Spoof of packet samples : fragment

Tool 42: Spoof of packet samples : fragment

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets can be fragmented before been sent.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4, send

Usage:

  netwox 42 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 42

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/18.html0000644000000000000000000000476211776302040021055 0ustar rootroot Tool 18: Reassemble IP packets of a record, and reorder TCP flow

Tool 18: Reassemble IP packets of a record, and reorder TCP flow

Description:

  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  
  This tool reads packet from one record, tries to reassemble IP packets
  and reorder TCP sequences. Please note, packets may be lost.
  
  Parameter --src-file indicates the input record filename.
  Parameter --input-dlt defines the DLT of packets in input record (it
  depends on how it was sniffed, generally 'ether' (for Ethernet) or
  'raw' (if packet starts at IP header)). Full list is available through
  netwag or running tool 12.
  Parameter --dst-file indicates the output record filename.
  Parameter --recordencode defines how to encode data in this record
  (suggested values: bin, pcap and mixed_wrap).
  Parameter --tcpreord tries to reorder TCP flow (seqnum increments).
  This might miss packets.

Synonyms:

  capture

Usage:

  netwox 18 -f file [-t dlt] -F file [-r recordencode] [-o|+o]

Parameters:

parameter description example
-f|--src-file file input record file srcfile.txt
-t|--input-dlt dlt dlt type of input record ether
-F|--dst-file file output record file dstfile.txt
-r|--recordencode recordencode encoding type for output record bin
-o|--tcpreord|+o|--no-tcpreord also reorder TCP packets  

Examples:

  netwox 18 -f "srcfile.txt" -F "dstfile.txt"

  netwox 18 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/55.html0000644000000000000000000000246311776302040021052 0ustar rootroot Tool 55: Ping ARP

Tool 55: Ping ARP

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an ARP request. If host is up, it will send back an
  ARP Reply.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 55 -i ip [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 55 -i "5.6.7.8"

  netwox 55 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/210.html0000644000000000000000000000251611776302040021122 0ustar rootroot Tool 210: Web spider on command line (stay in same directory)

Tool 210: Web spider on command line (stay in same directory)

Description:

  This tool spiders a HTTP or FTP url. 'Spidering' an url means to
  download the url, read the new urls it contains, download them, and so
  on recursively.
  It stops when all url of requested directory have been downloaded.
  For example, 'http://s/dir/page.html', will retrieve all files in
  'http://s/dir/'.

Synonyms:

  curl, wget

Usage:

  netwox 210 -u uri [-r dir] [-v|+v]

Parameters:

parameter description example
-u|--url uri url to download http://www.example.com/
-r|--rootdir dir local root directory ./spider
-v|--verbose|+v|--no-verbose be verbose  

Examples:

  netwox 210 -u "http://www.example.com/"

  netwox 210 --url "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/75.html0000644000000000000000000000177211776302040021056 0ustar rootroot Tool 75: Fill table of a switch using a flood of Ethernet packets

Tool 75: Fill table of a switch using a flood of Ethernet packets

Description:

  This tool sends a lot of fake Ethernet packets. On some old switches,
  their table becomes full, and the switch starts behaving like a hub.
  It permits to sniff on those switched LAN.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hub, mac

Usage:

  netwox 75 [-d device]

Parameters:

parameter description example
-d|--device device device name Eth0

Example:

  netwox 75

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/164.html0000644000000000000000000001064111776302040021130 0ustar rootroot Tool 164: SNMP Set

Tool 164: SNMP Set

Description:

  This tool sets the value of a MIB oid.
  
  Parameter --oid defines the oid name.
  Parameter --type defines its type: i,s,m,n,o,a,c,g,t,M,u,U
  Parameter --value defines its value.
  
  Parameter --version defines SNMP version to use (from 1 to 3).
  Versions 1 and 2 need --community parameter to set community name.
  Version 3 requires --username and --password. Parameter --authmd5
  indicates if md5 authentication is used. Parameters
  --authoritativeengineid, --authoritativeengineboots,
  --authoritativeenginetime, --contextengineid and --contextname are
  optional version 3 parameters.
  Parameter --display shows packets.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  snmpset

Usage:

  netwox 164 -i ip [-c password] -n oid -t oidtype -V data [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-m|+m] [-u login] [-w password] [-A mixed_data] [-B uint32] [-M uint32] [-C mixed_data] [-N data] [-T uint32] [-y|+y]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-c|--community password SNMPv1/v2 community public
-n|--name oid oid name .1.3.6.1.2.1.1.4.0
-t|--type oidtype oid type (i,s,m,n,o,a,c,g,t,M,u,U) s
-V|--value data oid value  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 161
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--version uint32 SNMP version (1, 2 or 3) 1
-m|--md5auth|+m|--no-md5auth SNMPv3 auth using MD5 This boolean is set.
Use + or --no- to unset it.
-u|--username login SNMPv3 username  
-w|--password password SNMPv3 password  
-A|--authoritativeengineid mixed_data SNMPv3 authoritativeengineid  
-B|--authoritativeengineboots uint32 SNMPv3 authoritativeengineboots 0
-M|--authoritativeenginetime uint32 SNMPv3 authoritativeenginetime 0
-C|--contextengineid mixed_data SNMPv3 contextengineid  
-N|--contextname data SNMPv3 contextname  
-T|--timeout uint32 timeout in ms 10000
-y|--display|+y|--no-display display packets  

Examples:

  netwox 164 -i "5.6.7.8" -n ".1.3.6.1.2.1.1.4.0" -t "s" -V ""

  netwox 164 --dst-ip "5.6.7.8" --name ".1.3.6.1.2.1.1.4.0" --type "s" --value ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/56.html0000644000000000000000000000342211776302040021047 0ustar rootroot Tool 56: Ping ARP (EthIp spoof)

Tool 56: Ping ARP (EthIp spoof)

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an ARP request. If host is up, it will send back an
  ARP Reply.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 56 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 56 -i "5.6.7.8"

  netwox 56 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/58.html0000644000000000000000000000417411776302040021056 0ustar rootroot Tool 58: Traceroute ICMP (EthIP spoof)

Tool 58: Traceroute ICMP (EthIP spoof)

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends an ICMP Echo Request to a computer. If host is up and
  permitting ping, it will send back an ICMP Echo Reply.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 58 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 58 -i "5.6.7.8"

  netwox 58 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/118.html0000644000000000000000000000513311776302040021127 0ustar rootroot Tool 118: HTTP GET

Tool 118: HTTP GET

Description:

  This tool sends a HTTP request using method GET. HTTP protocol defines
  GET method to retrieve a document.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.
  Parameter --display-headers indicates to display reply headers.
  Parameter --file-headers indicates the filename where to store
  headers.
  Parameter --display-body indicates to display reply body.
  Parameter --file-body indicates the filename where to store body.

Synonyms:

  download, web

Usage:

  netwox 118 -u uri [-s|+s] [-h|+h] [-b|+b] [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-H file] [-B file] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-s|--display-status|+s|--no-display-status display statuscode to screen  
-h|--display-headers|+h|--no-display-headers display headers to screen  
-b|--display-body|+b|--no-display-body display body to screen  
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-H|--file-headers file file receiving headers filehdr.txt
-B|--file-body file file receiving body filebody.txt
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 118 -u "http://www.example.com/"

  netwox 118 --uri "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/124.html0000644000000000000000000000446311776302040021131 0ustar rootroot Tool 124: HTTP OPTIONS

Tool 124: HTTP OPTIONS

Description:

  This tool sends a HTTP request using method OPTIONS. HTTP protocol
  defines OPTIONS method to obtain information about the method
  supported by the web server.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.
  Parameter --display-headers indicates to display reply headers.
  Parameter --file-headers indicates the filename where to store
  headers.

Synonyms:

  web

Usage:

  netwox 124 -u uri [-s|+s] [-h|+h] [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-H file] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-s|--display-status|+s|--no-display-status display statuscode to screen  
-h|--display-headers|+h|--no-display-headers display headers to screen  
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-H|--file-headers file file receiving headers filehdr.txt
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 124 -u "http://www.example.com/"

  netwox 124 --uri "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/68.html0000644000000000000000000000367111776302040021060 0ustar rootroot Tool 68: Scan TCP (EthIp spoof)

Tool 68: Scan TCP (EthIp spoof)

Description:

  This tool checks if several TCP ports are open on host.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 68 -i ips -p ports [-d device] [-E eth] [-I ip] [-m uint32] [-M uint32] [-u|+u] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-p|--ports ports list/range of port number all
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-I|--src-ip ip source IP address 1.2.3.4
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 68 -i "1.2.3.4,5.6.7.8" -p "all"

  netwox 68 --ips "1.2.3.4,5.6.7.8" --ports "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/129.html0000644000000000000000000000203511776302040021127 0ustar rootroot Tool 129: Reassemble chunks of a file

Tool 129: Reassemble chunks of a file

Description:

  This tool reassembles split file. See also tool 128.
  For example, if tool 128 created file.0, file.1, etc., tool 129 will
  reassemble chunks: 'netwox 129 file'. Please note filename has to be
  the same as the one used for tool 128 (the original filename).

Synonyms:

  piece

Usage:

  netwox 129 -f file

Parameters:

parameter description example
-f|--file file filename (without .1/.2/etc extension) dstfile.txt

Examples:

  netwox 129 -f "dstfile.txt"

  netwox 129 --file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/10.html0000644000000000000000000000372511776302040021043 0ustar rootroot Tool 10: Sniff and display network statistics

Tool 10: Sniff and display network statistics

Description:

  This tool sniffs and displays some basic network statistics.
  It supports 7 groups: Ethernet/link, ARP, IP4, IP6, UDP, TCP, ICMP.
  For each one, it displays: packet count (count), sum of packet sizes
  (size), percentage of packet count (c%) and percentage of size (s%).
  Display is updated at most every second.
  
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  
  This tool may need to be run with admin privilege in order to sniff.

Synonyms:

  capture, icmp, ip4, ip6, mac, packet, show

Usage:

  netwox 10 [-d device] [-f filter]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  

Example:

  netwox 10

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/30.html0000644000000000000000000000214311776302040021036 0ustar rootroot Tool 30: Convert a file from unix to dos

Tool 30: Convert a file from unix to dos

Description:

  This tool converts a file using Unix end of lines style (0x0A) to a
  file using Windows end of lines style (0x0D0A).
  This tool permits to convert text files. It does not work on binary
  files.

Synonyms:

  unix2dos

Usage:

  netwox 30 -i file -o file

Parameters:

parameter description example
-i|--src-file file source filename srcfile.txt
-o|--dst-file file destination filename dstfile.txt

Examples:

  netwox 30 -i "srcfile.txt" -o "dstfile.txt"

  netwox 30 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/204.html0000644000000000000000000000776311776302040021136 0ustar rootroot Tool 204: SMB/CIFS client: rename a file

Tool 204: SMB/CIFS client: rename a file

Description:

  This tool is a simple SMB/CIFS client renaming a file.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 204 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f file -F file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--oldfilename file old file name file.txt
-F|--newfilename file new file name file.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 204 -i "5.6.7.8" -s "C$" -f "file.txt" -F "file.txt"

  netwox 204 --dst-ip "5.6.7.8" --share "C$" --oldfilename "file.txt" --newfilename "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/70.html0000644000000000000000000000404311776302040021043 0ustar rootroot Tool 70: Scan UDP (EthIp spoof)

Tool 70: Scan UDP (EthIp spoof)

Description:

  This tool checks if several UDP ports are open on host.
  This tool sends an UDP packet to a computer. If host permits UDP, it
  will send back an ICMP error (if port is closed), or send back nothing
  (if port is open). So, it's important to understand UDP port has to be
  closed for computer to return something.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 70 -i ips -p ports [-d device] [-E eth] [-I ip] [-m uint32] [-M uint32] [-u|+u] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-p|--ports ports list/range of port number all
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-I|--src-ip ip source IP address 1.2.3.4
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 70 -i "1.2.3.4,5.6.7.8" -p "all"

  netwox 70 --ips "1.2.3.4,5.6.7.8" --ports "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/182.html0000644000000000000000000000374611776302040021140 0ustar rootroot Tool 182: Obtain size of a web file (http://... or ftp://...)

Tool 182: Obtain size of a web file (http://... or ftp://...)

Description:

  This tool obtains size of a HTTP or FTP file, without downloading it.
  If it's not possible (url is a directory for example), an error is
  returned.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.

Synonyms:

  curl, wget

Usage:

  netwox 182 -u uri [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-f|+f] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri http://www.example.com/
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-f|--ftp-passive|+f|--no-ftp-passive use passive FTP  
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 182 -u "http://www.example.com/"

  netwox 182 --uri "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/13.html0000644000000000000000000000131311776302040021035 0ustar rootroot Tool 13: Obtain DLT type for sniff and spoof for each device

Tool 13: Obtain DLT type for sniff and spoof for each device

Description:

  This tool reports:
   - if raw IP4 spoof is supported
   - if raw IP6 spoof is supported
   - for each device:
      + if sniff is supported, and its DLT (data link type)
      + if spoof is supported, and its DLT (data link type)
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  capture, device

Usage:

  netwox 13
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/212.html0000644000000000000000000000210011776302040021111 0ustar rootroot Tool 212: Web spider : converts an url to its local downloaded filename

Tool 212: Web spider : converts an url to its local downloaded filename

Description:

  This tool indicates in which local filename an url is stored.
  For example http://server/f.php may be stored in files/02/f.html.

Usage:

  netwox 212 -c file -u uri

Parameters:

parameter description example
-c|--conffile file configuration file srcfile.txt
-u|--url uri url to check http://www.example.com/

Examples:

  netwox 212 -c "srcfile.txt" -u "http://www.example.com/"

  netwox 212 --conffile "srcfile.txt" --url "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/187.html0000644000000000000000000000245211776302040021136 0ustar rootroot Tool 187: Display date and time

Tool 187: Display date and time

Description:

  Display current time (or --time) using several formats.

Usage:

  netwox 187 [-t uint32] [-r|+r] [-u|+u] [-h|+h] [-s|+s] [-n|+n]

Parameters:

parameter description example
-t|--time uint32 time to display 0
-r|--disp-rfc822|+r|--no-disp-rfc822 display rfc822 date This boolean is set.
Use + or --no- to unset it.
-u|--disp-unixdate|+u|--no-disp-unixdate display unix date(1) format  
-h|--disp-human|+h|--no-disp-human display human readable time  
-s|--disp-sec|+s|--no-disp-sec display seconds  
-n|--disp-secnsec|+n|--no-disp-secnsec display seconds and nanoseconds  

Example:

  netwox 187

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/184.html0000644000000000000000000000541711776302040021137 0ustar rootroot Tool 184: UDP relay

Tool 184: UDP relay

Description:

  This tool is a relay: a client will connect to it, then it will
  connect to server. All data received from server is sent back to
  client. All data received from client is sent to server. From server's
  view point, it only sees relay as source IP address. From client's
  viewpoint, it only sees relay as destination IP address.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  Parameter --server-ip is the address of remote host/server.
  Parameter --server-port is the port number where to connect.
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.

Usage:

  netwox 184 -P port -x ip -X port [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype] [-c ips]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-x|--server-ip ip destination IP address 5.6.7.8
-X|--server-port port destination port number 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-c|--allowed-clients ips clients allowed to connect all

Examples:

  netwox 184 -P "1234" -x "5.6.7.8" -X "80"

  netwox 184 --src-port "1234" --server-ip "5.6.7.8" --server-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/106.html0000644000000000000000000000713011776302040021123 0ustar rootroot Tool 106: Send an email

Tool 106: Send an email

Description:

  This tool sends an email. It connects on a SMTP server.
  
  Parameter --from sets From header.
  Parameter --from-name sets the name of user in From header.
  Parameter --subject sets Subject header
  Parameter --file-body is the file containing the body of message.
  Parameter --file-att is the file containing the attachment.
  Parameter --to sets To header.
  Parameter --mail-from sets the MAIL FROM SMTP value. If unset, --from
  is used.
  Parameter --rcpt-to sets the RCPR TO SMTP value. If unset, --to is
  used.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 106 -i ip -f email -r email -S data [-B file] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-F email] [-R email] [-n data] [-A file] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-f|--from email from address user@example.com
-r|--to email to address user2@example.fr
-S|--subject data email subject hello
-B|--file-body file file containing email body file-body.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 25
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-F|--mail-from email mail from address me@example.com
-R|--rcpt-to email rcpt to address you@example.fr
-n|--from-name data from name  
-A|--file-att file file containing email attachment file-att.tgz
-T|--timeout uint32 timeout in milliseconds 180000

Examples:

  netwox 106 -i "5.6.7.8" -f "user@example.com" -r "user2@example.fr" -S "hello"

  netwox 106 --dst-ip "5.6.7.8" --from "user@example.com" --to "user2@example.fr" --subject "hello"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/80.html0000644000000000000000000000274311776302040021051 0ustar rootroot Tool 80: Periodically send ARP replies

Tool 80: Periodically send ARP replies

Description:

  This tool periodically sends unsolicited ARP replies. It can be used
  to corrupt ARP cache of a LAN computer. Then, this computer will start
  sending its data to fake computer, instead of real computer.
  
  This tool may need to be run with admin privilege in order to spoof.

Usage:

  netwox 80 -e eth -i ip [-d device] [-E eth] [-I ip] [-s uint32]

Parameters:

parameter description example
-e|--eth eth ethernet address E0:69:95:6F:ED:9A
-i|--ip ip IP address 192.168.100.200
-d|--device device device for spoof Eth0
-E|--eth-dst eth to whom answer 0:8:9:a:b:c
-I|--ip-dst ip to whom answer 5.6.7.8
-s|--sleep uint32 sleep delay in ms 1000

Examples:

  netwox 80 -e "E0:69:95:6F:ED:9A" -i "192.168.100.200"

  netwox 80 --eth "E0:69:95:6F:ED:9A" --ip "192.168.100.200"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/9.html0000644000000000000000000000364611776302040020775 0ustar rootroot Tool 9: Sniff and display Ethernet addresses

Tool 9: Sniff and display Ethernet addresses

Description:

  This tool sniffs packets, and tries to decode them. Then, Ethernet
  address associated to decoded IP address is displayed.
  It uses ARP, RARP and IP to obtain this information.
  Please note, this will be inaccurate if IP address is outside the
  Ethernet LAN. It works well in all other cases.
  
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  
  This tool may need to be run with admin privilege in order to sniff.

Synonyms:

  capture, mac, show

Usage:

  netwox 9 [-d device] [-f filter]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  

Example:

  netwox 9

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/157.html0000644000000000000000000000415311776302040021133 0ustar rootroot Tool 157: Network performance measurement : UDP server

Tool 157: Network performance measurement : UDP server

Description:

  This tool is a UDP server. Use tool 158 to connect to it and obtain a
  network performance measurement.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).

Synonyms:

  iperf

Usage:

  netwox 157 -P port [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4

Examples:

  netwox 157 -P "1234"

  netwox 157 --src-port "1234"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/133.html0000644000000000000000000000154411776302040021126 0ustar rootroot Tool 133: Convert an url/uri

Tool 133: Convert an url/uri

Description:

  This tool normalizes an url/uri. For example:
    netwox 133 --uri "http://server/path/../foo"
  returns:
    http://server/foo

Usage:

  netwox 133 -u uri

Parameters:

parameter description example
-u|--uri uri uri to convert http://server/path/../foo

Examples:

  netwox 133 -u "http://server/path/../foo"

  netwox 133 --uri "http://server/path/../foo"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/5.html0000644000000000000000000000246511776302040020767 0ustar rootroot Tool 5: Obtain Ethernet addresses of computers in an IP list

Tool 5: Obtain Ethernet addresses of computers in an IP list

Description:

  This tool sends ARP Requests (or IP6 Neighbor Discovery) to obtain
  Ethernet addresses of several computers.
  For example: 'netwox 5 192.168.0.0/24,10.0.0.1-10.0.0.4'.
  If parameter --no-unresolved is used, unresolved addresses are not
  displayed.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof (for Ethernet addresses resolving).

Synonyms:

  host, mac, resolve, show

Usage:

  netwox 5 [-u|+u] -i ips

Parameters:

parameter description example
-u|--unresolved|+u|--no-unresolved display unresolved items  
-i|--ips ips list/range of IP addresses 192.168.1.0/24

Examples:

  netwox 5 -i "192.168.1.0/24"

  netwox 5 --ips "192.168.1.0/24"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/134.html0000644000000000000000000000252411776302040021126 0ustar rootroot Tool 134: Obtain urls/uris in a HMTL file

Tool 134: Obtain urls/uris in a HMTL file

Description:

  This tool reads an HTML file and shows url/uri it contains.

Usage:

  netwox 134 -f file [-h|+h] [-s|+s] [-t|+t] [-n|+n] [-u|+u]

Parameters:

parameter description example
-f|--filename file HTML file file.html
-h|--display-http|+h|--no-display-http display http:// uris  
-s|--display-https|+s|--no-display-https display https:// uris  
-t|--display-ftp|+t|--no-display-ftp display ftp:// uris  
-n|--display-none|+n|--no-display-none display local uris  
-u|--display-unknown|+u|--no-display-unknown display unknown uris  

Examples:

  netwox 134 -f "file.html"

  netwox 134 --filename "file.html"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/183.html0000644000000000000000000000541711776302040021136 0ustar rootroot Tool 183: TCP relay

Tool 183: TCP relay

Description:

  This tool is a relay: a client will connect to it, then it will
  connect to server. All data received from server is sent back to
  client. All data received from client is sent to server. From server's
  view point, it only sees relay as source IP address. From client's
  viewpoint, it only sees relay as destination IP address.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  Parameter --server-ip is the address of remote host/server.
  Parameter --server-port is the port number where to connect.
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.

Usage:

  netwox 183 -P port -x ip -X port [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype] [-c ips]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-x|--server-ip ip destination IP address 5.6.7.8
-X|--server-port port destination port number 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-c|--allowed-clients ips clients allowed to connect all

Examples:

  netwox 183 -P "1234" -x "5.6.7.8" -X "80"

  netwox 183 --src-port "1234" --server-ip "5.6.7.8" --server-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/168.html0000644000000000000000000000544511776302040021142 0ustar rootroot Tool 168: FTP server

Tool 168: FTP server

Description:

  This tool is a FTP server.
  
  Parameter --rootdir defines the root directory for put and get file
  operations (cannot exit this root jail).
  Parameters --login and --password defines needed login and password.
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Synonyms:

  proftpd, wuftpd

Usage:

  netwox 168 [-r dir] [-l login] [-L password] [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32] [-c ips] [-U|+U]

Parameters:

parameter description example
-r|--rootdir dir root directory /tmp
-l|--login login login needed to access  
-L|--password password password needed to access  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--timeout uint32 timeout in ms 180000
-c|--allowed-clients ips clients allowed to connect all
-U|--allow-put|+U|--no-allow-put allow put/write on server This boolean is set.
Use + or --no- to unset it.

Example:

  netwox 168

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/46.html0000644000000000000000000000605511776302040021053 0ustar rootroot Tool 46: Spoof of packet samples : fragment, ip4opt:ts

Tool 46: Spoof of packet samples : fragment, ip4opt:ts

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IP4 options and can be fragmented before been sent.
  IP4 options contains a Timestamp option.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4 option, send

Usage:

  netwox 46 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 46

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/218.html0000644000000000000000000000075611776302040021136 0ustar rootroot Tool 218: Netwox internal validation suite

Tool 218: Netwox internal validation suite

Description:

  This tool is very special. It runs internal test suites of netwox.
  
  It is only useful for netwox developers. It does not test every
  module, but only those with independent test cases.

Usage:

  netwox 218
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/186.html0000644000000000000000000000146111776302040021134 0ustar rootroot Tool 186: Millisecond sleep

Tool 186: Millisecond sleep

Description:

  This tool sleeps for an amount of milliseconds.
  Total sleep duration is slightly greater than requested value.

Usage:

  netwox 186 -m uint32

Parameters:

parameter description example
-m|--millisecond uint32 number of millisecond 1000

Examples:

  netwox 186 -m "1000"

  netwox 186 --millisecond "1000"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/137.html0000644000000000000000000000165211776302040021132 0ustar rootroot Tool 137: Create a sample configuration file for tool 138

Tool 137: Create a sample configuration file for tool 138

Description:

  This tool creates a sample configuration file for web spider (tool
  138). After creation, it has to be edited.

Synonyms:

  curl, wget

Usage:

  netwox 137 -f file

Parameters:

parameter description example
-f|--conffile file configuration file dstfile.txt

Examples:

  netwox 137 -f "dstfile.txt"

  netwox 137 --conffile "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/89.html0000644000000000000000000000460111776302040021055 0ustar rootroot Tool 89: TCP server

Tool 89: TCP server

Description:

  This tool listens on a TCP port. Use tool 87 to connect to it.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  Parameter --encode defines how to display data (common values: data,
  dump, mixed).
  Parameter --decode defines how keyboard data is entered (common
  values: data, mixed).

Synonyms:

  nc, netcat

Usage:

  netwox 89 -P port [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype] [-k decode] [-n encode]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-k|--decode decode how keyboard data is entered data
-n|--encode encode how network data is displayed data

Examples:

  netwox 89 -P "1234"

  netwox 89 --src-port "1234"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/200.html0000644000000000000000000000755411776302040021130 0ustar rootroot Tool 200: SMB/CIFS client: delete a directory

Tool 200: SMB/CIFS client: delete a directory

Description:

  This tool is a simple SMB/CIFS client deleting a directory.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 200 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--dirname dir directory name mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 200 -i "5.6.7.8" -s "C$" -f "mydir"

  netwox 200 --dst-ip "5.6.7.8" --share "C$" --dirname "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/191.html0000644000000000000000000000616511776302040021136 0ustar rootroot Tool 191: Generate a password (English, French, Spanish)

Tool 191: Generate a password (English, French, Spanish)

Description:

  This tool generates one or several passwords.
  
  Choosing a password is a complex task: it has to be random, but also
  easy to remember (otherwise people write it down).
  When choosing one password, we can use a mnemotechnic sentence (tiap =
  this is a password) or mix words (house + 2,E: = h2o,uEs:e).
  When a program has to generate passwords (for example for all users of
  an enterprise), the main problem is where to find/store sentences and
  words. An attacker knowing those lists will find passwords using a
  brute force attack.
  
  This password generator uses another method. It generates passwords
  composed of the two first letters of images. An image is an easy to
  remember word. For example:
    netwox 191 --numimages 5 --lang-english
      password: soasprsivo
      images: SOap AStronaut PRofessor SIx VOlcano
  So, user only have to remember those 5 images: soap, astronaut,
  professor, 6 and volcano. Those images are easy to draw or represent
  ideas easy to draw. For higher security, choose 5 or more images.
  
  In order to provide complex passwords, variations of generated
  password are proposed. With the last example:
    variation1: soaspr2ivo. In this case, one letter has changed
                            (s replaced by 2)
    variation2: soAsprs1vo. In this case, two letters have changed
                            (a replaced by A, and i by 1)
  So, you can use soAsprs1vo instead of soasprsivo.
  
  Finally, parameter --pronounceable generates pronounceable passwords.
  For example: netwox 191 --pronounceable --maxsyllables 3

Usage:

  netwox 191 [-n uint32] [-i uint32] [-E|+E] [-F|+F] [-S|+S] [-p|+p] [-m uint32] [-a data]

Parameters:

parameter description example
-n|--numpassword uint32 number of passwords to generate 1
-i|--numimages uint32 number of images in passwords 5
-E|--lang-english|+E|--no-lang-english use English words This boolean is set.
Use + or --no- to unset it.
-F|--lang-french|+F|--no-lang-french use French words  
-S|--lang-spanish|+S|--no-lang-spanish use Spanish words  
-p|--pronounceable|+p|--no-pronounceable generate pronounceable passwords  
-m|--maxsyllables uint32 max syllables in pronounceable passwords 0
-a|--allowedcharvar data allowed characters for variations ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789@|!()[]{}/$+&^*

Example:

  netwox 191

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/148.html0000644000000000000000000000271011776302040021130 0ustar rootroot Tool 148: Ping ICMP6 Neighbor Discovery

Tool 148: Ping ICMP6 Neighbor Discovery

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an ICMP6 Neighbor Discovery request. If host is up, it
  will send back a Neighbor Discovery Reply.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  ip6

Usage:

  netwox 148 -i ip [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IPv6 address fec0:0:0:1::2
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 148 -i "fec0:0:0:1::2"

  netwox 148 --dst-ip "fec0:0:0:1::2"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/107.html0000644000000000000000000000711511776302040021127 0ustar rootroot Tool 107: Post a newsgroup message

Tool 107: Post a newsgroup message

Description:

  This tool posts a newsgroup message. It connects on a NNTP server.
  
  Parameter --from sets From header.
  Parameter --from-name sets the name of user in From header.
  Parameter --subject sets Subject header
  Parameter --file-body is the file containing the body of message.
  Parameter --file-att is the file containing the attachment.
  Parameter --newsgroup sets the newsgroup name.
  Parameters --user and --pass defines the username and password.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  article

Usage:

  netwox 107 -i ip -f email -g newsgroup -S data [-B file] [-u login] [-a password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-n data] [-A file] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-f|--from email user email address user@example.com
-g|--newsgroup newsgroup newsgroup name comp.lang.c
-S|--subject data email subject hello
-B|--file-body file file containing email body file-body.txt
-u|--user login username  
-a|--pass password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 119
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-n|--from-name data from name  
-A|--file-att file file containing email attachment file-att.tgz
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 107 -i "5.6.7.8" -f "user@example.com" -g "comp.lang.c" -S "hello"

  netwox 107 --dst-ip "5.6.7.8" --from "user@example.com" --newsgroup "comp.lang.c" --subject "hello"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/40.html0000644000000000000000000001301611776302040021040 0ustar rootroot Tool 40: Spoof Ip4Tcp packet

Tool 40: Spoof Ip4Tcp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 40 [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o port] [-p port] [-q uint32] [-r uint32] [-s|+s] [-t|+t] [-u|+u] [-v|+v] [-w|+w] [-x|+x] [-y|+y] [-z|+z] [-A|+A] [-B|+B] [-C|+C] [-D|+D] [-E uint32] [-F uint32] [-G tcpopts] [-H mixed_data] [-a spoofip] [-J uint32] [-K uint32] [-L uint32] [-M uint32] [-N uint32]

Parameters:

parameter description example
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--tcp-src port TCP src 1234
-p|--tcp-dst port TCP dst 80
-q|--tcp-seqnum uint32 TCP seqnum (rand if unset) 0
-r|--tcp-acknum uint32 TCP acknum 0
-s|--tcp-reserved1|+s|--no-tcp-reserved1 TCP reserved1  
-t|--tcp-reserved2|+t|--no-tcp-reserved2 TCP reserved2  
-u|--tcp-reserved3|+u|--no-tcp-reserved3 TCP reserved3  
-v|--tcp-reserved4|+v|--no-tcp-reserved4 TCP reserved4  
-w|--tcp-cwr|+w|--no-tcp-cwr TCP cwr  
-x|--tcp-ece|+x|--no-tcp-ece TCP ece  
-y|--tcp-urg|+y|--no-tcp-urg TCP urg  
-z|--tcp-ack|+z|--no-tcp-ack TCP ack  
-A|--tcp-psh|+A|--no-tcp-psh TCP psh  
-B|--tcp-rst|+B|--no-tcp-rst TCP rst  
-C|--tcp-syn|+C|--no-tcp-syn TCP syn  
-D|--tcp-fin|+D|--no-tcp-fin TCP fin  
-E|--tcp-window uint32 TCP window 0
-F|--tcp-urgptr uint32 TCP urgptr 0
-G|--tcp-opt tcpopts TCP options  
-H|--tcp-data mixed_data mixed data  
-a|--spoofip spoofip IP spoof initialization type best
-J|--ip4-ihl uint32 IP4 ihl 5
-K|--ip4-totlen uint32 IP4 totlen 0
-L|--ip4-checksum uint32 IP4 checksum 0
-M|--tcp-doff uint32 TCP data offset 0
-N|--tcp-checksum uint32 TCP checksum 0

Example:

  netwox 40

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/147.html0000644000000000000000000000637411776302040021141 0ustar rootroot Tool 147: Spoof Ip6Icmp6 packet

Tool 147: Spoof Ip6Icmp6 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 147 [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-o uint32] [-p uint32] [-a spoofip] [-e uint32] [-r uint32]

Parameters:

parameter description example
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-o|--icmp-type uint32 ICMP type 0
-p|--icmp-code uint32 ICMP code 0
-a|--spoofip spoofip IP spoof initialization type best
-e|--ip6-payloadlength uint32 IP6 payload length 0
-r|--icmp-checksum uint32 ICMP checksum 0

Example:

  netwox 147

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/33.html0000644000000000000000000000317411776302040021046 0ustar rootroot Tool 33: Spoof EthernetArp packet

Tool 33: Spoof EthernetArp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 33 [-d device] [-a eth] [-b eth] [-c uint32] [-e uint32] [-f eth] [-g ip] [-h eth] [-i ip]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--eth-type uint32 Ethernet type : ARP=2054, RARP=32821 2054
-e|--arp-op uint32 ARP op : 1=ARPREQ, 2=ARPREP, 3=RARPREQ, 4=RARPREP 1
-f|--arp-ethsrc eth ARP ethsrc E0:69:95:6F:ED:9A
-g|--arp-ipsrc ip ARP ipsrc 0.0.0.0
-h|--arp-ethdst eth ARP ethdst 0:0:0:0:0:0
-i|--arp-ipdst ip ARP ipdst 0.0.0.0

Example:

  netwox 33

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/189.html0000644000000000000000000000464111776302040021142 0ustar rootroot Tool 189: SMTP server

Tool 189: SMTP server

Description:

  This tool is a SMTP server. It only stores commands and messages
  in a local directory. It does not try to forward messages.
  
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Synonyms:

  sendmail, qmail, postfix

Usage:

  netwox 189 -m dir [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32] [-c ips]

Parameters:

parameter description example
-m|--maildir dir mail directory /tmp
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 25
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--timeout uint32 timeout in ms 180000
-c|--allowed-clients ips clients allowed to connect all

Examples:

  netwox 189 -m "/tmp"

  netwox 189 --maildir "/tmp"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/135.html0000644000000000000000000000266011776302040021130 0ustar rootroot Tool 135: Convert urls/uris in a HMTL file to absolute urls

Tool 135: Convert urls/uris in a HMTL file to absolute urls

Description:

  This tool converts urls/uris in a file.
  For example, file index.html downloaded from http://srv/R/index.html
  might contain urls of the form '../S/img.png'. Loading index.html in a
  browser will lead to broken images because they are not on the local
  computer. This tool converts '../S/img.png' to the absolute real url
  'http://srv/S/img.png'. Here is how to use it:
    netwox 135 index.html index2.html http://example.com/R/

Usage:

  netwox 135 -i file -o file -u uri

Parameters:

parameter description example
-i|--src-file file input HTML file t.htm
-o|--dst-file file created HTML file out.htm
-u|--url uri absolute url of file http://s/t.htm

Examples:

  netwox 135 -i "t.htm" -o "out.htm" -u "http://s/t.htm"

  netwox 135 --src-file "t.htm" --dst-file "out.htm" --url "http://s/t.htm"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/220.html0000644000000000000000000000175211776302040021124 0ustar rootroot Tool 220: Convert a binary file to a base64 encoded file

Tool 220: Convert a binary file to a base64 encoded file

Description:

  This tool converts a file to a base64 encoded file. Base64 encoding is
  often used in MIME.

Usage:

  netwox 220 -i file -o file

Parameters:

parameter description example
-i|--src-file file source filename srcfile.txt
-o|--dst-file file destination filename dstfile.txt

Examples:

  netwox 220 -i "srcfile.txt" -o "dstfile.txt"

  netwox 220 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/214.html0000644000000000000000000000666011776302040021132 0ustar rootroot Tool 214: Traceroute discovery: graph of network topology

Tool 214: Traceroute discovery: graph of network topology

Description:

  This tool sends traceroute queries to a remote network, and creates
  a graph of remote computers. It traceroutes common TCP/UDP ports,
  and ICMP. Setting min-ttl and max-ttl correctly will speed up
  the scan.
  
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 214 -i ips [-p ports] [-P ports] [-c|+c] [-s spoofip] [-T uint32] [-t uint32] [-m uint32] [-r|+r] [-v|+v]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses all
-p|--tcpports ports list of open tcp ports to scan 21,22,23,25,53,79,80,88,110,113,119,139,143,389,443,445,1080,2401,6000
-P|--udpports ports list of closed udp ports to scan 1,53,67,68,123,137,138,161,162,177,514
-c|--icmp|+c|--no-icmp if icmp is also scanned This boolean is set.
Use + or --no- to unset it.
-s|--spoofip spoofip IP spoof initialization type best
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  
-v|--verbose|+v|--no-verbose display intermediary results  

Examples:

  netwox 214 -i "all"

  netwox 214 --ips "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/26.html0000644000000000000000000000220311776302040021040 0ustar rootroot Tool 26: Dump a file

Tool 26: Dump a file

Description:

  This tool dumps the content of a file.
  
  By using default encoding type (dump), its output has two main columns:
   - on left, data represented as hexadecimal
   - on right, data with unprintable characters converted to dots
  
  Other encoding types permit to obtain base64 (base64_wrap), mixed,
  etc.

Synonyms:

  hexadecimal, printable

Usage:

  netwox 26 -f file [-e encode]

Parameters:

parameter description example
-f|--src-file file source filename srcfile.txt
-e|--encode encode encoding type dump

Examples:

  netwox 26 -f "srcfile.txt"

  netwox 26 --src-file "srcfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/188.html0000644000000000000000000000502611776302040021137 0ustar rootroot Tool 188: SYSLOG server

Tool 188: SYSLOG server

Description:

  This tool is a SYSLOG client showing messages (--showscreen) or
  logging them in a file (--logfile).
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Synonyms:

  syslogd

Usage:

  netwox 188 [-s|+s] [-l file] [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-c ips]

Parameters:

parameter description example
-s|--showscreen|+s|--no-showscreen show data to screen This boolean is set.
Use + or --no- to unset it.
-l|--logfile file log file dstfile.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 514
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-c|--allowed-clients ips clients allowed to connect all

Example:

  netwox 188

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/63.html0000644000000000000000000000656111776302040021054 0ustar rootroot Tool 63: Traceroute on a specified IP protocol

Tool 63: Traceroute on a specified IP protocol

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends an IP only packet. There is no way to detect end (it
  depends on protocol), so user has to interrupt tool at end.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 63 -i ip [-p uint32] [-D mixed_data] [-s spoofip] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--protocol uint32 ip4 protocol 1
-D|--ip4-data mixed_data mixed data  
-s|--spoofip spoofip IP spoof initialization type best
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 63 -i "5.6.7.8"

  netwox 63 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/122.html0000644000000000000000000000442111776302040021121 0ustar rootroot Tool 122: HTTP DELETE

Tool 122: HTTP DELETE

Description:

  This tool sends a HTTP request using method DELETE. HTTP protocol
  defines DELETE method to remote a document from a web server.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.
  Parameter --display-headers indicates to display reply headers.
  Parameter --file-headers indicates the filename where to store
  headers.

Synonyms:

  web

Usage:

  netwox 122 -u uri [-s|+s] [-h|+h] [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-H file] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-s|--display-status|+s|--no-display-status display statuscode to screen  
-h|--display-headers|+h|--no-display-headers display headers to screen  
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-H|--file-headers file file receiving headers filehdr.txt
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 122 -u "http://www.example.com/"

  netwox 122 --uri "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/201.html0000644000000000000000000000776211776302040021132 0ustar rootroot Tool 201: SMB/CIFS client: rename a directory

Tool 201: SMB/CIFS client: rename a directory

Description:

  This tool is a simple SMB/CIFS client renaming a directory.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 201 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f dir -F dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--olddirname dir old directory name mydir
-F|--newdirname dir new directory name mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 201 -i "5.6.7.8" -s "C$" -f "mydir" -F "mydir"

  netwox 201 --dst-ip "5.6.7.8" --share "C$" --olddirname "mydir" --newdirname "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/140.html0000644000000000000000000000376311776302040021131 0ustar rootroot Tool 140: Spoof EthernetIp6 packet

Tool 140: Spoof EthernetIp6 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 140 [-d device] [-a eth] [-b eth] [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-k mixed_data] [-m uint32] [-e uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-k|--ip6-data mixed_data mixed data  
-m|--eth-type uint32 Ethernet type 2048
-e|--ip6-payloadlength uint32 IP6 payload length 0

Example:

  netwox 140

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/154.html0000644000000000000000000000506011776302040021126 0ustar rootroot Tool 154: IRC client listening on a channel

Tool 154: IRC client listening on a channel

Description:

  This tool passively listen on an IRC channel, and displays its
  content. Ask channel operator before running this program.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 154 -i ip -n login -c data [-w password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-n|--nickname login nickname  
-c|--channel data channel #chan
-w|--password password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 6667
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  

Examples:

  netwox 154 -i "5.6.7.8" -n "" -c "#chan"

  netwox 154 --dst-ip "5.6.7.8" --nickname "" --channel "#chan"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/65.html0000644000000000000000000000562311776302040021054 0ustar rootroot Tool 65: Scan ICMP

Tool 65: Scan ICMP

Description:

  This tool checks if several hosts are up.
  This tool sends an ICMP Echo Request to a computer. If host is up and
  permitting ping, it will send back an ICMP Echo Reply.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 65 -i ips [-s spoofip] [-m uint32] [-M uint32] [-u|+u] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-s|--spoofip spoofip IP spoof initialization type best
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 65 -i "1.2.3.4,5.6.7.8"

  netwox 65 --ips "1.2.3.4,5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/142.html0000644000000000000000000000766511776302040021140 0ustar rootroot Tool 142: Spoof EthernetIp6Tcp packet

Tool 142: Spoof EthernetIp6Tcp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  frame, hping, mac, send

Usage:

  netwox 142 [-d device] [-a eth] [-b eth] [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-o port] [-p port] [-q uint32] [-r uint32] [-s|+s] [-t|+t] [-u|+u] [-v|+v] [-w|+w] [-x|+x] [-y|+y] [-z|+z] [-A|+A] [-B|+B] [-C|+C] [-D|+D] [-E uint32] [-F uint32] [-G tcpopts] [-H mixed_data] [-I uint32] [-e uint32] [-J uint32] [-K uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-a|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-b|--eth-dst eth Ethernet dst 0:8:9:a:b:c
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-o|--tcp-src port TCP src 1234
-p|--tcp-dst port TCP dst 80
-q|--tcp-seqnum uint32 TCP seqnum (rand if unset) 0
-r|--tcp-acknum uint32 TCP acknum 0
-s|--tcp-reserved1|+s|--no-tcp-reserved1 TCP reserved1  
-t|--tcp-reserved2|+t|--no-tcp-reserved2 TCP reserved2  
-u|--tcp-reserved3|+u|--no-tcp-reserved3 TCP reserved3  
-v|--tcp-reserved4|+v|--no-tcp-reserved4 TCP reserved4  
-w|--tcp-cwr|+w|--no-tcp-cwr TCP cwr  
-x|--tcp-ece|+x|--no-tcp-ece TCP ece  
-y|--tcp-urg|+y|--no-tcp-urg TCP urg  
-z|--tcp-ack|+z|--no-tcp-ack TCP ack  
-A|--tcp-psh|+A|--no-tcp-psh TCP psh  
-B|--tcp-rst|+B|--no-tcp-rst TCP rst  
-C|--tcp-syn|+C|--no-tcp-syn TCP syn  
-D|--tcp-fin|+D|--no-tcp-fin TCP fin  
-E|--tcp-window uint32 TCP window 0
-F|--tcp-urgptr uint32 TCP urgptr 0
-G|--tcp-opt tcpopts TCP options  
-H|--tcp-data mixed_data mixed data  
-I|--eth-type uint32 Ethernet type 2048
-e|--ip6-payloadlength uint32 IP6 payload length 0
-J|--tcp-doff uint32 TCP data offset 0
-K|--tcp-checksum uint32 TCP checksum 0

Example:

  netwox 142

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/31.html0000644000000000000000000000214311776302040021037 0ustar rootroot Tool 31: Convert a file from dos to unix

Tool 31: Convert a file from dos to unix

Description:

  This tool converts a file using Windows end of lines style (0x0D0A) to
  a file using Unix end of lines style (0x0A).
  This tool permits to convert text files. It does not work on binary
  files.

Synonyms:

  dos2unix

Usage:

  netwox 31 -i file -o file

Parameters:

parameter description example
-i|--src-file file source filename srcfile.txt
-o|--dst-file file destination filename dstfile.txt

Examples:

  netwox 31 -i "srcfile.txt" -o "dstfile.txt"

  netwox 31 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/17.html0000644000000000000000000000436111776302040021047 0ustar rootroot Tool 17: Recompute checksums of packets in a record

Tool 17: Recompute checksums of packets in a record

Description:

  A record is a capture file. It contains several packets captured
  during a sniff. It can also be created by hand. There are 7 formats
  for records: pcap (tcpdump compatible), bin (binary, unreadable by
  humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
  read and edit). A record also has an associated DLT (Data Link Type),
  indicating at which level a packet start: raw (start at IP header) and
  ether (start at Ethernet header) are the 2 most common DLT. Tool 13
  displays DLT of each device.
  
  This tool reads packet from one record, recompute their checksums, and
  write them in another record.
  
  Parameter --src-file indicates the input record filename.
  Parameter --input-dlt defines the DLT of packets in input record (it
  depends on how it was sniffed, generally 'ether' (for Ethernet) or
  'raw' (if packet starts at IP header)). Full list is available through
  netwag or running tool 12.
  Parameter --dst-file indicates the output record filename.
  Parameter --recordencode defines how to encode data in this record
  (suggested values: bin, pcap and mixed_wrap).

Synonyms:

  capture, verify

Usage:

  netwox 17 -f file [-t dlt] -F file [-r recordencode]

Parameters:

parameter description example
-f|--src-file file input record file srcfile.txt
-t|--input-dlt dlt dlt type of input record ether
-F|--dst-file file output record file dstfile.txt
-r|--recordencode recordencode encoding type for output record bin

Examples:

  netwox 17 -f "srcfile.txt" -F "dstfile.txt"

  netwox 17 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/52.html0000644000000000000000000000367011776302040021050 0ustar rootroot Tool 52: Ping TCP (EthIp spoof)

Tool 52: Ping TCP (EthIp spoof)

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 52 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-p port] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-p|--dst-port port destination port number 80
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 52 -i "5.6.7.8"

  netwox 52 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/178.html0000644000000000000000000000463211776302040021140 0ustar rootroot Tool 178: Check if an IRC server is up

Tool 178: Check if an IRC server is up

Description:

  This tool connects on an IRC server, then quit.
  It ensures the server is working properly.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 178 -i ip -n login [-w password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-n|--nickname login nickname  
-w|--password password password  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 6667
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  

Examples:

  netwox 178 -i "5.6.7.8" -n ""

  netwox 178 --dst-ip "5.6.7.8" --nickname ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/66.html0000644000000000000000000000343611776302040021055 0ustar rootroot Tool 66: Scan ICMP (EthIP spoof)

Tool 66: Scan ICMP (EthIP spoof)

Description:

  This tool checks if several hosts are up.
  This tool sends an ICMP Echo Request to a computer. If host is up and
  permitting ping, it will send back an ICMP Echo Reply.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 66 -i ips [-d device] [-E eth] [-I ip] [-m uint32] [-M uint32] [-u|+u] [-n uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-I|--src-ip ip source IP address 1.2.3.4
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-n|--numtargets uint32 number of simultaneous targets 20

Examples:

  netwox 66 -i "1.2.3.4,5.6.7.8"

  netwox 66 --ips "1.2.3.4,5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/92.html0000644000000000000000000000457511776302040021061 0ustar rootroot Tool 92: UDP server multiclients

Tool 92: UDP server multiclients

Description:

  This tool listens for several clients connections. It can show
  received data to screen (--showscreen), and echo it back to
  client (--echoback).
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).

Synonyms:

  nc, netcat

Usage:

  netwox 92 -P port [-s|+s] [-b|+b] [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-s|--showscreen|+s|--no-showscreen show data to screen  
-b|--echoback|+b|--no-echoback echo data back to client This boolean is set.
Use + or --no- to unset it.
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4

Examples:

  netwox 92 -P "1234"

  netwox 92 --src-port "1234"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/175.html0000644000000000000000000000404311776302040021131 0ustar rootroot Tool 175: Web download (http://... or ftp://...) and check its MD5

Tool 175: Web download (http://... or ftp://...) and check its MD5

Description:

  This tool downloads a HTTP or FTP file and check its MD5.
  It ensures the server is working properly.
  
  Parameter --uri is the uri/url requested.
  Parameter --md5 is the expected md5sum.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.

Usage:

  netwox 175 -u uri -m md5 [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-f|+f] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-m|--md5 md5 wanted md5 12345678901234567890123456789012
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-f|--ftp-passive|+f|--no-ftp-passive use passive FTP  
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 175 -u "http://www.example.com/" -m "12345678901234567890123456789012"

  netwox 175 --uri "http://www.example.com/" --md5 "12345678901234567890123456789012"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/28.html0000644000000000000000000000200211776302040021037 0ustar rootroot Tool 28: Convert a binary file to readable and editable file

Tool 28: Convert a binary file to readable and editable file

Description:

  This tool converts a file to a mixed file. See also tool 29.

Synonyms:

  hexedit

Usage:

  netwox 28 -i file -o file

Parameters:

parameter description example
-i|--src-file file source filename srcfile.txt
-o|--dst-file file destination filename dstfile.txt

Examples:

  netwox 28 -i "srcfile.txt" -o "dstfile.txt"

  netwox 28 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/114.html0000644000000000000000000000552511776302040021130 0ustar rootroot Tool 114: FTP client : del a file

Tool 114: FTP client : del a file

Description:

  This tool removes a file of a FTP server.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 114 -i ip [-u login] [-a password] [-V|+V] -F file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-F|--remote-file file remote file to delete file.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 114 -i "5.6.7.8" -F "file.txt"

  netwox 114 --dst-ip "5.6.7.8" --remote-file "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/95.html0000644000000000000000000000603211776302040021052 0ustar rootroot Tool 95: TCP remote administration client (get file)

Tool 95: TCP remote administration client (get file)

Description:

  This tool get a file from server of tool 93.
  
  Parameter --file contains the remote filename.
  Parameter --dst-file defines the local filename to write.
  Parameter --password defines the password (same as server's password).
  Parameter --cypher defines if data has to be encrypted. Please note
  this is not very strong. If known text is used, this algorithm can be
  cracked.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 95 -i ip -p port -f file [-F file] [-w password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-x|+x] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-f|--file file filename file.txt
-F|--dst-file file destination filename dstfile.txt
-w|--password password password netwox
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-x|--cypher|+x|--no-cypher if data is encrypted  
-T|--timeout uint32 timeout in seconds 100

Examples:

  netwox 95 -i "5.6.7.8" -p "80" -f "file.txt"

  netwox 95 --dst-ip "5.6.7.8" --dst-port "80" --file "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/25.html0000644000000000000000000000172611776302040021050 0ustar rootroot Tool 25: Test if a directory is secure

Tool 25: Test if a directory is secure

Description:

  This tool ensures a directory is secure. It is not needed for Windows.
  Under Unix, a publicly writable directory can be used by intruders
  to create a symlink attack.
  This tool checks if a directory is publicly writable.

Synonyms:

  symlink, verify

Usage:

  netwox 25 -d dir

Parameters:

parameter description example
-d|--dir dir directory to test /tmp

Examples:

  netwox 25 -d "/tmp"

  netwox 25 --dir "/tmp"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/215.html0000644000000000000000000000456011776302040021130 0ustar rootroot Tool 215: Traceroute discovery (EthIp spoof)

Tool 215: Traceroute discovery (EthIp spoof)

Description:

  This tool sends traceroute queries to a remote network, and creates
  a graph of remote computers. It traceroutes common TCP/UDP ports,
  and ICMP. Setting min-ttl and max-ttl correctly will speed up
  the scan.
  
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 215 -i ips [-p ports] [-P ports] [-c|+c] [-d device] [-E eth] [-e eth] [-I ip] [-T uint32] [-t uint32] [-m uint32] [-r|+r] [-v|+v]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses all
-p|--tcpports ports list of open tcp ports to scan 21,22,23,25,53,79,80,88,110,113,119,139,143,389,443,445,1080,2401,6000
-P|--udpports ports list of closed udp ports to scan 1,53,67,68,123,137,138,161,162,177,514
-c|--icmp|+c|--no-icmp if icmp is also scanned This boolean is set.
Use + or --no- to unset it.
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  
-v|--verbose|+v|--no-verbose display intermediary results  

Examples:

  netwox 215 -i "all"

  netwox 215 --ips "all"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/62.html0000644000000000000000000000453411776302040021051 0ustar rootroot Tool 62: Traceroute UDP (EthIp spoof)

Tool 62: Traceroute UDP (EthIp spoof)

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends an UDP packet to a computer. If host permits UDP, it
  will send back an ICMP error (if port is closed), or send back nothing
  (if port is open). So, it's important to understand UDP port has to be
  closed for computer to return something.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 62 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-p port] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-p|--dst-port port destination port number 80
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 62 -i "5.6.7.8"

  netwox 62 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/211.html0000644000000000000000000000206511776302040021122 0ustar rootroot Tool 211: Web spider : converts a local downloaded filename to its original url

Tool 211: Web spider : converts a local downloaded filename to its original url

Description:

  This tool indicates the original url of a local filename.
  For example files/02/f.html may be the local copy of http://s/f.php.

Usage:

  netwox 211 -c file -f file

Parameters:

parameter description example
-c|--conffile file configuration file srcfile.txt
-f|--filename file filename to convert file.txt

Examples:

  netwox 211 -c "srcfile.txt" -f "file.txt"

  netwox 211 --conffile "srcfile.txt" --filename "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/76.html0000644000000000000000000000473011776302040021054 0ustar rootroot Tool 76: Synflood

Tool 76: Synflood

Description:

  This tool sends a lot of TCP SYN packets.
  It permits to check how a firewall behaves when receiving packets
  which have to be ignored.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Usage:

  netwox 76 -i ip -p port [-s spoofip]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-s|--spoofip spoofip IP spoof initialization type linkbraw

Examples:

  netwox 76 -i "5.6.7.8" -p "80"

  netwox 76 --dst-ip "5.6.7.8" --dst-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/54.html0000644000000000000000000000404211776302040021044 0ustar rootroot Tool 54: Ping UDP (EthIp spoof)

Tool 54: Ping UDP (EthIp spoof)

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends an UDP packet to a computer. If host permits UDP, it
  will send back an ICMP error (if port is closed), or send back nothing
  (if port is open). So, it's important to understand UDP port has to be
  closed for computer to return something.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 54 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-p port] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-p|--dst-port port destination port number 80
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 54 -i "5.6.7.8"

  netwox 54 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/119.html0000644000000000000000000000441111776302040021126 0ustar rootroot Tool 119: HTTP HEAD

Tool 119: HTTP HEAD

Description:

  This tool sends a HTTP request using method HEAD. HTTP protocol
  defines HEAD method to retrieve only headers of a document.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.
  Parameter --display-headers indicates to display reply headers.
  Parameter --file-headers indicates the filename where to store
  headers.

Synonyms:

  web

Usage:

  netwox 119 -u uri [-s|+s] [-h|+h] [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-H file] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-s|--display-status|+s|--no-display-status display statuscode to screen  
-h|--display-headers|+h|--no-display-headers display headers to screen  
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-H|--file-headers file file receiving headers filehdr.txt
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 119 -u "http://www.example.com/"

  netwox 119 --uri "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/72.html0000644000000000000000000000320111776302040021040 0ustar rootroot Tool 72: Scan ARP (EthIp spoof)

Tool 72: Scan ARP (EthIp spoof)

Description:

  This tool checks if several hosts are up.
  This tool sends an ARP request. If host is up, it will send back an
  ARP Reply.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 72 -i ips [-d device] [-E eth] [-I ip] [-m uint32] [-M uint32] [-u|+u]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 1.2.3.4,5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-I|--src-ip ip source IP address 1.2.3.4
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000
-u|--disp-useful|+u|--no-disp-useful only display useful info  

Examples:

  netwox 72 -i "1.2.3.4,5.6.7.8"

  netwox 72 --ips "1.2.3.4,5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/130.html0000644000000000000000000000660611776302040021127 0ustar rootroot Tool 130: Brute force ftp client

Tool 130: Brute force ftp client

Description:

  This tool successively tries couples of login and passwords in order
  to find matching authentication credentials.
  
  Parameter --login defines the logins to try. To check several logins,
  parameter --login-file is the file containing logins (one per line).
  Parameter --password-file is the file containing passwords (1/line).
  Parameter --stopatfirst indicates to stop when first match is found.
  Parameter --numthread defines the number of threads (simultaneous
  running checks) to use.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 130 -i ip [-L login] -w file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-l file] [-T uint32] [-s|+s] [-n uint32] [-v|+v]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-L|--login login login  
-w|--password-file file password file passwordfile.txt
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-l|--login-file file login file loginfile.txt
-T|--timeout uint32 timeout in milliseconds 60000
-s|--stopatfirst|+s|--no-stopatfirst stop at first valid login found  
-n|--numthread uint32 number of threads to launch 5
-v|--verbose|+v|--no-verbose be verbose This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 130 -i "5.6.7.8" -w "passwordfile.txt"

  netwox 130 --dst-ip "5.6.7.8" --password-file "passwordfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/86.html0000644000000000000000000000673611776302040021065 0ustar rootroot Tool 86: Sniff and send ICMP4/ICMP6 redirect

Tool 86: Sniff and send ICMP4/ICMP6 redirect

Description:

  This tool sends an ICMP error message when a packet matching filter
  is sniffed.
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 86 [-d device] [-f filter] -g ip [-s spoofip] [-c uint32] [-i ip]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-g|--gw ip new gateway 192.168.100.200
-s|--spoofip spoofip IP spoof initialization type linkbraw
-c|--code uint32 ICMP code 0
-i|--src-ip ip source IP address 192.168.100.200

Examples:

  netwox 86 -g "192.168.100.200"

  netwox 86 --gw "192.168.100.200"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/78.html0000644000000000000000000000660611776302040021062 0ustar rootroot Tool 78: Reset every TCP packet

Tool 78: Reset every TCP packet

Description:

  This tool resets every TCP session matching a filter. It permits to
  temporarily block a TCP flow without having to change firewall rules.
  It also permits to force a renegotiation of session parameters, in
  order to sniff the beginning of connection.
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 78 [-d device] [-f filter] [-s spoofip] [-i ips]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-s|--spoofip spoofip IP spoof initialization type linkbraw
-i|--ips ips limit the list of IP addresses to reset all

Example:

  netwox 78

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/81.html0000644000000000000000000000463711776302040021056 0ustar rootroot Tool 81: Send an ICMP4 timestamp

Tool 81: Send an ICMP4 timestamp

Description:

  This tool sends an ICMP timestamp, and waits for an answer.
  The timestamp is the number of milliseconds since midnight UT.
  It permits to know computer time.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 81 -i ip [-s spoofip]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--spoofip spoofip IP spoof initialization type best

Examples:

  netwox 81 -i "5.6.7.8"

  netwox 81 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/202.html0000644000000000000000000000761311776302040021126 0ustar rootroot Tool 202: SMB/CIFS client: list contents of a directory

Tool 202: SMB/CIFS client: list contents of a directory

Description:

  This tool is a simple SMB/CIFS client listing contents of a directory.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 202 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--dirname dir directory name mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 202 -i "5.6.7.8" -s "C$" -f "mydir"

  netwox 202 --dst-ip "5.6.7.8" --share "C$" --dirname "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/127.html0000644000000000000000000000244611776302040021133 0ustar rootroot Tool 127: Cypher/decypher a file using a xor

Tool 127: Cypher/decypher a file using a xor

Description:

  This tool permits to cypher and decypher a file. This algorithm is not
  very strong, and can be defeated using a known text attack.
  It uses the --password parameter to generate a pseudo-random string.
  Then, a XOR is done between the string and the file's content.
  Due to XOR properties, this tool can also decrypt.

Usage:

  netwox 127 -p password -i file -o file

Parameters:

parameter description example
-p|--password password password  
-i|--src-file file source filename srcfile.txt
-o|--dst-file file destination filename dstfile.txt

Examples:

  netwox 127 -p "" -i "srcfile.txt" -o "dstfile.txt"

  netwox 127 --password "" --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/112.html0000644000000000000000000000602411776302040021121 0ustar rootroot Tool 112: FTP client : get a file

Tool 112: FTP client : get a file

Description:

  This tool retrieves a file from a FTP server.
  
  Parameters --user and --pass defines the username and password.
  FTP protocol can use Active or Passive transfers. Parameter --passive
  activates a passive transfer (by default, it's active).
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  download

Usage:

  netwox 112 -i ip [-u login] [-a password] [-V|+V] -F file -f file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username anonymous
-a|--pass password password user@
-V|--passive|+V|--no-passive passive  
-F|--remote-file file remote file /etc/passwd
-f|--local-file file local file passwd_copy
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 21
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 112 -i "5.6.7.8" -F "/etc/passwd" -f "passwd_copy"

  netwox 112 --dst-ip "5.6.7.8" --remote-file "/etc/passwd" --local-file "passwd_copy"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/39.html0000644000000000000000000000764311776302040021061 0ustar rootroot Tool 39: Spoof Ip4Udp packet

Tool 39: Spoof Ip4Udp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 39 [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o port] [-p port] [-q mixed_data] [-a spoofip] [-s uint32] [-t uint32] [-u uint32] [-v uint32] [-w uint32]

Parameters:

parameter description example
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--udp-src port UDP src 1234
-p|--udp-dst port UDP dst 80
-q|--udp-data mixed_data mixed data  
-a|--spoofip spoofip IP spoof initialization type best
-s|--ip4-ihl uint32 IP4 ihl 5
-t|--ip4-totlen uint32 IP4 totlen 0
-u|--ip4-checksum uint32 IP4 checksum 0
-v|--udp-len uint32 UDP length 0
-w|--udp-checksum uint32 UDP checksum 0

Example:

  netwox 39

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/163.html0000644000000000000000000001100411776302040021121 0ustar rootroot Tool 163: SNMP Inform

Tool 163: SNMP Inform

Description:

  This tool sends a INFORM to a SNMP server. It permits to inform a
  server.
  
  Parameter --version defines SNMP version to use (from 1 to 3).
  Versions 1 and 2 need --community parameter to set community name.
  Version 3 requires --username and --password. Parameter --authmd5
  indicates if md5 authentication is used. Parameters
  --authoritativeengineid, --authoritativeengineboots,
  --authoritativeenginetime, --contextengineid and --contextname are
  optional version 3 parameters.
  Parameter --display shows packets.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  snmpinform

Usage:

  netwox 163 -i ip [-c password] -r oid -z uint32 -n oid -t oidtype -V data [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-m|+m] [-u login] [-w password] [-A mixed_data] [-B uint32] [-M uint32] [-C mixed_data] [-N data] [-T uint32] [-y|+y]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-c|--community password SNMPv1/v2 community public
-r|--enterprise oid enterprise .1.1
-z|--timestamp uint32 timestamp 0
-n|--oidname oid oid name .1.2
-t|--oidtype oidtype oid type (i,s,m,n,o,a,c,g,t,M,u,U) s
-V|--oidvalue data oid value  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 162
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--version uint32 SNMP version (1, 2 or 3) 1
-m|--md5auth|+m|--no-md5auth SNMPv3 auth using MD5 This boolean is set.
Use + or --no- to unset it.
-u|--username login SNMPv3 username  
-w|--password password SNMPv3 password  
-A|--authoritativeengineid mixed_data SNMPv3 authoritativeengineid  
-B|--authoritativeengineboots uint32 SNMPv3 authoritativeengineboots 0
-M|--authoritativeenginetime uint32 SNMPv3 authoritativeenginetime 0
-C|--contextengineid mixed_data SNMPv3 contextengineid  
-N|--contextname data SNMPv3 contextname  
-T|--timeout uint32 timeout in ms 10000
-y|--display|+y|--no-display display packets  

Examples:

  netwox 163 -i "5.6.7.8" -r ".1.1" -z "0" -n ".1.2" -t "s" -V ""

  netwox 163 --dst-ip "5.6.7.8" --enterprise ".1.1" --timestamp "0" --oidname ".1.2" --oidtype "s" --oidvalue ""

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/105.html0000644000000000000000000001053211776302040021122 0ustar rootroot Tool 105: Sniff and send DNS answers

Tool 105: Sniff and send DNS answers

Description:

  This tool sniffs and replies to DNS requests. It will always return
  the same information. It can be used to redirect network flow to a
  computer.
  The 'hostname' parameter is not used for type A queries.
  The 'hostnameip' parameter is not used for type PTR queries.
  
  Parameter --hostname defines the hostname to tell (www.example.com).
  Parameter --hostnameip defines IP address of this hostname (1.2.3.4).
  Parameter --authns is the authoritative name server (ns.example.com).
  Parameter --authnsip defines IP address of name server (1.2.3.5).
  Parameter --ttl defines the Time To Live of this reply.
  
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  bind

Usage:

  netwox 105 -h hostname -H ip -a hostname -A ip [-d device] [-T uint32] [-f filter] [-s spoofip]

Parameters:

parameter description example
-h|--hostname hostname hostname www.example.com
-H|--hostnameip ip hostname IP 1.2.3.4
-a|--authns hostname authoritative name server ns.example.com
-A|--authnsip ip authns IP 1.2.3.5
-d|--device device device name Eth0
-T|--ttl uint32 ttl in seconds 10
-f|--filter filter pcap filter  
-s|--spoofip spoofip IP spoof initialization type best

Examples:

  netwox 105 -h "www.example.com" -H "1.2.3.4" -a "ns.example.com" -A "1.2.3.5"

  netwox 105 --hostname "www.example.com" --hostnameip "1.2.3.4" --authns "ns.example.com" --authnsip "1.2.3.5"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/165.html0000644000000000000000000000540711776302040021135 0ustar rootroot Tool 165: TFTP client : get a file

Tool 165: TFTP client : get a file

Description:

  This tool retrieves a file located on a TFTP server.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  download

Usage:

  netwox 165 -i ip -F file -f file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-m data] [-T uint32] [-R uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-F|--remote-file file remote file /etc/passwd
-f|--local-file file local file passwd_copy
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 69
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-m|--mode data mode (octet or netascii) octet
-T|--timeout uint32 timeout in milliseconds 10000
-R|--retry uint32 number of retry 3

Examples:

  netwox 165 -i "5.6.7.8" -F "/etc/passwd" -f "passwd_copy"

  netwox 165 --dst-ip "5.6.7.8" --remote-file "/etc/passwd" --local-file "passwd_copy"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/159.html0000644000000000000000000001030211776302040021126 0ustar rootroot Tool 159: SNMP Get

Tool 159: SNMP Get

Description:

  This tool requests a GET on a SNMP server. It permits to retrieve the
  value of one item.
  
  Parameter --oid is the oid to query. An oid is for example
  '.1.3.6.1.2.1.1.4.0'.
  
  Parameter --version defines SNMP version to use (from 1 to 3).
  Versions 1 and 2 need --community parameter to set community name.
  Version 3 requires --username and --password. Parameter --authmd5
  indicates if md5 authentication is used. Parameters
  --authoritativeengineid, --authoritativeengineboots,
  --authoritativeenginetime, --contextengineid and --contextname are
  optional version 3 parameters.
  Parameter --display shows packets.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  snmpget

Usage:

  netwox 159 -i ip [-c password] -q oid [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-m|+m] [-u login] [-w password] [-A mixed_data] [-B uint32] [-M uint32] [-C mixed_data] [-N data] [-T uint32] [-y|+y]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-c|--community password SNMPv1/v2 community public
-q|--oid oid OID to query .1.3.6.1.2.1.1.4.0
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 161
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--version uint32 SNMP version (1, 2 or 3) 1
-m|--md5auth|+m|--no-md5auth SNMPv3 auth using MD5 This boolean is set.
Use + or --no- to unset it.
-u|--username login SNMPv3 username  
-w|--password password SNMPv3 password  
-A|--authoritativeengineid mixed_data SNMPv3 authoritativeengineid  
-B|--authoritativeengineboots uint32 SNMPv3 authoritativeengineboots 0
-M|--authoritativeenginetime uint32 SNMPv3 authoritativeenginetime 0
-C|--contextengineid mixed_data SNMPv3 contextengineid  
-N|--contextname data SNMPv3 contextname  
-T|--timeout uint32 timeout in ms 10000
-y|--display|+y|--no-display display packets  

Examples:

  netwox 159 -i "5.6.7.8" -q ".1.3.6.1.2.1.1.4.0"

  netwox 159 --dst-ip "5.6.7.8" --oid ".1.3.6.1.2.1.1.4.0"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/216.html0000644000000000000000000000117211776302040021125 0ustar rootroot Tool 216: Beep

Tool 216: Beep

Description:

  This tool beeps/bips.

Usage:

  netwox 216 [-a|+a]

Parameters:

parameter description example
-a|--alarm|+a|--no-alarm use several beeps  

Example:

  netwox 216

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/98.html0000644000000000000000000000500111776302040021050 0ustar rootroot Tool 98: Flood a host with syslog messages

Tool 98: Flood a host with syslog messages

Description:

  This tool sends a lot of random messages to a SYSLOG server.
  This tool permits to check syslog server limits.
  
  Parameter --message contains the common part which will be used in
  all random messages.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 98 -i ip [-y uint32] [-m data] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-y|--priority uint32 message's priority 0
-m|--message data message root part hello
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 514
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  

Examples:

  netwox 98 -i "5.6.7.8"

  netwox 98 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/91.html0000644000000000000000000000436011776302040021050 0ustar rootroot Tool 91: TCP server multiclients

Tool 91: TCP server multiclients

Description:

  This tool listens for several clients connections. It can show
  received data to screen (--showscreen), and echo it back to
  client (--echoback).
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.

Synonyms:

  nc, netcat

Usage:

  netwox 91 -P port [-s|+s] [-b|+b] [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-s|--showscreen|+s|--no-showscreen show data to screen  
-b|--echoback|+b|--no-echoback echo data back to client This boolean is set.
Use + or --no- to unset it.
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4

Examples:

  netwox 91 -P "1234"

  netwox 91 --src-port "1234"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/207.html0000644000000000000000000001004411776302040021123 0ustar rootroot Tool 207: SMB/CIFS client: recursively get a directory

Tool 207: SMB/CIFS client: recursively get a directory

Description:

  This tool is a simple SMB/CIFS client recursively getting a directory.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 207 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -F dir -f dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-F|--remotedirname dir remote dir name mydir
-f|--localdirname dir local dir name /tmp/mydir2
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 207 -i "5.6.7.8" -s "C$" -F "mydir" -f "/tmp/mydir2"

  netwox 207 --dst-ip "5.6.7.8" --share "C$" --remotedirname "mydir" --localdirname "/tmp/mydir2"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/96.html0000644000000000000000000000607311776302040021060 0ustar rootroot Tool 96: TCP remote administration client (put file)

Tool 96: TCP remote administration client (put file)

Description:

  This tool put a file to server of tool 93.
  
  Parameter --src-file contains the local filename.
  Parameter --file defines the remote filename to write.
  Parameter --password defines the password (same as server's password).
  Parameter --cypher defines if data has to be encrypted. Please note
  this is not very strong. If known text is used, this algorithm can be
  cracked.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 96 -i ip -p port -f file -F file [-w password] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-x|+x] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-f|--src-file file source filename srcfile.txt
-F|--file file filename file.txt
-w|--password password password netwox
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-x|--cypher|+x|--no-cypher if data is encrypted  
-T|--timeout uint32 timeout in seconds 100

Examples:

  netwox 96 -i "5.6.7.8" -p "80" -f "srcfile.txt" -F "file.txt"

  netwox 96 --dst-ip "5.6.7.8" --dst-port "80" --src-file "srcfile.txt" --file "file.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/88.html0000644000000000000000000000513211776302040021054 0ustar rootroot Tool 88: UDP client

Tool 88: UDP client

Description:

  This tool connects to a UDP server. It's like telnet command.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  Parameter --encode defines how to display data (common values: data,
  dump, mixed).
  Parameter --decode defines how keyboard data is entered (common
  values: data, mixed).

Synonyms:

  nc, netcat

Usage:

  netwox 88 -i ip -p port [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-k decode] [-n encode]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-k|--decode decode how keyboard data is entered data
-n|--encode encode how network data is displayed data

Examples:

  netwox 88 -i "5.6.7.8" -p "80"

  netwox 88 --dst-ip "5.6.7.8" --dst-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/151.html0000644000000000000000000000332311776302040021123 0ustar rootroot Tool 151: Scan ICMP6 Neighbor Discovery (EthIp spoof)

Tool 151: Scan ICMP6 Neighbor Discovery (EthIp spoof)

Description:

  This tool checks if several hosts are up.
  This tool sends an ICMP6 Neighbor Discovery request. If host is up, it
  will send back a Neighbor Discovery Reply.
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Synonyms:

  nmap

Usage:

  netwox 151 -i ips [-d device] [-E eth] [-I ip] [-u|+u] [-m uint32] [-M uint32]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses fec0::1,fec0::2
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-I|--src-ip ip source IP address 1.2.3.4
-u|--disp-useful|+u|--no-disp-useful only display useful info  
-m|--min-ms uint32 min millisecond delay between packets 0
-M|--max-ms uint32 max millisecond wait for answers 5000

Examples:

  netwox 151 -i "fec0::1,fec0::2"

  netwox 151 --ips "fec0::1,fec0::2"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/136.html0000644000000000000000000000416211776302040021130 0ustar rootroot Tool 136: Web download (http://... or ftp://...)

Tool 136: Web download (http://... or ftp://...)

Description:

  This tool downloads a HTTP or FTP file.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.

Synonyms:

  curl, wget

Usage:

  netwox 136 -u uri -f file [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-F|+F] [-T uint32] [-s|+s]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-f|--dst-file file file to write to dstfile.txt
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-F|--ftp-passive|+F|--no-ftp-passive use passive FTP  
-T|--timeout uint32 timeout in ms 60000
-s|--display-status|+s|--no-display-status display statuscode to screen  

Examples:

  netwox 136 -u "http://www.example.com/" -f "dstfile.txt"

  netwox 136 --uri "http://www.example.com/" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/51.html0000644000000000000000000000570211776302040021045 0ustar rootroot Tool 51: Ping TCP

Tool 51: Ping TCP

Description:

  This tool checks if a host is up. It's done sending a probe packet and
  expecting a reply.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 51 -i ip [-p port] [-s spoofip] [-c uint32] [-m uint32] [-b|+b] [-1|+1]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-s|--spoofip spoofip IP spoof initialization type best
-c|--max-count uint32 max requests 4294967295
-m|--max-ms uint32 max millisecond wait 1000
-b|--beep|+b|--no-beep beep if reached  
-1|--display01|+1|--no-display01 display only 0 or 1  

Examples:

  netwox 51 -i "5.6.7.8"

  netwox 51 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/158.html0000644000000000000000000000527011776302040021135 0ustar rootroot Tool 158: Network performance measurement : UDP client

Tool 158: Network performance measurement : UDP client

Description:

  This tool connects on tool 157. It permits to measure throughput and
  jitter for UDP. So, tool 157 is ran on one computer, and tool 158 on
  another.
  
  Parameter --chunksize changes the size of data used for each step.
  Parameter --duration defines the duration of test in milliseconds.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  iperf

Usage:

  netwox 158 -i ip -p port [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-s uint32] [-u uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-s|--chunksize uint32 chunk size 500
-u|--duration uint32 test duration in ms 5000

Examples:

  netwox 158 -i "5.6.7.8" -p "80"

  netwox 158 --dst-ip "5.6.7.8" --dst-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/198.html0000644000000000000000000000670111776302040021141 0ustar rootroot Tool 198: SMB/CIFS client: list shares

Tool 198: SMB/CIFS client: list shares

Description:

  This tool is a simple SMB/CIFS client listing shares.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.

Synonyms:

  smbclient

Usage:

  netwox 198 -i ip [-u login] [-w password] [-N netbiosname] [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 198 -i "5.6.7.8"

  netwox 198 --dst-ip "5.6.7.8"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/192.html0000644000000000000000000000626111776302040021134 0ustar rootroot Tool 192: Spoof of packet samples : fragment, ip4opt:ssrr

Tool 192: Spoof of packet samples : fragment, ip4opt:ssrr

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IP4 options and can be fragmented before been sent.
  IP4 options contains a Strict Source Record Route option.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  ip4 option, send

Usage:

  netwox 192 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-i ips] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 192.168.100.200
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-i|--ip4opt-ips ips IP addresses for SSRR 1.2.3.4,5.6.7.8
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 192

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/145.html0000644000000000000000000000664211776302040021135 0ustar rootroot Tool 145: Spoof Ip6Udp packet

Tool 145: Spoof Ip6Udp packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 145 [-c uint32] [-l uint32] [-f uint32] [-g uint32] [-h ip] [-i ip] [-j ip6exts] [-o port] [-p port] [-q mixed_data] [-a spoofip] [-e uint32] [-s uint32] [-t uint32]

Parameters:

parameter description example
-c|--ip6-trafficclass uint32 IP6 traffic class 0
-l|--ip6-flowlabel uint32 IP6 flow label 0
-f|--ip6-protocol uint32 IP6 next_header/protocol 0
-g|--ip6-ttl uint32 IP6 hop_limit/ttl 0
-h|--ip6-src ip IP6 src fe80::6aa3:c4ff:feea:768a
-i|--ip6-dst ip IP6 dst fec0:0:0:1::2
-j|--ip6-exts ip6exts IP6 extensions  
-o|--udp-src port UDP src 1234
-p|--udp-dst port UDP dst 80
-q|--udp-data mixed_data mixed data  
-a|--spoofip spoofip IP spoof initialization type best
-e|--ip6-payloadlength uint32 IP6 payload length 0
-s|--udp-len uint32 UDP length 0
-t|--udp-checksum uint32 UDP checksum 0

Example:

  netwox 145

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/123.html0000644000000000000000000000517011776302040021124 0ustar rootroot Tool 123: HTTP TRACE

Tool 123: HTTP TRACE

Description:

  This tool sends a HTTP request using method TRACE. HTTP protocol
  defines TRACE method to obtain information about the proxies on the
  path.
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --display-status indicates to display status code of reply
  to screen.
  Parameter --display-headers indicates to display reply headers.
  Parameter --file-headers indicates the filename where to store
  headers.
  Parameter --display-body indicates to display reply body.
  Parameter --file-body indicates the filename where to store body.

Synonyms:

  web

Usage:

  netwox 123 -u uri [-s|+s] [-h|+h] [-b|+b] [-p ip] [-P port] [-l login] [-L password] [-U useragent] [-H file] [-B file] [-T uint32]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://www.example.com/
-s|--display-status|+s|--no-display-status display statuscode to screen  
-h|--display-headers|+h|--no-display-headers display headers to screen  
-b|--display-body|+b|--no-display-body display body to screen  
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-l|--proxy-login login login of proxy  
-L|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-H|--file-headers file file receiving headers filehdr.txt
-B|--file-body file file receiving body filebody.txt
-T|--timeout uint32 timeout in ms 60000

Examples:

  netwox 123 -u "http://www.example.com/"

  netwox 123 --uri "http://www.example.com/"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/179.html0000644000000000000000000000232711776302040021140 0ustar rootroot Tool 179: DHCP client requesting an INFORM

Tool 179: DHCP client requesting an INFORM

Description:

  This tool sends an INFORM message requesting DHCP servers to tell us
  several parameters (gateway, dns server, etc.).
  
  Parameters --device and --eth-src and --ip-src permit to send message
  using a fake address.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.

Usage:

  netwox 179 [-d device] [-e eth] [-i ip] [-T uint32]

Parameters:

parameter description example
-d|--device device device for spoof Eth0
-e|--eth-src eth Ethernet src E0:69:95:6F:ED:9A
-i|--ip-src ip IP src 192.168.100.200
-T|--timeout uint32 timeout in ms 30000

Example:

  netwox 179

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/196.html0000644000000000000000000000507711776302040021144 0ustar rootroot Tool 196: WHOIS client

Tool 196: WHOIS client

Description:

  This tool is a whois client.
  It obtains information about an object (generally a domain name).
  User has to specify a whois server (whois.internic.net, etc.).
  For example: netwox 196 --dst-ip whois.nic.fr --query enterprise.fr
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Usage:

  netwox 196 -i ip -q hostname [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-T uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-q|--query hostname information to query www.example.com
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 43
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-T|--timeout uint32 timeout in milliseconds 60000

Examples:

  netwox 196 -i "5.6.7.8" -q "www.example.com"

  netwox 196 --dst-ip "5.6.7.8" --query "www.example.com"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/11.html0000644000000000000000000000416611776302040021044 0ustar rootroot Tool 11: Sniff and verify checksums

Tool 11: Sniff and verify checksums

Description:

  This tool sniffs and verify checksums (IP header, TCP, UDP, etc.).
  If a bad checksum is encountered, it is displayed along with the
  expected value.
  
  Parameter --device indicates on which device to sniff. Please note
  that under some systems, such as Windows, sniffing on some devices is
  not supported.
  Parameter --filter defines the sniff filter. It permits to restrict
  captured packets. This kind of filter is named a BPF or pcap filter.
  Basic elements of a filter are:
    host 1.2.3.4
    net 192.168.10
    net 192.168.10.0 mask 255.255.255.0
    net 192.168.10.0/24
    port 21
    dst host 1.2.3.4
    src port 2345
    ether host a:b:c:d:e:f ('ether a:b:c:d:e:f' is not working)
    ether src aa:bb:cc:dd:ee:ff
    ip
    arp
    rarp
    tcp
    icmp
    udp
  Here are filter examples:
    "host 1.2.3.4"
    "net 192.168 and icmp"
    "host 1.2.3.4 or dst port 80"
    "(udp or tcp) and not host 1.2.3.4"
  Parameter --rawip indicates to ignore Ethernet/link layer, and start
  displaying at IP header.
  Parameter --ipreas tries to reassemble IP packets. This might miss
  packets.
  
  This tool may need to be run with admin privilege in order to sniff.

Synonyms:

  capture

Usage:

  netwox 11 [-d device] [-f filter] [-r|+r] [-i|+i]

Parameters:

parameter description example
-d|--device device device name Eth0
-f|--filter filter pcap filter  
-r|--rawip|+r|--no-rawip sniff at IP level  
-i|--ipreas|+i|--no-ipreas reassemble IP packets  

Example:

  netwox 11

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/166.html0000644000000000000000000000537211776302040021137 0ustar rootroot Tool 166: TFTP client : put a file

Tool 166: TFTP client : put a file

Description:

  This tool stores a file on a TFTP server.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  upload

Usage:

  netwox 166 -i ip -f file -F file [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-m data] [-T uint32] [-R uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-f|--local-file file local file passwd_copy
-F|--remote-file file remote file /etc/passwd
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 69
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-m|--mode data mode (octet or netascii) octet
-T|--timeout uint32 timeout in milliseconds 10000
-R|--retry uint32 number of retry 3

Examples:

  netwox 166 -i "5.6.7.8" -f "passwd_copy" -F "/etc/passwd"

  netwox 166 --dst-ip "5.6.7.8" --local-file "passwd_copy" --remote-file "/etc/passwd"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/index.html0000644000000000000000000003260611776302040021732 0ustar rootroot


1: Display network configuration
2: Display debugging information
3: Display information about an IP address or a hostname
4: Display information about an Ethernet address
5: Obtain Ethernet addresses of computers in an IP list
6: Display how to reach an IP address
7: Sniff
8: Sniff and display open ports
9: Sniff and display Ethernet addresses
10: Sniff and display network statistics
11: Sniff and verify checksums
12: Display which values to use for netwox parameters
13: Obtain DLT type for sniff and spoof for each device
14: Spoof a record
15: Display content of a record
16: Convert a record
17: Recompute checksums of packets in a record
18: Reassemble IP packets of a record, and reorder TCP flow
19: Extract a range of packets from a record
20: Search for strings in packets from a record
21: Convert a number
22: Convert a string
23: Display ASCII table
24: Convert IP addresses ranges
25: Test if a directory is secure
26: Dump a file
27: Compute MD5 of a file
28: Convert a binary file to readable and editable file
29: Convert a readable and editable file to a binary file
30: Convert a file from unix to dos
31: Convert a file from dos to unix
32: Spoof Ethernet packet
33: Spoof EthernetArp packet
34: Spoof EthernetIp4 packet
35: Spoof EthernetIp4Udp packet
36: Spoof EthernetIp4Tcp packet
37: Spoof EthernetIp4Icmp4 packet
38: Spoof Ip4 packet
39: Spoof Ip4Udp packet
40: Spoof Ip4Tcp packet
41: Spoof Ip4Icmp4 packet
42: Spoof of packet samples : fragment
43: Spoof of packet samples : fragment, ip4opt:noop
44: Spoof of packet samples : fragment, ip4opt:rr
45: Spoof of packet samples : fragment, ip4opt:lsrr
46: Spoof of packet samples : fragment, ip4opt:ts
47: Spoof of packet samples : fragment, ip4opt:ipts
48: Spoof of packet samples : fragment, ip4opt:ippts
49: Ping ICMP
50: Ping ICMP (EthIP spoof)
51: Ping TCP
52: Ping TCP (EthIp spoof)
53: Ping UDP
54: Ping UDP (EthIp spoof)
55: Ping ARP
56: Ping ARP (EthIp spoof)
57: Traceroute ICMP
58: Traceroute ICMP (EthIP spoof)
59: Traceroute TCP
60: Traceroute TCP (EthIp spoof)
61: Traceroute UDP
62: Traceroute UDP (EthIp spoof)
63: Traceroute on a specified IP protocol
64: Traceroute on a specified IP protocol (EthIp spoof)
65: Scan ICMP
66: Scan ICMP (EthIP spoof)
67: Scan TCP
68: Scan TCP (EthIp spoof)
69: Scan UDP
70: Scan UDP (EthIp spoof)
71: Scan ARP
72: Scan ARP (EthIp spoof)
73: Simulate presence of a/several computer/s (arp and ping)
74: Flood a host with random fragments
75: Fill table of a switch using a flood of Ethernet packets
76: Synflood
77: Check if seqnum are predictible
78: Reset every TCP packet
79: Acknowledge every TCP SYN
80: Periodically send ARP replies
81: Send an ICMP4 timestamp
82: Sniff and send ICMP4/ICMP6 destination unreachable
83: Sniff and send ICMP4/ICMP6 time exceeded
84: Sniff and send ICMP4/ICMP6 parameter problem
85: Sniff and send ICMP4 source quench
86: Sniff and send ICMP4/ICMP6 redirect
87: TCP client
88: UDP client
89: TCP server
90: UDP server
91: TCP server multiclients
92: UDP server multiclients
93: TCP remote administration server
94: TCP remote administration client (exec)
95: TCP remote administration client (get file)
96: TCP remote administration client (put file)
97: SYSLOG client
98: Flood a host with syslog messages
99: TELNET client
100: TELNET client executing one or several commands
101: Brute force telnet client
102: Query a DNS server
103: Obtain version of a Bind DNS server
104: DNS server always answering same values
105: Sniff and send DNS answers
106: Send an email
107: Post a newsgroup message
108: List newsgroups available on a server
109: Download one, or more, newsgroup messages
110: Ethernet bridge limiting flow
111: FTP listing a directory
112: FTP client : get a file
113: FTP client : put a file
114: FTP client : del a file
115: FTP client : get a directory recursively
116: FTP client : put a directory recursively
117: FTP client : del a directory recursively
118: HTTP GET
119: HTTP HEAD
120: HTTP POST
121: HTTP PUT
122: HTTP DELETE
123: HTTP TRACE
124: HTTP OPTIONS
125: HTTP server
126: HTTP remote administration server
127: Cypher/decypher a file using a xor
128: Split a file in smaller chunks
129: Reassemble chunks of a file
130: Brute force ftp client
131: Brute force http client (site password)
132: Brute force http client (proxy password)
133: Convert an url/uri
134: Obtain urls/uris in a HMTL file
135: Convert urls/uris in a HMTL file to absolute urls
136: Web download (http://... or ftp://...)
137: Create a sample configuration file for tool 138
138: Web spider (use configuration file created by tool 137)
139: Web spider on command line (fully recursive)
140: Spoof EthernetIp6 packet
141: Spoof EthernetIp6Udp packet
142: Spoof EthernetIp6Tcp packet
143: Spoof EthernetIp6Icmp6 packet
144: Spoof Ip6 packet
145: Spoof Ip6Udp packet
146: Spoof Ip6Tcp packet
147: Spoof Ip6Icmp6 packet
148: Ping ICMP6 Neighbor Discovery
149: Ping ICMP6 Neighbor Discovery (EthIp spoof)
150: Scan ICMP6 Neighbor Discovery
151: Scan ICMP6 Neighbor Discovery (EthIp spoof)
152: Interactive IRC client
153: IRC client listing channels
154: IRC client listening on a channel
155: Network performance measurement : TCP server
156: Network performance measurement : TCP client
157: Network performance measurement : UDP server
158: Network performance measurement : UDP client
159: SNMP Get
160: SNMP Walk
161: SNMP Trap
162: SNMP Trap2
163: SNMP Inform
164: SNMP Set
165: TFTP client : get a file
166: TFTP client : put a file
167: TFTP server
168: FTP server
169: Display simple network configuration easy to parse
170: TELNET server
171: DHCP client
172: List articles range of a newsgroup
173: Download overview of one, or more, newsgroup messages
174: FTP client : get a file and check its MD5
175: Web download (http://... or ftp://...) and check its MD5
176: TFTP client : get a file and check its MD5
177: Check if a SMTP server is up
178: Check if an IRC server is up
179: DHCP client requesting an INFORM
180: SNTP client obtaining time
181: SNTP server
182: Obtain size of a web file (http://... or ftp://...)
183: TCP relay
184: UDP relay
185: TCP multiclient relay
186: Millisecond sleep
187: Display date and time
188: SYSLOG server
189: SMTP server
190: Make coffee
191: Generate a password (English, French, Spanish)
192: Spoof of packet samples : fragment, ip4opt:ssrr
193: IDENT client requesting info about an open session
194: IDENT client creating a session and requesting its info
195: IDENT server
196: WHOIS client
197: WHOIS client guessing server
198: SMB/CIFS client: list shares
199: SMB/CIFS client: create a directory
200: SMB/CIFS client: delete a directory
201: SMB/CIFS client: rename a directory
202: SMB/CIFS client: list contents of a directory
203: SMB/CIFS client: delete a file
204: SMB/CIFS client: rename a file
205: SMB/CIFS client: get a file
206: SMB/CIFS client: put a file
207: SMB/CIFS client: recursively get a directory
208: SMB/CIFS client: recursively put a directory
209: SMB/CIFS client: recursively delete a directory
210: Web spider on command line (stay in same directory)
211: Web spider : converts a local downloaded filename to its original url
212: Web spider : converts an url to its local downloaded filename
213: Display a list of IP addresses
214: Traceroute discovery: graph of network topology
215: Traceroute discovery (EthIp spoof)
216: Beep
217: SMB/CIFS server
218: Netwox internal validation suite
219: Compute cryptographic hash of a file (md5, sha, etc.)
220: Convert a binary file to a base64 encoded file
221: Convert a base64 encoded file to a binary file
222: In a HMTL file, suppress links pointing to local urls
223: Forward an email
netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/24.html0000644000000000000000000000304411776302040021042 0ustar rootroot Tool 24: Convert IP addresses ranges

Tool 24: Convert IP addresses ranges

Description:

  This tool converts a range of IP addresses. For example:
    netwox 24 --ips 192.168.1.128/27 --iprange --ipnumber --ipmask
  returns:
    192.168.1.128-192.168.1.159
    192.168.1.128/27
    192.168.1.128/255.255.255.224
  It permits to easily compute netmask.
  To obtain information about each address in a list of IP addresses,
  use tool 3 with option -a.
  See also tool 213.

Synonyms:

  ipcalc, netmask

Usage:

  netwox 24 -i ips [-h|+h] [-r|+r] [-n|+n] [-m|+m]

Parameters:

parameter description example
-i|--ips ips list/range of IP addresses 192.168.1.0/24
-h|--hnrange|+h|--no-hnrange display hostnames  
-r|--iprange|+r|--no-iprange display ip-ip  
-n|--ipnumber|+n|--no-ipnumber display ip/num  
-m|--ipmask|+m|--no-ipmask display ip/mask  

Examples:

  netwox 24 -i "192.168.1.0/24"

  netwox 24 --ips "192.168.1.0/24"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/131.html0000644000000000000000000000704411776302040021125 0ustar rootroot Tool 131: Brute force http client (site password)

Tool 131: Brute force http client (site password)

Description:

  This tool successively tries couples of login and passwords in order
  to find matching authentication credentials.
  This tool tries to find password of web server (basic authentication).
  
  Parameter --uri is the uri/url requested.
  Parameters --proxy-ip, --proxy-port, --proxy-login and
  --proxy-password defines the web proxy and credentials.
  Parameter --user-agent defines the client name to send. For example
  'Mozilla/5.0'.
  Parameter --login defines the logins to try. To check several logins,
  parameter --login-file is the file containing logins (one per line).
  Parameter --password-file is the file containing passwords (1/line).
  Parameter --stopatfirst indicates to stop when first match is found.
  Parameter --numthread defines the number of threads (simultaneous
  running checks) to use.
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).

Synonyms:

  web

Usage:

  netwox 131 -u uri [-L login] -w file [-p ip] [-P port] [-g login] [-o password] [-U useragent] [-l file] [-T uint32] [-s|+s] [-n uint32] [-v|+v]

Parameters:

parameter description example
-u|--uri uri url/uri to download http://server/private/
-L|--login login login  
-w|--password-file file password file passwordfile.txt
-p|--proxy-ip ip IP address of proxy 5.6.7.8
-P|--proxy-port port port of proxy 3128
-g|--proxy-login login login of proxy  
-o|--proxy-password password password of proxy  
-U|--user-agent useragent user agent Mozilla/5.0
-l|--login-file file login file loginfile.txt
-T|--timeout uint32 timeout in milliseconds 60000
-s|--stopatfirst|+s|--no-stopatfirst stop at first valid login found  
-n|--numthread uint32 number of threads to launch 5
-v|--verbose|+v|--no-verbose be verbose This boolean is set.
Use + or --no- to unset it.

Examples:

  netwox 131 -u "http://server/private/" -w "passwordfile.txt"

  netwox 131 --uri "http://server/private/" --password-file "passwordfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/104.html0000644000000000000000000000624711776302040021131 0ustar rootroot Tool 104: DNS server always answering same values

Tool 104: DNS server always answering same values

Description:

  This tool creates a simple DNS server. It will always return the same
  information. It can be used to redirect network flow to a computer.
  
  Parameter --hostname defines the hostname to tell (www.example.com).
  Parameter --hostnameip defines IP address of this hostname (1.2.3.4).
  Parameter --authns is the authoritative name server (ns.example.com).
  Parameter --authnsip defines IP address of name server (1.2.3.5).
  Parameter --ttl defines the Time To Live of this reply.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth permits to create
  a virtual server using fake addresses (in this case, tool have to be
  run with admin privilege in order to sniff and spoof at Ethernet
  level).
  
  This tool may need to be run with admin privilege in order to listen
  on a small port number (port<1024).

Synonyms:

  bind

Usage:

  netwox 104 -h hostname -H ip -a hostname -A ip [-d device] [-E eth] [-I ip] [-P port] [-o ip4opts] [-O ip6exts] [-t iptype] [-T uint32]

Parameters:

parameter description example
-h|--hostname hostname hostname www.example.com
-H|--hostnameip ip hostname IP 1.2.3.4
-a|--authns hostname authoritative name server ns.example.com
-A|--authnsip ip authns IP 1.2.3.5
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 53
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-T|--ttl uint32 ttl in seconds 10

Examples:

  netwox 104 -h "www.example.com" -H "1.2.3.4" -a "ns.example.com" -A "1.2.3.5"

  netwox 104 --hostname "www.example.com" --hostnameip "1.2.3.4" --authns "ns.example.com" --authnsip "1.2.3.5"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/199.html0000644000000000000000000000755411776302040021151 0ustar rootroot Tool 199: SMB/CIFS client: create a directory

Tool 199: SMB/CIFS client: create a directory

Description:

  This tool is a simple SMB/CIFS client creating a directory.
  
  Parameter --dst-ip is the address of remote host/server.
  Parameter --dst-port is the port number where to connect.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --src-port defines the local port number to use.
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device, --src-eth and --dst-eth permits to
  create a virtual client using fake addresses (in this case, tool have
  to be run with admin privilege in order to sniff and spoof at
  Ethernet level).
  
  Parameter --share indicates the share name.
  Parameter --user indicates the optional username.
  Parameter --password indicates the optional password.
  Parameter --authversion defines the authentication protocol to use
  (0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=guess(try NTLMv2, then NTLMv1,
  and finally Lanman)).
  Parameter --netbiosname defines the NetBIOS name of server. It is
  generally the same as its DNS name. Most of the time, it is not
  needed.
  Parameter --verbose displays activity (set it if a problem occurs).
  Parameter --debug displays packets to screen.
  Example, to connect on //server/myshare/, use:
  --dst-ip myserver --share myshare --netbiosname myserver --user bob
    --password hello

Synonyms:

  smbclient

Usage:

  netwox 199 -i ip -s smbshare [-u login] [-w password] [-N netbiosname] -f dir [-d device] [-E eth] [-e eth] [-I ip] [-P port] [-p port] [-o ip4opts] [-O ip6exts] [-v uint32] [-T uint32] [-V|+V] [-D|+D]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-s|--share smbshare share name C$
-u|--user login username  
-w|--password password password  
-N|--netbiosname netbiosname server NetBIOS NAME  
-f|--dirname dir directory name mydir
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-e|--dst-eth eth destination ethernet address 0:8:9:a:b:c
-I|--src-ip ip source IP address 192.168.100.200
-P|--src-port port source port number 0
-p|--dst-port port destination port number 139
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-v|--authversion uint32 0=Lanman, 1=NTLMv1, 2=NTLMv2, unset=best 2
-T|--timeout uint32 timeout in milliseconds 60000
-V|--verbose|+V|--no-verbose display SMB trace  
-D|--debug|+D|--no-debug display SMB packets  

Examples:

  netwox 199 -i "5.6.7.8" -s "C$" -f "mydir"

  netwox 199 --dst-ip "5.6.7.8" --share "C$" --dirname "mydir"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/185.html0000644000000000000000000000547311776302040021142 0ustar rootroot Tool 185: TCP multiclient relay

Tool 185: TCP multiclient relay

Description:

  This tool is a relay: a client will connect to it, then it will
  connect to server. All data received from server is sent back to
  client. All data received from client is sent to server. From server's
  view point, it only sees relay as source IP address. From client's
  viewpoint, it only sees relay as destination IP address.
  This tool is different from tool 183 because several relays can be in
  use simultaneously. It can be used like a load balancer.
  
  Parameter --src-port defines the local port number to listen on.
  Optional parameter --src-ip defines the local IP address to use.
  Optional parameter --iptype defines which kind of IP address to use
  when --src-ip is unset (accepted values: ip4 and ip6).
  Optional parameter --ip4opts permits to add IP4 options encoded as
  mixed.
  Optional parameter --ip6exts permits to add IP6 options encoded as
  mixed (first byte is the next header number).
  Optional parameters --device and --src-eth are not yet implemented.
  Parameter --server-ip is the address of remote host/server.
  Parameter --server-port is the port number where to connect.
  Parameter --allowed-clients lists the IP addresses or hosts allowed
  to connect.

Usage:

  netwox 185 -P port -x ips -X port [-d device] [-E eth] [-I ip] [-o ip4opts] [-O ip6exts] [-t iptype] [-c ips]

Parameters:

parameter description example
-P|--src-port port source port number 1234
-x|--server-ip ips list/range of IP addresses 1.2.3.4,1.2.3.5
-X|--server-port port destination port number 80
-d|--device device device name Eth0
-E|--src-eth eth source ethernet address 0:2:3:4:5:6
-I|--src-ip ip source IP address 192.168.100.200
-o|--ip4opts ip4opts IPv4 options  
-O|--ip6exts ip6exts IPv6 extensions  
-t|--iptype iptype type to use when src-ip is unset ip4
-c|--allowed-clients ips clients allowed to connect all

Examples:

  netwox 185 -P "1234" -x "1.2.3.4,1.2.3.5" -X "80"

  netwox 185 --src-port "1234" --server-ip "1.2.3.4,1.2.3.5" --server-port "80"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/38.html0000644000000000000000000000711411776302040021051 0ustar rootroot Tool 38: Spoof Ip4 packet

Tool 38: Spoof Ip4 packet

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
  
  This tool may need to be run with admin privilege in order to spoof.

Synonyms:

  hping, send

Usage:

  netwox 38 [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o mixed_data] [-a spoofip] [-p uint32] [-q uint32] [-r uint32]

Parameters:

parameter description example
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 192.168.100.200
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--ip4-data mixed_data mixed data  
-a|--spoofip spoofip IP spoof initialization type best
-p|--ip4-ihl uint32 IP4 ihl 5
-q|--ip4-totlen uint32 IP4 totlen 0
-r|--ip4-checksum uint32 IP4 checksum 0

Example:

  netwox 38

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/tools/29.html0000644000000000000000000000224011776302040021044 0ustar rootroot Tool 29: Convert a readable and editable file to a binary file

Tool 29: Convert a readable and editable file to a binary file

Description:

  This tool does the reverse of tool 28.
  Editing a binary file is not easy with un-appropriate tools. Tool 28
  converts a binary file which can be edited by a text editor. Tool 29
  then recreates the binary file.

Synonyms:

  hexedit

Usage:

  netwox 29 -i file -o file

Parameters:

parameter description example
-i|--src-file file source filename srcfile.txt
-o|--dst-file file destination filename dstfile.txt

Examples:

  netwox 29 -i "srcfile.txt" -o "dstfile.txt"

  netwox 29 --src-file "srcfile.txt" --dst-file "dstfile.txt"

netw-ib-ox-ag-5.39.0/src/netwox-doc_html/index.html0000644000000000000000000000455411776302040020573 0ustar rootroot netwox (version 5.39.0)



Learning how to use netwox

A short user manual describes syntax.
Real world examples are available.
A detailed help describes each tool.
A paper presents how to use netwox to test a router or a firewall.
A paper presents how to use netwox to test an IPv6 firewall.

Tutorials

If you do not understand some points, read network tutorials (this page contains links to documentation not written by me).

Miscellaneous text files

Following files are a copy of files included in ".tgz". Please ignore references to local path (for example ./doc/probleminstallunix.txt).
presentation
installation of netwox-5.39.0-src.tgz under Unix
installation of netwox-5.39.0-src.tgz under Windows
installation of netwox-5.39.0-bin_windows.tgz
problems which might happen during installation of netwox-5.39.0-src.tgz under Unix
problems which might happen during installation of netwox-5.39.0-src.tgz under Windows
problems which might happen during installation of netwox-5.39.0-bin_windows.tgz
how to add one tool in netwox under Unix
how to add one tool in netwox under Windows
problems which might happen during usage under Unix
problems which might happen during usage under Windows
list of unimplemented features
how to report a new problem

Availability

Toolbox netwox is available at :
http://ntwox.sourceforge.net/
netw-ib-ox-ag-5.39.0/src/netwag-src/0000755000000000000000000000000011776302045015532 5ustar rootrootnetw-ib-ox-ag-5.39.0/src/netwag-src/src/0000755000000000000000000000000011776302040016314 5ustar rootrootnetw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_vars2c.tcl0000644000000000000000000000035111776302040021564 0ustar rootroot # netwag_glo_bin_term : # description : path to the terminal emulator # examples : "/usr/bin/xterm" # netwag_glo_bin_term_param : # description : parameter needed to run a command (xterm -e /bin/ls) # examples : "-e" netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_update.tcl0000644000000000000000000000374311776302040021656 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_update_can ; set netwag_update_can 0 ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Allow update proc netwag_update_allow { } { global netwag_update_can set netwag_update_can 1 } ## Call update proc netwag_update { } { global netwag_update_can if {$netwag_update_can} { update } } proc netwag_update_idletasks { } { global netwag_update_can if {$netwag_update_can} { update idletasks } } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_font.tcl0000644000000000000000000001265611776302040021345 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_font_windows_name; set netwag_font_windows_name ".font_window" global netwag_font_isfixed; set netwag_font_isfixed 1 ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Create the skeleton proc netwag_font_init { } { global netwag_session_font_family global netwag_session_font_size global netwag_font_isfixed font create myfont -family $netwag_session_font_family -size $netwag_session_font_size set netwag_font_isfixed [font metric myfont -fixed] } ## Change the font proc netwag_font_change { fam size } { global netwag_session_font_family global netwag_session_font_size global netwag_font_isfixed if {$fam != ""} { set netwag_session_font_family $fam font configure myfont -family $fam } if {$size != ""} { set netwag_session_font_size $size font configure myfont -size $size } set netwag_font_isfixed [font metric myfont -fixed] netwag_toolform_resize } ## Change the font opening a popup proc netwag_font_changepopup { } { global netwag_session_font_family global netwag_session_font_size global netwag_font_windows_name global netwag_glo_gui_bgcolor_button global netwag_glo_gui_bgcolor_listbox global netwag_glo_gui_bgcolor_unused global netwag_font_isfixed # obtain the old configuration set oldfam $netwag_session_font_family set oldsize $netwag_session_font_size # create window set fw "$netwag_font_windows_name" set fwc "$fw.checklists" set fwb "$fw.buttons" set fwcf "$fwc.font" set fwcs "$fwc.size" set fwbo "$fwb.ok" set fwbi "$fwb.ignore" toplevel $fw wm title $fw "Choose font" frame $fwc frame $fwb -bg $netwag_glo_gui_bgcolor_unused pack $fwc -fill both -expand 1 pack $fwb -fill x frame $fwcf frame $fwcs pack $fwcf $fwcs -side left -fill both -expand 1 # create listbox containing the families listbox $fwcf.box -yscrollcommand "$fwcf.scro set" -exportselection false -bg $netwag_glo_gui_bgcolor_listbox -highlightthickness 0 scrollbar $fwcf.scro -command "$fwcf.box yview" -troughcolor $netwag_glo_gui_bgcolor_listbox -highlightthickness 0 pack $fwcf.box -side left -fill both -expand 1 pack $fwcf.scro -side left -fill y set i 0 set isel -1 foreach fam [lsort [font families]] { $fwcf.box insert end $fam if { $fam == $oldfam } { set isel $i } incr i } if { $isel != -1 } { $fwcf.box selection set $isel $fwcf.box yview $isel } bind $fwcf.box { set fam [%W get [%W nearest %y]] netwag_font_change $fam "" } netwag_dynhelp_init $fwcf.box "Choose the font to be used." # create listbox containing the sizes listbox $fwcs.box -yscrollcommand "$fwcs.scro set" -exportselection false -bg $netwag_glo_gui_bgcolor_listbox -highlightthickness 0 scrollbar $fwcs.scro -command "$fwcs.box yview" -troughcolor $netwag_glo_gui_bgcolor_listbox -highlightthickness 0 pack $fwcs.box -side left -fill both -expand 1 pack $fwcs.scro -side left -fill y set imax [expr 2 * $oldsize] if { $imax < 30 } { set imax 30 } set isel -1 for {set i 1} {$i < $imax} {incr i} { $fwcs.box insert end $i if { $i == $oldsize } { set isel $i } } if { $isel != -1 } { $fwcs.box selection set $isel $fwcs.box yview $isel } bind $fwcs.box { set size [%W get [%W nearest %y]] netwag_font_change "" $size } netwag_dynhelp_init $fwcs.box "Choose the size for the font." # create buttons eval "button $fwb.bi -text Ignore -command { netwag_font_change \"$oldfam\" $oldsize ; destroy $fw } -bg $netwag_glo_gui_bgcolor_button -highlightthickness 0" eval "button $fwb.bo -text OK -command { destroy $fw } -bg $netwag_glo_gui_bgcolor_button -highlightthickness 0" pack $fwb.bi $fwb.bo -side left -expand 1 netwag_dynhelp_init $fwb.bi "Revert to the old font." netwag_dynhelp_init $fwb.bo "Choose the current font." } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_cursor.tcl0000644000000000000000000000541211776302040021704 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_cursor_default_cursor; set netwag_cursor_default_cursor [. cget -cursor] ################################################################# # PRIVATE FUNCTIONS ################################################################# global netwag_priv_cursor_w set netwag_priv_cursor_w {. .m .fc.text .fm.text .fn.body.pf1.bot.right.text.left.text} ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Set waiting cursor proc netwag_cursor_wait { } { # We should change cursor for each window using something like: # catch {. configure -cursor watch} # set list [winfo children .] # while {[llength $list]} { # set next {} # foreach w $list { # catch {$w configure -cursor watch} # set next [concat $next [winfo children $w]] # } # set list $next # } # update idletasks # However, this is long to run. When displaying watch, it's because # we have a long task to run. We do not want it to become longer. # So only main windows will have the clock: global netwag_priv_cursor_w foreach w $netwag_priv_cursor_w { $w configure -cursor watch } netwag_update } ## Set default cursor proc netwag_cursor_default { } { global netwag_cursor_default_cursor; global netwag_priv_cursor_w foreach w $netwag_priv_cursor_w { $w configure -cursor $netwag_cursor_default_cursor } netwag_update } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_infol.tcl0000644000000000000000000001274111776302040021501 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_infol_text_output global netwag_priv_infol_out_devices global netwag_priv_infol_out_ip global netwag_priv_infol_out_arp global netwag_priv_infol_out_routes global netwag_priv_infol_out_current ################################################################# # PRIVATE FUNCTIONS ################################################################# ## Append data in the text proc netwag_priv_infol_text_output_set { thedata } { global netwag_priv_infol_text_output $netwag_priv_infol_text_output configure -state normal $netwag_priv_infol_text_output delete 1.0 end $netwag_priv_infol_text_output insert end "$thedata" $netwag_priv_infol_text_output configure -state disabled } ## Get configuration proc netwag_priv_infol_update { } { global netwag_glo_bin_netwox global netwag_priv_infol_out_devices global netwag_priv_infol_out_ip global netwag_priv_infol_out_arp global netwag_priv_infol_out_routes netwag_priv_infol_text_output_set "Update in progress..." set msg "" set ret [netwag_exec "$netwag_glo_bin_netwox 0 -c" outmsg retval errmsg] if { $ret } { set msg "could not obtain the configuration ($errmsg)" } elseif { $retval } { set msg "could not obtain the configuration (retval=$retval)" } else { if {[catch {eval $outmsg}]} { set msg "error in tcl commands returned" } } if {$msg != ""} { set netwag_priv_infol_out_devices $msg set netwag_priv_infol_out_ip $msg set netwag_priv_infol_out_arp $msg set netwag_priv_infol_out_routes $msg } return 0 } ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Initialize local information proc netwag_infol_init { } { global netwag_priv_infol_out_current set netwag_priv_infol_out_current 1 return 0 } ## Called when a button is pressed proc netwag_infol_button_press { butnum } { global netwag_priv_infol_out_devices global netwag_priv_infol_out_ip global netwag_priv_infol_out_arp global netwag_priv_infol_out_routes global netwag_priv_infol_out_current global netwag_glo_notebook_button_hidden_color global netwag_glo_notebook_button_visible_color global netwag_priv_infol_buttons if {$butnum == 1} { netwag_priv_infol_text_output_set $netwag_priv_infol_out_devices $netwag_priv_infol_buttons.butdevices configure -bg $netwag_glo_notebook_button_visible_color } else { $netwag_priv_infol_buttons.butdevices configure -bg $netwag_glo_notebook_button_hidden_color } if {$butnum == 2} { netwag_priv_infol_text_output_set $netwag_priv_infol_out_ip $netwag_priv_infol_buttons.butip configure -bg $netwag_glo_notebook_button_visible_color } else { $netwag_priv_infol_buttons.butip configure -bg $netwag_glo_notebook_button_hidden_color } if {$butnum == 3} { netwag_priv_infol_text_output_set $netwag_priv_infol_out_arp $netwag_priv_infol_buttons.butarp configure -bg $netwag_glo_notebook_button_visible_color } else { $netwag_priv_infol_buttons.butarp configure -bg $netwag_glo_notebook_button_hidden_color } if {$butnum == 4} { netwag_priv_infol_text_output_set $netwag_priv_infol_out_routes $netwag_priv_infol_buttons.butroutes configure -bg $netwag_glo_notebook_button_visible_color } else { $netwag_priv_infol_buttons.butroutes configure -bg $netwag_glo_notebook_button_hidden_color } set netwag_priv_infol_out_current $butnum } ## Called when Update button is pressed proc netwag_infol_button_update { } { netwag_cursor_wait netwag_priv_infol_update netwag_cursor_default global netwag_priv_infol_out_devices netwag_priv_infol_text_output_set $netwag_priv_infol_out_devices global netwag_priv_infol_out_current netwag_infol_button_press $netwag_priv_infol_out_current return 0 } ## To initialize global netwag_infol_eventuallyinit_done set netwag_infol_eventuallyinit_done 0 proc netwag_infol_eventuallyinit { } { global netwag_infol_eventuallyinit_done if {$netwag_infol_eventuallyinit_done} { return 0 } netwag_infol_button_update set netwag_infol_eventuallyinit_done 1 } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_toolhist.tcl0000644000000000000000000001275011776302040022237 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_toolhist_lb ################################################################# # PRIVATE FUNCTIONS ################################################################# ## Obtain the current selected command proc netwag_priv_toolhist_cmd_init_cursel {} { global netwag_priv_toolhist_lb set sellist [$netwag_priv_toolhist_lb curselection] if { ! [llength $sellist] } { return "" } set selnum [lindex $sellist 0] set cmd [netwag_priv_toolhist_cmd_init_selnum $selnum] return $cmd } ## Obtain the command at a given position proc netwag_priv_toolhist_cmd_init_selnum { selnum } { global netwag_priv_toolhist_lb set seltext [$netwag_priv_toolhist_lb get $selnum] return $seltext } ## Display information about current tool proc netwag_priv_toolhist_info { } { global netwag_priv_toolhist_lb global netwag_priv_toolsearch_tools_sort_lbline set cmd [netwag_priv_toolhist_cmd_init_cursel] if {$cmd == ""} { return } set cmdlist [split $cmd] set toolnum [lindex $cmdlist 0] if {![info exists netwag_priv_toolsearch_tools_sort_lbline($toolnum)]} { return } set msg "Tool " append msg $netwag_priv_toolsearch_tools_sort_lbline($toolnum) netwag_msg_add_info $msg 0 } ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Called when the "Copy" button is changed proc netwag_toolhist_button_copy { } { set cmd [netwag_priv_toolhist_cmd_init_cursel] if { $cmd == "" } { netwag_msg_add_warn "No history line is selected" return } netwag_toolcmd_init $cmd } ## Called when the "Del" button is changed proc netwag_toolhist_button_del { } { global netwag_priv_toolhist_lb set sellist [$netwag_priv_toolhist_lb curselection] if { ! [llength $sellist] } { netwag_msg_add_warn "No history line is selected" return } $netwag_priv_toolhist_lb del $sellist set selsize [$netwag_priv_toolhist_lb size] if { $selsize } { set toselect [lindex $sellist 0] if { $toselect < $selsize } { $netwag_priv_toolhist_lb selection set $toselect } else { $netwag_priv_toolhist_lb selection set end } } } ## To add a command in the history proc netwag_toolhist_add { cmd } { global netwag_priv_toolhist_lb # add at end $netwag_priv_toolhist_lb insert end "$cmd" $netwag_priv_toolhist_lb see end # now eventually remove it from previous history set arraysize [$netwag_priv_toolhist_lb size] for {set i 0} {$i < [expr $arraysize - 1]} {incr i} { set cmdi [$netwag_priv_toolhist_lb get $i] if {$cmdi == $cmd} { # must be done now, because after the del, it will be unset set sellist [$netwag_priv_toolhist_lb curselection] # remove the old entry $netwag_priv_toolhist_lb del $i # eventually reselect the item if { [llength $sellist] } { set cursel [lindex $sellist 0] if {$i == $cursel} { $netwag_priv_toolhist_lb selection set end } } # exit now because it should only be once return # note : if we decide to not return, do not forget "set i [expr $i - 1]" } } } ## Called when the "Add" button is changed proc netwag_toolhist_button_add { } { if { [netwag_toolcmd_check cmd toolnum] } { return } netwag_toolhist_add "$cmd" } ## Initialize the hist function proc netwag_toolhist_init { } { global netwag_priv_toolhist_lb # associate events bind $netwag_priv_toolhist_lb { focus $netwag_priv_toolhist_lb } bind $netwag_priv_toolhist_lb { # this after is to be sure item is selected after 1 netwag_priv_toolhist_info } bind $netwag_priv_toolhist_lb { after 1 netwag_priv_toolhist_info } bind $netwag_priv_toolhist_lb { after 1 netwag_priv_toolhist_info } bind $netwag_priv_toolhist_lb { netwag_toolhist_button_copy } bind $netwag_priv_toolhist_lb { netwag_toolhist_button_copy } bind $netwag_priv_toolhist_lb { netwag_toolhist_button_del } } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_menu.tcl0000644000000000000000000000666211776302040021343 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_menu_fileexit_try ; set netwag_menu_fileexit_try 0 ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Menu File - Exit proc netwag_menu_fileexit { } { global netwag_menu_fileexit_try if {$netwag_menu_fileexit_try} { # direct exit, otherwise on error could not exit exit } set netwag_menu_fileexit_try 1 netwag_runtext_int_all netwag_session_save exit } ## Menu Edit - Cut proc netwag_menu_editcut { } { event generate [focus] } ## Menu Edit - Copy proc netwag_menu_editcopy { } { event generate [focus] } ## Menu Edit - Paste proc netwag_menu_editpaste { } { event generate [focus] } ## Menu Edit - Select proc netwag_menu_editselect { } { event generate [focus] } ## Menu Edit - Find proc netwag_menu_editfind { } { netwag_txtfind_find } ## Menu Session - New proc netwag_menu_sessnew { } { netwag_session_new } ## Menu Session - Open proc netwag_menu_sessopen { } { netwag_session_open } ## Menu Session - Save proc netwag_menu_sesssave { } { netwag_session_save } ## Menu Session - SaveAs proc netwag_menu_sesssaveas { } { netwag_session_saveas } ## Menu Option - Font proc netwag_menu_optfont { } { global netwag_font_windows_name if { [winfo exists $netwag_font_windows_name] } { raise $netwag_font_windows_name } else { netwag_font_changepopup } } ## Menu Help - Documentation proc netwag_menu_helpdoc { } { global netwag_help_doc_winname if { [winfo exists $netwag_help_doc_winname] } { raise $netwag_help_doc_winname } else { netwag_help_doc_popup } } ## Menu Help - About proc netwag_menu_helpabout { } { global netwag_help_about_winname if { [winfo exists $netwag_help_about_winname] } { raise $netwag_help_about_winname } else { netwag_help_about_popup } } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_popen.tcl0000644000000000000000000001046711776302040021516 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_popen_fdcmd ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Initialize a popen proc netwag_popen_init { cmd mode pfd perrmsg } { global netwag_priv_popen_fdcmd upvar $pfd fd upvar $perrmsg errmsg if { $mode == "rw" || $mode == "r+" } { set acc "r+" } elseif { $mode == "r" } { set acc "r" } elseif { $mode == "w" } { set acc "w" } else { set errmsg "Unknown mode: $mode" return -1 } if { [catch { set fd [open "| $cmd" $acc] }] } { set errmsg "Cannot run $cmd" return -1 } if { $fd == -1 } { set errmsg "Cannot run $cmd" return -1 } set netwag_priv_popen_fdcmd($fd) $cmd return 0 } ## Configure popen to be unblocking proc netwag_popen_conf_block { fd block } { if { $block } { fconfigure $fd -blocking 1 -buffering line } else { fconfigure $fd -blocking 0 -buffering none } return 0 } ## Get the next line proc netwag_popen_read_line { fd pline } { global netwag_priv_popen_fdcmd upvar $pline line set ret [gets $fd line] if { $ret == -1 } { return -1 } return 0 } ## Get the next data proc netwag_popen_read_data { fd pdata } { global netwag_priv_popen_fdcmd upvar $pdata data if [eof $fd] { return -1 } set data [read $fd 16383] if { [string length $data] == 0 && [eof $fd] } { return -1 } return 0 } ## Write a line proc netwag_popen_write_line { fd line } { puts $fd $line } ## Write data proc netwag_popen_write_data { fd data } { puts -nonewline $fd $data } ## Close proc netwag_popen_close { fd pretval perrmsg } { global errorCode global netwag_priv_popen_fdcmd upvar $pretval retval upvar $perrmsg errmsg if { [catch { close $fd }] } { set errlist [split $errorCode] set errtype [lindex $errlist 0] if { $errtype == "CHILDSTATUS" } { set retval [lindex $errlist 2] return 0 } elseif { $errtype == "NONE" } { # occurs under Solaris 9, to obtain remote information set retval 0 return 0 } else { set cmd $netwag_priv_popen_fdcmd($fd) set errmsg "Command $cmd exited with error $errlist" return -1 } } set retval 0 return 0 } ## Interrupt proc netwag_popen_interrupt { fd perrmsg } { global errorCode global netwag_priv_popen_fdcmd upvar $perrmsg errmsg if { [catch { close $fd }] } { set errlist [split $errorCode] set errtype [lindex $errlist 0] if { $errtype == "CHILDKILLED" } { return 0 } elseif { $errtype == "CHILDSTATUS" } { return 0 } else { set cmd $netwag_priv_popen_fdcmd($fd) set errmsg "Command $cmd exited with error $errlist" return -1 } } return 0 } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_sys.tcl0000644000000000000000000001414711776302040021212 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_sys_platform; global netwag_sys_os; global netwag_sys_platform_unknown; set netwag_sys_platform_unknown 1 global netwag_sys_platform_unix; set netwag_sys_platform_unix 2 global netwag_sys_platform_windows; set netwag_sys_platform_windows 3 global netwag_sys_platform_macintosh; set netwag_sys_platform_macintosh 4 global netwag_sys_os_unknown; set netwag_sys_os_unknown 1 global netwag_sys_os_linux; set netwag_sys_os_linux 2 global netwag_sys_os_freebsd; set netwag_sys_os_freebsd 3 global netwag_sys_os_openbsd; set netwag_sys_os_openbsd 4 global netwag_sys_os_solaris; set netwag_sys_os_solaris 5 global netwag_sys_os_macos; set netwag_sys_os_macos 6 global netwag_sys_os_windows95; set netwag_sys_os_windows95 100 global netwag_sys_os_windows98; set netwag_sys_os_windows98 101 global netwag_sys_os_windowsme; set netwag_sys_os_windowsme 102 global netwag_sys_os_windowsnt4; set netwag_sys_os_windowsnt4 110 global netwag_sys_os_windows2000; set netwag_sys_os_windows2000 111 global netwag_sys_os_windowsxp; set netwag_sys_os_windowsxp 112 global netwag_sys_os_windows2003; set netwag_sys_os_windows2003 113 ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Initialize global variables containing system proc netwag_sys_init { } { global tcl_platform global netwag_sys_platform global netwag_sys_os global netwag_sys_platform_unknown global netwag_sys_platform_unix global netwag_sys_platform_windows global netwag_sys_platform_macintosh global netwag_sys_os_unknown global netwag_sys_os_linux global netwag_sys_os_freebsd global netwag_sys_os_openbsd global netwag_sys_os_solaris global netwag_sys_os_macos global netwag_sys_os_windows95 global netwag_sys_os_windows98 global netwag_sys_os_windowsme global netwag_sys_os_windowsnt4 global netwag_sys_os_windows2000 global netwag_sys_os_windowsxp global netwag_sys_os_windows2003 if { $tcl_platform(platform) == "unix" } { set netwag_sys_platform $netwag_sys_platform_unix } elseif { $tcl_platform(platform) == "windows" } { set netwag_sys_platform $netwag_sys_platform_windows } elseif { $tcl_platform(platform) == "macintosh" } { set netwag_sys_platform $netwag_sys_platform_macintosh } else { set netwag_sys_platform $netwag_sys_platform_unknown } set osv $tcl_platform(osVersion) set netwag_sys_os $netwag_sys_os_unknown if { $tcl_platform(os) == "Linux" } { set netwag_sys_os $netwag_sys_os_linux } elseif { $tcl_platform(os) == "FreeBSD" } { set netwag_sys_os $netwag_sys_os_freebsd } elseif { $tcl_platform(os) == "OpenBSD" } { set netwag_sys_os $netwag_sys_os_openbsd } elseif { $tcl_platform(os) == "Solaris" } { set netwag_sys_os $netwag_sys_os_solaris } elseif { $tcl_platform(os) == "SunOS" } { set netwag_sys_os $netwag_sys_os_solaris } elseif { $tcl_platform(os) == "Darwin" } { set netwag_sys_os $netwag_sys_os_macos } elseif { $tcl_platform(os) == "Windows 95" } { set netwag_sys_os $netwag_sys_os_windows95 if { $osv == "4.0" } { set netwag_sys_os $netwag_sys_os_windows95 } elseif { $osv == "4.10" } { set netwag_sys_os $netwag_sys_os_windows98 } elseif { $osv == "4.90" } { set netwag_sys_os $netwag_sys_os_windowsme } } elseif { $tcl_platform(os) == "Windows NT" } { set netwag_sys_os $netwag_sys_os_windows2000 if { $osv == "4" } { set netwag_sys_os $netwag_sys_os_windowsnt4 } elseif { $osv == "5.0" } { set netwag_sys_os $netwag_sys_os_windows2000 } elseif { $osv == "5.1" } { set netwag_sys_os $netwag_sys_os_windowsxp } elseif { $osv == "5.2" } { set netwag_sys_os $netwag_sys_os_windows2003 } } } ################################################################# # INITIALIZE SYSTEM VARIABLES ################################################################# netwag_sys_init ################################################################# # CHECK TCL/TK VERSION ################################################################# proc netwag_glo_check_version { versiontype theversion wantedmajor } { # theversion is w.x.y.z... set pospoint [string first "." $theversion] set versionmajor [string range $theversion 0 [expr $pospoint - 1]] if { $versionmajor < $wantedmajor } { set errms "Version of $versiontype is too old ($versionmajor<$wantedmajor)" puts $errms label .l -text $errms pack .l update idletasks after 10000 exit } } netwag_glo_check_version "Tk" $tk_version 8 netwag_glo_check_version "Tcl" $tcl_version 8 netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_exec.tcl0000644000000000000000000000455011776302040021315 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Complete exec of a command # Example : # set ret [netwag_exec "/bin/ls" outmsg retval errmsg] # if { $ret } { # puts "$errmsg" # exit # } elseif { $retval } { # puts "process returned : $retval" # exit # } # puts $outmsg proc netwag_exec { cmd poutmsg pretval perrmsg } { upvar $poutmsg outmsg upvar $pretval retval upvar $perrmsg errmsg set outmsg "" netwag_cursor_wait set ret [netwag_popen_init $cmd "r" fd errmsg] if { $ret } { netwag_cursor_default return $ret } while {1} { set data [read $fd 16383] if { [string length $data] == 0 && [eof $fd] } { break } append outmsg "$data" } set ret [netwag_popen_close $fd retval errmsg] netwag_cursor_default return $ret } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_toolhf.tcl0000644000000000000000000001150011776302040021655 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# # used for help and form global netwag_priv_toolhf_curtoolnum ; set netwag_priv_toolhf_curtoolnum -1 global netwag_priv_toolhf_wanttoolnum ; set netwag_priv_toolhf_wanttoolnum -2 ################################################################# # PRIVATE FUNCTIONS ################################################################# proc netwag_priv_toolhf_init { toolnum } { global netwag_priv_toolhelp_help global netwag_priv_toolhelp_example global netwag_priv_toolhelp_usage global netwag_glo_bin_netwox if {![info exist netwag_priv_toolhelp_help($toolnum)]} { set ret [netwag_exec "$netwag_glo_bin_netwox 0 -h -u $toolnum" outmsg retval errmsg] netwag_cursor_default if { $ret } { netwag_msg_add_err "Cannot obtain the help for $toolnum ($errmsg)" return $ret } if { $retval } { netwag_msg_add_err "Help for $toolnum might be incomplete (retgets=$retval)" } eval $outmsg } } ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Fake function for empty message proc netwag_toolform_display_func0 { } { netwag_toolform_add_text "No tool is selected. You have two choices to obtain help :\n - select a tool in Search notebook\n - enter a command (in front of Run button) and press Update button\n" } ## Display description of a tool proc netwag_toolhf_display { } { global netwag_priv_toolhelp_text global netwag_priv_toolhf_curtoolnum global netwag_priv_toolhf_wanttoolnum if {$netwag_priv_toolhf_wanttoolnum == $netwag_priv_toolhf_curtoolnum} { return } if {$netwag_priv_toolhf_wanttoolnum < 0} { # message set msg "No tool is selected. You have two choices to obtain help :\n - select a tool in Search notebook\n - enter a command (in front of Run button) and press Update button\n" $netwag_priv_toolhelp_text configure -state normal $netwag_priv_toolhelp_text delete 1.0 end $netwag_priv_toolhelp_text insert end $msg $netwag_priv_toolhelp_text configure -state disabled netwag_toolform_display 0 return } # reinit help and form $netwag_priv_toolhelp_text configure -state normal $netwag_priv_toolhelp_text delete 1.0 end $netwag_priv_toolhelp_text configure -state disabled netwag_toolform_reinit # query and display (use a temporary variable because # netwag_priv_toolhf_wanttoolnum is global and can be changed between # the toolhf_init and _display) set wanttoolnum $netwag_priv_toolhf_wanttoolnum netwag_priv_toolhf_init $wanttoolnum netwag_toolhelp_display $wanttoolnum netwag_toolform_display $wanttoolnum set netwag_priv_toolhf_curtoolnum $wanttoolnum } ## Called when Update tool is pressed proc netwag_toolhf_button_update {} { if { [netwag_toolcmd_check usercmd toolnum] } { return } set realcmd [netwag_toolcmd_withpassword $usercmd] global netwag_priv_toolhf_wanttoolnum set netwag_priv_toolhf_wanttoolnum $toolnum netwag_toolhf_display # update contents global netwag_glo_bin_netwox netwag_runcmd_file_init $realcmd tmpfilename set ret [netwag_exec "$netwag_glo_bin_netwox 0 -f -b $tmpfilename -u $toolnum" outmsg retval errmsg] if { $ret } { netwag_msg_add_warn "Cannot update command line parameters for tool $toolnum ($errmsg)" netwag_runcmd_file_del $tmpfilename return } if { $retval } { netwag_msg_add_warn "Cannot update tool $toolnum: $outmsg" return } netwag_toolform_uncheck eval $outmsg } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_toolhelp.tcl0000644000000000000000000000546611776302040022226 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_toolhelp_text global netwag_priv_toolhelp_help global netwag_priv_toolhelp_example global netwag_priv_toolhelp_usage ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Display the description of a tool proc netwag_toolhelp_display { toolnum } { global netwag_priv_toolhelp_text global netwag_priv_toolhelp_help $netwag_priv_toolhelp_text configure -state normal $netwag_priv_toolhelp_text delete 1.0 end $netwag_priv_toolhelp_text insert end $netwag_priv_toolhelp_help($toolnum) $netwag_priv_toolhelp_text configure -state disabled } ## Called when Copy example is pressed proc netwag_toolhelp_button_copyex {} { global netwag_priv_toolhf_curtoolnum global netwag_priv_toolhelp_example if {$netwag_priv_toolhf_curtoolnum == -1} { netwag_msg_add_err "No tool is selected" return } netwag_toolcmd_init $netwag_priv_toolhelp_example($netwag_priv_toolhf_curtoolnum) } ## Called when Copy usage is pressed proc netwag_toolhelp_button_copyus {} { global netwag_priv_toolhf_curtoolnum global netwag_priv_toolhelp_usage if {$netwag_priv_toolhf_curtoolnum == -1} { netwag_msg_add_err "No tool is selected" return } netwag_toolcmd_init $netwag_priv_toolhelp_usage($netwag_priv_toolhf_curtoolnum) } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_toolform.tcl0000644000000000000000000010575211776302040022240 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_toolform_cv global netwag_priv_toolform_cvs global netwag_priv_toolform_numobj ; set netwag_priv_toolform_numobj 0 global netwag_priv_toolform_info global netwag_priv_toolform_numradio ; set netwag_priv_toolform_numradio 3 # a bit tricky but necessary to hide passwords global netwag_priv_toolform_hidden global netwag_priv_toolform_hidden_next set netwag_priv_toolform_hidden_next 0 global netwag_priv_toolform_hidden_pattern set netwag_priv_toolform_hidden_pattern(0) "--Hidden-Password-Number-" set netwag_priv_toolform_hidden_pattern(1) "--" ################################################################# # COMMON FUNCTIONS ################################################################# ## Left "[X] -k" proc netwag_common_toolform_add_left_key { numobj key } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused set f1 $netwag_priv_toolform_cvf.key($numobj) checkbutton $f1 -text "" -variable netwag_priv_toolform_info($numobj,isset) -font myfont -bg $netwag_glo_gui_bgcolor_unused -highlightthickness 0 -justify left -takefocus 0 netwag_mw_form $f1 netwag_dynhelp_init $f1 "Indicates if this line has to be generated." grid $f1 -row $numobj -column 1 -sticky ns } proc netwag_common_toolform_del_left_key { numobj } { global netwag_priv_toolform_cvf grid forget $netwag_priv_toolform_cvf.key($numobj) destroy $netwag_priv_toolform_cvf.key($numobj) } ## Right "title" proc netwag_common_toolform_add_right_title { numobj title } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused set f3 $netwag_priv_toolform_cvf.title($numobj) label $f3 -text $title -font myfont -highlightthickness 0 -justify left -bg $netwag_glo_gui_bgcolor_unused -wraplen 0 netwag_mw_form $f3 netwag_dynhelp_init $f3 "Description of field on left." grid $f3 -row $numobj -column 3 -sticky w } proc netwag_common_toolform_del_right_title { numobj } { global netwag_priv_toolform_cvf grid forget $netwag_priv_toolform_cvf.title($numobj) destroy $netwag_priv_toolform_cvf.title($numobj) } proc netwag_common_toolform_resize_right_title { numobj } { global netwag_priv_toolform_cv global netwag_priv_toolform_cvf set leftsize [lindex [grid bbox $netwag_priv_toolform_cvf 2 $numobj] 2] set totalsize [winfo width $netwag_priv_toolform_cv] set freespace [expr $totalsize - $leftsize - 40] $netwag_priv_toolform_cvf.title($numobj) configure -wraplen $freespace } ## Entry proc netwag_common_toolform_entry_tab { c } { if {[regexp "Tab" $c]} { return 0 } if {[regexp "Shift" $c]} { return 0 } return 1 } ################################################################# # PRIVATE FUNCTIONS ################################################################# ######################################################################## ## Generate a button proc netwag_toolform_add_button { isreq key name title defaultval } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused global netwag_priv_toolform_numobj ; set numobj $netwag_priv_toolform_numobj # create "-key" netwag_common_toolform_add_left_key $numobj $key # create "[X]" set f2 $netwag_priv_toolform_cvf.button($numobj) checkbutton $f2 -text "" -variable netwag_priv_toolform_info($numobj,var) -font myfont -bg $netwag_glo_gui_bgcolor_unused -wraplen 0 -justify left -command "set netwag_priv_toolform_info($numobj,isset) 1" netwag_mw_form $f2 netwag_dynhelp_init $f2 "Check or uncheck this button to set or unset variable described on right." grid $f2 -row $numobj -column 2 -sticky wens # create "title" netwag_common_toolform_add_right_title $numobj $title # save info set netwag_priv_toolform_info($numobj,type) "button" set netwag_priv_toolform_info($numobj,isset) $isreq set netwag_priv_toolform_info($numobj,var) $defaultval set netwag_priv_toolform_info($numobj,isreq) $isreq set netwag_priv_toolform_info($numobj,key) $key set netwag_priv_toolform_info($numobj,name) $name set netwag_priv_toolform_info($numobj,defaultval) $defaultval # ready for next incr netwag_priv_toolform_numobj } proc netwag_toolform_gene_button { numobj } { global netwag_priv_toolform_info if {!$netwag_priv_toolform_info($numobj,isset)} { return "" } set name $netwag_priv_toolform_info($numobj,name) if {$netwag_priv_toolform_info($numobj,var)} { return " --$name" } return " --no-$name" } proc netwag_toolform_rst_button { numobj } { global netwag_priv_toolform_info set netwag_priv_toolform_info($numobj,isset) $netwag_priv_toolform_info($numobj,isreq) set netwag_priv_toolform_info($numobj,var) $netwag_priv_toolform_info($numobj,defaultval) } proc netwag_toolform_update_button { numobj value } { global netwag_priv_toolform_info set netwag_priv_toolform_info($numobj,isset) 1 set netwag_priv_toolform_info($numobj,var) $value } proc netwag_toolform_del_button { numobj } { global netwag_priv_toolform_cvf netwag_common_toolform_del_left_key $numobj grid forget $netwag_priv_toolform_cvf.button($numobj) destroy $netwag_priv_toolform_cvf.button($numobj) netwag_common_toolform_del_right_title $numobj } proc netwag_toolform_resize_button { numobj } { netwag_common_toolform_resize_right_title $numobj } ######################################################################## ## Generate a radio button proc netwag_toolform_add_radio { numradio isreq key name title defaultval } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused global netwag_priv_toolform_numobj ; set numobj $netwag_priv_toolform_numobj # create "[X]" set f2 $netwag_priv_toolform_cvf.button($numobj) radiobutton $f2 -text "" -variable netwag_priv_toolform_info(radio,$numradio) -font myfont -bg $netwag_glo_gui_bgcolor_unused -wraplen 0 -justify left -command "set netwag_priv_toolform_info(radio,$numradio,set) 1" -value $name -activebackground $netwag_glo_gui_bgcolor_unused netwag_mw_form $f2 netwag_dynhelp_init $f2 "Check or uncheck this button to set variable described on right." grid $f2 -row $numobj -column 2 -sticky wens if {$defaultval == 1} { $f2 select } # create "title" netwag_common_toolform_add_right_title $numobj $title # save info set netwag_priv_toolform_info($numobj,type) "radio" set netwag_priv_toolform_info($numobj,numradio) $numradio set netwag_priv_toolform_info($numobj,isset) 0 set netwag_priv_toolform_info($numobj,isreq) $isreq set netwag_priv_toolform_info($numobj,key) $key set netwag_priv_toolform_info($numobj,name) $name set netwag_priv_toolform_info($numobj,defaultval) $defaultval # ready for next incr netwag_priv_toolform_numobj } proc netwag_toolform_gene_radio { numradio } { global netwag_priv_toolform_info if {!$netwag_priv_toolform_info(radio,$numradio,set)} { return "" } set name $netwag_priv_toolform_info(radio,$numradio) return " --$name" } proc netwag_toolform_rst_radio { numobj } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info if {$netwag_priv_toolform_info($numobj,defaultval) == 1} { $netwag_priv_toolform_cvf.button($numobj) select } } proc netwag_toolform_update_radio { numobj value } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info if {$value == 1} { set r $netwag_priv_toolform_info($numobj,numradio) set netwag_priv_toolform_info(radio,$r,set) 1 $netwag_priv_toolform_cvf.button($numobj) select } } proc netwag_toolform_del_radio { numobj } { global netwag_priv_toolform_cvf grid forget $netwag_priv_toolform_cvf.button($numobj) destroy $netwag_priv_toolform_cvf.button($numobj) netwag_common_toolform_del_right_title $numobj } proc netwag_toolform_resize_radio { numobj } { netwag_common_toolform_resize_right_title $numobj } ######################################################################## ## Generate an entry proc netwag_toolform_add_entry_show { numobj } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info set f2 $netwag_priv_toolform_cvf.entry($numobj) if {$netwag_priv_toolform_info($numobj,show)} { set netwag_priv_toolform_info($numobj,show) 0 $f2.e configure -show "*" } else { set netwag_priv_toolform_info($numobj,show) 1 $f2.e configure -show "" } } proc netwag_toolform_add_entry_inc { numobj step } { global netwag_priv_toolform_info if {[catch {expr $netwag_priv_toolform_info($numobj,var) + $step} v]} { set v 0 } if {$v < 0} { set v 0 } set netwag_priv_toolform_info($numobj,isset) 1 set netwag_priv_toolform_info($numobj,var) $v } proc netwag_toolform_add_entry_file { numobj } { global netwag_priv_toolform_info set initialdir {} set initialfile {} set oldvalue $netwag_priv_toolform_info($numobj,var) if {![file isdir $oldvalue]} { regsub "^.*/" "$oldvalue" {} initialfile set num 0 while {![file isdir $oldvalue]} { set oldvalue [file dirname $oldvalue] incr num if {$num > 10} { # prevent infinite loop with "r:" under Windows set oldvalue {} break } } } set initialdir $oldvalue set optparadir {} set optparafile {} if {$initialdir != {}} { append optparadir " -initialdir \"$initialdir\"" append optparafile " -initialdir \"$initialdir\"" } if {$initialfile != {}} { append optparafile " -initialfile \"$initialfile\"" } set enttype $netwag_priv_toolform_info($numobj,enttype) if {$enttype == "filerd"} { eval "set filename \[tk_getOpenFile $optparafile\]" } elseif {$enttype == "filewr"} { eval "set filename \[tk_getSaveFile $optparafile\]" } elseif {$enttype == "dirrd"} { eval "set filename \[tk_chooseDirectory -mustexist 1 $optparadir\]" } elseif {$enttype == "dirwr"} { eval "set filename \[tk_chooseDirectory -mustexist 0 $optparadir\]" } else { set filename "Internal error" } set netwag_priv_toolform_info($numobj,isset) 1 set netwag_priv_toolform_info($numobj,var) $filename } proc netwag_toolform_add_entry_hist { numobj } { global netwag_priv_toolform_info set v [netwag_formhist_select $netwag_priv_toolform_info($numobj,enttype)] if {$v == ""} { return } set netwag_priv_toolform_info($numobj,isset) 1 set netwag_priv_toolform_info($numobj,var) $v } proc netwag_toolform_add_entry { enttype isreq key name title defaultval } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused global netwag_glo_gui_bgcolor_text_edit global netwag_glo_gui_bgcolor_button global netwag_priv_toolform_numobj ; set numobj $netwag_priv_toolform_numobj # create "-key" netwag_common_toolform_add_left_key $numobj $key # create "entry [*][-][+][f/d][h]" set f2 $netwag_priv_toolform_cvf.entry($numobj) frame $f2 -bg $netwag_glo_gui_bgcolor_unused grid $f2 -row $numobj -column 2 -sticky we entry $f2.e -textvariable netwag_priv_toolform_info($numobj,var) -font myfont -highlightthickness 0 -bg $netwag_glo_gui_bgcolor_text_edit bind $f2.e "set netwag_priv_toolform_info($numobj,isset) 1" bind $f2.e "if {\[netwag_common_toolform_entry_tab %K\]} { set netwag_priv_toolform_info($numobj,isset) 1 }" netwag_mw_form $f2.e pack $f2.e -side left -expand 1 -fill x netwag_dynhelp_init $f2.e "Enter the value you want in this field." # * label $f2.show -relief raised -text "*" -font myfont -bg $netwag_glo_gui_bgcolor_button -highlightthickness 0 eval "bind $f2.show {netwag_toolform_add_entry_show $numobj}" netwag_dynhelp_init $f2.show "Press to show or hide password." netwag_mw_form $f2.show # - label $f2.less -relief raised -text "-" -font myfont -bg $netwag_glo_gui_bgcolor_button -highlightthickness 0 eval "bind $f2.less {netwag_toolform_add_entry_inc $numobj -1}" eval "bind $f2.less {netwag_toolform_add_entry_inc $numobj -10}" netwag_dynhelp_init $f2.less "Decrease number by 1. If Control key is pressed, decrease by 10." netwag_mw_form $f2.less # + label $f2.more -relief raised -text "+" -font myfont -bg $netwag_glo_gui_bgcolor_button -highlightthickness 0 eval "bind $f2.more {netwag_toolform_add_entry_inc $numobj +1}" eval "bind $f2.more {netwag_toolform_add_entry_inc $numobj +10}" netwag_dynhelp_init $f2.more "Increase number by 1. If Control key is pressed, increase by 10." netwag_mw_form $f2.more # f/d label $f2.file -relief raised -text "f" -font myfont -bg $netwag_glo_gui_bgcolor_button -highlightthickness 0 eval "bind $f2.file {netwag_toolform_add_entry_file $numobj}" netwag_dynhelp_init $f2.file "Press to select a File." netwag_mw_form $f2.file # h label $f2.hist -relief raised -text "h" -font myfont -bg $netwag_glo_gui_bgcolor_button -highlightthickness 0 eval "bind $f2.hist {netwag_toolform_add_entry_hist $numobj}" netwag_dynhelp_init $f2.hist "Press to see History of previous values. They were set in other fields or in other tools." netwag_mw_form $f2.hist # special entry type configuration set netwag_priv_toolform_info($numobj,show) 1 $f2.e configure -show "" if {$enttype == "password"} { $f2.e configure -width 18 pack $f2.show -side left pack forget $f2.less pack forget $f2.more pack forget $f2.file pack forget $f2.hist netwag_toolform_add_entry_show $numobj } elseif {$enttype == "port" || $enttype == "uint32" || $enttype == "int32" || $enttype == "uint64" || $enttype == "int64"} { $f2.e configure -width 15 pack forget $f2.show pack $f2.less -side left pack $f2.more -side left pack forget $f2.file pack $f2.hist -side left } elseif {$enttype == "filerd" || $enttype == "filewr" || $enttype == "dirrd" || $enttype == "dirwr"} { $f2.e configure -width 17 pack forget $f2.show pack forget $f2.less pack forget $f2.more pack $f2.file -side left pack $f2.hist -side left if {$enttype == "filerd" || $enttype == "filewr"} { $f2.file configure -text "f" netwag_dynhelp_change $f2.file "Press to select a File." } else { $f2.file configure -text "d" netwag_dynhelp_change $f2.file "Press to select a Directory." } } else { $f2.e configure -width 20 pack forget $f2.show pack forget $f2.less pack forget $f2.more pack forget $f2.file pack $f2.hist -side left } # create "title" netwag_common_toolform_add_right_title $numobj $title # save info set netwag_priv_toolform_info($numobj,type) "entry" set netwag_priv_toolform_info($numobj,enttype) $enttype set netwag_priv_toolform_info($numobj,isset) $isreq set netwag_priv_toolform_info($numobj,var) $defaultval set netwag_priv_toolform_info($numobj,isreq) $isreq set netwag_priv_toolform_info($numobj,key) $key set netwag_priv_toolform_info($numobj,name) $name set netwag_priv_toolform_info($numobj,defaultval) $defaultval # ready for next incr netwag_priv_toolform_numobj } proc netwag_toolform_gene_entry { numobj } { global netwag_priv_toolform_info global netwag_priv_toolform_hidden global netwag_priv_toolform_hidden_next global netwag_priv_toolform_hidden_pattern if {!$netwag_priv_toolform_info($numobj,isset)} { return "" } set enttype $netwag_priv_toolform_info($numobj,enttype) set name $netwag_priv_toolform_info($numobj,name) set val $netwag_priv_toolform_info($numobj,var) netwag_formhist_add $enttype "$val" if {$enttype == "port" || $enttype == "uint32" || $enttype == "int32" || $enttype == "uint64" || $enttype == "int64" || $enttype == "ip" || $enttype == "ip4" || $enttype == "ip6" || $enttype == "eth" || $enttype == "port"} { return " --$name $val" } set val [netwag_misc_string_replace $val "\\" "\\\\"] set val [netwag_misc_string_replace $val "\"" "\\\""] set val "\"$val\"" if {$enttype == "password"} { set hid $netwag_priv_toolform_hidden_pattern(0) append hid $netwag_priv_toolform_hidden_next append hid $netwag_priv_toolform_hidden_pattern(1) set netwag_priv_toolform_hidden($netwag_priv_toolform_hidden_next) $val incr netwag_priv_toolform_hidden_next return " --$name$hid" } return " --$name $val" } proc netwag_toolform_rst_entry { numobj } { global netwag_priv_toolform_info set netwag_priv_toolform_info($numobj,isset) $netwag_priv_toolform_info($numobj,isreq) set netwag_priv_toolform_info($numobj,var) $netwag_priv_toolform_info($numobj,defaultval) set enttype $netwag_priv_toolform_info($numobj,enttype) if {$enttype == "password"} { set netwag_priv_toolform_info($numobj,show) 1 netwag_toolform_add_entry_show $numobj } } proc netwag_toolform_update_entry { numobj value } { global netwag_priv_toolform_info set netwag_priv_toolform_info($numobj,isset) 1 set netwag_priv_toolform_info($numobj,var) $value } proc netwag_toolform_del_entry { numobj } { global netwag_priv_toolform_cvf netwag_common_toolform_del_left_key $numobj grid forget $netwag_priv_toolform_cvf.entry($numobj) destroy $netwag_priv_toolform_cvf.entry($numobj) netwag_common_toolform_del_right_title $numobj } proc netwag_toolform_resize_entry { numobj } { netwag_common_toolform_resize_right_title $numobj } ######################################################################## ## Generate a listbox proc netwag_toolform_add_listbox { isreq key name title listval defaultval } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused global netwag_glo_gui_bgcolor_listbox global netwag_priv_toolform_numobj ; set numobj $netwag_priv_toolform_numobj # create "-key" netwag_common_toolform_add_left_key $numobj $key # obtain listbox height/width set listboxwidth [string length $defaultval] set listboxheight 0 set listboxscrol 0 set defaultfound 0 foreach val $listval { set len [string length $val] if {$len > $listboxwidth} { set listboxwidth $len } if {$val == $defaultval} { set defaultfound 1 } incr listboxheight } if {!$defaultfound && $defaultval != ""} { incr listboxheight } if {$listboxheight > 6} { set listboxscrol 1 ; set listboxheight 6 } # create listbox set f2 $netwag_priv_toolform_cvf.listbox($numobj) frame $f2 -bg $netwag_glo_gui_bgcolor_unused listbox $f2.l -yscrollcommand "$f2.s set" -font myfont -bg $netwag_glo_gui_bgcolor_listbox -highlightthickness 0 -height $listboxheight -exportselection false -width $listboxwidth scrollbar $f2.s -command "$f2.l yview" -troughcolor $netwag_glo_gui_bgcolor_listbox -highlightthickness 0 -takefocus 0 pack $f2.l -side left -expand 1 -fill y bind $f2.l "focus $f2.l ; set netwag_priv_toolform_info($numobj,isset) 1" bind $f2.l "set netwag_priv_toolform_info($numobj,isset) 1" bind $f2.l "set netwag_priv_toolform_info($numobj,isset) 1" pack $f2.l -side left -expand 1 -fill x netwag_dynhelp_init $f2.l "Select value you want in this field." netwag_dynhelp_init $f2.s "Select value you want in this field." if {$listboxscrol} { pack $f2.s -side left -fill y } else { pack forget $f2.s netwag_mw_form $f2.l } grid $f2 -row $numobj -column 2 -sticky we # create "title" netwag_common_toolform_add_right_title $numobj $title # save info set netwag_priv_toolform_info($numobj,type) "listbox" set netwag_priv_toolform_info($numobj,lb) $f2.l set netwag_priv_toolform_info($numobj,isset) $isreq set netwag_priv_toolform_info($numobj,isreq) $isreq set netwag_priv_toolform_info($numobj,key) $key set netwag_priv_toolform_info($numobj,name) $name set netwag_priv_toolform_info($numobj,listval) $listval set netwag_priv_toolform_info($numobj,defaultval) $defaultval # display entries netwag_toolform_rst_listbox $numobj # ready for next incr netwag_priv_toolform_numobj } proc netwag_toolform_gene_listbox { numobj } { global netwag_priv_toolform_info if {!$netwag_priv_toolform_info($numobj,isset)} { return "" } set name $netwag_priv_toolform_info($numobj,name) set i [lindex [$netwag_priv_toolform_info($numobj,lb) curselection] 0] set val [$netwag_priv_toolform_info($numobj,lb) get $i] set val [netwag_misc_string_replace $val "\\" "\\\\"] set val [netwag_misc_string_replace $val "\"" "\\\""] return " --$name \"$val\"" } proc netwag_toolform_rst_listbox { numobj } { global netwag_priv_toolform_info set netwag_priv_toolform_info($numobj,isset) $netwag_priv_toolform_info($numobj,isreq) $netwag_priv_toolform_info($numobj,lb) delete 0 end set defaultfound 0 if {$netwag_priv_toolform_info($numobj,defaultval) == ""} { set defaultfound 1 } foreach val $netwag_priv_toolform_info($numobj,listval) { $netwag_priv_toolform_info($numobj,lb) insert end $val if {!$defaultfound && $val==$netwag_priv_toolform_info($numobj,defaultval)} { $netwag_priv_toolform_info($numobj,lb) activate end set defaultfound 1 } } if {!$defaultfound} { $netwag_priv_toolform_info($numobj,lb) insert end $netwag_priv_toolform_info($numobj,defaultval) $netwag_priv_toolform_info($numobj,lb) activate end } $netwag_priv_toolform_info($numobj,lb) selection set active $netwag_priv_toolform_info($numobj,lb) see active } proc netwag_toolform_update_listbox { numobj value } { global netwag_priv_toolform_info set isreq netwag_priv_toolform_info($numobj,isreq) set defaultval $netwag_priv_toolform_info($numobj,defaultval) set netwag_priv_toolform_info($numobj,isreq) 1 set netwag_priv_toolform_info($numobj,defaultval) $value netwag_toolform_rst_listbox $numobj set netwag_priv_toolform_info($numobj,isreq) $isreq set netwag_priv_toolform_info($numobj,defaultval) $defaultval } proc netwag_toolform_del_listbox { numobj } { global netwag_priv_toolform_cvf netwag_common_toolform_del_left_key $numobj grid forget $netwag_priv_toolform_cvf.listbox($numobj) destroy $netwag_priv_toolform_cvf.listbox($numobj) netwag_common_toolform_del_right_title $numobj } proc netwag_toolform_resize_listbox { numobj } { netwag_common_toolform_resize_right_title $numobj } ######################################################################## ## Generate a more proc netwag_toolform_add_more { title defaultval } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused global netwag_glo_gui_bgcolor_text_edit global netwag_priv_toolform_numobj ; set numobj $netwag_priv_toolform_numobj # create "- " netwag_common_toolform_add_left_key $numobj " " # create "entry" set f2 $netwag_priv_toolform_cvf.more($numobj) entry $f2 -textvariable netwag_priv_toolform_info($numobj,var) -font myfont -highlightthickness 0 -bg $netwag_glo_gui_bgcolor_text_edit -width 20 bind $f2 "set netwag_priv_toolform_info($numobj,isset) 1" bind $f2 "if {\[netwag_common_toolform_entry_tab %K\]} { set netwag_priv_toolform_info($numobj,isset) 1 }" netwag_mw_form $f2 netwag_dynhelp_init $f2 "Enter value you want in this field." grid $f2 -row $numobj -column 2 -sticky we # create "title" netwag_common_toolform_add_right_title $numobj $title # save info set netwag_priv_toolform_info($numobj,type) "more" set netwag_priv_toolform_info($numobj,isset) 0 set netwag_priv_toolform_info($numobj,var) $defaultval # fake key to allow update set netwag_priv_toolform_info($numobj,key) "-" set netwag_priv_toolform_info($numobj,isreq) 0 set netwag_priv_toolform_info($numobj,defaultval) $defaultval # ready for next incr netwag_priv_toolform_numobj } proc netwag_toolform_gene_more { numobj } { global netwag_priv_toolform_info if {!$netwag_priv_toolform_info($numobj,isset)} { return "" } set val $netwag_priv_toolform_info($numobj,var) if {$val == ""} { return "" } set val [netwag_misc_string_replace $val "\\" "\\\\"] return " $val" } proc netwag_toolform_rst_more { numobj } { global netwag_priv_toolform_info set netwag_priv_toolform_info($numobj,isset) $netwag_priv_toolform_info($numobj,isreq) set netwag_priv_toolform_info($numobj,var) $netwag_priv_toolform_info($numobj,defaultval) } proc netwag_toolform_update_more { numobj value } { global netwag_priv_toolform_info set netwag_priv_toolform_info($numobj,isset) 1 set netwag_priv_toolform_info($numobj,var) $value } proc netwag_toolform_del_more { numobj } { global netwag_priv_toolform_cvf netwag_common_toolform_del_left_key $numobj grid forget $netwag_priv_toolform_cvf.more($numobj) destroy $netwag_priv_toolform_cvf.more($numobj) netwag_common_toolform_del_right_title $numobj } proc netwag_toolform_resize_more { numobj } { netwag_common_toolform_resize_right_title $numobj } ######################################################################## ## Generate a text proc netwag_toolform_add_text { txt } { global netwag_priv_toolform_cvf global netwag_priv_toolform_info global netwag_glo_gui_bgcolor_unused global netwag_glo_gui_bgcolor_text_edit global netwag_priv_toolform_numobj ; set numobj $netwag_priv_toolform_numobj # create "text" on 3 columns set f1 $netwag_priv_toolform_cvf.text($numobj) label $f1 -text $txt -font myfont -highlightthickness 0 -wraplen 0 -justify left -bg $netwag_glo_gui_bgcolor_unused netwag_mw_form $f1 grid $f1 -row $numobj -column 1 -columnspan 3 -sticky w # save info set netwag_priv_toolform_info($numobj,type) "text" set netwag_priv_toolform_info($numobj,key) "fake" set netwag_priv_toolform_info($numobj,isset) 0 set netwag_priv_toolform_info($numobj,var) $txt # set netwag_priv_toolform_info($numobj,isreq) not used # set netwag_priv_toolform_info($numobj,defaultval) not used # ready for next incr netwag_priv_toolform_numobj } proc netwag_toolform_gene_text { numobj } { return "" } proc netwag_toolform_rst_text { numobj } { } proc netwag_toolform_del_text { numobj } { global netwag_priv_toolform_cvf grid forget $netwag_priv_toolform_cvf.text($numobj) destroy $netwag_priv_toolform_cvf.text($numobj) } proc netwag_toolform_resize_text { numobj } { global netwag_priv_toolform_cv global netwag_priv_toolform_cvf set totalsize [winfo width $netwag_priv_toolform_cv] set freespace [expr $totalsize - 40] $netwag_priv_toolform_cvf.text($numobj) configure -wraplen $freespace } ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Uncheck all left buttons proc netwag_toolform_uncheck {} { global netwag_priv_toolform_numobj global netwag_priv_toolform_info global netwag_priv_toolform_numradio for {set i 0} {$i < $netwag_priv_toolform_numobj} {incr i} { set netwag_priv_toolform_info($i,isset) 0 if {$netwag_priv_toolform_info($i,type) == "radio"} { # also reset radio netwag_toolform_rst_radio $i } } for {set i 0} {$i < $netwag_priv_toolform_numradio} {incr i} { set netwag_priv_toolform_info(radio,$i,set) 0 } } ## Called when Generate is pressed proc netwag_toolform_button_gen {} { global netwag_priv_toolform_numobj global netwag_priv_toolform_info global netwag_priv_toolhf_curtoolnum global netwag_priv_toolform_numradio set cmd $netwag_priv_toolhf_curtoolnum for {set i 0} {$i < $netwag_priv_toolform_numobj} {incr i} { if {$netwag_priv_toolform_info($i,type) == "button"} { append cmd [netwag_toolform_gene_button $i] } elseif {$netwag_priv_toolform_info($i,type) == "radio"} { # generated below } elseif {$netwag_priv_toolform_info($i,type) == "entry"} { append cmd [netwag_toolform_gene_entry $i] } elseif {$netwag_priv_toolform_info($i,type) == "listbox"} { append cmd [netwag_toolform_gene_listbox $i] } elseif {$netwag_priv_toolform_info($i,type) == "more"} { append cmd [netwag_toolform_gene_more $i] } elseif {$netwag_priv_toolform_info($i,type) == "text"} { append cmd [netwag_toolform_gene_text $i] } else { set type $netwag_priv_toolform_info($i,type) netwag_msg_add_warn "Cannot generate this type($type $i) of form" } } for {set i 0} {$i < $netwag_priv_toolform_numradio} {incr i} { append cmd [netwag_toolform_gene_radio $i] } netwag_toolcmd_init $cmd } ## Called when Reset is pressed proc netwag_toolform_button_rst {} { global netwag_priv_toolform_numobj global netwag_priv_toolform_info global netwag_priv_toolform_numradio for {set i 0} {$i < $netwag_priv_toolform_numobj} {incr i} { if {$netwag_priv_toolform_info($i,type) == "button"} { netwag_toolform_rst_button $i } elseif {$netwag_priv_toolform_info($i,type) == "radio"} { netwag_toolform_rst_radio $i } elseif {$netwag_priv_toolform_info($i,type) == "entry"} { netwag_toolform_rst_entry $i } elseif {$netwag_priv_toolform_info($i,type) == "listbox"} { netwag_toolform_rst_listbox $i } elseif {$netwag_priv_toolform_info($i,type) == "more"} { netwag_toolform_rst_more $i } elseif {$netwag_priv_toolform_info($i,type) == "text"} { netwag_toolform_rst_text $i } else { set type $netwag_priv_toolform_info($i,type) netwag_msg_add_warn "Cannot reset this type($type $i) of form" } } for {set i 0} {$i < $netwag_priv_toolform_numradio} {incr i} { set netwag_priv_toolform_info(radio,$i,set) 0 } } ## Update values proc netwag_toolform_update { key value } { global netwag_priv_toolform_numobj global netwag_priv_toolform_info for {set i 0} {$i < $netwag_priv_toolform_numobj} {incr i} { if {$netwag_priv_toolform_info($i,key) != $key} { continue } if {$netwag_priv_toolform_info($i,type) == "button"} { netwag_toolform_update_button $i $value } elseif {$netwag_priv_toolform_info($i,type) == "radio"} { netwag_toolform_update_radio $i $value } elseif {$netwag_priv_toolform_info($i,type) == "entry"} { netwag_toolform_update_entry $i $value } elseif {$netwag_priv_toolform_info($i,type) == "listbox"} { netwag_toolform_update_listbox $i $value } elseif {$netwag_priv_toolform_info($i,type) == "more"} { netwag_toolform_update_more $i $value } else { set type $netwag_priv_toolform_info($i,type) netwag_msg_add_warn "Cannot update this type($type $i) of form" } break } } ## To remove all fields proc netwag_toolform_reinit {} { global netwag_priv_toolform_numobj global netwag_priv_toolform_info global netwag_priv_toolform_numradio for {set i 0} {$i < $netwag_priv_toolform_numobj} {incr i} { if {$netwag_priv_toolform_info($i,type) == "button"} { netwag_toolform_del_button $i } elseif {$netwag_priv_toolform_info($i,type) == "radio"} { netwag_toolform_del_radio $i } elseif {$netwag_priv_toolform_info($i,type) == "entry"} { netwag_toolform_del_entry $i } elseif {$netwag_priv_toolform_info($i,type) == "listbox"} { netwag_toolform_del_listbox $i } elseif {$netwag_priv_toolform_info($i,type) == "more"} { netwag_toolform_del_more $i } elseif {$netwag_priv_toolform_info($i,type) == "text"} { netwag_toolform_del_text $i } else { set type $netwag_priv_toolform_info($i,type) netwag_msg_add_warn "Cannot delete this type($type $i) of form" } } set netwag_priv_toolform_numobj 0 for {set i 0} {$i < $netwag_priv_toolform_numradio} {incr i} { set netwag_priv_toolform_info(radio,$i,set) 0 } } ## To resize a displayed form proc netwag_toolform_resize {} { global netwag_priv_toolform_cv global netwag_priv_toolform_cvf global netwag_priv_toolform_cvs global netwag_priv_toolform_numobj global netwag_priv_toolform_info # resize titles netwag_update_idletasks for {set i 0} {$i < $netwag_priv_toolform_numobj} {incr i} { if {$netwag_priv_toolform_info($i,type) == "button"} { netwag_toolform_resize_button $i } elseif {$netwag_priv_toolform_info($i,type) == "radio"} { netwag_toolform_resize_radio $i } elseif {$netwag_priv_toolform_info($i,type) == "entry"} { netwag_toolform_resize_entry $i } elseif {$netwag_priv_toolform_info($i,type) == "listbox"} { netwag_toolform_resize_listbox $i } elseif {$netwag_priv_toolform_info($i,type) == "more"} { netwag_toolform_resize_more $i } elseif {$netwag_priv_toolform_info($i,type) == "text"} { netwag_toolform_resize_text $i } else { set type $netwag_priv_toolform_info($i,type) netwag_msg_add_warn "Cannot resize this type($type $i) of form" } } netwag_update_idletasks # resize scroll region set sh [winfo height $netwag_priv_toolform_cvs] set ah [lindex [grid bbox $netwag_priv_toolform_cvf] 3] if { $ah < $sh } { # otherwise, scrolls strangely set y $sh } else { # +10 to see a little space before end set y [expr $ah + 10] } eval "$netwag_priv_toolform_cv configure -scrollregion {0 0 1 $y}" } ## Display the description of a tool proc netwag_toolform_display { toolnum } { global netwag_priv_toolform_numobj # remove old netwag_toolform_reinit # create new ones eval "netwag_toolform_display_func$toolnum" if {$netwag_priv_toolform_numobj == 1 && $toolnum != 0} { netwag_toolform_add_text "This tool does not need parameters" } # resize correctly netwag_toolform_resize } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_notebook.tcl0000644000000000000000000001552211776302040022212 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_notebook_tabs global netwag_priv_notebook_numtab global netwag_priv_notebook_butnum_pressed global netwag_priv_notebook_resizecb ################################################################# # PRIVATE FUNCTIONS ################################################################# ## Resize the frame proc netwag_priv_notebook_resize { mainframe } { global netwag_priv_notebook_numtab set numtab $netwag_priv_notebook_numtab($mainframe) set w [winfo width $mainframe.body] set h [winfo height $mainframe.body] set h [expr $h - 1] # puts "res $w $h" for {set i 0} {$i < $numtab } {incr i} { $mainframe.body.pf$i.top.c configure -width $w $mainframe.body.pf$i.bot.left.c configure -height $h } # call callback function global netwag_priv_notebook_resizecb if {$netwag_priv_notebook_resizecb($mainframe) != ""} { $netwag_priv_notebook_resizecb($mainframe) } } ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Create the notebook proc netwag_notebook_init { mainframe tabs presscb {resizecb ""}} { global netwag_priv_notebook_tabs global netwag_priv_notebook_numtab global netwag_glo_gui_bgcolor_unused global netwag_priv_notebook_presscb global netwag_priv_notebook_resizecb # set all callbacks set numtab 0 foreach cb $presscb { set netwag_priv_notebook_presscb($mainframe,$numtab) $cb incr numtab } # currently, only one, but we could use a list set netwag_priv_notebook_resizecb($mainframe) $resizecb frame $mainframe frame $mainframe.head -bg $netwag_glo_gui_bgcolor_unused frame $mainframe.body -bg $netwag_glo_gui_bgcolor_unused set numtab 0 foreach ong $tabs { set netwag_priv_notebook_tabs($mainframe,$numtab) $ong button $mainframe.head.b$numtab -text "$ong" -font myfont -highlightthickness 0 pack $mainframe.head.b$numtab -side left -padx 1 incr numtab } set netwag_priv_notebook_numtab($mainframe) $numtab pack $mainframe.head -anchor w -fill x pack $mainframe.body -anchor w -expand 1 -fill both for {set i 0} {$i < $numtab} {incr i} { # create the place frame frame $mainframe.body.pf$i place $mainframe.body.pf$i -x 0 -y 0 # create the frames inside frame $mainframe.body.pf$i.top frame $mainframe.body.pf$i.bot frame $mainframe.body.pf$i.bot.left frame $mainframe.body.pf$i.bot.right pack $mainframe.body.pf$i.top pack $mainframe.body.pf$i.bot -expand 1 -fill both pack $mainframe.body.pf$i.bot.left -side left pack $mainframe.body.pf$i.bot.right -expand 1 -fill both -side left # create the canvas used to force respect of sizes canvas $mainframe.body.pf$i.top.c -width 1 -height 1 -bg white -highlightthickness 0 pack $mainframe.body.pf$i.top.c canvas $mainframe.body.pf$i.bot.left.c -width 1 -height 1 -bg $netwag_glo_gui_bgcolor_unused -highlightthickness 0 pack $mainframe.body.pf$i.bot.left.c # bind the buttons set presscb "netwag_notebook_button_press $mainframe $i" if {[ info exist netwag_priv_notebook_presscb($mainframe,$i)]} { append presscb " ; " append presscb $netwag_priv_notebook_presscb($mainframe,$i) } eval "bind $mainframe.head.b$i { $presscb }" eval "bind $mainframe.head.b$i { $presscb }" eval "bind $mainframe.head.b$i { $presscb }" } eval "bind $mainframe.body {netwag_priv_notebook_resize $mainframe }" # always see first (without callbacks) netwag_notebook_button_press $mainframe 0 0 return $mainframe } ## Simulate the press of a button proc netwag_notebook_button_press { mainframe butnum {callcb 1} } { global netwag_priv_notebook_numtab global netwag_glo_notebook_button_visible_color global netwag_glo_notebook_button_hidden_color global netwag_priv_notebook_butnum_pressed global netwag_priv_notebook_presscb set numtab $netwag_priv_notebook_numtab($mainframe) if { $butnum >= $numtab } { error "netwag_notebook_button_press: butnum > numtab" } set netwag_priv_notebook_butnum_pressed($mainframe) $butnum raise $mainframe.body.pf$butnum for {set i 0} {$i < $numtab} {incr i} { if {$i == $butnum} { $mainframe.head.b$i configure -bg $netwag_glo_notebook_button_visible_color } else { $mainframe.head.b$i configure -bg $netwag_glo_notebook_button_hidden_color } } netwag_update if {$callcb} { if {[ info exist netwag_priv_notebook_presscb($mainframe,$butnum)]} { set presscb $netwag_priv_notebook_presscb($mainframe,$butnum) eval "$presscb" } } } ## Get the frame associated to a button number proc netwag_notebook_frame_get { mainframe butnum } { global netwag_priv_notebook_numtab set numtab $netwag_priv_notebook_numtab($mainframe) if { $butnum >= $numtab } { error "netwag_notebook_frame_get: butnum > numtab" } return $mainframe.body.pf$butnum.bot.right } ## Get the button associated to a button number proc netwag_notebook_button_get { mainframe butnum } { global netwag_priv_notebook_numtab set numtab $netwag_priv_notebook_numtab($mainframe) if { $butnum >= $numtab } { error "netwag_notebook_frame_get: butnum > numtab" } return $mainframe.head.b$butnum } ## Get the button number currently pressed proc netwag_notebook_butnum_get { mainframe } { global netwag_priv_notebook_butnum_pressed return $netwag_priv_notebook_butnum_pressed($mainframe) } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_toolcmd.tcl0000644000000000000000000001151111776302040022025 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_toolcmd_frame global netwag_priv_toolcmd_text global netwag_priv_toolcmd_nw ################################################################# # PRIVATE FUNCTIONS ################################################################# ## Check if the command is empty proc netwag_priv_toolcmd_empty { } { global netwag_priv_toolcmd_text set cmd [$netwag_priv_toolcmd_text get 1.0 end] set cmd [netwag_misc_string_map $cmd {"\r" " " "\n" " "}] set cmd [string trim $cmd] if { $cmd == "" } { return -1 } return 0 } ## Called when Run button is pressed proc netwag_priv_toolcmd_run { } { global netwag_priv_toolcmd_nw global netwag_priv_tool_nb if { [netwag_priv_toolcmd_empty] } { netwag_msg_add_warn "Command is empty. Will try to automatically press on first button." set butnum [netwag_notebook_butnum_get $netwag_priv_tool_nb] if {$butnum == 1} { netwag_toolhelp_button_copyex } elseif {$butnum == 2} { netwag_toolform_button_gen } elseif {$butnum == 4} { netwag_toolhist_button_copy } else { netwag_msg_add_err "Butnum $butnum is not implemented." return } if { ! [netwag_priv_toolcmd_empty] } { netwag_msg_add_info "If you agree with this command, press Run again." } return } # obtain user command (passwords are hidden) if { [netwag_toolcmd_check usercmd toolnum] } { return } # obtain real command containing passwords set realcmd [netwag_toolcmd_withpassword $usercmd] # run netwag_toolhist_add "$usercmd" if { $netwag_priv_toolcmd_nw } { netwag_msg_add_info "Running \"$usercmd\"" netwag_msg_add_info "We cannot check its return value because tool is run in a New Window" netwag_runnw_run $realcmd } else { netwag_toolrun_run $toolnum $realcmd $usercmd } } ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Initialize the command proc netwag_toolcmd_init { cmd } { global netwag_priv_toolcmd_text $netwag_priv_toolcmd_text delete 1.0 end $netwag_priv_toolcmd_text insert end $cmd } ## Hide/show run command proc netwag_toolcmd_hide { } { global netwag_priv_toolcmd_frame pack forget $netwag_priv_toolcmd_frame } proc netwag_toolcmd_show { } { global netwag_priv_toolcmd_frame pack $netwag_priv_toolcmd_frame -side left -expand 1 -fill x } ## Check command proc netwag_toolcmd_check { pcmd ptoolnum } { global netwag_priv_toolcmd_text upvar $pcmd cmd upvar $ptoolnum toolnum set cmd [$netwag_priv_toolcmd_text get 1.0 end] set cmd [netwag_misc_string_map $cmd {"\r" " " "\n" " "}] set cmd [string trim $cmd] set ret [netwag_runcmd_check cmd toolnum] } ## Obtain stored password proc netwag_toolcmd_withpassword { usercmd } { global netwag_priv_toolform_hidden global netwag_priv_toolform_hidden_pattern set re $netwag_priv_toolform_hidden_pattern(0) append re "(\[0-9\]+)" append re $netwag_priv_toolform_hidden_pattern(1) set realcmd $usercmd while {1} { if { ! [regexp -- $re $realcmd foobar n] } { break } set r " " if { [info exists netwag_priv_toolform_hidden($n)] } { set val $netwag_priv_toolform_hidden($n) set val [netwag_misc_string_replace $val "\\" "\\\\"] append r $val } else { append r "password_" append r $n append r "_not_available" } regsub -- $re $realcmd $r realcmd } return $realcmd } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_runnw.tcl0000644000000000000000000000574211776302040021546 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# ################################################################# # PRIVATE FUNCTIONS ################################################################# ################################################################# # PUBLIC FUNCTIONS ################################################################# ## Run a netwox tool in a new window proc netwag_runnw_run { cmd } { global netwag_glo_bin_netwox global netwag_sys_platform global netwag_sys_platform_unix global netwag_sys_platform_windows global netwag_glo_bin_term global netwag_glo_bin_term_param global env global netwag_sys_os; global netwag_sys_os_windows95 global netwag_sys_os_windows98 global netwag_sys_os_windowsme netwag_runcmd_file_init $cmd tmpfilename if {$netwag_sys_platform == $netwag_sys_platform_unix} { # we use "sh -c" in case netwox is not in the path exec $netwag_glo_bin_term $netwag_glo_bin_term_param /bin/sh -c "$netwag_glo_bin_netwox 0 -R -b $tmpfilename" & } elseif {$netwag_sys_platform == $netwag_sys_platform_windows} { # we use "$env(COMSPEC) /c" in case netwox is not in the path if { $netwag_sys_os==$netwag_sys_os_windows95 || $netwag_sys_os==$netwag_sys_os_windows98 || $netwag_sys_os==$netwag_sys_os_windowsme } { exec start $env(COMSPEC) /c $netwag_glo_bin_netwox 0 -R -b $tmpfilename & } else { # because start is not an external command exec $env(COMSPEC) /c start $env(COMSPEC) /c $netwag_glo_bin_netwox 0 -R -b $tmpfilename & } } else { netwag_msg_add_err "I don't know how to run a command on this platform" } # eventually remove command filename after 5000 "netwag_runcmd_file_del $tmpfilename" return 0 } netw-ib-ox-ag-5.39.0/src/netwag-src/src/netwag_dynhelp.tcl0000644000000000000000000001250211776302040022030 0ustar rootroot################################################################# # NETWAG # # Network toolbox # # Copyright(c) 1999-2012 Laurent CONSTANTIN # # http://ntwag.sourceforge.net/ # # laurentconstantin@free.fr # # ----- # # This file is part of Netwag. # # Netwag is free software: you can redistribute it and/or # # modify it under the terms of the GNU General Public License # # version 3 as published by the Free Software Foundation. # # Netwag is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty # # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details # # (http://www.gnu.org/). # #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# ################################################################# # GLOBAL VARIABLES ################################################################# global netwag_priv_dynhelp_afterid global netwag_priv_dynhelp_msg global netwag_priv_dynhelp_name ; set netwag_priv_dynhelp_name ".netwag_priv_dynhelp_w" ################################################################# # PRIVATE FUNCTIONS ################################################################# ## Event handlers bind netwag_priv_dynhelp_evt { global netwag_priv_dynhelp_afterid global netwag_glo_dynhelp_timeout global netwag_session_dynhelp_active if { $netwag_session_dynhelp_active == 0 } {continue} set netwag_priv_dynhelp_afterid [after $netwag_glo_dynhelp_timeout {netwag_priv_dynhelp_display %W %X %Y}] } bind netwag_priv_dynhelp_evt { global netwag_priv_dynhelp_afterid global netwag_glo_dynhelp_timeout global netwag_session_dynhelp_active if { $netwag_session_dynhelp_active == 0 } {continue} after cancel $netwag_priv_dynhelp_afterid if {[winfo exists .netwag_priv_dynhelp] != 1} { set netwag_priv_dynhelp_afterid [after $netwag_glo_dynhelp_timeout {netwag_priv_dynhelp_display %W %X %Y}] } } bind netwag_priv_dynhelp_evt { global netwag_session_dynhelp_active if { $netwag_session_dynhelp_active == 0 } {continue} netwag_priv_dynhelp_destroy } bind netwag_priv_dynhelp_evt