func TestPackEthIPv4UDPRaw(t *testing.T) {
eth_pkt := eth.Make()
eth_pkt.SrcAddr, _ = net.ParseMAC(hwsrc_str)
eth_pkt.DstAddr, _ = net.ParseMAC(hwdst_str)
ip4_pkt := ipv4.Make()
ip4_pkt.SrcAddr = net.ParseIP(ipsrc_str)
ip4_pkt.DstAddr = net.ParseIP(ipdst_str)
udp_pkt := udp.Make()
udp_pkt.SrcPort = 41562
udp_pkt.DstPort = 8338
raw_pkt := raw.Make()
raw_pkt.Data = []byte("fdg agfh ldfhgk hfdkgh kfjdhsg kshfdgk")
data, err := layers.Pack(eth_pkt, ip4_pkt, udp_pkt, raw_pkt)
if err != nil {
t.Fatalf("Error packing: %s", err)
}
if ip4_pkt.GetLength() != 66 {
t.Fatalf("IPv4 length mismatch: %d", ip4_pkt.GetLength())
}
if udp_pkt.GetLength() != 46 {
t.Fatalf("UDP length mismatch: %d", udp_pkt.GetLength())
}
if !bytes.Equal(test_eth_ipv4_udp_raw, data) {
t.Fatalf("Raw packet mismatch: %x", data)
}
}
func TestPackEthIPv4TCPRaw(t *testing.T) {
eth_pkt := eth.Make()
eth_pkt.SrcAddr, _ = net.ParseMAC(hwsrc_str)
eth_pkt.DstAddr, _ = net.ParseMAC(hwdst_str)
ip4_pkt := ipv4.Make()
ip4_pkt.SrcAddr = net.ParseIP(ipsrc_str)
ip4_pkt.DstAddr = net.ParseIP(ipdst_str)
tcp_pkt := tcp.Make()
tcp_pkt.SrcPort = 41562
tcp_pkt.DstPort = 8338
tcp_pkt.Flags = tcp.Syn
tcp_pkt.WindowSize = 8192
raw_pkt := raw.Make()
raw_pkt.Data = []byte("fdg agfh ldfhgk hfdkgh kfjdhsg kshfdgk")
data, err := layers.Pack(eth_pkt, ip4_pkt, tcp_pkt, raw_pkt)
if err != nil {
t.Fatalf("Error packing: %s", err)
}
if ip4_pkt.GetLength() != 78 {
t.Fatalf("IPv4 length mismatch: %d", ip4_pkt.GetLength())
}
if tcp_pkt.GetLength() != 58 {
t.Fatalf("TCP length mismatch: %d", tcp_pkt.GetLength())
}
if !bytes.Equal(test_eth_ipv4_tcp_raw, data) {
t.Fatalf("Raw packet mismatch: %x", data)
}
}
func main() {
log.SetFlags(0)
usage := `Usage: arp <addr>
Resolve the given IP address using ARP.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 5 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
eth_pkt.DstAddr, _ = net.ParseMAC("ff:ff:ff:ff:ff:ff")
arp_pkt := arp.Make()
arp_pkt.HWSrcAddr = route.Iface.HardwareAddr
arp_pkt.HWDstAddr, _ = net.ParseMAC("00:00:00:00:00:00")
arp_pkt.ProtoSrcAddr, _ = route.GetIfaceIPv4Addr()
arp_pkt.ProtoDstAddr = addr_ip
pkt, err := network.SendRecv(c, timeout, eth_pkt, arp_pkt)
if err != nil {
log.Fatal(err)
}
log.Println(pkt.Payload().(*arp.Packet).HWSrcAddr)
}
func ResolveARP(c capture.Handle, t time.Duration, r *routing.Route, addr net.IP) net.HardwareAddr {
eth_pkt := eth.Make()
eth_pkt.SrcAddr = r.Iface.HardwareAddr
eth_pkt.DstAddr, _ = net.ParseMAC("ff:ff:ff:ff:ff:ff")
arp_pkt := arp.Make()
arp_pkt.HWSrcAddr = r.Iface.HardwareAddr
arp_pkt.HWDstAddr, _ = net.ParseMAC("00:00:00:00:00:00")
arp_pkt.ProtoSrcAddr, _ = r.GetIfaceIPv4Addr()
arp_pkt.ProtoDstAddr = addr
pkt, err := network.SendRecv(c, t, eth_pkt, arp_pkt)
if err != nil {
log.Fatal(err)
}
return pkt.Payload().(*arp.Packet).HWSrcAddr
}
func TestPackEthArp(t *testing.T) {
eth_pkt := eth.Make()
eth_pkt.SrcAddr, _ = net.ParseMAC(hwsrc_str)
eth_pkt.DstAddr, _ = net.ParseMAC("ff:ff:ff:ff:ff:ff")
arp_pkt := arp.Make()
arp_pkt.HWSrcAddr, _ = net.ParseMAC(hwsrc_str)
arp_pkt.HWDstAddr, _ = net.ParseMAC("00:00:00:00:00:00")
arp_pkt.ProtoSrcAddr = net.ParseIP(ipsrc_str)
arp_pkt.ProtoDstAddr = net.ParseIP(ipdst_str)
buf, err := layers.Pack(eth_pkt, arp_pkt)
if err != nil {
t.Fatalf("Error packing: %s", err)
}
if !bytes.Equal(test_eth_arp, buf) {
t.Fatalf("Raw packet mismatch: %x", buf)
}
}
func ExamplePack() {
// Create an Ethernet packet
eth_pkt := eth.Make()
eth_pkt.SrcAddr, _ = net.ParseMAC("4c:72:b9:54:e5:3d")
eth_pkt.DstAddr, _ = net.ParseMAC("ff:ff:ff:ff:ff:ff")
// Create an ARP packet
arp_pkt := arp.Make()
arp_pkt.HWSrcAddr, _ = net.ParseMAC("4c:72:b9:54:e5:3d")
arp_pkt.HWDstAddr, _ = net.ParseMAC("00:00:00:00:00:00")
arp_pkt.ProtoSrcAddr = net.ParseIP("192.168.1.135")
arp_pkt.ProtoDstAddr = net.ParseIP("192.168.1.254")
buf, err := layers.Pack(eth_pkt, arp_pkt)
if err != nil {
log.Fatal(err)
}
// do something with the packet
log.Println(buf)
}
func TestPackEthIPv4UDP(t *testing.T) {
eth_pkt := eth.Make()
eth_pkt.SrcAddr, _ = net.ParseMAC(hwsrc_str)
eth_pkt.DstAddr, _ = net.ParseMAC(hwdst_str)
ip4_pkt := ipv4.Make()
ip4_pkt.SrcAddr = net.ParseIP(ipsrc_str)
ip4_pkt.DstAddr = net.ParseIP(ipdst_str)
udp_pkt := udp.Make()
udp_pkt.SrcPort = 41562
udp_pkt.DstPort = 8338
buf, err := layers.Pack(eth_pkt, ip4_pkt, udp_pkt)
if err != nil {
t.Fatalf("Error packing: %s", err)
}
if !bytes.Equal(test_eth_ipv4_udp, buf) {
t.Fatalf("Raw packet mismatch: %x", buf)
}
}
func TestPackEthIPv4TCP(t *testing.T) {
eth_pkt := eth.Make()
eth_pkt.SrcAddr, _ = net.ParseMAC(hwsrc_str)
eth_pkt.DstAddr, _ = net.ParseMAC(hwdst_str)
ip4_pkt := ipv4.Make()
ip4_pkt.SrcAddr = net.ParseIP(ipsrc_str)
ip4_pkt.DstAddr = net.ParseIP(ipdst_str)
tcp_pkt := tcp.Make()
tcp_pkt.SrcPort = 41562
tcp_pkt.DstPort = 8338
tcp_pkt.Flags = tcp.Syn
tcp_pkt.WindowSize = 8192
buf, err := layers.Pack(eth_pkt, ip4_pkt, tcp_pkt)
if err != nil {
t.Fatalf("Error packing: %s", err)
}
if !bytes.Equal(test_eth_ipv4_tcp, buf) {
t.Fatalf("Raw packet mismatch: %x", buf)
}
}
func main() {
log.SetFlags(0)
usage := `Usage: traceroute (--icmp | --udp | --tcp ) <addr>
Find the route to the given IP address using ICMP, UDP or TCP packets.
Options:
--icmp Use ICMP packets.
--udp Use UDP packets.
--tcp Use TCP packets.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 5 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
if route.Default {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
} else {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
}
ipv4_pkt := ipv4.Make()
ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
ipv4_pkt.DstAddr = addr_ip
ipv4_pkt.Id = uint16(rand.Intn(math.MaxUint16))
ipv4_pkt.TTL = 1
var payload_pkt packet.Packet
if args["--icmp"].(bool) {
icmp_pkt := icmpv4.Make()
icmp_pkt.Type = icmpv4.EchoRequest
icmp_pkt.Id = uint16(rand.Intn(math.MaxUint16))
icmp_pkt.Seq = 1
payload_pkt = icmp_pkt
}
if args["--udp"].(bool) {
udp_pkt := udp.Make()
udp_pkt.SrcPort = 49152
udp_pkt.DstPort = 33434
raw_pkt := raw.Make()
raw_pkt.Data = make([]byte, 40-udp_pkt.GetLength())
for i := 0; i < len(raw_pkt.Data); i++ {
raw_pkt.Data[i] = byte(0x40 + (i & 0x3f))
}
udp_pkt.SetPayload(raw_pkt)
payload_pkt = udp_pkt
}
if args["--tcp"].(bool) {
tcp_pkt := tcp.Make()
tcp_pkt.SrcPort = 49152
tcp_pkt.DstPort = 80
tcp_pkt.Flags = tcp.Syn | tcp.ECE | tcp.Cwr
tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32))
tcp_pkt.WindowSize = 5840
raw_pkt := raw.Make()
raw_pkt.Data = make([]byte, 40-tcp_pkt.GetLength())
for i := 0; i < len(raw_pkt.Data); i++ {
raw_pkt.Data[i] = byte(0x40 + (i & 0x3f))
}
tcp_pkt.SetPayload(raw_pkt)
payload_pkt = tcp_pkt
}
for {
pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, payload_pkt)
if err != nil {
log.Fatal(err)
}
ipv4_rsp := layers.FindLayer(pkt, packet.IPv4).(*ipv4.Packet)
log.Println(ipv4_rsp.SrcAddr)
if ipv4_rsp.SrcAddr.Equal(addr_ip) {
return
}
ipv4_pkt.TTL++
ipv4_pkt.Id++
if ipv4_pkt.TTL > 64 {
return
}
}
}
func main() {
log.SetFlags(0)
usage := `Usage: ping <addr>
Ping the given IP address.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 5 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
if route.Default {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
} else {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
}
ipv4_pkt := ipv4.Make()
ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
ipv4_pkt.DstAddr = addr_ip
icmp_pkt := icmpv4.Make()
icmp_pkt.Type = icmpv4.EchoRequest
icmp_pkt.Seq = 0
icmp_pkt.Id = uint16(rand.Intn(65535))
_, err = network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, icmp_pkt)
if err != nil {
log.Fatal(err)
}
log.Println("ping")
}
func main() {
log.SetFlags(0)
usage := `Usage: syn_scan <addr>
Simple TCP port scanner.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 1 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
if route.Default {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
} else {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
}
ipv4_pkt := ipv4.Make()
ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
ipv4_pkt.DstAddr = addr_ip
tcp_pkt := tcp.Make()
tcp_pkt.SrcPort = 49152
tcp_pkt.DstPort = 1
tcp_pkt.Flags = tcp.Syn
tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32))
tcp_pkt.WindowSize = 5840
for port := uint16(1); port < math.MaxUint16; port++ {
tcp_pkt.DstPort = port
fmt.Printf("Scanning port %.5d: ", port)
pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, tcp_pkt)
if err != nil {
fmt.Printf("%s\n", err)
continue
}
tcp_pkt := layers.FindLayer(pkt, packet.TCP).(*tcp.Packet)
if tcp_pkt.Flags&tcp.Rst == 0 {
fmt.Printf("OPEN\n")
} else if tcp_pkt.Flags&tcp.Syn == 0 {
fmt.Printf("CLOSED\n")
}
}
}