func ExampleCapture() {
src, err := pcap.Open("eth0")
if err != nil {
log.Fatal(err)
}
defer src.Close()
// you may configure the source further, e.g. by activating
// promiscuous mode.
err = src.Activate()
if err != nil {
log.Fatal(err)
}
for {
buf, err := src.Capture()
if err != nil {
log.Fatal(err)
}
log.Println("PACKET!!!")
// do something with the packet
}
}
func main() {
log.SetFlags(0)
usage := `Usage: arp <addr>
Resolve the given IP address using ARP.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 5 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
eth_pkt.DstAddr, _ = net.ParseMAC("ff:ff:ff:ff:ff:ff")
arp_pkt := arp.Make()
arp_pkt.HWSrcAddr = route.Iface.HardwareAddr
arp_pkt.HWDstAddr, _ = net.ParseMAC("00:00:00:00:00:00")
arp_pkt.ProtoSrcAddr, _ = route.GetIfaceIPv4Addr()
arp_pkt.ProtoDstAddr = addr_ip
pkt, err := network.SendRecv(c, timeout, eth_pkt, arp_pkt)
if err != nil {
log.Fatal(err)
}
log.Println(pkt.Payload().(*arp.Packet).HWSrcAddr)
}
func ExampleInject() {
dst, err := pcap.Open("eth0")
if err != nil {
log.Fatal(err)
}
defer dst.Close()
// you may configure the source further, e.g. by activating
// promiscuous mode.
err = dst.Activate()
if err != nil {
log.Fatal(err)
}
err = dst.Inject([]byte("random data"))
if err != nil {
log.Fatal(err)
}
}
func main() {
log.SetFlags(0)
usage := `Usage: dump [options] [<expression>]
Dump the traffic on the network (like tcpdump).
Options:
-c <count> Exit after receiving count packets.
-i <iface> Listen on interface.
-r <file> Read packets from file.
-w <file> Write the raw packets to file.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
var count uint64
if args["-c"] != nil {
count, err = strconv.ParseUint(args["-c"].(string), 10, 64)
if err != nil {
log.Fatalf("Error parsing count: %s", err)
}
}
var src capture.Handle
if args["-i"] != nil {
src, err = pcap.Open(args["-i"].(string))
if err != nil {
log.Fatalf("Error opening iface: %s", err)
}
} else if args["-r"] != nil {
src, err = file.Open(args["-r"].(string))
if err != nil {
log.Fatalf("Error opening file: %s", err)
}
} else {
log.Fatalf("Must select a source (either -i or -r)")
}
defer src.Close()
var dst capture.Handle
if args["-w"] != nil {
dst, err = file.Open(args["-w"].(string))
if err != nil {
log.Fatalf("Error opening file: %s", err)
}
defer dst.Close()
}
err = src.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
if args["<expression>"] != nil {
expr := args["<expression>"].(string)
flt, err := filter.Compile(expr, src.LinkType(), false)
if err != nil {
log.Fatalf("Error parsing filter: %s", err)
}
defer flt.Cleanup()
err = src.ApplyFilter(flt)
if err != nil {
log.Fatalf("Error appying filter: %s", err)
}
}
var i uint64
for {
buf, err := src.Capture()
if err != nil {
log.Fatalf("Error: %s", err)
break
}
if buf == nil {
break
}
i++
if dst == nil {
rcv_pkt, err := layers.UnpackAll(buf, src.LinkType())
if err != nil {
log.Printf("Error: %s\n", err)
}
log.Println(rcv_pkt)
} else {
dst.Inject(buf)
}
if count > 0 && i >= count {
break
}
}
}
func main() {
log.SetFlags(0)
usage := `Usage: traceroute (--icmp | --udp | --tcp ) <addr>
Find the route to the given IP address using ICMP, UDP or TCP packets.
Options:
--icmp Use ICMP packets.
--udp Use UDP packets.
--tcp Use TCP packets.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 5 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
if route.Default {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
} else {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
}
ipv4_pkt := ipv4.Make()
ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
ipv4_pkt.DstAddr = addr_ip
ipv4_pkt.Id = uint16(rand.Intn(math.MaxUint16))
ipv4_pkt.TTL = 1
var payload_pkt packet.Packet
if args["--icmp"].(bool) {
icmp_pkt := icmpv4.Make()
icmp_pkt.Type = icmpv4.EchoRequest
icmp_pkt.Id = uint16(rand.Intn(math.MaxUint16))
icmp_pkt.Seq = 1
payload_pkt = icmp_pkt
}
if args["--udp"].(bool) {
udp_pkt := udp.Make()
udp_pkt.SrcPort = 49152
udp_pkt.DstPort = 33434
raw_pkt := raw.Make()
raw_pkt.Data = make([]byte, 40-udp_pkt.GetLength())
for i := 0; i < len(raw_pkt.Data); i++ {
raw_pkt.Data[i] = byte(0x40 + (i & 0x3f))
}
udp_pkt.SetPayload(raw_pkt)
payload_pkt = udp_pkt
}
if args["--tcp"].(bool) {
tcp_pkt := tcp.Make()
tcp_pkt.SrcPort = 49152
tcp_pkt.DstPort = 80
tcp_pkt.Flags = tcp.Syn | tcp.ECE | tcp.Cwr
tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32))
tcp_pkt.WindowSize = 5840
raw_pkt := raw.Make()
raw_pkt.Data = make([]byte, 40-tcp_pkt.GetLength())
for i := 0; i < len(raw_pkt.Data); i++ {
raw_pkt.Data[i] = byte(0x40 + (i & 0x3f))
}
tcp_pkt.SetPayload(raw_pkt)
payload_pkt = tcp_pkt
}
for {
pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, payload_pkt)
if err != nil {
log.Fatal(err)
}
ipv4_rsp := layers.FindLayer(pkt, packet.IPv4).(*ipv4.Packet)
log.Println(ipv4_rsp.SrcAddr)
if ipv4_rsp.SrcAddr.Equal(addr_ip) {
return
}
ipv4_pkt.TTL++
ipv4_pkt.Id++
if ipv4_pkt.TTL > 64 {
return
}
}
}
func main() {
log.SetFlags(0)
usage := `Usage: ping <addr>
Ping the given IP address.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 5 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
if route.Default {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
} else {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
}
ipv4_pkt := ipv4.Make()
ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
ipv4_pkt.DstAddr = addr_ip
icmp_pkt := icmpv4.Make()
icmp_pkt.Type = icmpv4.EchoRequest
icmp_pkt.Seq = 0
icmp_pkt.Id = uint16(rand.Intn(65535))
_, err = network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, icmp_pkt)
if err != nil {
log.Fatal(err)
}
log.Println("ping")
}
func main() {
log.SetFlags(0)
usage := `Usage: syn_scan <addr>
Simple TCP port scanner.`
args, err := docopt.Parse(usage, nil, true, "", false)
if err != nil {
log.Fatalf("Invalid arguments: %s", err)
}
addr := args["<addr>"].(string)
addr_ip := net.ParseIP(addr)
timeout := 1 * time.Second
route, err := routing.RouteTo(addr_ip)
if err != nil {
log.Fatalf("Error: %s", err)
}
if route == nil {
log.Println("No route found")
}
c, err := pcap.Open(route.Iface.Name)
if err != nil {
log.Fatalf("Error opening interface: %s", err)
}
defer c.Close()
err = c.Activate()
if err != nil {
log.Fatalf("Error activating source: %s", err)
}
eth_pkt := eth.Make()
eth_pkt.SrcAddr = route.Iface.HardwareAddr
if route.Default {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
} else {
eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
}
ipv4_pkt := ipv4.Make()
ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
ipv4_pkt.DstAddr = addr_ip
tcp_pkt := tcp.Make()
tcp_pkt.SrcPort = 49152
tcp_pkt.DstPort = 1
tcp_pkt.Flags = tcp.Syn
tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32))
tcp_pkt.WindowSize = 5840
for port := uint16(1); port < math.MaxUint16; port++ {
tcp_pkt.DstPort = port
fmt.Printf("Scanning port %.5d: ", port)
pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, tcp_pkt)
if err != nil {
fmt.Printf("%s\n", err)
continue
}
tcp_pkt := layers.FindLayer(pkt, packet.TCP).(*tcp.Packet)
if tcp_pkt.Flags&tcp.Rst == 0 {
fmt.Printf("OPEN\n")
} else if tcp_pkt.Flags&tcp.Syn == 0 {
fmt.Printf("CLOSED\n")
}
}
}