pax_global_header00006660000000000000000000000064130402372340014510gustar00rootroot0000000000000052 comment=264d1a2afbed2dc72fe1cad04f28af15b26a740e packit-1.5/000077500000000000000000000000001304023723400126305ustar00rootroot00000000000000packit-1.5/AUTHORS000066400000000000000000000001761304023723400137040ustar00rootroot00000000000000Darren Bounds Joao Eriberto Mota Filho Robert Krause Sharad B packit-1.5/CONTRIBUTING.md000066400000000000000000000021111304023723400150540ustar00rootroot00000000000000## HOW TO CONTRIBUTE TO PACKIT DEVELOPMENT Packit is available at https://github.com/eribertomota/packit If you are interested in contribute to Packit development, please, follow these steps: 1. Send me a patch that fix an issue or that implement a new feature. Alternatively, you can do a 'pull request'[1] in GitHub. Other good idea is help to remove the building warnings. [1] https://help.github.com/articles/using-pull-requests 2. Ask for join to the Packit project in GitHub, if you want to work officially. Note that this second step is not compulsory. However, to accept you in project, I need a minimum collaboration before. **TIP: now, Packit needs to understand IPv6. Can you implement it?** To find issues and bugs to fix, you can check these addresses: - https://github.com/eribertomota/packit/issues - https://bugs.debian.org/cgi-bin/pkgreport.cgi?dist=unstable;package=packit - https://bugs.launchpad.net/ubuntu/+source/packit/+bugs If you want to join, please contact me: eriberto at eriberto.pro.br -- Eriberto, Mon, 09 May 2016 09:50:53 -0300 packit-1.5/ChangeLog000066400000000000000000000231771304023723400144140ustar00rootroot00000000000000Version 1.5, 2017-01-18 [ Joao Eriberto Mota Filho ], * Updated Makefile.am. [ Robert Krause ], * Fixed all compiling warnings. * Fixed invalid usage of IPv4/Ethernet addresses in ARP header. * Fixed some string pointer conversion problems. [ Sharad B ], * Fixed payload length when given without 0x. * Calculate payload length by strlen. * Simplify the generate_padding() method to avoid calling sprintf() repeatedly. * Redefining ETH_BROADCAST and ETH_DEFAULT for correct behavior. * Fixing formatting string to remove compile time warnings when debug logging is enabled at compile time. * Prefixing all global variables with "g_" to improve code readability. Version 1.1-beta1, 2016-05-22 [ Joao Eriberto Mota Filho ], , 2016 * Added autogen.sh to build basic files for autotools. Consequently, removed some files which can be autogenerated. * Added some documentation files (AUTHORS, UPDATE-CHECK, etc). * Changed the version notifying method. * Adjusted Makefile.am to remove files when doing clean and makeclean. * Changed the homepage of the project in several files. * Fixed spelling errors in some files and in manpage. * Modernized and updated some autotools files. (removed all warnings about autotools) * Removed duplicate lines in manpage. * Some adjustments in manpage. * Updated the FSF address in several files. * Updated the GPL license text in LICENSE file. * Updated all copyright notices. [ Gentoo Linux ], 2015 * Fixed a buffer overflow and allows build using GCC hardening. This fix was taken from Gentoo. See https://gitweb.gentoo.org/repo/gentoo.git/ \ tree/net-analyzer/packit/files/packit-1.0-overflow.patch [ Mats Erik Andersson ], , 2013-06-27 * Implement RARP support (patch sent to Debian via bug #652510). [ Mats Erik Andersson ], , 2013-06-27 * Fix off-by-one string error in some files. * Update configure.in. [ LaMont Jones ], , 2007-09-10 * Allow nostrip (patch created in Debian, closing bug #437731). * Update configure.in to call to pcap-bpf.h instead of net/bpf.h (patch created in Debian). [ Kumar Appaiah ], , 2007-08-26 * Removed references to since now it's sufficient to include , avoiding a fail when building (patch sent to Debian via bug #439482). [ Deniz Adrian ], , 2006-09-06 * Fix a segment fault when using inject-mode with no arguments (patch sent to Debian via bug #386150). [ Dennis Vshivkov ], , 2005-03-10 * Fixed a typo in option parsing code which made -D always random when random -S is used. (patch sent to Debian via bug #298799) ----------------------------------------------------------------------------- 1.0 Darren Bounds ---------------------------------------------- Injection: - Bugfix NULL bytes in the payload (patch contributed by: Jason Copenhaver) General: - Updates to several build routines to support libnet 1.1.2+ 0.7.1 Darren Bounds ---------------------------------------------- Injection: - Bugfix with sequence and acknowledgement number handling from the command-line - Bugfix with random ethernet address generator General: - Usage displayed incorrect default TCP window size 0.7 Darren Bounds ---------------------------------------------- Injection: - Added an option for specifying a packet length in bytes (-Z len) - Added a customizable trace route mode (-m trace) - Hex payload support using '0x' prefix (ie: -p '0x 70 61 63 6B 69 74') - The burst rate max has been removed. Using -c 0 and -b 0 together will send as many packets as possible. - Bugfix with the -o and -O options being reversed or unresponsive in some cases (identified by Peter Markowsky ccs.neu.edu>) - Bugfix with ARP injection init_type (identified by Radu S. rdsor.ro>) ) General: - Bugfix with spec file complaining about hardlink on Redhat 9 (contributed by Florin Andrei andrei.myip.org>) - Bugfix with ICMP type 3 code 4 MTU and padding variables - Packet counters have been changed to 'unsigned long long' thanks to a the changes to the libnet_stats structure in libnet 1.1.1. :) - There were numerous man page functional inconsisencies that are now corrected - Too many other misc bugfixes to mention. 0.6.0d Darren Bounds ---------------------------------------------- Injection - Just added the -V option for RAWIP injection to allow you to specify an IP protocol number (brought on by the recent Cisco IOS DoS posting) 0.6.0c Darren Bounds ---------------------------------------------- General - Bugfix with the bugfix in 0.6.0b :( - Additional configure test proceedures 0.6.0b Darren Bounds ---------------------------------------------- General - Bugfix with pcap_setnonblock.c and conflicting definitions 0.6.0 Darren Bounds ---------------------------------------------- Capture - Removed packet reset support (-R, -RR) - Added full ICMP decoding - pcap_setnonblock() and pcap-int.h are now included in src/contrib for compatibility with older libpcap versions - Bugfix with memory leak in process_packets() (identified by Aapo Tahkola) Injection - Added a host response option (allowing you to see how the remote host responses to your packet) - Added raw IP injection mode option (recommended by Soren MacBeth hushmail.com>) - Count of 0 (-c 0) will inject packets forever (or until Ctrl-C) - Ctrl-C now gives you the option to quit or continue (essentially pausing injection) - Improved injection statistical information - Added UDP/TCP option for random destination port - The port range separator is now "-" rather than ":" (ie: -D 1-1024) - TCP/UDP source port is random by default - ICMP Echo Request/Reply sequence and ID numbers now behave in a more "normal" manner by default - A number of option flags have changed (see the man page) - Burst rate max is now 10000 (requested by Ricardo Panez) - Bugfix with UDP -E flag assigned to incorrect variable (ethr_o.s_addr) (identified by Edward Balduf ieee.org>) - Bugfix with random IPv4 creating Class E addresses and addresses with 0 as the first octet (identified by Adrian Petre Mierlutiu timisoara.roedu.net>) - Bugfix with URG flag being displayed as PSH (identified by Matthew Connor reisonline.com>) - Bugfix with displaying ICMP code 0 being evaluated incorrectly General - libnet_get_prand() has been replaced with my own retrieve_rand_int() - Added redhat spec file for rpm builds (thanks to Bennett Todd rahul.net>) - Additional configure options (--without-capture, --without-injection, --enable-debug) - The getuid() function (which requires UID 0) is now only called only in injection mode - Additional statistical information - Manpage updates - Improved error handling 0.5.0b Darren Bounds ---------------------------------------------- Injection - Bugfix with the UDP header length when injecting multiple packets (identified by Leopoldo Feal netoides.com>) 0.5.0 Darren Bounds ---------------------------------------------- Capture - Added a UDP tear down option (using ICMP port unreachables) - Added hex/ascii packet dump data (ala tcpdump) - Enhanced and organized capture data display - Removed tcpdump style capture mode (why recreate the wheel) Injection - Added full ARP/RARP/IARP support - Added ICMP unreach/redirect/timexceed/timestamp/mask options - Added support for injection port ranges - Added support for random ethernet addresses - Added support for random IPv4 addresses General - MacOS X support (thanks to Mike MacNeill for supplying OS/hardware) - Hundreds of performance and functionality enhancements - Bug fixes 0.4.6 Darren Bounds ---------------------------------------------- Capture - Added a TCP reset option in capture mode General - Bug fixes 0.4.5 Darren Bounds ---------------------------------------------- Capture - Added packet capture count option - Capture statistics General - Added a configure script :) - Added signal handling - Major code reorg for future releases - Bug fixes 0.4.1 Darren Bounds ---------------------------------------------- Injection - Added injection initialization code to solve the ethernet destination header problem General - Bug fixes 0.4.0 Darren Bounds ---------------------------------------------- Capture - Additional packet capture display modes Injection - Added a 'burst' mode for sending multiple packets per second General - Using a more scalable command-line syntax - Bug fixes 0.3.5d Darren Bounds ---------------------------------------------- Capture - Added TOS (type of service) to verbose capture mode - Optimized linklayer display in capture mode Injection - Acknowledgement number is not set by default 0.3.5c Darren Bounds ---------------------------------------------- Injection - Fixed auto-defining source ethernet address bugs - Specifying a destination ethernet address is no longer required General - Added more descriptive error messages packit-1.5/LICENSE000066400000000000000000000431061304023723400136410ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. packit-1.5/Makefile.am000066400000000000000000000024001304023723400146600ustar00rootroot00000000000000# Packit -- network injection and capture tool # # Original author: Darren Bounds # # Copyright 2002 Darren Bounds # Copyright 2016 Joao Eriberto Mota Filho # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # MA 02110-1301, USA. # # packit official page at https://github.com/eribertomota/packit AUTOMAKE_OPTIONS = foreign no-dependencies SUBDIRS = src man EXTRA_DIST = Makefile.am.common distclean-local: rm -rf autom4te.cache rm -f aclocal.m4 compile config.* configure depcomp install-sh \ Makefile.in missing man/Makefile.in src/Makefile.in packit-1.5/README.md000066400000000000000000000045141304023723400141130ustar00rootroot00000000000000# PACKIT **Network injection and capture tool**

**1. HELP THIS PROJECT**
**2. WHAT IS PACKIT?**
**3. BUILDING FROM SOURCE**
-------------------- 1. HELP THIS PROJECT -------------------- Packit needs your help. **If you are a programmer** and if you wants to help a nice project, this is your opportunity. My name is Eriberto and **I am not a C developer**. I imported Packit from its old repository[1] to GitHub (the original homepage and developer are inactive). After this, I applied all patches found in Debian project and other places for this program. All my work was registered in ChangeLog file (version 1.1 and later releases). I also maintain Packit packaged in Debian[2]. If you are interested to help Packit, read the [CONTRIBUTING.md](CONTRIBUTING.md) file. [1] http://packetfactory.openwall.net/projects/packit
[2] https://packages.qa.debian.org/p/packit.html
------------------ 2. WHAT IS PACKIT? ------------------ Packit (PACket toolKIT) is a network auditing tool. It uses libpcap and can make real packages (frames) that are able to travel in a network. Packit also allows one to add personalized payloads. Other good feature is the possibility to read dump files created by tcpdump. Packit has an ability to customize, inject, monitor and manipulate IP traffic. By allowing you to define (spoof) nearly all TCP, UDP, ICMP, IP, ARP, RARP, and Ethernet header options, Packit can be useful for the following scenarios: * tests in firewalls;
* tests in Intrusion Detection Systems (IDS);
* tests in Intrusion Prevention Systems (IPS);
* tests in proxies;
* tests in port scanning detectors;
* network traffic simulations;
* security tests; and
* general TCP/IP auditing and pentests.
Packit is also an excellent tool for learning TCP/IP. However, this program does not support IPv6. (but you can help to implement it) ----------------------- 3. BUILDING FROM SOURCE ----------------------- Packit requires the following elements to compile: * autoconf >= 2.69
* libnet >= 1.1.2
* libpcap >= 0.8
Packit source installation is simple: $ ./autogen.sh $ ./configure $ make Then as 'root': # make install The autogen.sh can be used with the 'clean' option to remove all generated files. Example: $ ./autogen.sh clean packit-1.5/autogen.sh000077500000000000000000000043661304023723400146420ustar00rootroot00000000000000#!/bin/sh # autogen.sh with clean option # Copyright 2016 Joao Eriberto Mota Filho # # This file is under BSD-3-Clause license. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. Neither the name of the authors nor the names of its contributors # may be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # Use clean option if [ "$1" = "clean" -a ! -e Makefile ] then echo "Vanishing the code" rm -rf aclocal.m4 autom4te.cache compile config.guess config.h.in \ config.sub configure depcomp install-sh Makefile.in missing \ man/Makefile.in src/Makefile.in exit 0 fi # Do not use clean option if [ "$1" = "clean" -a -e Makefile ] then echo "I can not clean. Use '$ make distclean'." exit 0 fi # Do autoreconf autoreconf -i \ && { echo " "; \ echo "Done. You can use the 'clean' option to vanish the source code."; \ echo "Example of use: $ ./autogen clean"; \ } \ || { echo "We have a problem..."; exit 1; } packit-1.5/configure.ac000066400000000000000000000171251304023723400151240ustar00rootroot00000000000000# Packit -- network injection and capture tool # # Original author: Darren Bounds # # Copyright 2002-2004 Darren Bounds # Copyright 2007 LaMont Jones # Copyright 2013 Mats Erik Andersson # Copyright 2016 Joao Eriberto Mota Filho # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # MA 02110-1301, USA. # # packit official page at https://github.com/eribertomota/packit AC_PREREQ([2.69]) AC_INIT([packit], [1.5], [https://github.com/eribertomota/packit/issues]) AC_CONFIG_SRCDIR([src/main.c]) AM_INIT_AUTOMAKE AC_CONFIG_HEADERS(config.h) AC_MSG_RESULT(beginning auto-configuration process for packit...) AC_PREFIX_DEFAULT(/usr/local) AM_INIT_AUTOMAKE([subdir-objects]) AC_PROG_CC AC_MSG_CHECKING(for gcc) if test "$GCC" = yes; then CFLAGS="${CFLAGS} -Wall" AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi DEBUG="no" BINS="packit" AC_ARG_ENABLE(debug, [ --enable-debug Enable debugging], [ if test "$GCC" = yes; then DEBUG="yes" CFLAGS="${CFLAGS} -DDEBUG -ggdb" else DEBUG="yes" CFLAGS="${CFLAGS} -DDEBUG" fi ],) AC_ARG_WITH(capture, [ --without-capture Remove packet capture support], with_capture=$withval, with_capture=yes) if test "x$with_capture" = "xyes" ; then with_capture="yes" AC_DEFINE(WITH_CAPTURE, 1, Enable Capture) else with_capture="no" fi AC_ARG_WITH(injection, [ --without-injection Remove packet injection support], with_injection=$withval,with_injection=yes) if test "x$with_injection" = "xyes"; then with_injection="yes" AC_DEFINE(WITH_INJECTION, 1, Enable Injection) else with_injection="no" fi AC_SUBST(BINS) AC_CANONICAL_HOST SHELL="/bin/sh" PACKIT_CPPFLAGS='-I$(top_srcdir) -I$(top_srcdir)/includes' dnl Checks for OS type. case "$host" in *-freebsd*) AC_DEFINE(BSD_DERIVED, 1, OS BSD Derived) AC_DEFINE(FREEBSD, 1, FreeBSD) ;; *-netbsd*) AC_DEFINE(BSD_DERIVED, 1, OS BSD Derived) AC_DEFINE(NETBSD, 1, NetBSD) ;; *-openbsd*) AC_DEFINE(BSD_DERIVED, 1, OS BSD Derived) AC_DEFINE(FREEBSD, 1, OpenBSD) ;; *-apple*) AC_DEFINE(BSD_DERIVED, 1, OS BSD Derived) AC_DEFINE(MACOS, 1, MacOS) LDFLAGS="${LDFLAGS} -L/sw/lib" PACKIT_CPPFLAGS="${PACKIT_CPPFLAGS} -I/sw/include"; ;; *-linux*) AC_DEFINE(SYSV_DERIVED, 1, OS SysV Derived) AC_DEFINE(LINUX, 1, Linux) PACKIT_CPPFLAGS="${PACKIT_CPPFLAGS} -I/usr/include/pcap"; ;; *-solaris*) AC_DEFINE(SYSV_DERIVED, 1, OS SysV Derived) AC_DEFINE(SOLARIS, 1, Solaris) ;; *-aix*) AC_DEFINE(SYSV_DERIVED, 1, OS SysV Derived) AC_DEFINE(AIX, 1, AIX) ;; *-hpux*) AC_DEFINE(SYSV_DERIVED, 1, OS SysV Derived) AC_DEFINE(HPUX, 1, HPUX) ;; esac AC_SUBST(PACKIT_CPPFLAGS) dnl Checks for typedef AC_CHECK_TYPE(u_int8_t, unsigned char) AC_CHECK_TYPE(u_int16_t, unsigned short) AC_CHECK_TYPE(u_int32_t, unsigned int) AC_CHECK_TYPE(u_int64_t, unsigned long long) dnl Checks for header files. AC_CHECK_HEADERS(signal.h pcap-bpf.h sys/time.h) AC_ARG_WITH(libnet_includes, [ --with-libnet-includes=DIR libnet include directory], [with_libnet_includes="$withval"],[with_libnet_includes=no]) if test "$with_libnet_includes" != "no"; then CFLAGS="${CFLAGS} -I${with_libnet_includes}" fi AC_CHECK_HEADERS(libnet.h,, LIBNET="no") if test "$LIBNET" = "no"; then echo "" echo "Error: Can't find libnet 1.1.0 or greater. Visit http://www.packetfactory.net/libnet for the latest version." exit; fi AC_ARG_WITH(libpcap_includes, [ --with-libpcap-includes=DIR libcap include directory], [with_libpcap_includes="$withval"],[with_libpcap_includes=no]) if test "$with_libpcap_includes" != "no"; then CFLAGS="${CFLAGS} -I${with_libpcap_includes}" fi AC_CHECK_HEADERS(pcap.h,, LIBPCAP="no") if test "$LIBNET" = "no"; then echo "" echo "Error: Can't find Libpcap. Visit http://www.tcpdump.org for the latest version." exit; fi dnl Checks for library functions. AC_CHECK_FUNCS(printf fprintf snprintf sprintf strdup strrchr strstr strncasecmp \ strtol strncmp strncat memset malloc gethostbyname gettimeofday getuid \ select setitimer) AC_ARG_WITH(libnet_libraries, [ --with-libnet-libraries=DIR libnet library directory], [with_libnet_libraries="$withval"],[with_libnet_libraries=no]) if test "$with_libnet_libraries" != "no"; then LDFLAGS="${LDFLAGS} -L${with_libnet_libraries}" fi AC_CHECK_LIB(net, libnet_build_ipv4,, LIBNET="no") if test "$LIBNET" = "no"; then echo "" echo "Error: Can't find libnet 1.1.0 or greater. Visit http://www.packetfactory.net/libnet for the latest version." exit; fi AC_ARG_WITH(libpcap_libraries, [ --with-libpcap-libraries=DIR libcap library directory], [with_libpcap_libraries="$withval"],[with_libpcap_libraries=no]) if test "$with_libpcap_libraries" != "no"; then LDFLAGS="${LDFLAGS} -L${with_libpcap_libraries}" fi AC_CHECK_LIB(pcap, pcap_open_live,, LIBPCAP="no") if test "$LIBPCAP" = "no"; then echo "" echo "Error: Can't find Libpcap. Visit http://www.tcpdump.org for the latest version." exit; else AC_CHECK_LIB(pcap, pcap_setnonblock,, SETNONBLOCK="no") if test "$SETNONBLOCK" = "no"; then echo "compensating for lack of pcap_setnonblock()" else AC_DEFINE(HAVE_SETNONBLOCK, 1 , SETNONBLOCK) fi AC_CHECK_LIB(pcap, pcap_freecode,, FREECODE="no") if test "$FREECODE" = "no"; then echo "compensating for lack of pcap_freecode()" else AC_DEFINE(HAVE_FREECODE, 1, FREECODE) fi fi AC_MSG_CHECKING(for bpf) if test -r /dev/bpf0; then AC_DEFINE(HAVE_BPF, 1, BPF) AC_MSG_RESULT(yes) elif test -c /dev/bpf0; then AC_DEFINE(HAVE_BPF, 1, BPF) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi AC_PROG_INSTALL AC_CONFIG_FILES([Makefile src/Makefile man/Makefile src/version.h]) AC_OUTPUT BINDIR=`eval echo ${bindir}`; BINDIR=`eval echo ${BINDIR}`; MANDIR=`eval echo ${mandir}/${mansubdir}`; MANDIR=`eval echo ${MANDIR}`; echo "" echo " _ _ _" echo " _ __ __ _ ___| | _(_) |_" echo "| '_ \ / _\` |/ __| |/ / | __|" echo "| |_) | (_| | (__| <| | |_" echo "| .__/ \__,_|\___|_|\_\_|\__|" echo "|_|" echo "" echo "has been configured with the following options:" echo "-----------------------------------------------" echo "Host type : ${host}" echo "Compiler : ${CC}" echo "Compiler flags : ${CFLAGS}" echo "Linker flags : ${LDFLAGS}" echo "Libraries : ${LIBS}" echo "" echo "Binary : ${BINDIR}" echo "Manual pages : ${MANDIR}" echo "" echo "Injection support : ${with_injection}" echo "Capture support : ${with_capture}" echo "Enable debugging : ${DEBUG}" echo "-----------------------------------------------" echo "" dnl EOF packit-1.5/contrib/000077500000000000000000000000001304023723400142705ustar00rootroot00000000000000packit-1.5/contrib/redhat/000077500000000000000000000000001304023723400155375ustar00rootroot00000000000000packit-1.5/contrib/redhat/packit.spec000066400000000000000000000041271304023723400176720ustar00rootroot00000000000000%define version 1.0 Name: packit Version: %{version} Release: 1 Source: http://packit.sourceforge.net/packit-%{version}.tgz URL: http://packit.sourceforge.net/ License: GPL Group: Networking/Utilities BuildRoot: /var/tmp/%{name}-rpmroot Summary: Network Injection And Capture Tool Vendor: Darren Bounds BuildRequires: libnet >= 1.1.2 Requires: libnet >= 1.1.2 %description Packit is a network auditing tool. It's value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. By allowing you to define (spoof) all TCP, UDP, ICMP, IP, ARP, RARP and Ethernet header options, Packit can be useful in testing firewalls, intrusion detection systems, port scanning, simulating network traffic and general TCP/IP auditing. Packit is also an excellent tool for learning TCP/IP. %prep %setup %build CC='gcc -I/usr/include/pcap' ./configure --prefix=/usr make %install mkdir -p $RPM_BUILD_ROOT/usr make prefix=$RPM_BUILD_ROOT/usr install %changelog * Tue Apr 13 2004 Darren Bounds Updated for 1.0 sources. * Sat Dec 21 2003 Darren Bounds Updated for 0.7.1 sources. * Sat Oct 3 2003 Darren Bounds Updated for 0.7 sources. * Sat Jul 19 2003 William Stearns Updated to 0.6.0d sources. Spec file updates, including listing out what files should be included as docs; the older spec file approach of just including [A-Z]* placed the _entire_ source tree, code, binaries, and everything, under /usr/share/doc/packit-%{version}/. This trims a 900K rpm down to 90K. :-) * Mon Jun 2 2003 Darren Bounds 0.6.0b-1: corrected a small issue on some platforms with pcap_setnonblock.c * Sat May 24 2003 Darren Bounds 0.6.0-1: updated for 0.6.0 release * Wed Mar 12 2003 Bennett Todd 0.5.0-1: initial wrap %files %defattr(-,root,root) %attr(755,root,root) /usr/sbin/packit %attr(644,root,root) /usr/man/man8/packit.8.gz %doc ChangeLog INSTALL LICENSE docs/ICMP.txt %clean rm -rf $RPM_BUILD_ROOT packit-1.5/docs/000077500000000000000000000000001304023723400135605ustar00rootroot00000000000000packit-1.5/docs/ICMP.txt000066400000000000000000000022271304023723400150540ustar00rootroot00000000000000Type: Code: Type/Code Name ------------------------------------- 0: Echo Reply 3: Unreachable 0: Network 1: Host 2: Protocol 3: Port 4: Need Fragment 5: Source Failed 6: Network Unknown 7: Host Unknown 8: Isolated 9: Network Prohibited 10: Host Prohibited 11: Type of Service Network 12: Type of Service Host 13: Filter Prohibited 14: Host Precedence 15: Precedence Cutoff 4: Source Quench 5: Redirect 0: Network Redirect 1: Host Redirect 2: Type of Service Network 3: Type of Serivce Host 8: Echo Request 9: Router Advertise 10: Router Solicit 11: Time Exceeded 0: In transit 1: Reassemble 12: Parameter Problem 1: Option Absent 13: Timestamp Request 14: Timestamp Reply 17: Mask Request 18: Mask Reply packit-1.5/docs/UPDATE-CHECK000066400000000000000000000002661304023723400153040ustar00rootroot00000000000000# by Eriberto # May 2016 When updating, change these files (if needed): - AUTHORS - ChangeLog - CREDITS - configure.ac (VERSION) - manpage (VERSION) - src/version.h.in (P_VERSION) packit-1.5/man/000077500000000000000000000000001304023723400134035ustar00rootroot00000000000000packit-1.5/man/Makefile.am000066400000000000000000000020431304023723400154360ustar00rootroot00000000000000# Packit -- network injection and capture tool # # Original author: Darren Bounds # # Copyright 2002 Darren Bounds # Copyright 2016 Joao Eriberto Mota Filho # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # MA 02110-1301, USA. # # packit official page at https://github.com/eribertomota/packit man_MANS = packit.8 EXTRA_DIST = $(man_MANS) packit-1.5/man/generate-man.sh000077500000000000000000000010541304023723400163050ustar00rootroot00000000000000#!/bin/bash # Generate the manpage # Copyright 2016 Joao Eriberto Mota Filho # This file is under BSD-3-Clause P_DATA="19 Jan 2017" P_NAME=packit P_VERSION=1.5 P_MANLEVEL=8 P_DESCRIPT="Packet analysis and injection tool" TEST=$(txt2man -h 2> /dev/null) [ ! "$TEST" ] && { echo "ERROR: You need install txt2man program."; exit 1; } [ -e $P_NAME.txt ] || { echo "ERROR: $P_NAME.txt not found."; exit 1; } txt2man -d "$P_DATA" -t $P_NAME -r $P_NAME-$P_VERSION -s $P_MANLEVEL -v "$P_DESCRIPT" $P_NAME.txt > $P_NAME.$P_MANLEVEL packit-1.5/man/packit.8000066400000000000000000000413321304023723400147520ustar00rootroot00000000000000.\" Text automatically generated by txt2man .TH packit 8 "19 Jan 2017" "packit-1.5" "Packet analysis and injection tool" .SH NAME \fBPackit \fP- packet analysis and injection tool \fB .SH SYNOPSIS .nf .fam C \fBPacket\fP capture: .nf .fam C \fBpackit\fP \fB-m\fP \fIcapture\fP [\fB-cGHnvsX\fP] [\fB-i\fP \fIinterface\fP] [\fB-r\fP|\fB-w\fP \fIfile\fP] \fIexpression\fP \fBPacket\fP injection: .nf .fam C \fBpackit\fP \fB-m\fP \fIinject\fP [\fB-t\fP \fIprotocol\fP] [\fB-aAbcCdDeFgGhHjJkKlLmMnNoOpPqQrRsSTuUvwWxXyYzZ\fP] [\fB-i\fP \fIinterface\fP] .fam T .fi .fam T .fi .SH DESCRIPTION Packit is a network auditing tool. It's value is derived from its ability to customize, \fIinject\fP, monitor, and manipulate IP traffic. By allowing you to define (spoof) all TCP, UDP, ICMP, IP, ARP, RARP and Ethernet header options, Packit can be useful to test firewalls, intrusion detection systems, port scanning, simulating network traffic and general TCP/IP auditing. Packit is also an excellent tool for learning TCP/IP. .SH PACKIT BASE OPTIONS .TP .B \fB-m\fP mode Select a runtime mode. Currently supported modes are \fIcapture\fP, \fIinject\fP and trace. The default mode is \fIinject\fP. .SH PACKET CAPTURE OPTIONS \fBPacket\fP \fIcapture\fP options are as follows: .TP .B \fB-c\fP count Specify the number of packets to \fIcapture\fP. .TP .B \fB-e\fP Display link-layer header data. .TP .B \fB-G\fP Display the timestamp in GMT rather than localtime. .TP .B \fB-i\fP \fIinterface\fP Listen on \fIinterface\fP. If unspecified, \fBpackit\fP will use the lowest numbered device in the 'up' state (excluding loopback). .TP .B \fB-n\fP Do not resolve host addresses to names but resolve ports numbers. Disables DNS lookups. .TP .B \fB-nn\fP Do not resolve ports numbers to their \fIprotocol\fP names but resolve host addresses. .TP .B \fB-nnn\fP Do not resolve host addresses or port numbers. .TP .B \fB-r\fP \fIfile\fP Read packet data from tcpdump formatted binary log \fIfile\fP. Example: a \fIfile\fP created with \fB-w\fP option. .TP .B \fB-s\fP snaplen Read snaplen bytes of data from each packet rather than the default of 68. .TP .B \fB-v\fP Enables verbose packet \fIcapture\fP. .TP .B \fB-w\fP \fIfile\fP Write the raw packets to \fIfile\fP rather than displaying time to stderr. .TP .B \fB-X\fP Display hexadecimal & ascii dump of each packet up to snap length bytes. .TP .B \fIexpression\fP Selects which packets should be displayed. If no \fIexpression\fP is given, all packets are displayed. This option is based in pcap library. See the \fBpcap-filter\fP(7) manpage for more detailed information. .SH PACKET INJECTION AND TRACE \fBPacket\fP injection is used to define and \fIinject\fP a network traffic onto your network. You have the ability to define essentially any ARP, IP, TCP, UDP, ICMP and Ethernet header value. This can be valuable in a number of ways, including testing firewalls, intrusion detection systems, simulating traffic flow and general TCP/IP auditing. .SH CHOOSE A PROTOCOL .TP .B \fB-t\fP \fIprotocol\fP Specify the type of packet to \fIinject\fP. Supported values are: ARP, RARP, TCP, UDP and ICMP. This option defaults to TCP in \fIinject\fP mode and to ICMP in trace mode. .SH PACKET INJECTION AND TRACE GENERAL This section documents the operational command-line options. .TP .B \fB-c\fP count The value of count is the total number of packets we would like to \fIinject\fP (a count value of 0 means forever). .TP .B \fB-b\fP burst rate Specifies the number of packets to \fIinject\fP every interval (defined by \fB-w\fP). A burst rate of 0 will send packets as quickly as possible. .TP .B \fB-h\fP Host response mode. Enabling this option will print any packet you \fIinject\fP and then wait to see if the remote host responds. See \fB-H\fP option for timeout. .TP .B \fB-H\fP timeout Specify the timeout value (in seconds) to use with '\fB-h\fP'. This value defaults to '1' second. .TP .B \fB-i\fP \fIinterface\fP Specify the \fIinterface\fP to transmit from, if the machine has multiple interfaces. .TP .B \fB-v\fP Verbose injection mode. Displays each packet you \fIinject\fP. It also has the same effect as in \fIcapture\fP mode while used with the '\fB-h\fP' option. .TP .B \fB-p\fP payload This option defines the payload portion of the header. Hex payload should be prefixed with '0x' with each value separated by a whitespace. An ASCII example: \fB-p\fP 'hello, this is my packet'. A Hex example: \fB-p\fP '0x 70 61 63 6B 69 74'. .TP .B \fB-w\fP interval Specify the number of seconds to wait between packet bursts. This value defaults to '1' second. .TP .B \fB-Z\fP length Specify the size of the \fBpacket\fP(s) to \fIinject\fP. The maximum value is 65535. .SH IP HEADER OPTIONS This section documents the IP header command-line options. .TP .B \fB-s\fP src address The IP address the packet will appear to come from. If unspecified, \fBpackit\fP will default to the IP address of the lowest numbered device in the 'up' state, excluding loopback. .TP .B \fB-sR\fP Use a random source IP address. .TP .B \fB-d\fP dst address The IP address of the machine you would like to contact. .TP .B \fB-dR\fP Use a random destination IP address. .TP .B \fB-o\fP type of service TOS values are typically in hexadecimal format, however, \fBpackit\fP only accepts TOS values as integers. Below are the 4 valid TOS bit values: .RS .IP \(bu 3 Minimize delay: 16 (0x10) .IP \(bu 3 Maximize throughput: 8 (0x08) .IP \(bu 3 Maximize reliability: 4 (0x04) .IP \(bu 3 Minimize monetary cost: 2 (0x02) .RE .TP .B \fB-n\fP ID number The ID number is used to identify each datagram sent by a host. It generally increments by one with each datagram sent. This value is random by default. .TP .B \fB-T\fP TTL The TTL value defines the upper limit on the number of devices through which the datagram may pass to reach it's destination. The default value is 128. .TP .B \fB-V\fP IP \fIprotocol\fP number Specify the IP \fIprotocol\fP associated with this packet (RAWIP only). The default value is 255. .SH TCP HEADER OPTIONS This section documents the TCP header command-line options. .TP .B \fB-S\fP src port The port from which our source address is communicating from. This value is random by default. .TP .B \fB-D\fP dst port The port on the destination we would like to communicate on. In \fIinject\fP mode this value is 0 by default while in trace mode this value is random by default. You may also specify a range of addresses in the format: \fB-D\fP 1:1024. .TP .B \fB-f\fP Do not fragment this packet. .TP .B \fB-F\fP tcp flags There are 6 TCP header flag bits. They can be used in combination with one another and are specified using the following identifiers: .RS .IP \(bu 3 S : SYN (Synchronization sequence number) .IP \(bu 3 F : FIN (Sender is finished) .IP \(bu 3 A : ACK (Acknowledgement number is valid) .IP \(bu 3 P : PSH (Receiver should push this data to the remote host) .IP \(bu 3 U : URG (The urgent pointer is valid) .IP \(bu 3 R : RST (Reset this connection) .PP As an example, to set the SYN and FIN bits use the following: \fB-F\fP SF .RE .TP .B \fB-q\fP sequence number The sequence number is a 32-bit unsigned (positive) number used to identify the byte in a stream of data from the sending TCP to the receiving TCP that the first byte of data represents. .TP .B \fB-a\fP ack number The acknowledgement (ack) number defines the next sequence number that the sender of the ack expects to see. It is typically the sequence number + 1 during valid TCP communication. It is a 32-bit unsigned (positive) number. .TP .B \fB-W\fP window size The window size provides flow control. It is a 16-bit number that defines how many bytes the receiver is willing to accept. The default value is 1500. .TP .B \fB-u\fP urgent pointer In valid TCP communication, the urgent pointer is only useful if the URG flag is set. Used with the sequence number, it points to the last byte of urgent data. .SH UDP HEADER OPTIONS This section documents the UDP header command-line options. UDP is the default IP \fIprotocol\fP for TRACE mode. .TP .B \fB-S\fP src port The port from which our source address is communicating from. This value is random by default. .TP .B \fB-D\fP dst port The port on the destination we would like to communicate on. In \fIinject\fP mode this value is 0 by default while in trace mode this value is random by default. You may also specify a range of addresses in the format: \fB-D\fP 1:1024. .SH ICMP HEADER OPTIONS This section documents the ICMP header command-line options. .TP .B \fB-K\fP type Specify the ICMP type. See docs/ICMP.txt for details on types. On Debian systems this \fIfile\fP can be found at /usr/share/doc/\fBpackit\fP/ICMP.txt. .TP .B \fB-C\fP code Specify the ICMP code. See docs/ICMP.txt for details on codes. On Debian systems this \fIfile\fP can be found at /usr/share/doc/\fBpackit\fP/ICMP.txt. .SS ICMP ECHO REQUEST AND ECHO REPLY OPTIONS .TP .B \fB-N\fP id number Define the 16-bit ICMP identification number. This value is random by default. .TP .B \fB-Q\fP sequence number Define the 16-bit ICMP sequence number. This value is random by default. .SS ICMP UNREACHABLE OR REDIRECT OR TIME EXCEEDED OPTIONS .TP .B \fB-g\fP gateway Define the gateway in which to redirect traffic to. This option is only used for ICMP redirects (type 5). .TP .B \fB-j\fP address Define the source address of the original packet. .TP .B \fB-J\fP src port Define the source port of the original packet. .TP .B \fB-l\fP address Define the destination address of the original packet. .TP .B \fB-L\fP dst port Define the destination port of the original packet. .TP .B \fB-m\fP time to live Define the Time To Live of the original packet. This option defaults to 128. .TP .B \fB-M\fP id Define the IP ID of the original packet. This option defaults to random. .TP .B \fB-O\fP type of service Define the Type of Service of the original packet. See the \fB-o\fP option for the possible values. .TP .B \fB-P\fP \fIprotocol\fP Define the \fIprotocol\fP of the original packet. This option defaults to UDP. .SS MASK REQUEST AND MASK REPLY OPTIONS .TP .B \fB-N\fP id number Define the 16-bit ICMP identification number. This value is random by default. .TP .B \fB-Q\fP sequence number Define the 16-bit ICMP sequence number. This value is random by default. .TP .B \fB-G\fP address mask Define the address network mask. The default value for this option is 255.255.255.0. .SS TIMESTAMP REQUEST AND TIMESTAMP REPLY OPTIONS .TP .B \fB-N\fP id number Define the 16-bit ICMP identification number. This value is random by default. .TP .B \fB-Q\fP sequence number Define the 16-bit ICMP sequence number. This value is random by default. .TP .B \fB-U\fP original timestamp Define the 32-bit original timestamp. This value is 0 by default. .TP .B \fB-k\fP received timestamp Define the 32-bit received timestamp. This value is 0 by default. .TP .B \fB-z\fP transmit timestamp Define the 32-bit transmit timestamp. This value is 0 by default. .SH ARP AND RARP HEADER OPTIONS This section documents the ARP/RARP header command-line options. These options have the ability to do the most damage with the least effort, especially on large cable and DSL networks. Use with caution. .PP Packit only supports ARP/RARP \fIprotocol\fP addresses in IPv4 format .TP .B \fB-A\fP operation type Define the ARP / RARP / IRARP operation type. The valid options are as follows: .RS .IP \(bu 3 1 : ARP Request (Default for ARP packages) .IP \(bu 3 2 : ARP Reply .IP \(bu 3 3 : Reverse ARP Request (Default for RARP packages) .IP \(bu 3 4 : Reverse ARP Reply .IP \(bu 3 5 : Inverse ARP Request .IP \(bu 3 6 : Inverse ARP Reply .RE .TP .B \fB-y\fP target IP address The IP address of the target host. .TP .B \fB-yR\fP Use a random target host IP address. .TP .B \fB-Y\fP target ethernet address The Ethernet (hardware) address of the target host. .TP .B \fB-YR\fP Usage a random target host Ethernet address. .TP .B \fB-x\fP sender IP address The IP address of the sender host. .TP .B \fB-xR\fP Use a random sender host IP address. .TP .B \fB-X\fP sender ethernet address The Ethernet (hardware) address of the sender host. .TP .B \fB-XR\fP Usage a random sender host Ethernet address. .SH ETHERNET HEADER OPTIONS This section documents the Ethernet header command-line options. .TP .B \fB-e\fP src ethernet address The Ethernet (hardware) address the packet will appear to come from. If not defined, the original Ethernet address will be used. .TP .B \fB-eR\fP Use a random source Ethernet address. If you define this, you will most likely need to define the destination Ethernet header value as well. When using either \fB-e\fP or \fB-E\fP, you enable link level packet injection and the destination cannot be auto-defined while injecting in this manner. .TP .B \fB-E\fP dst ethernet address The Ethernet (hardware) of the next routable \fIinterface\fP which the packet will cross while making it's way to the destination. .TP .B \fB-ER\fP Use a random destination Ethernet address. The following two rules should be followed if you actually want the destination to receive the packets you're sending: .RS .IP 1. 4 If the destination exists beyond your default route (gateway), the destination Ethernet address should be set to the default routes Ethernet address. This can typically be found by using the \fBarp\fP(8) command. .IP 2. 4 If the destination exists on your subnet, the destination Ethernet address should be set to its Ethernet address. This can typically be found by using the \fBarp\fP(8) command. .SH PACKET CAPTURE EXAMPLES Print all TCP communications that doesn't revolve around SSH (port 22): .PP .nf .fam C # packit -m cap 'tcp and not port 22' .fam T .fi Print the start and end packets (the SYN and FIN packets) of each TCP conversation that involves a non-local host, don't resolve addresses and display hex/ascii dump of the packet: .PP .nf .fam C # packit -m cap -nX 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet' .fam T .fi Write the first 10 ICMP packets captured to a \fIfile\fP: .PP .nf .fam C # packit -m cap -c 10 -w /tmp/mylog 'icmp' .fam T .fi .SH PACKET INJECTION EXAMPLES Inject 10 ICMP type 8 (echo request) packets from host '3.1.33.7' to host '192.168.0.1' and watch for a response: .PP .nf .fam C # packit -t icmp -s 3.1.33.7 -d 192.168.0.1 -c 10 -h .fam T .fi Inject an ICMP type 18 (mask reply) packet with an ICMP id of 211 and an address mask of 255.255.255.0: .PP .nf .fam C # packit -t icmp -K 18 -d 127.0.0.1 -N 211 -G 255.255.255.0 .fam T .fi Inject 5 TCP packets from random hosts to 'www.example.com' with the SYN flag set, a window size of 666, a random source Ethernet address, a destination Ethernet address of 00:53:00:0f:00:0d, with a payload of "HI JOHN", displaying each packet injected. .PP .nf .fam C # packit -sR -d www.example.com -F S -c 5 -W 666 -eR -E 00:53:00:0f:00:0d -p 'HI JOHN' -v .fam T .fi or simplifying the MAC address: .PP .nf .fam C # packit -sR -d www.example.com -F S -c 5 -W 666 -eR -E 0:53:0:f:00:d -p 'HI JOHN' -v .fam T .fi Inject a total of 1000 TCP packets in 20 packet per second bursts from 192.168.0.1 on port 403 to 192.168.0.20 on port 80 with the SYN and RST flags set, a sequence number of 12345678910 and a source Ethernet address of 0:0:0:0:0:0: .PP .nf .fam C # packit -s 192.168.0.1 -d 192.168.0.20 -S 403 -D 80 -F SR -q 12345678910 -c 1000 -b 20 -e 0:0:0:0:0:0 .fam T .fi Inject a TCP packets from 10.22.41.6 to 172.16.1.3 on ports ranging from 1-1024 with the SYN flag set and display each packet we send: .PP .nf .fam C # packit -s 10.22.41.6 -d 172.16.1.3 -D 1-1024 -F S -v .fam T .fi Inject a broadcast ARP reply stating that 4.3.2.1 is at 00:53:00:01:02:03. Also, spoof the source Ethernet address for a little more authenticity and supply the payload in hex: .PP .nf .fam C # packit -t arp -A 2 -x 4.3.2.1 -X 5:4:3:2:1:0 -e 00:53:00:01:02:03 -p '0x 70 61 63 6B 69 74' .fam T .fi .SH TRACE ROUTE EXAMPLES Appear as a DNS response by using a UDP source port of 53 (DNS): .PP .nf .fam C # packit -m trace -t UDP -d 192.168.2.35 -S 53 .fam T .fi Appear as HTTP traffic by using TCP port 80: .PP .nf .fam C # packit -m trace -t TCP -d www.google.com -S 80 -FS .fam T .fi .SH SEE ALSO \fBarp\fP(8), \fBpcap\fP(3), \fBpcap-filter\fP(7), \fBtcpdump\fP(1) .SH BUGS .IP \(bu 3 Due to limitations in some versions of *BSD, specifying arbitrary Ethernet and/or ARP header data may not be supported. .IP \(bu 3 ARP \fIcapture\fP data is incomplete. .IP \(bu 3 Please send bug reports, questions, requests, fixes and pull requests to https://github.com/eribertomota/\fBpackit\fP/issues .SH AUTHOR The original author of \fBpackit\fP is Darren Bounds. The current project maintainer is Joao Eriberto Mota Filho. There are other new authors. Please, see AUTHORS \fIfile\fP in source code. To help in development, see CONTRIBUTING.md. On Debian systems, these files will be available at /usr/share/doc/\fBpackit\fP/. .PP The latest version of Packit can be found at https://github.com/eribertomota/\fBpackit\fP packit-1.5/man/packit.txt000066400000000000000000000407271304023723400154310ustar00rootroot00000000000000NAME Packit - packet analysis and injection tool SYNOPSIS Packet capture: packit -m capture [-cGHnvsX] [-i interface] [-r|-w file] expression Packet injection: packit -m inject [-t protocol] [-aAbcCdDeFgGhHjJkKlLmMnNoOpPqQrRsSTuUvwWxXyYzZ] [-i interface] DESCRIPTION Packit is a network auditing tool. It's value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. By allowing you to define (spoof) all TCP, UDP, ICMP, IP, ARP, RARP and Ethernet header options, Packit can be useful to test firewalls, intrusion detection systems, port scanning, simulating network traffic and general TCP/IP auditing. Packit is also an excellent tool for learning TCP/IP. PACKIT BASE OPTIONS -m mode Select a runtime mode. Currently supported modes are capture, inject and trace. The default mode is inject. PACKET CAPTURE OPTIONS Packet capture options are as follows: -c count Specify the number of packets to capture. -e Display link-layer header data. -G Display the timestamp in GMT rather than localtime. -i interface Listen on interface. If unspecified, packit will use the lowest numbered device in the 'up' state (excluding loopback). -n Do not resolve host addresses to names but resolve ports numbers. Disables DNS lookups. -nn Do not resolve ports numbers to their protocol names but resolve host addresses. -nnn Do not resolve host addresses or port numbers. -r file Read packet data from tcpdump formatted binary log file. Example: a file created with -w option. -s snaplen Read snaplen bytes of data from each packet rather than the default of 68. -v Enables verbose packet capture. -w file Write the raw packets to file rather than displaying time to stderr. -X Display hexadecimal & ascii dump of each packet up to snap length bytes. expression Selects which packets should be displayed. If no expression is given, all packets are displayed. This option is based in pcap library. See the pcap-filter(7) manpage for more detailed information. PACKET INJECTION AND TRACE Packet injection is used to define and inject a network traffic onto your network. You have the ability to define essentially any ARP, IP, TCP, UDP, ICMP and Ethernet header value. This can be valuable in a number of ways, including testing firewalls, intrusion detection systems, simulating traffic flow and general TCP/IP auditing. CHOOSE A PROTOCOL -t protocol Specify the type of packet to inject. Supported values are: ARP, RARP, TCP, UDP and ICMP. This option defaults to TCP in inject mode and to ICMP in trace mode. PACKET INJECTION AND TRACE GENERAL This section documents the operational command-line options. -c count The value of count is the total number of packets we would like to inject (a count value of 0 means forever). -b burst rate Specifies the number of packets to inject every interval (defined by -w). A burst rate of 0 will send packets as quickly as possible. -h Host response mode. Enabling this option will print any packet you inject and then wait to see if the remote host responds. See -H option for timeout. -H timeout Specify the timeout value (in seconds) to use with '-h'. This value defaults to '1' second. -i interface Specify the interface to transmit from, if the machine has multiple interfaces. -v Verbose injection mode. Displays each packet you inject. It also has the same effect as in capture mode while used with the '-h' option. -p payload This option defines the payload portion of the header. Hex payload should be prefixed with '0x' with each value separated by a whitespace. An ASCII example: -p 'hello, this is my packet'. A Hex example: -p '0x 70 61 63 6B 69 74'. -w interval Specify the number of seconds to wait between packet bursts. This value defaults to '1' second. -Z length Specify the size of the packet(s) to inject. The maximum value is 65535. IP HEADER OPTIONS This section documents the IP header command-line options. -s src address The IP address the packet will appear to come from. If unspecified, packit will default to the IP address of the lowest numbered device in the 'up' state, excluding loopback. -sR Use a random source IP address. -d dst address The IP address of the machine you would like to contact. -dR Use a random destination IP address. -o type of service TOS values are typically in hexadecimal format, however, packit only accepts TOS values as integers. Below are the 4 valid TOS bit values: - Minimize delay: 16 (0x10) - Maximize throughput: 8 (0x08) - Maximize reliability: 4 (0x04) - Minimize monetary cost: 2 (0x02) -n ID number The ID number is used to identify each datagram sent by a host. It generally increments by one with each datagram sent. This value is random by default. -T TTL The TTL value defines the upper limit on the number of devices through which the datagram may pass to reach it's destination. The default value is 128. -V IP protocol number Specify the IP protocol associated with this packet (RAWIP only). The default value is 255. TCP HEADER OPTIONS This section documents the TCP header command-line options. -S src port The port from which our source address is communicating from. This value is random by default. -D dst port The port on the destination we would like to communicate on. In inject mode this value is 0 by default while in trace mode this value is random by default. You may also specify a range of addresses in the format: -D 1:1024. -f Do not fragment this packet. -F tcp flags There are 6 TCP header flag bits. They can be used in combination with one another and are specified using the following identifiers: - S : SYN (Synchronization sequence number) - F : FIN (Sender is finished) - A : ACK (Acknowledgement number is valid) - P : PSH (Receiver should push this data to the remote host) - U : URG (The urgent pointer is valid) - R : RST (Reset this connection) As an example, to set the SYN and FIN bits use the following: -F SF -q sequence number The sequence number is a 32-bit unsigned (positive) number used to identify the byte in a stream of data from the sending TCP to the receiving TCP that the first byte of data represents. -a ack number The acknowledgement (ack) number defines the next sequence number that the sender of the ack expects to see. It is typically the sequence number + 1 during valid TCP communication. It is a 32-bit unsigned (positive) number. -W window size The window size provides flow control. It is a 16-bit number that defines how many bytes the receiver is willing to accept. The default value is 1500. -u urgent pointer In valid TCP communication, the urgent pointer is only useful if the URG flag is set. Used with the sequence number, it points to the last byte of urgent data. UDP HEADER OPTIONS This section documents the UDP header command-line options. UDP is the default IP protocol for TRACE mode. -S src port The port from which our source address is communicating from. This value is random by default. -D dst port The port on the destination we would like to communicate on. In inject mode this value is 0 by default while in trace mode this value is random by default. You may also specify a range of addresses in the format: -D 1:1024. ICMP HEADER OPTIONS This section documents the ICMP header command-line options. -K type Specify the ICMP type. See docs/ICMP.txt for details on types. On Debian systems this file can be found at /usr/share/doc/packit/ICMP.txt. -C code Specify the ICMP code. See docs/ICMP.txt for details on codes. On Debian systems this file can be found at /usr/share/doc/packit/ICMP.txt. ICMP ECHO REQUEST AND ECHO REPLY OPTIONS -N id number Define the 16-bit ICMP identification number. This value is random by default. -Q sequence number Define the 16-bit ICMP sequence number. This value is random by default. ICMP UNREACHABLE OR REDIRECT OR TIME EXCEEDED OPTIONS -g gateway Define the gateway in which to redirect traffic to. This option is only used for ICMP redirects (type 5). -j address Define the source address of the original packet. -J src port Define the source port of the original packet. -l address Define the destination address of the original packet. -L dst port Define the destination port of the original packet. -m time to live Define the Time To Live of the original packet. This option defaults to 128. -M id Define the IP ID of the original packet. This option defaults to random. -O type of service Define the Type of Service of the original packet. See the -o option for the possible values. -P protocol Define the protocol of the original packet. This option defaults to UDP. MASK REQUEST AND MASK REPLY OPTIONS -N id number Define the 16-bit ICMP identification number. This value is random by default. -Q sequence number Define the 16-bit ICMP sequence number. This value is random by default. -G address mask Define the address network mask. The default value for this option is 255.255.255.0. TIMESTAMP REQUEST AND TIMESTAMP REPLY OPTIONS -N id number Define the 16-bit ICMP identification number. This value is random by default. -Q sequence number Define the 16-bit ICMP sequence number. This value is random by default. -U original timestamp Define the 32-bit original timestamp. This value is 0 by default. -k received timestamp Define the 32-bit received timestamp. This value is 0 by default. -z transmit timestamp Define the 32-bit transmit timestamp. This value is 0 by default. ARP AND RARP HEADER OPTIONS This section documents the ARP/RARP header command-line options. These options have the ability to do the most damage with the least effort, especially on large cable and DSL networks. Use with caution. Packit only supports ARP/RARP protocol addresses in IPv4 format -A operation type Define the ARP / RARP / IRARP operation type. The valid options are as follows: - 1 : ARP Request (Default for ARP packages) - 2 : ARP Reply - 3 : Reverse ARP Request (Default for RARP packages) - 4 : Reverse ARP Reply - 5 : Inverse ARP Request - 6 : Inverse ARP Reply -y target IP address The IP address of the target host. -yR Use a random target host IP address. -Y target ethernet address The Ethernet (hardware) address of the target host. -YR Usage a random target host Ethernet address. -x sender IP address The IP address of the sender host. -xR Use a random sender host IP address. -X sender ethernet address The Ethernet (hardware) address of the sender host. -XR Usage a random sender host Ethernet address. ETHERNET HEADER OPTIONS This section documents the Ethernet header command-line options. -e src ethernet address The Ethernet (hardware) address the packet will appear to come from. If not defined, the original Ethernet address will be used. -eR Use a random source Ethernet address. If you define this, you will most likely need to define the destination Ethernet header value as well. When using either -e or -E, you enable link level packet injection and the destination cannot be auto-defined while injecting in this manner. -E dst ethernet address The Ethernet (hardware) of the next routable interface which the packet will cross while making it's way to the destination. -ER Use a random destination Ethernet address. The following two rules should be followed if you actually want the destination to receive the packets you're sending: 1. If the destination exists beyond your default route (gateway), the destination Ethernet address should be set to the default routes Ethernet address. This can typically be found by using the arp(8) command. 2. If the destination exists on your subnet, the destination Ethernet address should be set to its Ethernet address. This can typically be found by using the arp(8) command. PACKET CAPTURE EXAMPLES Print all TCP communications that doesn't revolve around SSH (port 22): # packit -m cap 'tcp and not port 22' Print the start and end packets (the SYN and FIN packets) of each TCP conversation that involves a non-local host, don't resolve addresses and display hex/ascii dump of the packet: # packit -m cap -nX 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet' Write the first 10 ICMP packets captured to a file: # packit -m cap -c 10 -w /tmp/mylog 'icmp' PACKET INJECTION EXAMPLES Inject 10 ICMP type 8 (echo request) packets from host '3.1.33.7' to host '192.168.0.1' and watch for a response: # packit -t icmp -s 3.1.33.7 -d 192.168.0.1 -c 10 -h Inject an ICMP type 18 (mask reply) packet with an ICMP id of 211 and an address mask of 255.255.255.0: # packit -t icmp -K 18 -d 127.0.0.1 -N 211 -G 255.255.255.0 Inject 5 TCP packets from random hosts to 'www.example.com' with the SYN flag set, a window size of 666, a random source Ethernet address, a destination Ethernet address of 00:53:00:0f:00:0d, with a payload of "HI JOHN", displaying each packet injected. # packit -sR -d www.example.com -F S -c 5 -W 666 -eR -E 00:53:00:0f:00:0d -p 'HI JOHN' -v or simplifying the MAC address: # packit -sR -d www.example.com -F S -c 5 -W 666 -eR -E 0:53:0:f:00:d -p 'HI JOHN' -v Inject a total of 1000 TCP packets in 20 packet per second bursts from 192.168.0.1 on port 403 to 192.168.0.20 on port 80 with the SYN and RST flags set, a sequence number of 12345678910 and a source Ethernet address of 0:0:0:0:0:0: # packit -s 192.168.0.1 -d 192.168.0.20 -S 403 -D 80 -F SR -q 12345678910 -c 1000 -b 20 -e 0:0:0:0:0:0 Inject a TCP packets from 10.22.41.6 to 172.16.1.3 on ports ranging from 1-1024 with the SYN flag set and display each packet we send: # packit -s 10.22.41.6 -d 172.16.1.3 -D 1-1024 -F S -v Inject a broadcast ARP reply stating that 4.3.2.1 is at 00:53:00:01:02:03. Also, spoof the source Ethernet address for a little more authenticity and supply the payload in hex: # packit -t arp -A 2 -x 4.3.2.1 -X 5:4:3:2:1:0 -e 00:53:00:01:02:03 -p '0x 70 61 63 6B 69 74' TRACE ROUTE EXAMPLES Appear as a DNS response by using a UDP source port of 53 (DNS): # packit -m trace -t UDP -d 192.168.2.35 -S 53 Appear as HTTP traffic by using TCP port 80: # packit -m trace -t TCP -d www.google.com -S 80 -FS SEE ALSO arp(8), pcap(3), pcap-filter(7), tcpdump(1) BUGS - Due to limitations in some versions of *BSD, specifying arbitrary Ethernet and/or ARP header data may not be supported. - ARP capture data is incomplete. - Please send bug reports, questions, requests, fixes and pull requests to https://github.com/eribertomota/packit/issues AUTHOR The original author of packit is Darren Bounds. The current project maintainer is Joao Eriberto Mota Filho. There are other new authors. Please, see AUTHORS file in source code. To help in development, see CONTRIBUTING.md. On Debian systems, these files will be available at /usr/share/doc/packit/. The latest version of Packit can be found at https://github.com/eribertomota/packit packit-1.5/src/000077500000000000000000000000001304023723400134175ustar00rootroot00000000000000packit-1.5/src/Makefile.am000066400000000000000000000044621304023723400154610ustar00rootroot00000000000000# Packit -- network injection and capture tool # # Original author: Darren Bounds # # Copyright 2002-2004 Darren Bounds # Copyright 2007 LaMont Jones # Copyright 2016 Joao Eriberto Mota Filho # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # MA 02110-1301, USA. # # packit official page at https://github.com/eribertomota/packit EXTRA_PROGRAMS = packit sbin_PROGRAMS = @BINS@ common_SOURCES = init.c \ define_defaults.c \ error.c \ injection.c \ capture.c \ shape_arp_hdr.c \ shape_tcp_hdr.c \ shape_udp_hdr.c \ shape_icmpv4_hdr.c \ shape_ipv4_hdr.c \ shape_ethernet_hdr.c \ shape_packet.c \ utils.c \ stats.c \ contrib/pcap_setnonblock.c packit_SOURCES = ${common_SOURCES} \ usage.c \ exit.c \ main.c \ print_ts.c \ print_arp_hdr.c \ print_tcp_hdr.c \ print_udp_hdr.c \ print_icmpv4_hdr.c \ print_ipv4_hdr.c \ print_ethernet_hdr.c \ print_pktdump.c \ print_capture.c \ print_injection.c packit_LDFLAGS= AM_CPPFLAGS = $(PACKIT_CPPFLAGS) packit-1.5/src/capture.c000066400000000000000000000072501304023723400152320ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "capture.h" void process_packets(u_int8_t *user, struct pcap_pkthdr *pkthdr, u_int8_t *packet) { print_capture(pkthdr, packet); return; } void capture_init(const char *filter, u_int64_t cnt) { u_int32_t d_link, localnet, netmask; pcap_dumper_t *p_dumper = NULL; struct bpf_program bpf; #ifdef DEBUG fprintf(stdout, "DEBUG: capture_init()\n"); #endif memset(&bpf, 0, sizeof(struct bpf_program)); signal(SIGTERM, capture_clean_exit); signal(SIGINT, capture_clean_exit); signal(SIGQUIT, capture_clean_exit); signal(SIGHUP, capture_clean_exit); if(strlen(g_r_file) > 0) { if((g_pkt = pcap_open_offline(g_r_file, error_buf)) == NULL) fatal_error("Unable to open file: %s", error_buf); } else { if(g_device == NULL) if((g_device = pcap_lookupdev(error_buf)) == NULL) fatal_error("%s: Check device permissions", error_buf); if((g_pkt = pcap_open_live(g_device, g_snap_len, 1, READ_TIMEOUT, error_buf)) == NULL) fatal_error("Unable to open device: %s", error_buf); } if(strlen(g_w_file) > 0) { #ifdef DEBUG fprintf(stdout, "DEBUG: Writing to capture file: %s\n", g_w_file); #endif if((p_dumper = pcap_dump_open(g_pkt, g_w_file)) == NULL) fatal_error("Unable to initialize packet capture: %s", pcap_geterr(g_pkt)); g_display--; } if(pcap_lookupnet(g_device, &localnet, &netmask, error_buf) < 0) fprintf(stderr, "\nWarning: Unable to lookup network: %s\n", error_buf); if(pcap_compile(g_pkt, &bpf, filter, 0, netmask) < 0) fprintf(stderr, "\nWarning: Unable to compile packet filters: %s\n", pcap_geterr(g_pkt)); if(pcap_setfilter(g_pkt, &bpf) < 0) fatal_error("Unable to set packet filters: %s", pcap_geterr(g_pkt)); #ifdef HAVE_FREECODE pcap_freecode(&bpf); #endif /* HAVE_FREECODE */ if((d_link = pcap_datalink(g_pkt)) < 0) fatal_error("Unable to determine datalink type: %s", pcap_geterr(g_pkt)); g_hdr_len = retrieve_datalink_hdr_len(d_link); fprintf(stdout, "Mode: Packet Capture "); if(strlen(g_r_file) > 0) fprintf(stdout, "using file: %s ", g_r_file); else fprintf(stdout, "using device: %s ", g_device); if(filter) fprintf(stdout, "[%s]", filter); fprintf(stdout, "\n"); if(pcap_loop(g_pkt, cnt, (g_display == 1) ? (pcap_handler)process_packets : (pcap_handler)pcap_dump, (g_display == 1) ? NULL : (u_int8_t *)p_dumper) < 0) { fatal_error("Unable to initialize pcap_loop: %s", pcap_geterr(g_pkt)); } capture_clean_exit(SUCCESS); return; } packit-1.5/src/capture.h000066400000000000000000000023731304023723400152400ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __CAPTURE_H #define __CAPTURE_H #include "globals.h" #include "capture_defs.h" #include "print_capture.h" void process_packets(u_int8_t *, struct pcap_pkthdr *, u_int8_t *); void capture_init(const char *, u_int64_t); #endif /* __CAPTURE_H */ packit-1.5/src/capture_defs.h000066400000000000000000000024501304023723400162350ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __CAPTURE_DEFS_H #define __CAPTURE_DEFS_H #define READ_TIMEOUT 500 #define SNAPLEN_DEFAULT 68 u_int16_t g_display; u_int16_t g_link_layer; u_int16_t g_dump_pkt; u_int16_t g_time_gmt; u_int16_t g_t_rst; u_int16_t g_snap_len; u_int32_t g_pkt_rst; #endif /* __CAPTURE_DEFS_H */ packit-1.5/src/contrib/000077500000000000000000000000001304023723400150575ustar00rootroot00000000000000packit-1.5/src/contrib/pcap-int.h000066400000000000000000000143021304023723400167430ustar00rootroot00000000000000/* * Copyright (c) 1994, 1995, 1996 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the Computer Systems * Engineering Group at Lawrence Berkeley Laboratory. * 4. Neither the name of the University nor of the Laboratory may be used * to endorse or promote products derived from this software without * specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#) $Header: /tcpdump/master/libpcap/pcap-int.h,v 1.33 2001/08/24 07:46:52 guy Exp $ (LBL) */ #ifndef pcap_int_h #define pcap_int_h #ifdef __cplusplus extern "C" { #endif #include /* * Savefile */ struct pcap_sf { FILE *rfile; int swapped; int hdrsize; int version_major; int version_minor; u_char *base; }; struct pcap_md { struct pcap_stat stat; /*XXX*/ int use_bpf; /* using kernel filter */ u_long TotPkts; /* can't oflow for 79 hrs on ether */ u_long TotAccepted; /* count accepted by filter */ u_long TotDrops; /* count of dropped packets */ long TotMissed; /* missed by i/f during this run */ long OrigMissed; /* missed by i/f before this run */ #ifdef linux int sock_packet; /* using Linux 2.0 compatible interface */ int timeout; /* timeout specified to pcap_open_live */ int clear_promisc; /* must clear promiscuous mode when we close */ int cooked; /* using SOCK_DGRAM rather than SOCK_RAW */ int lo_ifindex; /* interface index of the loopback device */ char *device; /* device name */ struct pcap *next; /* list of open promiscuous sock_packet pcaps */ #endif }; struct pcap { int fd; int snapshot; int linktype; int tzoff; /* timezone offset */ int offset; /* offset for proper alignment */ struct pcap_sf sf; struct pcap_md md; /* * Read buffer. */ int bufsize; u_char *buffer; u_char *bp; int cc; /* * Place holder for pcap_next(). */ u_char *pkt; /* * Placeholder for filter code if bpf not in kernel. */ struct bpf_program fcode; char errbuf[PCAP_ERRBUF_SIZE]; }; /* * This is a timeval as stored in disk in a dumpfile. * It has to use the same types everywhere, independent of the actual * `struct timeval' */ struct pcap_timeval { bpf_int32 tv_sec; /* seconds */ bpf_int32 tv_usec; /* microseconds */ }; /* * How a `pcap_pkthdr' is actually stored in the dumpfile. * * Do not change the format of this structure, in any way (this includes * changes that only affect the length of fields in this structure), * and do not make the time stamp anything other than seconds and * microseconds (e.g., seconds and nanoseconds). Instead: * * introduce a new structure for the new format; * * send mail to "tcpdump-workers@tcpdump.org", requesting a new * magic number for your new capture file format, and, when * you get the new magic number, put it in "savefile.c"; * * use that magic number for save files with the changed record * header; * * make the code in "savefile.c" capable of reading files with * the old record header as well as files with the new record header * (using the magic number to determine the header format). * * Then supply the changes to "patches@tcpdump.org", so that future * versions of libpcap and programs that use it (such as tcpdump) will * be able to read your new capture file format. */ struct pcap_sf_pkthdr { struct pcap_timeval ts; /* time stamp */ bpf_u_int32 caplen; /* length of portion present */ bpf_u_int32 len; /* length this packet (off wire) */ }; /* * How a `pcap_pkthdr' is actually stored in dumpfiles written * by some patched versions of libpcap (e.g. the ones in Red * Hat Linux 6.1 and 6.2). * * Do not change the format of this structure, in any way (this includes * changes that only affect the length of fields in this structure). * Instead, introduce a new structure, as per the above. */ struct pcap_sf_patched_pkthdr { struct pcap_timeval ts; /* time stamp */ bpf_u_int32 caplen; /* length of portion present */ bpf_u_int32 len; /* length this packet (off wire) */ int index; unsigned short protocol; unsigned char pkt_type; }; int yylex(void); #ifndef min #define min(a, b) ((a) > (b) ? (b) : (a)) #endif /* XXX should these be in pcap.h? */ int pcap_offline_read(pcap_t *, int, pcap_handler, u_char *); int pcap_read(pcap_t *, int cnt, pcap_handler, u_char *); /* * Ultrix, DEC OSF/1^H^H^H^H^H^H^H^H^HDigital UNIX^H^H^H^H^H^H^H^H^H^H^H^H * Tru64 UNIX, and NetBSD pad to make everything line up on a nice boundary. */ #if defined(ultrix) || defined(__osf__) || defined(__NetBSD__) #define PCAP_FDDIPAD 3 #endif #ifndef HAVE_STRLCPY #define strlcpy(x, y, z) \ (strncpy((x), (y), (z)), \ ((z) <= 0 ? 0 : ((x)[(z) - 1] = '\0')), \ strlen((y))) #endif #ifdef linux void pcap_close_linux(pcap_t *); #endif /* XXX */ extern int pcap_fddipad; int install_bpf_program(pcap_t *, struct bpf_program *); #ifdef __cplusplus } #endif #endif packit-1.5/src/contrib/pcap_setnonblock.c000066400000000000000000000050701304023723400205510ustar00rootroot00000000000000/* * Copyright (c) 1993, 1994, 1995, 1996, 1997, 1998 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the Computer Systems * Engineering Group at Lawrence Berkeley Laboratory. * 4. Neither the name of the University nor of the Laboratory may be used * to endorse or promote products derived from this software without * specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include "../globals.h" #include "pcap-int.h" #include #define PCAP_ERRBUF_MAX 256 int setnonblock(pcap_t *pt, int nonblock, char *errbuf) { int fdflags; fdflags = fcntl(pt->fd, F_GETFL, 0); if (fdflags == -1) { snprintf(pt->errbuf, PCAP_ERRBUF_SIZE, "F_GETFL: %s", pcap_strerror(errno)); return (-1); } if (nonblock) fdflags |= O_NONBLOCK; else fdflags &= ~O_NONBLOCK; if (fcntl(pt->fd, F_SETFL, fdflags) == -1) { snprintf(pt->errbuf, PCAP_ERRBUF_SIZE, "F_SETFL: %s", pcap_strerror(errno)); return (-1); } return (0); } packit-1.5/src/define_defaults.c000066400000000000000000000033331304023723400167060ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2015 Gentoo Linux * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "define_defaults.h" void define_injection_defaults() { g_cnt = (g_p_mode == M_INJECT) ? 1 : 30; g_inj_cnt = 1; g_cap_cnt = 0; g_rawip = 0; g_s_port = 0; g_rand_s_port = 1; // g_s_d_port = "0"; g_s_d_port = malloc(4); strcpy((char*)g_s_d_port, "0"); g_d_port = 0; g_rand_d_port = (g_p_mode == M_TRACE) ? 1 : 0; g_r_timeout = 1; g_burst_rate = 1; g_init_type = 1; g_interval_sec = 1; g_interval_usec = 0; g_payload = NULL; g_payload_len = 0; g_hdr_len = 0; g_display = 1; g_verbose = 0; g_resolve = 1; g_link_layer = 0; g_resolve = 0; return; } packit-1.5/src/define_defaults.h000066400000000000000000000021371304023723400167140ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __DEFINE_DEFAULTS_H #define __DEFINE_DEFAULTS_H #include "globals.h" void define_injection_defaults(); #endif /* __DEFINE_DEFAULTS_H */ packit-1.5/src/error.c000066400000000000000000000024451304023723400147210ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2016 Robert Krause * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "error.h" void fatal_error(char *err,...) { va_list va; #ifdef DEBUG fprintf(stdout, "DEBUG: fatal_error()\n"); #endif va_start(va, err); vsnprintf(error_buf, ERRBUF_MAXLEN, err, va); fprintf(stderr, "\nError: %s\n", error_buf); exit(FAILURE); return; } packit-1.5/src/error.h000066400000000000000000000023541304023723400147250ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2016 Robert Krause * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __ERROR_H #define __ERROR_H #include "globals.h" #define ERRBUF_MAXLEN 512 #define SUCCESS 1 #define FAILURE -1 char error_buf[ERRBUF_MAXLEN]; void fatal_error(char *,...); #endif /* __ERROR_H */ packit-1.5/src/exit.c000066400000000000000000000037331304023723400145420ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2015 Gentoo Linux * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "exit.h" void injection_clean_exit(int sig) { char a[2]; #ifdef DEBUG fprintf(stdout, "DEBUG: injection_clean_exit(%d)\n", sig); #endif if(sig == SIGINT) { while(1) { fprintf(stderr, "\n\nWould you like to quit? (y/n): "); fgets(a, 2, stdin); if(!strncasecmp(a, "Y", 1)) break; else if(!strncasecmp(a, "N", 1)) return; } } injection_stats(); libnet_destroy(g_pkt_d); fprintf(stdout, "\n"); #ifdef DEBUG fprintf(stdout, "DEBUG: Good-Bye\n"); #endif exit(SUCCESS); return; } void capture_clean_exit(int sig) { #ifdef DEBUG fprintf(stdout, "\nDEBUG: capture_clean_exit() SIG: %d\n", sig); #endif fprintf(stdout, "\n"); capture_stats(); pcap_close(g_pkt); fprintf(stdout, "\n"); exit(SUCCESS); return; } packit-1.5/src/exit.h000066400000000000000000000023061304023723400145420ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __EXIT_H #define __EXIT_H #include "globals.h" #include "inject_defs.h" #include "capture_defs.h" #include "utils.h" #include "stats.h" #include "error.h" void capture_clean_exit(int); void injection_clean_exit(int); #endif /* __EXIT_H */ packit-1.5/src/globals.h000066400000000000000000000146201304023723400152160ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2007 Kumar Appaiah * Copyright 2016-2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __GLOBALS_H #define __GLOBALS_H #ifndef __HAVE_CONFIG_H #define __HAVE_CONFIG_H #include "../config.h" #endif #include #include #include #include #include #include #include #include #include #include #include "utils.h" #include "usage.h" #include "error.h" #include "exit.h" #include "version.h" #define IPV4_DEFAULT 0x00000000 /* 0.0.0.0 */ #define IPV4_BROADCAST "255.255.255.255" #define MASK_DEFAULT "255.255.255.0" #define ETH_DEFAULT "00:00:00:00:00:00" #define ETH_BROADCAST "ff:ff:ff:ff:ff:ff" #define ARP_H 0x1c /* ARP header: 28 bytes */ #define DNS_H 0xc /* DNS header base: 12 bytes */ #define ETH_H 0xe /* Etherner header: 14 bytes */ #define ICMPV4_H 0x4 /* ICMP header base: 4 bytes */ #define ICMPV6_H 0x08 /* ICMP6 header base: 8 bytes */ #define ICMPV4_ECHO_H 0x8 /* ICMP_ECHO header: 8 bytes */ #define ICMPV4_MASK_H 0xc /* ICMP_MASK header: 12 bytes */ #define ICMPV4_UNREACH_H 0x8 /* ICMP_UNREACH header: 8 bytes */ #define ICMPV4_TIMXCEED_H 0x8 /* ICMP_TIMXCEED header: 8 bytes */ #define ICMPV4_REDIRECT_H 0x8 /* ICMP_REDIRECT header: 8 bytes */ #define ICMPV4_TSTAMP_H 0x14 /* ICMP_TIMESTAMP headr:20 bytes */ #define IPV4_H 0x14 /* IP header: 20 bytes */ #define IPV6_H 0x28 /* IPv6 header: 40 bytes */ #define TCP_H 0x14 /* TCP header: 20 bytes */ #define UDP_H 0x8 /* UDP header: 8 bytes */ #define ICMP_ECHOREPLY 0 /* echo reply */ #define ICMP_UNREACH 3 /* dest unreachable, codes: */ #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */ #define ICMP_ECHO 8 /* echo request */ #define ICMP_ROUTERADVERT 9 /* router advertisement */ #define ICMP_ROUTERSOLICIT 10 /* router solicitation */ #define ICMP_TIMXCEED 11 /* time exceeded, code: */ #define ICMP_PARAMPROB 12 /* ip header bad */ #define ICMP_TSTAMP 13 /* timestamp request */ #define ICMP_TSTAMPREPLY 14 /* timestamp reply */ #define ICMP_IREQ 15 /* information request */ #define ICMP_IREQREPLY 16 /* information reply */ #define ICMP_MASKREQ 17 /* address mask request */ #define ICMP_MASKREPLY 18 /* address mask reply */ #define ICMP_TRACEROUTE 30 /* some misc traceroute type */ /* UNREACH codes */ #define ICMP_UNREACH_NET 0 /* bad net */ #define ICMP_UNREACH_HOST 1 /* bad host */ #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */ #define ICMP_UNREACH_PORT 3 /* bad port */ #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */ #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */ #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */ #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */ #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */ #define ICMP_UNREACH_NET_PROHIB 9 /* net denied */ #define ICMP_UNREACH_HOST_PROHIB 10 /* host denied */ #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */ #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */ #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohib */ #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host prec vio. */ #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* prec cutoff */ /* REDIRECT codes */ #define ICMP_REDIRECT_NET 0 /* for network */ #define ICMP_REDIRECT_HOST 1 /* for host */ #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */ #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */ /* TIMEXCEED codes */ #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */ #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */ /* PARAMPROB code */ #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */ #define ETHERTYPE_IP 0x0800 /* internet protocol */ #define ETHERTYPE_ARP 0x0806 /* addr. resolution protocol */ #define ETHERTYPE_REVARP 0x8035 /* reverse addr. resolution protocol */ #define OPT_MAXLEN 32 #define M_INJECT 1 #define M_INJECT_RESPONSE 2 #define M_INJECT_CONNECT 3 #define M_TRACE 4 #define M_CAPTURE 10 #define M_CAPTURE_RESET 11 #define P_UINT8 0xFF #define P_INT16 0x7FFF #define P_UINT16 0xFFFF #define P_INT32 0x7FFFFFFF #define P_UINT32 0xFFFFFFFF #define P_INT64 0x7FFFFFFFFFFFFFFF #define P_UINT64 0xFFFFFFFFFFFFFFFF char g_w_file[OPT_MAXLEN]; char g_r_file[OPT_MAXLEN]; pcap_t *g_pkt; u_int8_t g_tr_fin; char *g_filter; char *g_device; u_int16_t g_hdr_len; u_int16_t g_pkt_len; u_int16_t g_verbose; u_int16_t g_resolve; u_int16_t g_p_mode; u_int64_t g_cnt; u_int64_t g_inj_cnt; u_int64_t g_cap_cnt; #endif /* __GLOBALS_H */ packit-1.5/src/init.c000066400000000000000000000060011304023723400145230ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "init.h" void injection_struct_init() { memset(&g_ehdr_o, 0, sizeof(struct enethdr_opts)); g_ehdr_o.d_addr = NULL; g_ehdr_o.s_addr = NULL; memset(&g_ahdr_o, 0, sizeof(struct arphdr_opts)); g_ahdr_o.op_type = ARPOP_REQUEST; g_ahdr_o.s_paddr = IPV4_DEFAULT; g_ahdr_o.s_eaddr = (u_int8_t *) ETH_DEFAULT; g_ahdr_o.r_paddr = IPV4_DEFAULT; g_ahdr_o.r_eaddr = (u_int8_t *) ETH_DEFAULT; memset(&g_ip4hdr_o, 0, sizeof(struct ip4hdr_opts)); g_ip4hdr_o.ttl = (g_p_mode == M_INJECT) ? 128 : 1; g_ip4hdr_o.frag = 0; g_ip4hdr_o.tos = 0; g_ip4hdr_o.sum = 0; g_ip4hdr_o.id = 0; g_ip4hdr_o.rand_id = 1; memset(&g_thdr_o, 0, sizeof(struct tcphdr_opts)); g_thdr_o.s_port = (u_int16_t)retrieve_rand_int(P_UINT16); g_thdr_o.d_port = 0; g_thdr_o.urg = 0; g_thdr_o.ack = 0; g_thdr_o.psh = 0; g_thdr_o.rst = 0; g_thdr_o.syn = 0; g_thdr_o.fin = 0; g_thdr_o.urp = 0; g_thdr_o.win = 65535; g_thdr_o.ackn = 0; g_thdr_o.seqn = 0; g_thdr_o.rand_seqn = 1; memset(&g_uhdr_o, 0, sizeof(struct udphdr_opts)); g_uhdr_o.s_port = (u_int16_t)retrieve_rand_int(P_UINT16); g_uhdr_o.d_port = 0; g_uhdr_o.sum = 0; memset(&g_i4hdr_o, 0, sizeof(struct icmp4hdr_opts)); g_i4hdr_o.type = 8; g_i4hdr_o.code = 0; g_i4hdr_o.id = (u_int16_t)retrieve_rand_int(P_UINT16); g_i4hdr_o.seqn = (u_int16_t)retrieve_rand_int(P_UINT16); g_i4hdr_o.rand_gw = 0; g_i4hdr_o.gw = NULL; g_i4hdr_o.orig_id = 0; g_i4hdr_o.rand_orig_id = 0; g_i4hdr_o.orig_tos = 0; g_i4hdr_o.orig_ttl = 128; g_i4hdr_o.orig_p = IPPROTO_UDP; g_i4hdr_o.orig_sum = 1; g_i4hdr_o.mask = NULL; ; g_i4hdr_o.orig_s_addr = NULL; g_i4hdr_o.rand_orig_s_addr = 0; g_i4hdr_o.orig_d_addr = NULL; g_i4hdr_o.rand_orig_d_addr = 0; g_i4hdr_o.orig_d_port = 0; g_i4hdr_o.rand_orig_d_port = 0; g_i4hdr_o.orig_s_port = 0; g_i4hdr_o.rand_orig_s_port = 0; g_i4hdr_o.otime = 0; g_i4hdr_o.rtime = 0; g_i4hdr_o.ttime = 0; return; } packit-1.5/src/init.h000066400000000000000000000021231304023723400145310ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __INIT_H #define __INIT_H #include "globals.h" #include "inject_defs.h" void injection_struct_init(); #endif /* __INIT_H */ packit-1.5/src/inject_defs.h000066400000000000000000000140311304023723400160440ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * Copyright 2016-2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __INJECTION_STRUCTS_H #define __INJECTION_STRUCTS_H struct ip4hdr_opts { u_int16_t p; /* protocol type */ u_int16_t rand_p; u_int16_t tos; /* type of service */ u_int16_t sum; /* checksum */ u_int16_t ttl; /* time to live */ u_int16_t rand_ttl; u_int16_t frag; /* fragment option */ u_int16_t id; /* id number */ u_int16_t rand_id; u_int8_t *s_addr; /* src address string */ u_int8_t *src_addr_o1; u_int8_t *src_addr_o2; u_int8_t *src_addr_o3; u_int8_t *src_addr_o4; u_int32_t n_saddr; /* src address network byte order */ u_int16_t rand_s_addr; u_int8_t *d_addr; /* dst address string */ u_int8_t *dst_addr_o1; u_int8_t *dst_addr_o2; u_int8_t *dst_addr_o3; u_int8_t *dst_addr_o4; u_int32_t n_daddr; /* dst address network byte order */ u_int16_t rand_d_addr; } g_ip4hdr_o; struct tcphdr_opts { u_int16_t s_port; /* tcp source port */ u_int16_t d_port; /* tcp destination port */ char flags[6]; /* total number of possible flags */ u_int16_t urg; /* tcp urg flag */ u_int16_t ack; /* tcp ack flag */ u_int16_t psh; /* tcp psh flag */ u_int16_t rst; /* tcp rst flag */ u_int16_t syn; /* tcp syn flag */ u_int16_t fin; /* tcp fin flag */ u_int16_t urp; /* tcp urg pointer */ u_int16_t rand_urp; u_int32_t ackn; /* tcp ack number */ u_int32_t rand_ackn; /* random acknowledgement number */ u_int32_t seqn; /* tcp seq number */ u_int16_t rand_seqn; /* random sequence number (default) */ u_int16_t win; /* tcp window size */ u_int16_t rand_win; /* random tcp window size */ } g_thdr_o; struct udphdr_opts { u_int16_t s_port; /* udp source port */ u_int16_t d_port; /* udp destination port */ u_int16_t sum; /* udp checksum */ } g_uhdr_o; struct icmp4hdr_opts { u_int16_t type; /* icmp4 type */ u_int16_t code; /* icmp4 code */ u_int16_t id; /* icmp4 id number */ u_int16_t rand_id; u_int16_t seqn; /* icmp4 sequence number */ u_int16_t rand_seqn; u_int8_t *gw; /* gateway redirect address */ u_int16_t rand_gw; u_int16_t orig_id; /* original id */ u_int16_t rand_orig_id; /* original id */ u_int16_t orig_ttl; /* original ttl */ u_int16_t orig_tos; /* original type of service */ u_int16_t orig_sum; /* original checksum */ u_int16_t orig_p; /* original protocol */ u_int8_t *orig_s_addr; /* original source address */ u_int16_t rand_orig_s_addr; u_int16_t orig_s_port; /* original source port */ u_int16_t rand_orig_s_port; u_int8_t *orig_d_addr; /* original destination address */ u_int16_t rand_orig_d_addr; u_int16_t orig_d_port; /* original destination port */ u_int16_t rand_orig_d_port; u_int8_t *mask; /* icmp4 mask */ u_int32_t otime; /* original timestamp */ u_int32_t rtime; /* recieved timestamp */ u_int32_t ttime; /* transmit timestamp */ } g_i4hdr_o; struct enethdr_opts { u_int16_t rand_s_addr; u_int16_t rand_d_addr; u_int8_t *s_addr; /* source ethernet address string */ u_int8_t shw_addr[18]; u_int8_t *d_addr; /* destination ethernet address string */ u_int8_t dhw_addr[18]; } g_ehdr_o; struct arphdr_opts { u_int16_t op_type; /* arp operation */ u_int8_t *s_paddr; /* sender protocol address */ u_int16_t rand_s_paddr; u_int8_t *r_paddr; /* receiver protocol address */ u_int16_t rand_r_paddr; u_int8_t *s_eaddr; /* sender ethernet address */ u_int16_t rand_s_eaddr; u_int8_t *r_eaddr; /* receiver ethernet address */ u_int16_t rand_r_eaddr; u_int8_t shw_addr[18]; u_int8_t rhw_addr[18]; } g_ahdr_o; libnet_t *g_pkt_d; u_int16_t g_init_type; u_int16_t g_rand_d_port; u_int16_t g_rand_s_port; u_int16_t g_s_port; u_int16_t g_d_port; u_int16_t g_port_range; u_int16_t g_interval_sec; u_int16_t g_interval_usec; u_int16_t g_injection_type; u_int16_t g_r_timeout; u_int16_t g_burst_rate; u_int16_t g_payload_len; u_int8_t *g_payload; u_int8_t g_hex_payload; u_int8_t *g_s_d_port; u_int8_t g_hwaddr_p[18]; u_int8_t g_rawip; struct timeval g_bf_pcap; struct timeval g_af_pcap; #endif /* __INJECTION_STRUCTS_H */ packit-1.5/src/injection.c000066400000000000000000000257141304023723400155560ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "injection.h" u_int16_t inject_packet() { #ifdef DEBUG fprintf(stdout, "DEBUG: inject_packet()\n"); #endif if(libnet_write(g_pkt_d) == -1) return FAILURE; return SUCCESS; } void injection_init() { u_int16_t g_port_range = 0; #ifdef DEBUG fprintf(stdout, "DEBUG: injection_init()\n"); fprintf(stdout, "DEBUG: g_cnt: %ld, g_interval_sec %d\n", g_cnt, g_interval_sec); fprintf(stdout, "DEBUG: g_p_mode: %d g_burst_rate: %d\n", g_p_mode, g_burst_rate); #endif signal(SIGTERM, injection_clean_exit); signal(SIGQUIT, injection_clean_exit); signal(SIGINT, injection_clean_exit); signal(SIGHUP, injection_clean_exit); if(g_hex_payload) { if((g_payload_len = format_hex_payload(g_payload)) == 0) fprintf(stdout, "Warning: Hex payload formatted incorrectly.\n"); } else if(g_payload) { g_payload_len = strlen((char*)g_payload); #ifdef DEBUG fprintf(stdout, "DEBUG: g_payload_len=%d\n", g_payload_len); #endif } if(g_s_d_port != NULL) { if(strstr((char*)g_s_d_port, "-")) { g_cnt = parse_port_range((char*)g_s_d_port); if(g_cnt < 1 || g_cnt > 65535) fatal_error("Invalid port range: %s", g_s_d_port); g_port_range = 1; } g_d_port = (u_int16_t)atoi((char*)g_s_d_port); } if(!g_device && (g_device = pcap_lookupdev(error_buf)) == NULL) fatal_error("Device lookup failure: Are you root?"); if(strstr(g_device, "any")) strcpy(g_device, "lo"); if(g_p_mode == M_TRACE) fprintf(stdout, "Mode: Trace Route [Hop Max: %lu] using device: %s\n", g_cnt, g_device); else fprintf(stdout, "Mode: Packet Injection using device: %s\n", g_device); if((g_pkt_d = libnet_init(g_init_type, g_device, error_buf)) == NULL) fatal_error("Unable to initialize packet injection"); if(g_p_mode == M_INJECT) without_response(g_port_range); else if(g_p_mode == M_INJECT_RESPONSE || g_p_mode == M_TRACE) with_response(g_port_range); #ifdef DEBUG fprintf(stdout, "DEBUG: Preparing to clean house and exit\n"); #endif injection_clean_exit(SUCCESS); return; } u_int16_t with_response(u_int32_t g_port_range) { char ufilter[1024]; u_int32_t i, tr_retry = 0; u_int32_t dth_r, dstp = 0; u_int32_t localnet, netmask; u_int32_t d_link; struct bpf_program bpf; struct timespec n_sleep; #ifdef DEBUG fprintf(stdout, "DEBUG: with_response()\n"); #endif memset(&bpf, 0, sizeof(struct bpf_program)); memset(&n_sleep, 0, sizeof(struct timespec)); n_sleep.tv_nsec = 100; if(g_init_type == 0) g_link_layer = 1; if((g_pkt = pcap_open_live(g_device, 1500, 1, READ_TIMEOUT, error_buf)) == NULL) fatal_error("Unable to open device: %s", error_buf); if(pcap_lookupnet(g_device, &localnet, &netmask, error_buf) < 0) fprintf(stderr, "\nWarning: Unable to lookup network: %s\n", error_buf); if(g_cnt == 0) dstp = g_cnt = 1; for(i = 1; i < g_cnt + 1; i++) { #ifdef DEBUG fprintf(stdout, "DEBUG: for() g_inj_cnt: %ld g_cnt: %ld\n", g_inj_cnt, g_cnt); #endif if(dstp) i = 0; g_pkt_d = shape_packet(); switch(g_ip4hdr_o.p) { case IPPROTO_TCP: snprintf(ufilter, 1024, "dst host %s" " && " "(ip[9] = 6 && src host %s && src port 0x%x && dst port 0x%x)" " || " "(ip[9] = 1" " && " "(icmp[0] = 0xb || icmp[0] = 0x3) && icmp[12:2] = 0x%04x)", g_ip4hdr_o.s_addr, g_ip4hdr_o.d_addr, g_d_port, g_s_port, g_ip4hdr_o.id); break; case IPPROTO_UDP: snprintf(ufilter, 1024, "dst host %s" " && " "(ip[9] = 17 && src host %s && src port 0x%x && dst port 0x%x)" " || " "(ip[9] = 1" " && " "(icmp[0] = 0xb || icmp[0] = 0x3) && icmp[12:2] = 0x%04x)", g_ip4hdr_o.s_addr, g_ip4hdr_o.d_addr, g_d_port, g_s_port, g_ip4hdr_o.id); break; case IPPROTO_ICMP: snprintf(ufilter, 1024, "dst host %s && ip[9] = 1" " && " "((icmp[0] = 0x0 && icmp[4:2] = 0x%04x && icmp[6:2] = 0x%04x)" " || " "((icmp[0] = 0xe || icmp[0] = 0x12) && icmp[4:2] = 0x%04x && icmp[6:2] = 0x%04x)" " || " "((icmp[0] = 0xb || icmp[0] = 0x3) && icmp[12:2] = 0x%04x))", g_ip4hdr_o.s_addr, htons(g_i4hdr_o.id), htons(g_i4hdr_o.seqn), g_i4hdr_o.id, g_i4hdr_o.seqn, g_ip4hdr_o.id); break; } g_filter = ufilter; #ifdef DEBUG fprintf(stdout, "DEBUG: g_filter: %s\n", g_filter); #endif if(pcap_compile(g_pkt, &bpf, g_filter, 0, netmask) < 0) fprintf(stderr, "\nWarning: Unable to compile packet filters: %s\n", pcap_geterr(g_pkt)); if(pcap_setfilter(g_pkt, &bpf) < 0) fatal_error("Unable to set packet filters: %s", pcap_geterr(g_pkt)); #ifdef HAVE_FREECODE pcap_freecode(&bpf); #endif /* HAVE_FREECODE */ if((d_link = pcap_datalink(g_pkt)) < 0) fatal_error("Unable to determine datalink type: %s", pcap_geterr(g_pkt)); #ifdef SYSV_DERIVED #ifdef HAVE_SETNONBLOCK #ifdef DEBUG fprintf(stdout, "DEBUG: pcap_setnonblock()\n"); #endif /* DEBUG */ if(pcap_setnonblock(g_pkt, 1, error_buf) < 0) fatal_error("Unable to change to blocking mode: %s", error_buf); #else /* HAVE_SETNONBLOCK */ if(setnonblock(g_pkt, 1, error_buf) < 0) fatal_error("Unable to change to blocking mode: %s", error_buf); #endif /* HAVE_SETNONBLOCK */ #endif /* SYSV_DERIVED */ print_separator(1, 2, (g_p_mode == M_TRACE) ? "HOP %d" : "SND %d", g_inj_cnt); start: if(!inject_packet()) fatal_error("Unable to inject packet"); gettimeofday(&g_bf_pcap, NULL); if(g_p_mode != M_TRACE) { print_ts(g_bf_pcap); print_injection_details(); } g_hdr_len = retrieve_datalink_hdr_len(d_link); #ifdef DEBUG fprintf(stdout, "DEBUG: start time: %ld.%ld\n", g_bf_pcap.tv_sec, g_bf_pcap.tv_usec); fprintf(stdout, "DEBUG: start dispatch loop\n"); #endif while(1) { dth_r = pcap_dispatch(g_pkt, 1, (pcap_handler)process_packets, NULL); if(dth_r < 0) fatal_error("Unable to inject packet"); else if(dth_r > 0) break; gettimeofday(&g_af_pcap, NULL); #ifdef DEBUG fprintf(stdout, "DEBUG: dispatch time: %ld.%ld\n", g_af_pcap.tv_sec, g_af_pcap.tv_usec); #endif if(((g_af_pcap.tv_sec - g_bf_pcap.tv_sec) == g_r_timeout && (g_bf_pcap.tv_usec < g_af_pcap.tv_usec)) || (g_af_pcap.tv_sec - g_bf_pcap.tv_sec) > g_r_timeout) { if(g_p_mode == M_TRACE && tr_retry < 2) { tr_retry++; goto start; } else { tr_retry = 0; print_separator((g_p_mode == M_TRACE) ? 0 : 1, 1, "No Response From Peer"); break; } } nanosleep(&n_sleep, NULL); } #ifdef DEBUG fprintf(stdout, "DEBUG: dispatch loop complete\n"); #endif libnet_clear_packet(g_pkt_d); if(g_p_mode == M_TRACE) { if(g_tr_fin == 1) return FAILURE; else g_ip4hdr_o.ttl++; } else if((g_ip4hdr_o.p == IPPROTO_TCP || g_ip4hdr_o.p == IPPROTO_UDP) && g_port_range) g_d_port++; else if(g_ip4hdr_o.p == IPPROTO_ICMP && g_i4hdr_o.type == ICMP_ECHO) g_i4hdr_o.seqn++; if(g_burst_rate != 0 && g_p_mode != M_TRACE && (g_inj_cnt % g_burst_rate) == 0 && i != g_cnt) sleep(g_interval_sec); g_inj_cnt++; } return FAILURE; } u_int16_t without_response(u_int32_t g_port_range) { u_int64_t i; u_int32_t dstp = 0; #ifdef DEBUG fprintf(stdout, "DEBUG: without_response()\n"); #endif gettimeofday(&g_bf_pcap, NULL); if(g_cnt == 0) dstp = g_cnt = 1; for(i = 1; i < g_cnt + 1; i++) { if(dstp) i = 0; g_pkt_d = shape_packet(); if(!inject_packet()) fatal_error("Unable to inject packet"); if(g_verbose) { print_separator(1, 2, "SND %ld", g_inj_cnt); print_injection_details(); if(g_burst_rate != 0 && (g_inj_cnt % g_burst_rate) == 0 && i != g_cnt) sleep(g_interval_sec); } else { if(g_inj_cnt == 1) { fprintf(stdout, "\n"); print_injection_details(); if(dstp) fprintf(stderr, "\nWriting packet(s): "); else fprintf(stderr, "\nWriting packet(s) (%lu): ", g_cnt); } if(g_burst_rate != 0 && (g_inj_cnt % g_burst_rate) == 0) { fprintf(stderr, "."); if(i != g_cnt) sleep(g_interval_sec); } } gettimeofday(&g_af_pcap, NULL); libnet_clear_packet(g_pkt_d); if(g_ip4hdr_o.p == IPPROTO_ICMP && g_i4hdr_o.type == ICMP_ECHO) { g_i4hdr_o.seqn++; } if((g_ip4hdr_o.p == IPPROTO_TCP || g_ip4hdr_o.p == IPPROTO_UDP) && g_port_range) { g_d_port++; } g_inj_cnt++; } return SUCCESS; } packit-1.5/src/injection.h000066400000000000000000000025231304023723400155540ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __INJECTION_H #define __INJECTION_H #include "globals.h" #include "inject_defs.h" #include "capture.h" #include "capture_defs.h" #include "shape_packet.h" #include "print_injection.h" #include "print_ts.h" void injection_init(); u_int16_t inject_packet(); u_int16_t with_response(); u_int16_t without_response(); int setnonblock(pcap_t *, int, char *); #endif /* __INJECTION_H */ packit-1.5/src/main.c000066400000000000000000000432751304023723400145220ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2005 Dennis Vshivkov * Copyright 2006 Deniz Adrian * Copyright 2013 Mats Erik Andersson * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "main.h" void parse_capture_options(int argc, char *argv[]) { g_p_mode = M_CAPTURE; g_cnt = 0; g_cap_cnt = 0; g_snap_len = SNAPLEN_DEFAULT; g_resolve = 3; g_verbose = 0; g_display = 1; g_link_layer = 0; #ifdef DEBUG fprintf(stdout, "DEBUG: parse_capture_options()\n"); #endif while((opt = getopt(argc, argv, "c:eGi:nNr:Rs:vw:xX")) != -1) { switch(opt) { case 'c': g_cnt = (u_int64_t)atoi(optarg); break; case 'e': g_link_layer = 1; break; case 'G': g_time_gmt = 1; break; case 'i': if(!(g_device = strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'w': strncpy(g_w_file, optarg, OPT_MAXLEN); break; case 'r': strncpy(g_r_file, optarg, OPT_MAXLEN); break; case 's': g_snap_len = (u_int16_t)atoi(optarg); break; case 'v': g_verbose = 1; break; case 'n': g_resolve--; break; case 'x': case 'X': g_dump_pkt = 1; break; } } capture_init(argv[optind], g_cnt); return; } void parse_inject_options(int argc, char *argv[], u_int16_t iopt) { char *opts = NULL; #ifdef DEBUG fprintf(stdout, "DEBUG: parse_inject_options(%d)\n", g_p_mode); #endif if(getuid() != 0) fatal_error("Sorry, you're not root!"); g_p_mode = iopt; define_injection_defaults(); injection_struct_init(); while((opt = getopt(argc, argv, "t:")) != -1) { switch(opt) { case 't': if(!strncasecmp(optarg, "TCP", 3)) { #ifdef DEBUG fprintf(stdout, "DEBUG: TCP injection\n"); #endif g_ip4hdr_o.p = IPPROTO_TCP; g_injection_type = ETHERTYPE_IP; opts = "a:b:c:d:D:e:E:fF:hH:i:n:p:q:Rs:S:T:o:u:vw:W:Z:"; } else if(!strncasecmp(optarg, "UDP", 3)) { #ifdef DEBUG fprintf(stdout, "DEBUG: UDP injection\n"); #endif g_ip4hdr_o.p = IPPROTO_UDP; g_injection_type = ETHERTYPE_IP; opts = "b:c:d:D:e:E:fhH:i:n:o:p:Rs:S:T:vw:Z:"; } else if(!strncasecmp(optarg, "ICMP", 4)) { #ifdef DEBUG fprintf(stdout, "DEBUG: ICMP injection\n"); #endif g_ip4hdr_o.p = IPPROTO_ICMP; g_injection_type = ETHERTYPE_IP; opts = "b:c:C:d:e:E:fg:G:hH:i:j:J:k:K:l:L:m:M:n:N:o:O:p:P:Q:Rs:t:T:U:vw:z:Z:"; } else if(!strncasecmp(optarg, "ARP", 3)) { if(g_p_mode == M_TRACE) fatal_error("ARP is not supported with trace mode."); #ifdef DEBUG fprintf(stdout, "DEBUG: ARP injection\n"); #endif #ifdef MACOS fprintf(stderr, "\nError: ARP injection is not yet supported on this OS platform.\n"); exit(FAILURE); #endif g_injection_type = ETHERTYPE_ARP; g_init_type = 0; opts = "A:b:c:e:E:i:p:Rs:S:vx:X:y:Y:"; } else if(!strncasecmp(optarg, "RARP", 4)) { if(g_p_mode == M_TRACE) fatal_error("RARP is not supported with trace mode."); #ifdef DEBUG fprintf(stdout, "DEBUG: RARP injection\n"); #endif #ifdef MACOS fprintf(stderr, "\nError: RARP injection is not yet supported on this OS platform.\n"); exit(FAILURE); #endif g_injection_type = ETHERTYPE_REVARP; g_ahdr_o.op_type = ARPOP_REVREQUEST; /* Update init */ g_init_type = 0; opts = "A:b:c:e:E:i:p:Rs:S:vx:X:y:Y:"; } else if(!strncasecmp(optarg, "RAWIP", 3)) { if(g_p_mode == M_TRACE) fatal_error("RAW is not supported with trace mode."); #ifdef DEBUG fprintf(stdout, "DEBUG: raw IP injection\n"); #endif g_rawip = g_ip4hdr_o.p = IPPROTO_RAW; g_injection_type = ETHERTYPE_IP; opts = "b:c:d:e:E:f:i:n:o:p:Rs:T:U:vV:w:Z:"; } else print_usage(); goto parse_inject; break; default: if(optind > 1) optind--; g_injection_type = ETHERTYPE_IP; if(g_p_mode == M_TRACE) { g_ip4hdr_o.p = IPPROTO_ICMP; opts = "b:c:C:d:e:E:fg:G:hH:i:j:J:k:K:l:L:m:M:n:N:o:O:p:P:Q:Rs:t:T:U:vw:z:Z:"; } else { g_ip4hdr_o.p = IPPROTO_TCP; opts = "a:b:c:d:D:e:E:fF:hH:i:n:p:q:Rs:S:T:o:u:vw:W:Z:"; } goto parse_inject; break; } } print_usage(); parse_inject: #ifdef DEBUG fprintf(stdout, "DEBUG: parse_inject\n"); #endif while((opt = getopt(argc, argv, opts)) != -1) { switch(opt) { case 'a': g_thdr_o.ackn = (u_int32_t)strtoll(optarg, (char **)NULL, 10); break; case 'A': g_ahdr_o.op_type = (u_int16_t)atoi(optarg); break; case 'b': g_burst_rate = (u_int16_t)atoi(optarg); break; case 'c': if(g_p_mode == M_TRACE && (u_int64_t)atoi(optarg) > 0xFF) fatal_error("Count cannot exceed max TTL value"); g_cnt = (u_int64_t)atoi(optarg); break; case 'C': g_i4hdr_o.code = (u_int16_t)atoi(optarg); break; case 'd': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ip4hdr_o.rand_d_addr = 1; if(!(g_ip4hdr_o.d_addr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'D': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_rand_d_port = 1; if(!(g_s_d_port = (u_int8_t*)strdup(optarg)) && !g_rand_d_port) fatal_error("Memory unavailable for: %s", optarg); break; case 'e': #ifdef MACOS fprintf(stderr, "\nWarning: You cannot specify an ethernet address on this operating system.\n"); break; #endif if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ehdr_o.rand_s_addr = 1; if(!(g_ehdr_o.s_addr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); g_init_type = 0; g_link_layer = 1; break; case 'E': #ifdef MACOS fprintf(stderr, "\nWarning: You cannot specify an ethernet address on this operating system.\n"); break; #endif if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ehdr_o.rand_d_addr = 1; if(!(g_ehdr_o.d_addr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); g_init_type = 0; g_link_layer = 1; break; case 'f': g_ip4hdr_o.frag = 0x4000; break; case 'F': if(strrchr(optarg, 'U')) g_thdr_o.urg = 1; if(strrchr(optarg, 'A')) g_thdr_o.ack = 1; if(strrchr(optarg, 'P')) g_thdr_o.psh = 1; if(strrchr(optarg, 'R')) g_thdr_o.rst = 1; if(strrchr(optarg, 'S')) g_thdr_o.syn = 1; if(strrchr(optarg, 'F')) g_thdr_o.fin = 1; break; case 'g': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_gw = 1; if(!(g_i4hdr_o.gw = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'G': if(!(g_i4hdr_o.mask = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'h': if(g_p_mode == M_INJECT) g_p_mode = M_INJECT_RESPONSE; break; case 'H': g_r_timeout = (u_int8_t)atoi(optarg); break; case 'i': if(!(g_device = strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'j': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_orig_s_addr = 1; if(!(g_i4hdr_o.orig_s_addr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'J': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_orig_s_port = 1; else g_i4hdr_o.orig_s_port = (u_int16_t)atoi(optarg); break; case 'k': g_i4hdr_o.rtime = (u_int32_t)atoi(optarg); break; case 'K': g_i4hdr_o.type = (u_int16_t)atoi(optarg); break; case 'l': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_orig_d_addr = 1; if(!(g_i4hdr_o.orig_d_addr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'L': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_orig_d_port = 1; else g_i4hdr_o.orig_d_port = (u_int16_t)atoi(optarg); break; case 'm': g_i4hdr_o.orig_ttl = (u_int16_t)atoi(optarg); break; case 'M': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_orig_id = 1; g_i4hdr_o.orig_id = (u_int16_t)atoi(optarg); break; case 'n': g_ip4hdr_o.id = (u_int16_t)atoi(optarg); g_ip4hdr_o.rand_id = 0; break; case 'N': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_id = 1; g_i4hdr_o.id = (u_int16_t)atoi(optarg); break; case 'o': g_ip4hdr_o.tos = (u_int8_t)atoi(optarg); break; case 'O': g_i4hdr_o.orig_tos = (u_int8_t)atoi(optarg); break; case 'p': if(!strncasecmp(optarg, "0x", 2)) g_hex_payload = 1; if(!(g_payload = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'P': if(!strcasecmp(optarg, "UDP")) g_i4hdr_o.orig_p = 17; else if(!strncasecmp(optarg, "TCP", 3)) g_i4hdr_o.orig_p = 6; else if(!strncasecmp(optarg, "ICMP", 4)) g_i4hdr_o.orig_p = 1; else fatal_error("Unknown ICMP original protocol: %s", optarg); break; case 'q': g_thdr_o.seqn = (u_int32_t)strtoll(optarg, (char **)NULL, 10); g_thdr_o.rand_seqn = 0; break; case 'Q': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_i4hdr_o.rand_seqn = 1; g_i4hdr_o.seqn = (u_int16_t)strtoll(optarg, (char **)NULL, 10); break; case 'R': g_resolve = 0; break; case 's': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ip4hdr_o.rand_s_addr = 1; if(!(g_ip4hdr_o.s_addr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'S': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_rand_s_port = 1; else g_rand_s_port = 0; g_s_port = (u_int16_t)atoi(optarg); break; case 'T': if(atoi(optarg) > 0xFF) fatal_error("Invalid TTL value: %s", optarg); g_ip4hdr_o.ttl = (u_int16_t)atoi(optarg); break; case 'u': g_thdr_o.urp = (u_int16_t)atoi(optarg); break; case 'U': g_i4hdr_o.otime = (u_int32_t)atoi(optarg); break; case 'v': g_verbose = 1; break; case 'V': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ip4hdr_o.rand_p = 1; g_ip4hdr_o.p = (u_int16_t)atoi(optarg); break; case 'w': g_interval_sec = (u_int16_t)atoi(optarg); break; case 'W': g_thdr_o.win = (u_int16_t)atoi(optarg); break; case 'x': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ahdr_o.rand_s_paddr = 1; if(!(g_ahdr_o.s_paddr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'X': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ahdr_o.rand_s_eaddr = 1; if(!(g_ahdr_o.s_eaddr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'y': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ahdr_o.rand_r_paddr = 1; if(!(g_ahdr_o.r_paddr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'Y': if(strlen(optarg) == 1 && !strncmp(optarg, "R", 1)) g_ahdr_o.rand_r_eaddr = 1; if(!(g_ahdr_o.r_eaddr = (u_int8_t*)strdup(optarg))) fatal_error("Memory unavailable for: %s", optarg); break; case 'z': g_i4hdr_o.ttime = (u_int32_t)atoi(optarg); break; case 'Z': g_pkt_len = (u_int16_t)atoi(optarg); break; } } injection_init(); return; } int main(int argc, char *argv[]) { if(argc < 2) print_usage(); opterr = 0; #ifdef DEBUG fprintf(stdout, "DEBUG: main()\n"); #endif while((opt = getopt(argc, argv, "m:")) != -1) { switch(opt) { case 'm': #ifdef WITH_CAPTURE if(!strncasecmp(optarg, "CAPTURE", 7) || !strncasecmp(optarg, "C", 1)) parse_capture_options(argc, argv); #endif #ifdef WITH_INJECTION if(!strncasecmp(optarg, "INJECT", 6) || !strncasecmp(optarg, "I", 1)) parse_inject_options(argc, argv, M_INJECT); if(!strncasecmp(optarg, "TRACE", 10) || !strncasecmp(optarg, "T", 1)) parse_inject_options(argc, argv, M_TRACE); #endif fprintf(stderr, "\nError: Invalid runtime mode\n"); print_usage(); break; default: optind--; #ifdef WITH_INJECTION parse_inject_options(argc, argv, M_INJECT); break; #endif #ifdef WITH_CAPTURE parse_capture_options(argc, argv); break; #endif fprintf(stderr, "\nError: Packit was built with neither capture nor injection support!\n"); break; } } print_usage(); /* Never gets here */ exit(SUCCESS); } packit-1.5/src/main.h000066400000000000000000000031111304023723400145100ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2007 Kumar Appaiah * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __MAIN_H #define __MAIN_H #include #include #include #include #include #include #include #include #include #include #include "globals.h" #include "init.h" #include "define_defaults.h" #include "injection.h" #include "inject_defs.h" #include "capture.h" #include "capture_defs.h" #define OPT_MAXLEN 32 u_int32_t opt; char *optarg; void parse_capture_options(int, char *[]); void parse_inject_options(int, char *[], u_int16_t); #endif /* __MAIN_H */ packit-1.5/src/print_arp_hdr.c000066400000000000000000000040031304023723400164130ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_arp_hdr.h" void print_arp_hdr(u_int8_t *packet) { char *arp_t, *arp_hw_t; u_int16_t frame_t; struct libnet_arp_hdr *ahdr; #ifdef DEBUG fprintf(stdout, "DEBUG: print_arp_hdr()\n"); #endif ahdr = (struct libnet_arp_hdr *)(packet + g_hdr_len); arp_t = retrieve_arp_type(htons(ahdr->ar_op)); arp_hw_t = retrieve_arp_hw_type(htons(ahdr->ar_hrd)); fprintf(stdout, "ARP header: Type: %s(%d)\n", arp_t, htons(ahdr->ar_op)); frame_t = ntohs(*(u_int16_t *)(packet + g_hdr_len - sizeof(u_int16_t))); fprintf(stdout, "%s header: Type: %s(%d)\n", (frame_t == ETHERTYPE_REVARP) ? "RARP": "ARP", arp_t, htons(ahdr->ar_op)); fprintf(stdout, " Hardware Format: %s Length: %d\n", arp_hw_t, ahdr->ar_hln); fprintf(stdout, " Protocol Format: %d Length: %d\n", ahdr->ar_pro, ahdr->ar_pln); return; } packit-1.5/src/print_arp_hdr.h000066400000000000000000000021271304023723400164250ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_ARP_HDR_H #define __PRINT_ARP_HDR_H #include "globals.h" void print_arp_hdr(u_int8_t *); #endif /* __PRINT_ARP_HDR_H */ packit-1.5/src/print_capture.c000066400000000000000000000077651304023723400164610ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_capture.h" void print_capture(struct pcap_pkthdr *pkthdr, u_int8_t *packet) { struct libnet_ethernet_hdr *ehdr; struct libnet_ipv4_hdr *iphdr; struct libnet_icmpv4_hdr *tr_icmphdr; #ifdef DEBUG fprintf(stdout, "DEBUG: print_capture()\n"); #endif if(g_display) { ehdr = (struct libnet_ethernet_hdr *)(packet); if(ehdr->ether_type == htons(ETHERTYPE_IP)) { #ifdef DEBUG fprintf(stdout, "DEBUG: ether_type: ip\n"); #endif if(g_p_mode == M_CAPTURE) print_separator(1, 2, "PID %lld", (u_int64_t)g_cap_cnt + 1); else if(g_p_mode == M_INJECT_RESPONSE) print_separator(1, 2, "RCV %lld", (u_int64_t)g_inj_cnt); iphdr = (struct libnet_ipv4_hdr *)(packet + g_hdr_len); if(g_p_mode == M_TRACE && !g_verbose) { print_ipv4_hdr(iphdr); tr_icmphdr = (struct libnet_icmpv4_hdr *)(packet + IPV4_H + g_hdr_len); if(tr_icmphdr->icmp_type != 11 || tr_icmphdr->icmp_code != 0) g_tr_fin = 1; } else { if(g_p_mode != M_TRACE) print_ts(pkthdr->ts); else if(iphdr->ip_p != IPPROTO_ICMP) g_tr_fin = 1; #ifdef DEBUG fprintf(stdout, "DEBUG: ip_p: %d\n", iphdr->ip_p); #endif switch(iphdr->ip_p) { case IPPROTO_TCP: print_tcp_hdr(packet); break; case IPPROTO_UDP: print_udp_hdr(packet); break; case IPPROTO_ICMP: print_icmpv4_hdr(packet); break; } print_ipv4_hdr(iphdr); if(g_link_layer) print_ethernet_hdr(ehdr); if(g_dump_pkt && pkthdr->caplen > g_hdr_len) print_packet_hexdump(packet + g_hdr_len, pkthdr->caplen - g_hdr_len); } } else if(ehdr->ether_type == htons(ETHERTYPE_ARP) || ehdr->ether_type == htons(ETHERTYPE_REVARP)) { #ifdef DEBUG fprintf(stdout, "DEBUG: ether_type: %s\n", (ehdr->ether_type == ETHERTYPE_REVARP) ? "RARP" : "ARP"); #endif if(g_p_mode == M_CAPTURE) print_separator(1, 2, "PID %lld", (u_int64_t)g_cap_cnt + 1); else if(g_p_mode == M_INJECT_RESPONSE) print_separator(1, 2, "RCV %lld", (u_int64_t)g_inj_cnt); print_ts(pkthdr->ts); print_arp_hdr(packet); print_ethernet_hdr(ehdr); if(g_dump_pkt) if(pkthdr->caplen > g_hdr_len) print_packet_hexdump(packet + g_hdr_len, pkthdr->caplen - g_hdr_len); } } g_cap_cnt++; return; } packit-1.5/src/print_capture.h000066400000000000000000000022371304023723400164530ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_CAPTURE_H #define __PRINT_CAPTURE_H #include "globals.h" #include "capture_defs.h" #include "print_defs.h" void print_capture(struct pcap_pkthdr *, u_int8_t *); #endif /* __PRINT_CAPTURE_H */ packit-1.5/src/print_defs.h000066400000000000000000000023641304023723400157320ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_DEFS_H #define __PRINT_DEFS_H #include "print_arp_hdr.h" #include "print_ethernet_hdr.h" #include "print_icmpv4_hdr.h" #include "print_ipv4_hdr.h" #include "print_tcp_hdr.h" #include "print_udp_hdr.h" #include "print_pktdump.h" #include "print_ts.h" #endif /* __PRINT_DEFS_H */ packit-1.5/src/print_ethernet_hdr.c000066400000000000000000000031701304023723400174530ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_ethernet_hdr.h" void print_ethernet_hdr(struct libnet_ethernet_hdr *ehdr) { #ifdef DEBUG fprintf(stdout, "DEBUG: print_ethernet_hdr()\n"); #endif fprintf(stdout, "Eth header: Src Address: %0X:%0X:%0X:%0X:%0X:%0X Dst Address: %0X:%0X:%0X:%0X:%0X:%0X", ehdr->ether_shost[0], ehdr->ether_shost[1], ehdr->ether_shost[2], ehdr->ether_shost[3], ehdr->ether_shost[4], ehdr->ether_shost[5], ehdr->ether_dhost[0], ehdr->ether_dhost[1], ehdr->ether_dhost[2], ehdr->ether_dhost[3], ehdr->ether_dhost[4], ehdr->ether_dhost[5]); fprintf(stdout, "\n"); return; } packit-1.5/src/print_ethernet_hdr.h000066400000000000000000000021751304023723400174640ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_ETHERNET_HDR_H #define __PRINT_ETHERNET_HDR_H #include "globals.h" void print_ethernet_hdr(struct libnet_ethernet_hdr *); #endif /* __PRINT_ETHERNET_HDR_H */ packit-1.5/src/print_icmpv4_hdr.c000066400000000000000000000137531304023723400170470ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_icmpv4_hdr.h" void print_icmpv4_hdr(u_int8_t *packet) { char *s_addr, *d_addr; char *icmp_t, *icmp_c; struct libnet_icmpv4_hdr *icmphdr; #ifdef DEBUG fprintf(stdout, "DEBUG: print_icmpv4_hdr()\n"); #endif #ifndef icmp_iphdr #define icmp_iphdr icmphdr->dun.ip.idi_ip #endif icmphdr = (struct libnet_icmpv4_hdr *)(packet + IPV4_H + g_hdr_len); s_addr = malloc(sizeof(s_addr)); d_addr = malloc(sizeof(d_addr)); icmp_t = retrieve_icmp_type(icmphdr->icmp_type); icmp_c = retrieve_icmp_code(icmphdr->icmp_type, icmphdr->icmp_code); fprintf(stdout, "ICMP header: Type: %s(%d) ", icmp_t, icmphdr->icmp_type); switch(icmphdr->icmp_type) { case ICMP_REDIRECT: fprintf(stdout, "Code: %s(%d) Gateway: %s ", icmp_c, icmphdr->icmp_code, libnet_addr2name4(ntohl(icmphdr->hun.gateway), 0)); if(g_verbose) { s_addr = libnet_addr2name4(icmp_iphdr.ip_src.s_addr, 0); d_addr = libnet_addr2name4(icmp_iphdr.ip_dst.s_addr, 0); fprintf(stdout, "\n"); fprintf(stdout, "\t Original IP header:\n"); fprintf(stdout, "\t Src Address: %s Dst Address: %s\n", s_addr, d_addr); fprintf(stdout, "\t TTL: %d ID: %d TOS: 0x%X Len: %d ", icmp_iphdr.ip_ttl, ntohs(icmp_iphdr.ip_id), icmp_iphdr.ip_tos, ntohs(icmp_iphdr.ip_len)); if(ntohs(icmp_iphdr.ip_off) & IP_DF) fprintf(stdout, "(DF)"); } break; case ICMP_UNREACH: fprintf(stdout, "Code: %s(%d) ", icmp_c, icmphdr->icmp_code); if(icmphdr->icmp_code == ICMP_UNREACH_NEEDFRAG) fprintf(stdout, "MTU: %d Pad: %d ", ntohs(icmphdr->hun.frag.mtu), ntohs(icmphdr->hun.frag.pad)); if(g_verbose) { s_addr = libnet_addr2name4(icmp_iphdr.ip_src.s_addr, 0); d_addr = libnet_addr2name4(icmp_iphdr.ip_dst.s_addr, 0); fprintf(stdout, "\n"); fprintf(stdout, "\t Original IP header:\n"); fprintf(stdout, "\t Src Address: %s Dst Address: %s\n", s_addr, d_addr); fprintf(stdout, "\t TTL: %d ID: %d TOS: 0x%X Len: %d ", icmp_iphdr.ip_ttl, ntohs(icmp_iphdr.ip_id), icmp_iphdr.ip_tos, ntohs(icmp_iphdr.ip_len)); if(ntohs(icmp_iphdr.ip_off) & IP_DF) fprintf(stdout, "(DF)"); } break; case ICMP_TIMXCEED: case ICMP_PARAMPROB: fprintf(stdout, "Code: %s(%d) ", icmp_c, icmphdr->icmp_code); if(g_verbose) { s_addr = libnet_addr2name4(icmp_iphdr.ip_src.s_addr, 0); d_addr = libnet_addr2name4(icmp_iphdr.ip_dst.s_addr, 0); fprintf(stdout, "\n"); fprintf(stdout, "\t Original IP header:\n"); fprintf(stdout, "\t Src Address: %s Dst Address: %s\n", s_addr, d_addr); fprintf(stdout, "\t TTL: %d ID: %d TOS: 0x%X Len: %d ", icmp_iphdr.ip_ttl, ntohs(icmp_iphdr.ip_id), icmp_iphdr.ip_tos, ntohs(icmp_iphdr.ip_len)); if(ntohs(icmp_iphdr.ip_off) & IP_DF) fprintf(stdout, "(DF)"); } break; case ICMP_TSTAMPREPLY: if(icmphdr->icmp_code > 0) fprintf(stdout, "Code: %s(%d) ", icmp_c, icmphdr->icmp_code); fprintf(stdout, "ID: %d Seqn: %d\n", icmphdr->icmp_id, icmphdr->icmp_seq); fprintf(stdout, "\t Original: %lu Received: %lu Transmit: %lu", (u_long)ntohl(icmphdr->icmp_otime), (u_long)ntohl(icmphdr->icmp_rtime), (u_long)ntohl(icmphdr->icmp_ttime)); break; case ICMP_MASKREPLY: if(icmphdr->icmp_code > 0) fprintf(stdout, "Code: %s(%d) ", icmp_c, icmphdr->icmp_code); fprintf(stdout, "ID: %d Seqn: %d\n", icmphdr->icmp_id, icmphdr->icmp_seq); fprintf(stdout, "\t Mask: %s ", libnet_addr2name4(ntohl(icmphdr->dun.mask), 0)); break; case ICMP_ECHOREPLY: case ICMP_ECHO: case ICMP_MASKREQ: case ICMP_TSTAMP: if(icmphdr->icmp_code > 0) fprintf(stdout, "Code: %s(%d) ", icmp_c, icmphdr->icmp_code); fprintf(stdout, "ID: %d Seqn: %d", icmphdr->icmp_id, icmphdr->icmp_seq); break; case ICMP_TRACEROUTE: if(icmphdr->icmp_code > 0) fprintf(stdout, "Code: %s(%d) ", icmp_c, icmphdr->icmp_code); break; } fprintf(stdout, "\n"); if(icmphdr->icmp_type != 11 || icmphdr->icmp_code != 0) g_tr_fin = 1; return; } packit-1.5/src/print_icmpv4_hdr.h000066400000000000000000000021351304023723400170440ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_ICMPV4_HDR #define __PRINT_ICMPV4_HDR #include "globals.h" void print_icmpv4_hdr(u_int8_t *); #endif /* __PRINT_ICMPV4_HDR */ packit-1.5/src/print_injection.c000066400000000000000000000151771304023723400167740ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * Copyright 2015 Joao Eriberto Mota Filho * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_injection.h" void print_injection_details() { char *arp_t, *icmp_t, *icmp_c = NULL; #ifdef DEBUG fprintf(stdout, "DEBUG: print_injection() g_init_type: %d\n", g_init_type); #endif if(g_injection_type == ETHERTYPE_IP) { #ifdef DEBUG fprintf(stdout, "DEBUG: ETHERTYPE_IP\n"); #endif g_thdr_o.flags[0] = '\0'; if(g_ip4hdr_o.p == IPPROTO_TCP && !g_rawip) { if(g_thdr_o.syn) strcat(g_thdr_o.flags, "S"); if(g_thdr_o.ack) strcat(g_thdr_o.flags, "A"); if(g_thdr_o.fin) strcat(g_thdr_o.flags, "F"); if(g_thdr_o.rst) strcat(g_thdr_o.flags, "R"); if(g_thdr_o.psh) strcat(g_thdr_o.flags, "P"); if(g_thdr_o.urg) strcat(g_thdr_o.flags, "U"); if(strlen(g_thdr_o.flags) < 1) strcpy(g_thdr_o.flags, "None"); fprintf(stdout, "TCP header: Src Port: %d ", g_s_port); if(g_p_mode == M_INJECT_RESPONSE) fprintf(stdout, "Dst Port: %d ", g_d_port); else fprintf(stdout, "Dst Port(s): %s ", g_s_d_port); fprintf(stdout, "Flag(s): %s\n", g_thdr_o.flags); fprintf(stdout, "\t Window: %d ", g_thdr_o.win); if(g_thdr_o.seqn) fprintf(stdout, "Seqn: %u ", g_thdr_o.seqn); if(g_thdr_o.ackn) fprintf(stdout, "Ackn: %u ", g_thdr_o.ackn); if(g_thdr_o.urp) fprintf(stdout, "Urg: %d ", g_thdr_o.urp); } else if(g_ip4hdr_o.p == IPPROTO_UDP && !g_rawip) { fprintf(stdout, "UDP header: Src Port: %d Dst Port(s): %s", g_s_port, g_s_d_port); } else if(g_ip4hdr_o.p == IPPROTO_ICMP && !g_rawip) { icmp_t = retrieve_icmp_type(g_i4hdr_o.type); fprintf(stdout, "ICMP header: Type: %s(%d) ", icmp_t, g_i4hdr_o.type); if(g_i4hdr_o.code > 0) { icmp_c = retrieve_icmp_code(g_i4hdr_o.type, g_i4hdr_o.code); fprintf(stdout, "Code: %s(%d) ", icmp_c, g_i4hdr_o.code); } switch(g_i4hdr_o.type) { case ICMP_ECHOREPLY: case ICMP_ECHO: case ICMP_TSTAMP: fprintf(stdout, "ID: %d Seqn: %d ", g_i4hdr_o.id, g_i4hdr_o.seqn); break; case ICMP_UNREACH: case ICMP_REDIRECT: case ICMP_TIMXCEED: fprintf(stdout, "\n\t Original Datagram\n"); if(g_i4hdr_o.orig_p == IPPROTO_UDP) fprintf(stdout, "\t Protocol: UDP(%d) ", g_i4hdr_o.orig_p); else if(g_i4hdr_o.orig_p == IPPROTO_TCP) fprintf(stdout, "\t Protocol: TCP(%d) ", g_i4hdr_o.orig_p); else if(g_i4hdr_o.orig_p == IPPROTO_ICMP) fprintf(stdout, "\t Protocol: ICMP(%d) ", g_i4hdr_o.orig_p); fprintf(stdout, "Src Port: %d Dst port: %d\n", g_i4hdr_o.orig_s_port, g_i4hdr_o.orig_d_port); fprintf(stdout, "\t Src Address: %s Dst Address: %s\n", g_i4hdr_o.orig_s_addr, g_i4hdr_o.orig_d_addr); fprintf(stdout, "\t TTL: %d ID: %d TOS: 0x%X", g_i4hdr_o.orig_ttl, g_i4hdr_o.orig_id, g_i4hdr_o.orig_tos); break; case ICMP_TSTAMPREPLY: fprintf(stdout, "ID: %d Seqn: %d\n", g_i4hdr_o.id, g_i4hdr_o.seqn); fprintf(stdout, "\t Original Timestamp: %d\n", g_i4hdr_o.otime); fprintf(stdout, "\t Received Timestamp: %d\n", g_i4hdr_o.rtime); fprintf(stdout, "\t Transmit Timestamp: %d", g_i4hdr_o.ttime); break; case ICMP_MASKREQ: case ICMP_MASKREPLY: fprintf(stdout, "ID: %d Seqn: %d", g_i4hdr_o.id, g_i4hdr_o.seqn); if(g_i4hdr_o.mask != NULL) fprintf(stdout, "\n\t Address Mask: %s", g_i4hdr_o.mask); break; } } if(!g_rawip) fprintf(stdout, "\n"); fprintf(stdout, "IP header: Src Address: %s Dst Address: %s\n", g_ip4hdr_o.s_addr, g_ip4hdr_o.d_addr); fprintf(stdout, "\t TTL: %d ID: %d TOS: 0x%X Len: %d ", g_ip4hdr_o.ttl, g_ip4hdr_o.id, (u_int8_t)g_ip4hdr_o.tos, g_hdr_len); if(g_rawip) fprintf(stdout, "IP Protocol: %d ", g_ip4hdr_o.p); if(g_ip4hdr_o.frag == 0x4000) fprintf(stdout, "(DF)"); if(g_ehdr_o.s_addr || g_ehdr_o.d_addr) fprintf(stdout, "\nEth header: Src Address: %s Dst Address: %s", g_ehdr_o.shw_addr, g_ehdr_o.dhw_addr); } else if(g_injection_type == ETHERTYPE_ARP || g_injection_type == ETHERTYPE_REVARP) { #ifdef DEBUG fprintf(stdout, "DEBUG: %s\n", (g_injection_type == ETHERTYPE_REVARP) ? "ETHERTYPE_REVARP" : "ETHERTYPE_ARP"); #endif arp_t = retrieve_arp_type(g_ahdr_o.op_type); fprintf(stdout, "%s header: Type: %s(%d)\n", (g_injection_type == ETHERTYPE_REVARP) ? "RARP" : "ARP", arp_t, g_ahdr_o.op_type); fprintf(stdout, " Sender: Protocol Address: %s Hardware Address: %.17s\n", g_ahdr_o.s_paddr, g_ahdr_o.shw_addr); fprintf(stdout, " Target: Protocol Address: %s Hardware Address: %.17s\n", g_ahdr_o.r_paddr, g_ahdr_o.rhw_addr); if(g_ehdr_o.s_addr || g_ehdr_o.d_addr) fprintf(stdout, "Eth header: Src Address: %s Dst Address: %s", g_ehdr_o.shw_addr, g_ehdr_o.dhw_addr); } fprintf(stdout, "\n"); return; } packit-1.5/src/print_injection.h000066400000000000000000000021661304023723400167730ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_INJECTION_H #define __PRINT_INJECTION_H #include "globals.h" #include "inject_defs.h" void print_injection_details(); #endif /* __PRINT_INJECTION_H */ packit-1.5/src/print_ipv4_hdr.c000066400000000000000000000037141304023723400165230ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_ipv4_hdr.h" void print_ipv4_hdr(struct libnet_ipv4_hdr *iphdr) { char *s_addr, *d_addr; struct in_addr ip_src, ip_dst; #ifdef DEBUG fprintf(stdout, "DEBUG: print_ipv4_hdr()\n"); #endif s_addr = malloc(sizeof(s_addr)); d_addr = malloc(sizeof(d_addr)); memset(&ip_src, 0, sizeof(struct in_addr)); memset(&ip_dst, 0, sizeof(struct in_addr)); s_addr = libnet_addr2name4(iphdr->ip_src.s_addr, ((g_resolve == 1 || g_resolve == 3) ? 1 : 0)); d_addr = libnet_addr2name4(iphdr->ip_dst.s_addr, ((g_resolve == 1 || g_resolve == 3) ? 1 : 0)); fprintf(stdout, "IP header: Src Address: %s Dst Address: %s\n", s_addr, d_addr); fprintf(stdout, "\t TTL: %d ID: %d TOS: 0x%X Len: %d ", iphdr->ip_ttl, ntohs(iphdr->ip_id), iphdr->ip_tos, ntohs(iphdr->ip_len)); if(ntohs(iphdr->ip_off) & IP_DF) fprintf(stdout, "(DF) "); fprintf(stdout, "\n"); return; } packit-1.5/src/print_ipv4_hdr.h000066400000000000000000000022031304023723400165200ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_IPV4_HDR_H #define __PRINT_IPV4_HDR_H #include "globals.h" #include "capture_defs.h" void print_ipv4_hdr(struct libnet_ipv4_hdr *); #endif /* __PRINT_IPV4_HDR_H */ packit-1.5/src/print_pktdump.c000066400000000000000000000056161304023723400164730ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_pktdump.h" #define HEXDUMP_BYTES_PER_LINE 16 #define HEXDUMP_SHORTS_PER_LINE (HEXDUMP_BYTES_PER_LINE / 2) #define HEXDUMP_HEXSTUFF_PER_SHORT 5 /* 4 hex digits and a space */ #define HEXDUMP_HEXSTUFF_PER_LINE \ (HEXDUMP_HEXSTUFF_PER_SHORT * HEXDUMP_SHORTS_PER_LINE) /* * This code was mostly taken from TCPdump :) */ void print_packet_hexdump(u_int8_t *cp, int len) { int i, offset, nshorts, s1, s2; char hex_data[HEXDUMP_SHORTS_PER_LINE*HEXDUMP_HEXSTUFF_PER_SHORT+1], *hsp; char ascii_data[HEXDUMP_BYTES_PER_LINE+1], *asp; #ifdef DEBUG fprintf(stdout, "DEBUG: print_packet_hexdump()\n"); #endif offset = i = 0; hsp = hex_data; asp = ascii_data; nshorts = len / sizeof(u_int16_t); while (--nshorts >= 0) { s1 = *cp++; s2 = *cp++; snprintf(hsp, sizeof(hex_data) - (hsp - hex_data), " %02x%02x", s1, s2); hsp += HEXDUMP_HEXSTUFF_PER_SHORT; *(asp++) = (isgraph(s1) ? s1 : '-'); *(asp++) = (isgraph(s2) ? s2 : '-'); if(++i >= HEXDUMP_SHORTS_PER_LINE) { *hsp = *asp = '\0'; fprintf(stdout, "\n0x%04x\t %-*s\t %s", offset, HEXDUMP_HEXSTUFF_PER_LINE, hex_data, ascii_data); i = 0; hsp = hex_data; asp = ascii_data; offset += HEXDUMP_BYTES_PER_LINE; } } if(len & 1) { s1 = *cp++; snprintf(hsp, sizeof(hex_data) - (hsp - hex_data), " %02x", s1); hsp += 3; *(asp++) = (isgraph(s1) ? s1 : '-'); ++i; } if(i > 0) { *hsp = *asp = '\0'; fprintf(stdout, "\n0x%04x\t %-*s\t %s", offset, HEXDUMP_HEXSTUFF_PER_LINE, hex_data, ascii_data); } fprintf(stdout, "\n"); return; } packit-1.5/src/print_pktdump.h000066400000000000000000000022101304023723400164630ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_PKTDUMP_HDR_H #define __PRINT_PKTDUMP_HDR_H #include #include "globals.h" void print_packet_hexdump(u_int8_t *cp, int len); #endif /* __PRINT_PKTDUMP_HDR_H */ packit-1.5/src/print_tcp_hdr.c000066400000000000000000000050171304023723400164250ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_tcp_hdr.h" void print_tcp_hdr(u_int8_t *packet) { char flags[7]; struct libnet_tcp_hdr *tcphdr; struct servent *port_src, *port_dst; #ifdef DEBUG fprintf(stdout, "DEBUG: print_tcp_hdr()\n"); #endif port_src = malloc(sizeof(struct servent)); port_dst = malloc(sizeof(struct servent)); memset(port_src, 0, sizeof(struct servent)); memset(port_dst, 0, sizeof(struct servent)); memset(flags, 0, sizeof(flags)); tcphdr = (struct libnet_tcp_hdr *)(packet + IPV4_H + g_hdr_len); if(tcphdr->th_flags & TH_URG) strcat(flags, "U"); if(tcphdr->th_flags & TH_ACK) strcat(flags, "A"); if(tcphdr->th_flags & TH_PUSH) strcat(flags, "P"); if(tcphdr->th_flags & TH_RST) strcat(flags, "R"); if(tcphdr->th_flags & TH_SYN) strcat(flags, "S"); if(tcphdr->th_flags & TH_FIN) strcat(flags, "F"); if(strlen(flags) == 0) strcpy(flags, "None"); fprintf(stdout, "TCP header: Src Port: %d Dst Port: %d Flag(s): %s\n", htons(tcphdr->th_sport), htons(tcphdr->th_dport), flags); fprintf(stdout, "\t Window: %d ", htons(tcphdr->th_win)); if(tcphdr->th_seq > 0) fprintf(stdout, "Seqn: %lu ", (u_long)ntohl(tcphdr->th_seq)); if(tcphdr->th_ack > 0) fprintf(stdout, "Ackn: %lu ", (u_long)ntohl(tcphdr->th_ack)); if(tcphdr->th_urp) fprintf(stdout, "Urg: %d ", ntohs(tcphdr->th_urp)); fprintf(stdout, "\n"); return; } packit-1.5/src/print_tcp_hdr.h000066400000000000000000000021601304023723400164260ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_TCP_HDR_H #define __PRINT_TCP_HDR_H #include "globals.h" #include "inject_defs.h" void print_tcp_hdr(u_int8_t *); #endif /* __PRINT_TCP_HDR_H */ packit-1.5/src/print_ts.c000066400000000000000000000040571304023723400154330ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_ts.h" void print_ts(struct timeval ts) { char timestamp[TIMESTAMP_MAXLEN]; struct tm *ltm; struct timeval tv, *tvp; #ifdef DEBUG fprintf(stdout, "DEBUG: print_ts()\n"); #endif ltm = malloc(sizeof(struct tm)); memset(ltm, 0, sizeof(struct tm)); memset(&tv, 0, sizeof(struct timeval)); tvp = malloc(sizeof(struct timeval)); memset(tvp, 0, sizeof(struct timeval)); if(g_time_gmt) snprintf(timestamp, TIMESTAMP_MAXLEN, "%02lu:%02lu:%02lu.%06lu", (u_long)(ts.tv_sec % 86400) / 3600, (u_long)((ts.tv_sec % 86400) % 3600) / 60, (u_long)(ts.tv_sec % 86400) % 40, (u_long)ts.tv_usec); else { tvp = &tv; gettimeofday(tvp, NULL); ltm = localtime((time_t *) & tvp->tv_sec); snprintf(timestamp, TIMESTAMP_MAXLEN, "%02lu:%02lu:%02lu.%06lu", (u_long)ltm->tm_hour, (u_long)ltm->tm_min, (u_long)ltm->tm_sec, (u_long)ts.tv_usec); } fprintf(stdout, "Timestamp: %s\n", timestamp); return; } packit-1.5/src/print_ts.h000066400000000000000000000022331304023723400154320ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_TIMESTAMP_H #define __PRINT_TIMESTAMP_H #include "globals.h" #include "capture_defs.h" #define TIMESTAMP_MAXLEN 64 void print_ts(struct timeval); #endif /* __PRINT_TIMESTAMP_H */ packit-1.5/src/print_udp_hdr.c000066400000000000000000000026631304023723400164330ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "print_udp_hdr.h" void print_udp_hdr(u_int8_t *packet) { struct libnet_udp_hdr *udphdr; #ifdef DEBUG fprintf(stdout, "DEBUG: print_udp_hdr()\n"); #endif udphdr = (struct libnet_udp_hdr *)(packet + IPV4_H + g_hdr_len); fprintf(stdout, "UDP header: Src Port: %d Dst Port: %d Len: %d ", htons(udphdr->uh_sport), htons(udphdr->uh_dport), ntohs(udphdr->uh_ulen)); fprintf(stdout, "\n"); return; } packit-1.5/src/print_udp_hdr.h000066400000000000000000000021351304023723400164320ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __PRINT_UDP_HDR_H #define __PRINT_UDP_HDR_H #include "globals.h" void print_udp_hdr(u_int8_t *packet); #endif /* __PRINT_UDP_HDR_H */ packit-1.5/src/shape_arp_hdr.c000066400000000000000000000117201304023723400163630ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "shape_arp_hdr.h" libnet_t * shape_arp_hdr(libnet_t *g_pkt_d) { u_int32_t i, s_paddr, r_paddr; u_int8_t s_neaddr[6]; u_int8_t r_neaddr[6]; struct libnet_ether_addr *hw_addr; #ifdef DEBUG fprintf(stdout, "DEBUG: shape_arp_hdr()\n"); #endif hw_addr = malloc(sizeof(struct libnet_ether_addr)); memset(hw_addr, 0, sizeof(struct libnet_ether_addr)); s_paddr = r_paddr = 0; if(g_ahdr_o.rand_s_paddr) g_ahdr_o.s_paddr = retrieve_rand_ipv4_addr(g_ahdr_o.s_paddr); if(g_ahdr_o.rand_r_paddr) g_ahdr_o.r_paddr = retrieve_rand_ipv4_addr(g_ahdr_o.r_paddr); if(g_ahdr_o.rand_s_eaddr) g_ahdr_o.s_eaddr = retrieve_rand_ethernet_addr(g_ahdr_o.s_eaddr); if(g_ahdr_o.rand_r_eaddr) g_ahdr_o.r_eaddr = retrieve_rand_ethernet_addr(g_ahdr_o.r_eaddr); if(g_ahdr_o.s_paddr == NULL) { switch(g_ahdr_o.op_type) { case ARPOP_REQUEST: case ARPOP_REVREQUEST: if((s_paddr = libnet_get_ipaddr4(g_pkt_d)) == -1) fatal_error("Unable to retrieve local IP address: %s", libnet_geterror(g_pkt_d)); g_ahdr_o.s_paddr = (u_int8_t*)libnet_addr2name4(s_paddr, 0); break; default: g_ahdr_o.s_paddr = IPV4_DEFAULT; break; } } if((s_paddr = libnet_name2addr4(g_pkt_d, (char*)g_ahdr_o.s_paddr, 0)) == -1) fatal_error("Invalid sender protocol address: %s", g_ahdr_o.s_paddr); if(g_ahdr_o.s_eaddr == NULL) { switch(g_ahdr_o.op_type) { case ARPOP_REQUEST: case ARPOP_REVREQUEST: if((hw_addr = libnet_get_hwaddr(g_pkt_d)) == NULL) fatal_error("Unable to determine ethernet address: %s", libnet_geterror(g_pkt_d)); for(i = 0; i < 6; i++) s_neaddr[i] = hw_addr->ether_addr_octet[i]; break; default: g_ahdr_o.s_eaddr = (u_int8_t *) ETH_DEFAULT; break; } } if(format_ethernet_addr(g_ahdr_o.s_eaddr, s_neaddr) == 0) fatal_error("Invalid sender ethernet address"); snprintf((char*)g_ahdr_o.shw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", s_neaddr[0], s_neaddr[1], s_neaddr[2], s_neaddr[3], s_neaddr[4], s_neaddr[5]); if(g_ahdr_o.r_paddr == NULL) { switch(g_ahdr_o.op_type) { case ARPOP_REPLY: case ARPOP_REQUEST: if((r_paddr = libnet_get_ipaddr4(g_pkt_d)) == -1) fatal_error("Unable to retrieve local IP address: %s", libnet_geterror(g_pkt_d)); g_ahdr_o.r_paddr = (u_int8_t*)libnet_addr2name4(r_paddr, 0); break; default: g_ahdr_o.r_paddr = IPV4_DEFAULT; break; } } if((r_paddr = libnet_name2addr4(g_pkt_d, (char*)g_ahdr_o.r_paddr, 0)) == -1) fatal_error("Invalid receiver protocol address: %s", g_ahdr_o.r_paddr); if(g_ahdr_o.r_eaddr == NULL) { switch(g_ahdr_o.op_type) { case ARPOP_REPLY: case ARPOP_REVREPLY: if((hw_addr = libnet_get_hwaddr(g_pkt_d)) == NULL) fatal_error("Unable to determine ethernet address: %s", libnet_geterror(g_pkt_d)); for(i = 0; i < 6; i++) r_neaddr[i] = hw_addr->ether_addr_octet[i]; break; default: g_ahdr_o.r_eaddr = (u_int8_t *) ETH_DEFAULT; break; } } if(format_ethernet_addr(g_ahdr_o.r_eaddr, r_neaddr) == 0) fatal_error("Invalid receiver ethernet address"); snprintf((char*)g_ahdr_o.rhw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", r_neaddr[0], r_neaddr[1], r_neaddr[2], r_neaddr[3], r_neaddr[4], r_neaddr[5]); if(libnet_build_arp( ARPHRD_ETHER, ETHERTYPE_IP, 6, 4, g_ahdr_o.op_type, s_neaddr, (u_int8_t *)&s_paddr, r_neaddr, (u_int8_t *)&r_paddr, g_payload, g_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build ARP header: %s", libnet_geterror(g_pkt_d)); } return g_pkt_d; } packit-1.5/src/shape_arp_hdr.h000066400000000000000000000022101304023723400163620ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_ARP_HDR_H #define __SHAPE_ARP_HDR_H #include "globals.h" #include "inject_defs.h" #include "utils.h" libnet_t *shape_arp_hdr(libnet_t *); #endif /* __SHAPE_ARP_HDR_H */ packit-1.5/src/shape_defs.h000066400000000000000000000023031304023723400156670ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_DEFS_H #define __SHAPE_DEFS_H #include "shape_arp_hdr.h" #include "shape_ethernet_hdr.h" #include "shape_icmpv4_hdr.h" #include "shape_ipv4_hdr.h" #include "shape_tcp_hdr.h" #include "shape_udp_hdr.h" #endif /* __SHAPE_DEFS_H */ packit-1.5/src/shape_ethernet_hdr.c000066400000000000000000000070311304023723400174170ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "shape_ethernet_hdr.h" libnet_t * shape_ethernet_hdr(libnet_t *g_pkt_d) { int i; u_int8_t us_addr[6]; u_int8_t ud_addr[6]; struct libnet_ether_addr *hw_addr; #ifdef DEBUG fprintf(stdout, "DEBUG: shape_ethernet_hdr()\n"); #endif hw_addr = malloc(sizeof(struct libnet_ether_addr)); memset(hw_addr, 0, sizeof(struct libnet_ether_addr)); if(g_ehdr_o.rand_s_addr) g_ehdr_o.s_addr = retrieve_rand_ethernet_addr(g_ehdr_o.s_addr); if(g_ehdr_o.rand_d_addr) g_ehdr_o.d_addr = retrieve_rand_ethernet_addr(g_ehdr_o.d_addr); if(g_ehdr_o.s_addr == NULL) { if((hw_addr = libnet_get_hwaddr(g_pkt_d)) == NULL) fatal_error("Unable to determine ethernet address: %s", libnet_geterror(g_pkt_d)); for(i = 0; i < 6; i++) us_addr[i] = hw_addr->ether_addr_octet[i]; } else if(format_ethernet_addr(g_ehdr_o.s_addr, us_addr) == 0) fatal_error("Invalid source ethernet address"); snprintf((char*)g_ehdr_o.shw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", us_addr[0], us_addr[1], us_addr[2], us_addr[3], us_addr[4], us_addr[5]); if(g_ehdr_o.d_addr == NULL && (g_injection_type == ETHERTYPE_ARP || g_injection_type == ETHERTYPE_REVARP)) { g_ehdr_o.d_addr = (u_int8_t *) ETH_BROADCAST; } else if(g_ehdr_o.d_addr == NULL) { fprintf(stderr, "Warning: Using NULL destination ethernet address. Packets may not reach their destination\n"); g_ehdr_o.d_addr = (u_int8_t *) ETH_DEFAULT; } if(format_ethernet_addr(g_ehdr_o.d_addr, ud_addr) == 0) fatal_error("Invalid destination ethernet address"); snprintf((char*)g_ehdr_o.dhw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", ud_addr[0], ud_addr[1], ud_addr[2], ud_addr[3], ud_addr[4], ud_addr[5]); if(libnet_build_ethernet( ud_addr, us_addr, g_injection_type, NULL, 0, g_pkt_d, 0) == -1) { fatal_error("Unable to build ethernet header"); } return g_pkt_d; } libnet_t * shape_ethernet_hdr_auto(libnet_t *g_pkt_d, u_int16_t type) { u_int8_t d_addr[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; #ifdef DEBUG fprintf(stdout, "DEBUG: shape_ethernet_hdr_auto()\n"); #endif if(libnet_autobuild_ethernet( d_addr, type, g_pkt_d) == -1) { fatal_error("Unable to auto-build ethernet header"); } return g_pkt_d; } packit-1.5/src/shape_ethernet_hdr.h000066400000000000000000000024311304023723400174230ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_ETHERNET_H #define __SHAPE_ETHERNET_H #include "globals.h" #include "inject_defs.h" #include "utils.h" libnet_t *shape_ethernet_hdr(libnet_t *pkt_d); libnet_t *shape_ethernet_hdr_auto(libnet_t *pkt_d, u_int16_t); #endif /* __SHAPE_ETHERNET_H */ packit-1.5/src/shape_icmpv4_hdr.c000066400000000000000000000261451304023723400170120ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "shape_icmpv4_hdr.h" libnet_t * shape_icmpv4_hdr(libnet_t *g_pkt_d) { u_int8_t ih_payload[8]; u_int32_t ih_payload_len = 8; u_int32_t ihn_gw, ihn_mask = 0; u_int32_t ihn_saddr, ihn_daddr; u_int32_t orig_hlen = IPV4_H + ICMPV4_H; #ifdef DEBUG fprintf(stdout, "DEBUG: shape_icmpv4_hdr(): type: %d code: %d\n", g_i4hdr_o.type, g_i4hdr_o.code); #endif g_ip4hdr_o.p = IPPROTO_ICMP; switch(g_i4hdr_o.type) { case ICMP_ECHOREPLY: case ICMP_ECHO: default: #ifdef DEBUG fprintf(stdout, "DEBUG: Building ICMP echo header\n"); #endif if(g_i4hdr_o.rand_seqn) g_i4hdr_o.seqn = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_i4hdr_o.rand_id) g_i4hdr_o.id = (u_int16_t)retrieve_rand_int(P_UINT16); g_hdr_len = ICMPV4_ECHO_H; if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_icmpv4_echo( g_i4hdr_o.type, g_i4hdr_o.code, 0, g_i4hdr_o.id, g_i4hdr_o.seqn, g_payload, g_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build ICMPv4 echo header: %s", libnet_geterror(g_pkt_d)); } break; case ICMP_UNREACH: case ICMP_REDIRECT: case ICMP_TIMXCEED: if(g_i4hdr_o.orig_p == IPPROTO_TCP) orig_hlen = IPV4_H + TCP_H; else if(g_i4hdr_o.orig_p == IPPROTO_UDP) orig_hlen = IPV4_H + UDP_H; else if(g_i4hdr_o.orig_p == IPPROTO_ICMP) orig_hlen = IPV4_H + ICMPV4_H; if(g_i4hdr_o.rand_orig_s_addr) g_i4hdr_o.orig_s_addr = retrieve_rand_ipv4_addr(g_i4hdr_o.orig_s_addr); if(g_i4hdr_o.rand_orig_d_addr) g_i4hdr_o.orig_d_addr = retrieve_rand_ipv4_addr(g_i4hdr_o.orig_d_addr); if(g_i4hdr_o.rand_orig_id) g_i4hdr_o.orig_id = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_i4hdr_o.rand_orig_s_port) g_i4hdr_o.orig_s_port = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_i4hdr_o.rand_orig_d_port) g_i4hdr_o.orig_d_port = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_i4hdr_o.orig_s_addr == NULL) fatal_error("No original source IP address defined"); if((ihn_saddr = libnet_name2addr4(g_pkt_d, (char*)g_i4hdr_o.orig_s_addr, 1)) == -1) fatal_error("Invalid original source IP address: %s", g_i4hdr_o.orig_s_addr); if(g_i4hdr_o.orig_d_addr == NULL) fatal_error("No original destination IP address defined"); if((ihn_daddr = libnet_name2addr4(g_pkt_d, (char*)g_i4hdr_o.orig_d_addr, 1)) == -1) fatal_error("Invalid original destination IP address: %s", g_i4hdr_o.orig_d_addr); ih_payload[0] = (g_i4hdr_o.orig_s_port >> 8) & 0xff; ih_payload[1] = g_i4hdr_o.orig_s_port & 0xff; ih_payload[2] = (g_i4hdr_o.orig_d_port >> 8) & 0xff; ih_payload[3] = g_i4hdr_o.orig_d_port & 0xff; ih_payload[4] = 0; ih_payload[5] = 32; ih_payload[6] = 0; ih_payload[7] = 0; ih_payload_len = 8; if(g_i4hdr_o.type == ICMP_UNREACH) { #ifdef DEBUG fprintf(stdout, "DEBUG: Building ICMP unreachable header\n"); #endif g_hdr_len = ICMPV4_UNREACH_H; if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_ipv4( orig_hlen, g_i4hdr_o.orig_tos, g_i4hdr_o.orig_id, 0, g_i4hdr_o.orig_ttl, g_i4hdr_o.orig_p, g_i4hdr_o.orig_sum, ihn_saddr, ihn_daddr, ih_payload, ih_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build original IP header: %s", libnet_geterror(g_pkt_d)); } if(libnet_build_icmpv4_unreach( g_i4hdr_o.type, g_i4hdr_o.code, 0, NULL, 0, g_pkt_d, 0) == -1) { fatal_error("Unable to build ICMPv4 unreach header: %s", libnet_geterror(g_pkt_d)); } } else if(g_i4hdr_o.type == ICMP_REDIRECT) { #ifdef DEBUG fprintf(stdout, "DEBUG: Building ICMP redirect header\n"); #endif if(g_i4hdr_o.rand_gw) g_i4hdr_o.gw = retrieve_rand_ipv4_addr(g_i4hdr_o.gw); if(g_i4hdr_o.gw == NULL) fatal_error("No gateway IP address defined"); if((ihn_gw = libnet_name2addr4(g_pkt_d, (char*)g_i4hdr_o.gw, 1)) == -1) fatal_error("Invalid gateway IP address: %s", g_i4hdr_o.gw); g_hdr_len = ICMPV4_REDIRECT_H; if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_ipv4( orig_hlen, g_i4hdr_o.orig_tos, g_i4hdr_o.orig_id, 0, g_i4hdr_o.orig_ttl, g_i4hdr_o.orig_p, g_i4hdr_o.orig_sum, ihn_saddr, ihn_daddr, ih_payload, ih_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build original IP header: %s", libnet_geterror(g_pkt_d)); } if(libnet_build_icmpv4_redirect( g_i4hdr_o.type, g_i4hdr_o.code, 0, ihn_gw, NULL, 0, g_pkt_d, 0) == -1) { fatal_error("Unable to build ICMPv4 redirect header: %s", libnet_geterror(g_pkt_d)); } } else if(g_i4hdr_o.type == ICMP_TIMXCEED) { #ifdef DEBUG fprintf(stdout, "DEBUG: Building ICMP timelimit exceeded header\n"); #endif g_hdr_len = ICMPV4_TIMXCEED_H; if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_ipv4( orig_hlen, g_i4hdr_o.orig_tos, g_i4hdr_o.orig_id, 0, g_i4hdr_o.orig_ttl, g_i4hdr_o.orig_p, g_i4hdr_o.orig_sum, ihn_saddr, ihn_daddr, ih_payload, ih_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build original IP header: %s", libnet_geterror(g_pkt_d)); } if(libnet_build_icmpv4_timeexceed( g_i4hdr_o.type, g_i4hdr_o.code, 0, NULL, 0, g_pkt_d, 0) == -1) { fatal_error("Unable to build ICMPv4 timeexceed header: %s", libnet_geterror(g_pkt_d)); } } break; case ICMP_TSTAMP: case ICMP_TSTAMPREPLY: #ifdef DEBUG fprintf(stdout, "DEBUG: Building ICMP timestamp header\n"); #endif if(g_i4hdr_o.rand_seqn) g_i4hdr_o.seqn = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_i4hdr_o.rand_id) g_i4hdr_o.id = (u_int16_t)retrieve_rand_int(P_UINT16); g_hdr_len = ICMPV4_TSTAMP_H; if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_icmpv4_timestamp( g_i4hdr_o.type, g_i4hdr_o.code, 0, g_i4hdr_o.id, g_i4hdr_o.seqn, g_i4hdr_o.otime, g_i4hdr_o.rtime, g_i4hdr_o.ttime, g_payload, g_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build ICMPv4 timestamp header: %s", libnet_geterror(g_pkt_d)); } break; case ICMP_MASKREQ: case ICMP_MASKREPLY: #ifdef DEBUG fprintf(stdout, "DEBUG: Building ICMP mask header\n"); #endif if(g_i4hdr_o.rand_seqn) g_i4hdr_o.seqn = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_i4hdr_o.rand_id) g_i4hdr_o.id = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_i4hdr_o.mask != NULL) if((ihn_mask = libnet_name2addr4(g_pkt_d, (char*)g_i4hdr_o.mask, 1)) == -1) fatal_error("Invalid mask address: %s", g_i4hdr_o.mask); g_hdr_len = ICMPV4_MASK_H; if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_icmpv4_mask( g_i4hdr_o.type, g_i4hdr_o.code, (g_i4hdr_o.mask != NULL) ? ihn_mask : 0, g_i4hdr_o.id, g_i4hdr_o.seqn, ihn_mask, g_payload, g_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build ICMPv4 mask header: %s", libnet_geterror(g_pkt_d)); } break; } return g_pkt_d; } packit-1.5/src/shape_icmpv4_hdr.h000066400000000000000000000022061304023723400170070ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_ICMPV4_HDR_H #define __SHAPE_ICMPV4_HDR_H #include "globals.h" #include "inject_defs.h" libnet_t *shape_icmpv4_hdr(libnet_t *pkt_d); #endif /* __SHAPE_ICMPV4_HDR_H */ packit-1.5/src/shape_ipv4_hdr.c000066400000000000000000000061671304023723400164740ustar00rootroot00000000000000/* * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2015 Joao Eriberto Mota Filho * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit * */ #include "shape_ipv4_hdr.h" libnet_t * shape_ipv4_hdr(libnet_t *g_pkt_d) { #ifdef DEBUG fprintf(stdout, "DEBUG: shape_ipv4_hdr()\n"); #endif if(g_ip4hdr_o.rand_s_addr) g_ip4hdr_o.s_addr = retrieve_rand_ipv4_addr(g_ip4hdr_o.s_addr); if(g_ip4hdr_o.rand_d_addr) g_ip4hdr_o.d_addr = retrieve_rand_ipv4_addr(g_ip4hdr_o.d_addr); if(g_ip4hdr_o.s_addr == NULL) { if((g_ip4hdr_o.n_saddr = libnet_get_ipaddr4(g_pkt_d)) == -1) fatal_error("Unable to retrieve local IP address: %s", libnet_geterror(g_pkt_d)); g_ip4hdr_o.s_addr = (u_int8_t*)libnet_addr2name4(g_ip4hdr_o.n_saddr, 1); } else if((g_ip4hdr_o.n_saddr = libnet_name2addr4(g_pkt_d, (char*)g_ip4hdr_o.s_addr, 1)) == -1) fatal_error("Invalid source IP address: %s", g_ip4hdr_o.s_addr); if(g_ip4hdr_o.d_addr == NULL) fatal_error("No destination IP address defined"); if((g_ip4hdr_o.n_daddr = libnet_name2addr4(g_pkt_d, (char*)g_ip4hdr_o.d_addr, 1)) == -1) fatal_error("Invalid destination IP address: %s", g_ip4hdr_o.d_addr); #ifdef DEBUG fprintf(stdout, "DEBUG: source IP: %s destination IP: %s\n", g_ip4hdr_o.d_addr, g_ip4hdr_o.s_addr); #endif if(g_ip4hdr_o.rand_p) g_ip4hdr_o.p = (u_int8_t)retrieve_rand_int(P_UINT8); if(g_ip4hdr_o.rand_id) g_ip4hdr_o.id = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_rawip && g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } g_hdr_len = g_hdr_len + IPV4_H + g_payload_len; if(libnet_build_ipv4( g_hdr_len, g_ip4hdr_o.tos, g_ip4hdr_o.id, g_ip4hdr_o.frag, g_ip4hdr_o.ttl, g_ip4hdr_o.p, g_ip4hdr_o.sum, g_ip4hdr_o.n_saddr, g_ip4hdr_o.n_daddr, (g_rawip) ? g_payload : NULL, (g_rawip) ? g_payload_len : 0, g_pkt_d, 0) == -1) { fatal_error("Unable to build IP header: %s", libnet_geterror(g_pkt_d)); } return g_pkt_d; } packit-1.5/src/shape_ipv4_hdr.h000066400000000000000000000021711304023723400164700ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_IPV4_HDR_H #define __SHAPE_IPV4_HDR_H #include "globals.h" #include "inject_defs.h" libnet_t *shape_ipv4_hdr(libnet_t *); #endif /* __SHAPE_IPV4_HDR_H */ packit-1.5/src/shape_packet.c000066400000000000000000000051271304023723400162170ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "shape_packet.h" libnet_t * shape_packet() { #ifdef DEBUG fprintf(stdout, "DEBUG: shape_packet()\n"); #endif switch(g_injection_type) { case ETHERTYPE_IP: #ifdef DEBUG fprintf(stdout, "DEBUG: Injecting IP traffic\n"); #endif switch(g_ip4hdr_o.p) { case IPPROTO_TCP: if((g_pkt_d = shape_tcp_hdr(g_pkt_d)) == NULL) return g_pkt_d; break; case IPPROTO_UDP: if((g_pkt_d = shape_udp_hdr(g_pkt_d)) == NULL) return g_pkt_d; break; case IPPROTO_ICMP: if((g_pkt_d = shape_icmpv4_hdr(g_pkt_d)) == NULL) return g_pkt_d; break; } if((g_pkt_d = shape_ipv4_hdr(g_pkt_d)) == NULL) return g_pkt_d; break; case ETHERTYPE_ARP: case ETHERTYPE_REVARP: if((g_pkt_d = shape_arp_hdr(g_pkt_d)) == NULL) return g_pkt_d; break; } if(g_ehdr_o.s_addr || g_ehdr_o.d_addr) { if((g_pkt_d = shape_ethernet_hdr(g_pkt_d)) == NULL) return g_pkt_d; } else if(g_injection_type == ETHERTYPE_ARP || g_injection_type == ETHERTYPE_REVARP) if((g_pkt_d = shape_ethernet_hdr_auto(g_pkt_d, g_injection_type)) == NULL) return g_pkt_d; #ifdef DEBUG fprintf(stdout, "DEBUG: End shape_packet()\n"); #endif return g_pkt_d; } packit-1.5/src/shape_packet.h000066400000000000000000000021771304023723400162260ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_PACKET_H #define __SHAPE_PACKET_H #include "globals.h" #include "shape_defs.h" #include "inject_defs.h" libnet_t *shape_packet(); #endif /* __SHAPE_PACKET_H */ packit-1.5/src/shape_tcp_hdr.c000066400000000000000000000043571304023723400163770ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "shape_tcp_hdr.h" libnet_t * shape_tcp_hdr(libnet_t *g_pkt_d) { int flags; #ifdef DEBUG fprintf(stdout, "DEBUG: shape_tcp_hdr()\n"); #endif g_ip4hdr_o.p = IPPROTO_TCP; g_hdr_len = TCP_H; if(g_rand_s_port) g_s_port = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_rand_d_port) g_d_port = (u_int16_t)retrieve_rand_int(P_UINT16); if((g_thdr_o.rand_seqn && g_thdr_o.syn) == 1) g_thdr_o.seqn = (u_int32_t)retrieve_rand_int(P_INT32); flags = retrieve_tcp_flags(); // If packet length is provided, create a packet with a sequence // as g_payload if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_tcp( g_s_port, g_d_port, g_thdr_o.seqn, g_thdr_o.ackn, flags, g_thdr_o.win, 0, g_thdr_o.urp, g_hdr_len + g_payload_len, g_payload, g_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build TCP header: %s", libnet_geterror(g_pkt_d)); } if(g_port_range) g_d_port++; return g_pkt_d; } packit-1.5/src/shape_tcp_hdr.h000066400000000000000000000022101304023723400163660ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_TCP_HDR_H #define __SHAPE_TCP_HDR_H #include "globals.h" #include "inject_defs.h" #include "utils.h" libnet_t *shape_tcp_hdr(libnet_t *); #endif /* __SHAPE_TCP_HDR_H */ packit-1.5/src/shape_udp_hdr.c000066400000000000000000000036661304023723400164030ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "shape_udp_hdr.h" libnet_t * shape_udp_hdr(libnet_t *g_pkt_d) { #ifdef DEBUG fprintf(stdout, "DEBUG: shape_udp_hdr()\n"); #endif g_hdr_len = UDP_H; g_ip4hdr_o.p = IPPROTO_UDP; if(g_rand_d_port) g_d_port = (u_int16_t)retrieve_rand_int(P_UINT16); if(g_rand_s_port) g_s_port = (u_int16_t)retrieve_rand_int(P_UINT16); // If packet length is provided, create a packet with a sequence // as g_payload if(g_pkt_len) { g_payload = generate_padding(g_hdr_len + IPV4_H, g_pkt_len); g_payload_len = strlen((char*)g_payload); g_pkt_len = 0; } if(libnet_build_udp( g_s_port, g_d_port, g_hdr_len + g_payload_len, 0, g_payload, g_payload_len, g_pkt_d, 0) == -1) { fatal_error("Unable to build UDP header: %s", libnet_geterror(g_pkt_d)); } return g_pkt_d; } packit-1.5/src/shape_udp_hdr.h000066400000000000000000000021651304023723400164010ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __SHAPE_UDP_HDR_H #define __SHAPE_UDP_HDR_H #include "globals.h" #include "inject_defs.h" libnet_t *shape_udp_hdr(libnet_t *); #endif /* __SHAPE_UDP_HDR_H */ packit-1.5/src/stats.c000066400000000000000000000061431304023723400147250ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "stats.h" void injection_stats() { u_int32_t tm_diff; struct libnet_stats ln_stats; #ifdef DEBUG fprintf(stdout, "DEBUG: injection_stats()\n"); #endif memset(&ln_stats, 0, sizeof(struct libnet_stats)); if(g_p_mode == M_TRACE) print_separator(1, 1, "Trace Route Statistics"); else print_separator((g_p_mode == M_INJECT_RESPONSE) ? 1 : 2, 1, "Packet Injection Statistics"); libnet_stats(g_pkt_d, &ln_stats); if((tm_diff = g_af_pcap.tv_sec - g_bf_pcap.tv_sec) == 0) tm_diff = 1; if(g_p_mode == M_INJECT) fprintf(stdout, "Injected: %lu Packets/Sec: %lu.%lu Bytes/Sec: %lu.%lu ", (u_int64_t)ln_stats.packets_sent, (u_int64_t)ln_stats.packets_sent / tm_diff, (u_int64_t)ln_stats.packets_sent % tm_diff, (u_int64_t)ln_stats.bytes_written / tm_diff, (u_int64_t)ln_stats.bytes_written % tm_diff); else if(g_p_mode == M_INJECT_RESPONSE) { fprintf(stdout, "Injected: %lu Received: %lu Loss: %lu.%lu%% Bytes Written: %lu ", (u_int64_t)ln_stats.packets_sent, g_cap_cnt, (u_int64_t)(ln_stats.packets_sent == 0) ? 0 : (100 - (g_cap_cnt * 100) / ln_stats.packets_sent), (u_int64_t)(g_cap_cnt * 100) % ln_stats.packets_sent, (u_int64_t)ln_stats.bytes_written); } else if(g_p_mode == M_TRACE) fprintf(stdout, "Hop Count: %lu Responses: %lu Bytes Written: %lu ", g_inj_cnt, g_cap_cnt, (u_int64_t)ln_stats.bytes_written); fprintf(stdout, "Errors: %lu", (u_int64_t)ln_stats.packet_errors); fprintf(stdout, "\n"); return; } void capture_stats() { struct pcap_stat p_stats; #ifdef DEBUG fprintf(stdout, "DEBUG: capture_stats()\n"); #endif memset(&p_stats, 0, sizeof(struct pcap_stat)); pcap_stats(g_pkt, &p_stats); print_separator(0, 1, "Packet Capture Statistics"); fprintf(stdout, "Received: %u Dropped: %u Processed: %lu", p_stats.ps_recv, p_stats.ps_drop, g_inj_cnt); fprintf(stdout, "\n"); return; } packit-1.5/src/stats.h000066400000000000000000000021461304023723400147310ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __STATS_H #define __STATS_H #include "globals.h" #include "inject_defs.h" void capture_stats(); void injection_stats(); #endif /* __STATS_H */ packit-1.5/src/usage.c000066400000000000000000000164251304023723400146770ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2013 Mats Erik Andersson * Copyright 2015 Joao Eriberto Mota Filho * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "usage.h" void print_usage() { fprintf(stdout, "usage: packit -m mode [-options] 'expression'\n\n"); fprintf(stdout, "Mode:\n"); fprintf(stdout, " -m mode Runtime mode "); #ifdef WITH_INJECTION fprintf(stdout, "(Default: injection)\n"); #else #ifdef WITH_CAPTURE fprintf(stdout, "(Default: capture)\n"); #else fprintf(stdout, "(Default: none)\n"); #endif /* WITH_CAPTURE */ #endif /* WITH_INJECTION */ fprintf(stdout, "\n"); #ifdef WITH_CAPTURE fprintf(stdout, "Packet capture:\n"); fprintf(stdout, " -c count Number of packets to process\n"); fprintf(stdout, " -e Display link-level data\n"); fprintf(stdout, " -G Display time in GMT\n"); fprintf(stdout, " -i device Select listening interface\n"); fprintf(stdout, " -n Disable IP/host resolution\n"); fprintf(stdout, " -nn Disable port/service resolution\n"); fprintf(stdout, " -nnn Disable IP/host and port/service resolution\n"); fprintf(stdout, " -r file Read data from file\n"); fprintf(stdout, " -s snaplen Bytes of data to read from each packet (Default: 68)\n"); fprintf(stdout, " -v Verbose packet capture\n"); fprintf(stdout, " -w file Write data to file\n"); fprintf(stdout, " -X Dump the packet in hex and ascii\n"); fprintf(stdout, "\n"); #endif /* WITH_CAPTURE */ #ifdef WITH_INJECTION fprintf(stdout, "Packet injection:\n"); fprintf(stdout, " -t proto Select protocol for injection (Default: TCP) \n"); fprintf(stdout, "\n"); fprintf(stdout, "TCP/UDP header options\n"); fprintf(stdout, " -a ack Acknowledgement number\n"); fprintf(stdout, " -D port Destination port (Range format: start-end)\n"); fprintf(stdout, " -F flags Flags (format: -F UAPRSF)\n"); fprintf(stdout, " -q seq Sequence number\n"); fprintf(stdout, " -S port Source port (Default: Random)\n"); fprintf(stdout, " -u urg Urgent pointer\n"); fprintf(stdout, " -W size Window size (Default: 65535)\n"); fprintf(stdout, "\n"); fprintf(stdout, "ICMPv4 header options\n"); fprintf(stdout, " General:\n"); fprintf(stdout, " -C code Code (Default: 0)\n"); fprintf(stdout, " -K type Type (Default: 8)\n"); fprintf(stdout, "\n"); fprintf(stdout, " Echo(0) / Echo Reply(8):\n"); fprintf(stdout, " -N id ID number\n"); fprintf(stdout, " -Q seq Sequence number\n"); fprintf(stdout, "\n"); fprintf(stdout, " Unreachable(3) / Redirect(5) / Time Exceeded(11):\n"); fprintf(stdout, " -g gateway Redirect gateway host (ICMP Redirect only)\n"); fprintf(stdout, " -j address Original source address\n"); fprintf(stdout, " -J port Original source port\n"); fprintf(stdout, " -l address Original destination address\n"); fprintf(stdout, " -L port Original destination port\n"); fprintf(stdout, " -m ttl Original time to live\n"); fprintf(stdout, " -M id Original ID number\n"); fprintf(stdout, " -O tos Original type of service\n"); fprintf(stdout, " -P proto Original protocol (Default: UDP)\n"); fprintf(stdout, "\n"); fprintf(stdout, " Mask Request(17) / Mask Reply(18):\n"); fprintf(stdout, " -N id ID number\n"); fprintf(stdout, " -Q seq Sequence number\n"); fprintf(stdout, " -G mask Address mask\n"); fprintf(stdout, "\n"); fprintf(stdout, " Timestamp Request(13) / Timestamp Reply(14):\n"); fprintf(stdout, " -N id ID number\n"); fprintf(stdout, " -Q seq Sequence number\n"); fprintf(stdout, " -U ts Original timestamp\n"); fprintf(stdout, " -k ts Received timestamp\n"); fprintf(stdout, " -z ts Transmit timestamp\n"); fprintf(stdout, "\n"); fprintf(stdout, "IP header options\n"); fprintf(stdout, " -d address Destination address\n"); fprintf(stdout, " -f Don't fragment\n"); fprintf(stdout, " -n id ID number\n"); fprintf(stdout, " -o tos Type of service\n"); fprintf(stdout, " -s address Source address\n"); fprintf(stdout, " -T ttl Time to live (Default: 128)\n"); fprintf(stdout, " -V ipproto IP protocol number (RAWIP only)\n"); fprintf(stdout, "\n"); #ifndef MACOS fprintf(stdout, "ARP and RARP header options\n"); fprintf(stdout, " -A op Operation type (Default: 1 (ARP request)\n"); fprintf(stdout, " and 3 (Reverse ARP request))\n"); fprintf(stdout, " -x address Source protocol address\n"); fprintf(stdout, " -X hwaddr Source hardware address\n"); fprintf(stdout, " -y address Destination protocol address\n"); fprintf(stdout, " -Y hwaddr Destination hardware address\n"); fprintf(stdout, "\n"); fprintf(stdout, "Ethernet header options\n"); fprintf(stdout, " -e ethaddr Source ethernet address\n"); fprintf(stdout, " -E ethaddr Destination ethernet address\n"); fprintf(stdout, "\n"); #endif /* MACOS */ fprintf(stdout, "General options\n"); fprintf(stdout, " -b burst Send 'burst' packets per interval (Default: 1)\n"); fprintf(stdout, " -c count Number of packets to inject (Default: 1)\n"); fprintf(stdout, " -h Display remote host response (Inject mode only)\n"); fprintf(stdout, " -H seconds Specify the timeout value for '-h' (Default: 1, Max: 255)\n"); fprintf(stdout, " -i device Select injection interface\n"); fprintf(stdout, " -p payload Payload (Hex payload is prefixed with '0x ')\n"); fprintf(stdout, " -R Disable IP/host resolution\n"); fprintf(stdout, " -v Verbose packet injection\n"); fprintf(stdout, " -w seconds Interval between injecting each burst (Default: 1)\n"); fprintf(stdout, " -Z length Specify the size of the packet to inject (Overrides the -p option)\n"); fprintf(stdout, "\n"); #endif /* WITH_INJECTION */ fprintf(stdout, "Version: %s\n", P_VERSION); // fprintf(stdout, "Author: %s\n", P_AUTHOR); fprintf(stdout, "Website: %s\n", P_SITE); fprintf(stdout, "\nSee the man page for more options, detailed descriptions and examples.\n\n"); exit(SUCCESS); } packit-1.5/src/usage.h000066400000000000000000000021311304023723400146710ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __USAGE_H #define __USAGE_H #include "globals.h" #include "usage.h" #include "error.h" void print_usage(); #endif /* __USAGE_H */ packit-1.5/src/utils.c000066400000000000000000000346701304023723400147350ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2015 Gentoo Linux * Copyright 2016-2017 Robert Krause * Copyright 2017 Sharad B * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #include "utils.h" u_int32_t retrieve_rand_int(u_int32_t r_size) { static u_int32_t r_int; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_rand_int()\n"); #endif r_int++; srand(time(0) ^ getpid() * r_int); r_int = rand() % r_size; return r_int; } u_int16_t retrieve_datalink_hdr_len(u_int32_t d_link) { u_int16_t len = 0; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_datalink_hdr_len()\n"); #endif switch(d_link) { case DLT_NULL: len = 4; break; case DLT_EN10MB: len = ETH_H; break; default: len = ETH_H; break; } #ifdef DEBUG fprintf(stdout, "DEBUG: g_hdr_len: %d\n", len); #endif return len; } u_int8_t *retrieve_rand_ipv4_addr(u_int8_t *ip) { u_int8_t oct, oct_cnt; #ifdef DEBUG fprintf(stdout, "DEBUG: retrive_rand_ipv4_addr()\n"); #endif for(oct_cnt = 1; oct_cnt < 5; oct_cnt++) { while(1) { oct = (u_int8_t)retrieve_rand_int(0xFF); if(oct_cnt != 1 || (oct_cnt == 1 && oct > 0 && oct < 239)) break; } if(oct_cnt != 1) sprintf((char*)ip, "%s.%d", ip, oct); else sprintf((char*)ip, "%d", oct); } return ip; } u_int8_t *retrieve_rand_ethernet_addr(u_int8_t *eaddr) { u_int16_t oct, oct_cnt; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_rand_ethernet_addr()\n"); #endif for(oct_cnt = 1; oct_cnt < 7; oct_cnt++) { oct = (u_int8_t)retrieve_rand_int(0xFF); if(oct_cnt != 1) sprintf((char*)eaddr, "%s:%0x", eaddr, oct); else sprintf((char*)eaddr, "%0x", oct); } return eaddr; } void print_separator(int bnl, int anl, char *msgp, ...) { u_int16_t i; u_int16_t max_len = 76; u_int16_t msg_len = 0; char msg[255]; va_list va; #ifdef DEBUG fprintf(stdout, "DEBUG: print_separator()\n"); #endif va_start(va, msgp); vsnprintf(msg, 255, msgp, va); msg_len = strlen(msg); for(i = 0; i < bnl; i++) fprintf(stdout, "\n"); fprintf(stdout, "-| %s |-", msg); for(i = 0; i < (max_len - msg_len - 6); i++) fprintf(stdout, "-"); for(i = 0; i < anl; i++) fprintf(stdout, "\n"); return; } char *retrieve_icmp_code(u_int16_t type, u_int16_t code) { char *icmp_c; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_icmp_code()\n"); #endif icmp_c = malloc(sizeof(char) * 32); if(type == ICMP_UNREACH) { switch(code) { case ICMP_UNREACH_NET: sprintf(icmp_c, "Network"); break; case ICMP_UNREACH_HOST: sprintf(icmp_c, "Host"); break; case ICMP_UNREACH_PROTOCOL: sprintf(icmp_c, "Protocol"); break; case ICMP_UNREACH_PORT: sprintf(icmp_c, "Port"); break; case ICMP_UNREACH_NEEDFRAG: sprintf(icmp_c, "Need Fragment"); break; case ICMP_UNREACH_SRCFAIL: sprintf(icmp_c, "Source Fail"); break; case ICMP_UNREACH_NET_UNKNOWN: sprintf(icmp_c, "Network Unknown"); break; case ICMP_UNREACH_HOST_UNKNOWN: sprintf(icmp_c, "Host Unknown"); break; case ICMP_UNREACH_ISOLATED: sprintf(icmp_c, "Isolated"); break; case ICMP_UNREACH_NET_PROHIB: sprintf(icmp_c, "Network Prohibited"); break; case ICMP_UNREACH_HOST_PROHIB: sprintf(icmp_c, "Host Prohibited"); break; case ICMP_UNREACH_TOSNET: sprintf(icmp_c, "ToS Network"); break; case ICMP_UNREACH_TOSHOST: sprintf(icmp_c, "ToS Host"); break; case ICMP_UNREACH_FILTER_PROHIB: sprintf(icmp_c, "Filter Prohibited"); break; case ICMP_UNREACH_HOST_PRECEDENCE: sprintf(icmp_c, "Host Precedence"); break; case ICMP_UNREACH_PRECEDENCE_CUTOFF: sprintf(icmp_c, "Precedence Cutoff"); break; default: sprintf(icmp_c, "Unknown"); break; } } else if(type == ICMP_REDIRECT) { switch(code) { case ICMP_REDIRECT_NET: sprintf(icmp_c, "Network"); break; case ICMP_REDIRECT_HOST: sprintf(icmp_c, "Host"); break; case ICMP_REDIRECT_TOSNET: sprintf(icmp_c, "ToS Net"); break; case ICMP_REDIRECT_TOSHOST: sprintf(icmp_c, "ToS Host"); break; default: sprintf(icmp_c, "Unknown"); break; } } else if(type == ICMP_TIMXCEED) { switch(code) { case ICMP_TIMXCEED_INTRANS: sprintf(icmp_c, "In Transit"); break; case ICMP_TIMXCEED_REASS: sprintf(icmp_c, "Reassembly"); break; default: sprintf(icmp_c, "Unknown"); break; } } else if(type == ICMP_PARAMPROB) { switch(code) { case ICMP_PARAMPROB_OPTABSENT: sprintf(icmp_c, "Missing Option"); break; default: sprintf(icmp_c, "Unknown"); break; } } else { sprintf(icmp_c, "Unknown"); } return icmp_c; } char *retrieve_icmp_type(u_int16_t type) { char *icmp_t; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_icmp_type()\n"); #endif icmp_t = malloc(sizeof(char) * 32); memset(icmp_t, 0, sizeof(char) * 32); switch(type) { case ICMP_ECHOREPLY: sprintf(icmp_t, "Echo Reply"); break; case ICMP_UNREACH: sprintf(icmp_t, "Unreachable"); break; case ICMP_SOURCEQUENCH: sprintf(icmp_t, "Source Quench"); break; case ICMP_REDIRECT: sprintf(icmp_t, "Redirect"); break; case ICMP_ECHO: sprintf(icmp_t, "Echo Request"); break; case ICMP_TIMXCEED: sprintf(icmp_t, "Time Exceeded"); break; case ICMP_PARAMPROB: sprintf(icmp_t, "Param Problem"); break; case ICMP_TSTAMP: sprintf(icmp_t, "Timestamp"); break; case ICMP_TSTAMPREPLY: sprintf(icmp_t, "Timestamp Reply"); break; case ICMP_IREQ: sprintf(icmp_t, "Info Request"); break; case ICMP_IREQREPLY: sprintf(icmp_t, "Info Reply"); break; case ICMP_ROUTERADVERT: sprintf(icmp_t, "Router Advertise"); break; case ICMP_ROUTERSOLICIT: sprintf(icmp_t, "Router Selection"); break; case ICMP_MASKREQ: sprintf(icmp_t, "Address Mask Request"); break; case ICMP_MASKREPLY: sprintf(icmp_t, "Address Mask Reply"); break; case ICMP_TRACEROUTE: sprintf(icmp_t, "Traceroute"); break; default: sprintf(icmp_t, "Unknown"); break; } return icmp_t; } char *retrieve_arp_type(u_int16_t op_type) { char *arp_t; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_arp_type() OPTYPE: %d\n", op_type); #endif arp_t = malloc(sizeof(char) * 32); switch(op_type) { case ARPOP_REQUEST: sprintf(arp_t, "Request"); break; case ARPOP_REPLY: sprintf(arp_t, "Reply"); break; case ARPOP_REVREQUEST: sprintf(arp_t, "Reverse Request"); break; case ARPOP_REVREPLY: sprintf(arp_t, "Reverse Reply"); break; case ARPOP_INVREQUEST: sprintf(arp_t, "Inverse Request"); break; case ARPOP_INVREPLY: sprintf(arp_t, "Inverse Reply"); break; default: sprintf(arp_t, "Unknown"); break; } #ifdef DEBUG fprintf(stdout, "DEBUG: ARP type: %s\n", arp_t); #endif return arp_t; } char *retrieve_arp_hw_type(u_int16_t hw_type) { char *hw_t; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_arp_hw_type() HWTYPE: %d\n", hw_type); #endif hw_t = malloc(sizeof(char) * 32); switch(hw_type) { case ARPHRD_NETROM: sprintf(hw_t, "Net/ROM Pseudo"); break; case ARPHRD_ETHER: sprintf(hw_t, "Ethernet 10/100"); break; case ARPHRD_EETHER: sprintf(hw_t, "Experimental Ethernet"); break; case ARPHRD_AX25: sprintf(hw_t, "AX.25 Level 2"); break; case ARPHRD_PRONET: sprintf(hw_t, "ProNet Token Ring"); break; case ARPHRD_IEEE802: sprintf(hw_t, "IEEE 802.2 Ethernet"); break; case ARPHRD_ARCNET: sprintf(hw_t, "ARCNet"); break; case ARPHRD_APPLETLK: sprintf(hw_t, "AppleTalk"); break; case ARPHRD_LANSTAR: sprintf(hw_t, "Lanstar"); break; case ARPHRD_DLCI: sprintf(hw_t, "Frame Relay DLCI"); break; case ARPHRD_ATM: sprintf(hw_t, "ATM"); break; case ARPHRD_METRICOM: sprintf(hw_t, "Metricom STRIP"); break; case ARPHRD_IPSEC: sprintf(hw_t, "IPsec Tunnel"); break; } #ifdef DEBUG fprintf(stdout, "DEBUG: ARP hardware type: : %s\n", hw_t); #endif return hw_t; } int retrieve_tcp_flags() { int flags = 0; #ifdef DEBUG fprintf(stdout, "DEBUG: retrieve_tcp_flags()\n"); #endif if(g_thdr_o.urg) flags |= TH_URG; if(g_thdr_o.ack) flags |= TH_ACK; if(g_thdr_o.psh) flags |= TH_PUSH; if(g_thdr_o.rst) flags |= TH_RST; if(g_thdr_o.syn) flags |= TH_SYN; if(g_thdr_o.fin) flags |= TH_FIN; return flags; } u_int8_t format_ethernet_addr(u_int8_t *ethstr, u_int8_t u_eaddr[6]) { int i = 0; long base16; char *eptr, *delim = ":"; u_int8_t o_ethstr[18] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; #ifdef DEBUG fprintf(stdout, "DEBUG: format_ethernet_addr()\n"); #endif if(ethstr) strncpy((char*)o_ethstr, (char*)ethstr, 18); else { u_eaddr = o_ethstr; return 1; } for(eptr = strtok((char*)o_ethstr, delim); eptr; eptr = strtok(NULL, delim)) { if((base16 = strtol(eptr, 0, 16)) > 0xff) return 0; u_eaddr[i] = base16; i++; } if(i != 6) return 0; ethstr = o_ethstr; return 1; } u_int16_t parse_port_range(char *rangestr) { char o_rangestr[11], *ptr, *delim = "-"; u_int16_t i, range = 0; int spread[10]; #ifdef DEBUG fprintf(stdout, "DEBUG: parse_port_range(): %s\n", rangestr); #endif if(rangestr) strncpy(o_rangestr, rangestr, 11); for(i = 0, ptr = strtok(o_rangestr, delim); ptr; ptr = strtok(NULL, delim)) { spread[i] = (int)atoi(ptr); if(spread[i] < 1 || spread[i] > 65535) return -1; i++; } rangestr = o_rangestr; range = spread[1] - spread[0] + 1; g_d_port = (u_int16_t)spread[0]; if(range < 1 || i != 2) return -1; return range; } /** * Creates fake payload of size * (packet length) - (current header length) * * The payload consists of u_int8_t values from from 48 .. 126 * followed by 33 .. 126 as many times as needed. * * @param clen - Header length (already being used in the packet) * @param dlen - Packet length * @return malloc'ed u_int8_t array with the new payload */ unsigned char *generate_padding(u_int16_t clen, u_int16_t dlen) { u_int8_t c = 48; unsigned char *string; u_int16_t i; #ifdef DEBUG fprintf(stdout, "DEBUG: generate_padding()\n"); #endif if(dlen < clen) { fprintf(stdout, "Error: Requested packet size less than total header length\n"); return NULL; } string = malloc(sizeof(u_int8_t *) * (dlen - clen + 1)); for(i = 0; clen < dlen; ++i, ++clen) { if(c > 126) c = 33; string[i] = c++; } string[i] = 0; return string; } u_int32_t format_hex_payload(u_int8_t *string) { u_int8_t pl[65535]; char *i, *delim = " "; char tchar[2]; long c; u_int32_t len = 0; #ifdef DEBUG fprintf(stdout, "DEBUG: format_hex_payload()\n"); #endif memcpy(pl, string, 65535); pl[0] = pl[1] = 20; memset(string, 0, 65535); memset(tchar, 0, 2); /* * skip the first 3 chars because we know they are spaces */ for(i = strtok((char*)(pl+3), delim); i; i = strtok(NULL, delim)) { if((c = strtol(i, 0, 16)) > 0xff) return 0; sprintf(tchar,"%c",(u_int8_t)c); strncpy((char*)(string+len),tchar,2); len++; } return len; } packit-1.5/src/utils.h000066400000000000000000000033701304023723400147330ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002 Darren Bounds * Copyright 2016-2017 Robert Krause * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #ifndef __UTILS_H #define __UTILS_H #include "globals.h" #include "inject_defs.h" #include "capture_defs.h" #include "pcap.h" void print_separator(int, int, char *, ...); u_int8_t *retrieve_rand_ipv4_addr(u_int8_t *); u_int8_t *retrieve_rand_ethernet_addr(u_int8_t *); char *retrieve_arp_hw_type(u_int16_t); char *retrieve_arp_type(u_int16_t); char *retrieve_icmp_type(u_int16_t); char *retrieve_icmp_code(u_int16_t, u_int16_t); u_int8_t *generate_padding(u_int16_t, u_int16_t); u_int32_t format_hex_payload(u_int8_t *); u_int16_t parse_port_range(char *); u_int16_t retrieve_datalink_hdr_len(u_int32_t); u_int32_t retrieve_rand_int(u_int32_t); u_int8_t format_ethernet_addr(u_int8_t *, u_int8_t[]); int retrieve_tcp_flags(); #endif /* __UTILS_H */ packit-1.5/src/version.h.in000066400000000000000000000022471304023723400156670ustar00rootroot00000000000000/* * Packit -- network injection and capture tool * * Original author: Darren Bounds * * Copyright 2002-2004 Darren Bounds * Copyright 2016-2017 Joao Eriberto Mota Filho * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * packit official page at https://github.com/eribertomota/packit */ #define P_VERSION "1.5" #define P_AUTHOR "Darren Bounds, Eriberto Mota and others" #define P_SITE "https://github.com/eribertomota/packit"