Example #1
0
func ExampleCapture() {
	src, err := pcap.Open("eth0")
	if err != nil {
		log.Fatal(err)
	}
	defer src.Close()

	// you may configure the source further, e.g. by activating
	// promiscuous mode.

	err = src.Activate()
	if err != nil {
		log.Fatal(err)
	}

	for {
		buf, err := src.Capture()
		if err != nil {
			log.Fatal(err)
		}

		log.Println("PACKET!!!")

		// do something with the packet
	}
}
Example #2
0
func main() {
	log.SetFlags(0)

	usage := `Usage: arp <addr>

Resolve the given IP address using ARP.`

	args, err := docopt.Parse(usage, nil, true, "", false)
	if err != nil {
		log.Fatalf("Invalid arguments: %s", err)
	}

	addr := args["<addr>"].(string)
	addr_ip := net.ParseIP(addr)
	timeout := 5 * time.Second

	route, err := routing.RouteTo(addr_ip)
	if err != nil {
		log.Fatalf("Error: %s", err)
	}

	if route == nil {
		log.Println("No route found")
	}

	c, err := pcap.Open(route.Iface.Name)
	if err != nil {
		log.Fatalf("Error opening interface: %s", err)
	}
	defer c.Close()

	err = c.Activate()
	if err != nil {
		log.Fatalf("Error activating source: %s", err)
	}

	eth_pkt := eth.Make()
	eth_pkt.SrcAddr = route.Iface.HardwareAddr
	eth_pkt.DstAddr, _ = net.ParseMAC("ff:ff:ff:ff:ff:ff")

	arp_pkt := arp.Make()
	arp_pkt.HWSrcAddr = route.Iface.HardwareAddr
	arp_pkt.HWDstAddr, _ = net.ParseMAC("00:00:00:00:00:00")
	arp_pkt.ProtoSrcAddr, _ = route.GetIfaceIPv4Addr()
	arp_pkt.ProtoDstAddr = addr_ip

	pkt, err := network.SendRecv(c, timeout, eth_pkt, arp_pkt)
	if err != nil {
		log.Fatal(err)
	}

	log.Println(pkt.Payload().(*arp.Packet).HWSrcAddr)
}
Example #3
0
func ExampleInject() {
	dst, err := pcap.Open("eth0")
	if err != nil {
		log.Fatal(err)
	}
	defer dst.Close()

	// you may configure the source further, e.g. by activating
	// promiscuous mode.

	err = dst.Activate()
	if err != nil {
		log.Fatal(err)
	}

	err = dst.Inject([]byte("random data"))
	if err != nil {
		log.Fatal(err)
	}
}
Example #4
0
func main() {
	log.SetFlags(0)

	usage := `Usage: dump [options] [<expression>]

Dump the traffic on the network (like tcpdump).

Options:
  -c <count>  Exit after receiving count packets.
  -i <iface>  Listen on interface.
  -r <file>   Read packets from file.
  -w <file>   Write the raw packets to file.`

	args, err := docopt.Parse(usage, nil, true, "", false)
	if err != nil {
		log.Fatalf("Invalid arguments: %s", err)
	}

	var count uint64

	if args["-c"] != nil {
		count, err = strconv.ParseUint(args["-c"].(string), 10, 64)
		if err != nil {
			log.Fatalf("Error parsing count: %s", err)
		}
	}

	var src capture.Handle

	if args["-i"] != nil {
		src, err = pcap.Open(args["-i"].(string))
		if err != nil {
			log.Fatalf("Error opening iface: %s", err)
		}
	} else if args["-r"] != nil {
		src, err = file.Open(args["-r"].(string))
		if err != nil {
			log.Fatalf("Error opening file: %s", err)
		}
	} else {
		log.Fatalf("Must select a source (either -i or -r)")
	}
	defer src.Close()

	var dst capture.Handle

	if args["-w"] != nil {
		dst, err = file.Open(args["-w"].(string))
		if err != nil {
			log.Fatalf("Error opening file: %s", err)
		}
		defer dst.Close()
	}

	err = src.Activate()
	if err != nil {
		log.Fatalf("Error activating source: %s", err)
	}

	if args["<expression>"] != nil {
		expr := args["<expression>"].(string)

		flt, err := filter.Compile(expr, src.LinkType(), false)
		if err != nil {
			log.Fatalf("Error parsing filter: %s", err)
		}
		defer flt.Cleanup()

		err = src.ApplyFilter(flt)
		if err != nil {
			log.Fatalf("Error appying filter: %s", err)
		}
	}

	var i uint64

	for {
		buf, err := src.Capture()
		if err != nil {
			log.Fatalf("Error: %s", err)
			break
		}

		if buf == nil {
			break
		}

		i++

		if dst == nil {
			rcv_pkt, err := layers.UnpackAll(buf, src.LinkType())
			if err != nil {
				log.Printf("Error: %s\n", err)
			}

			log.Println(rcv_pkt)
		} else {
			dst.Inject(buf)
		}

		if count > 0 && i >= count {
			break
		}
	}
}
Example #5
0
func main() {
	log.SetFlags(0)

	usage := `Usage: traceroute (--icmp | --udp | --tcp ) <addr>

Find the route to the given IP address using ICMP, UDP or TCP packets.

Options:
  --icmp  Use ICMP packets.
  --udp   Use UDP packets.
  --tcp   Use TCP packets.`

	args, err := docopt.Parse(usage, nil, true, "", false)
	if err != nil {
		log.Fatalf("Invalid arguments: %s", err)
	}

	addr := args["<addr>"].(string)
	addr_ip := net.ParseIP(addr)
	timeout := 5 * time.Second

	route, err := routing.RouteTo(addr_ip)
	if err != nil {
		log.Fatalf("Error: %s", err)
	}

	if route == nil {
		log.Println("No route found")
	}

	c, err := pcap.Open(route.Iface.Name)
	if err != nil {
		log.Fatalf("Error opening interface: %s", err)
	}
	defer c.Close()

	err = c.Activate()
	if err != nil {
		log.Fatalf("Error activating source: %s", err)
	}

	eth_pkt := eth.Make()
	eth_pkt.SrcAddr = route.Iface.HardwareAddr

	if route.Default {
		eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
	} else {
		eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
	}

	ipv4_pkt := ipv4.Make()
	ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
	ipv4_pkt.DstAddr = addr_ip
	ipv4_pkt.Id = uint16(rand.Intn(math.MaxUint16))
	ipv4_pkt.TTL = 1

	var payload_pkt packet.Packet

	if args["--icmp"].(bool) {
		icmp_pkt := icmpv4.Make()
		icmp_pkt.Type = icmpv4.EchoRequest
		icmp_pkt.Id = uint16(rand.Intn(math.MaxUint16))
		icmp_pkt.Seq = 1

		payload_pkt = icmp_pkt
	}

	if args["--udp"].(bool) {
		udp_pkt := udp.Make()
		udp_pkt.SrcPort = 49152
		udp_pkt.DstPort = 33434

		raw_pkt := raw.Make()
		raw_pkt.Data = make([]byte, 40-udp_pkt.GetLength())

		for i := 0; i < len(raw_pkt.Data); i++ {
			raw_pkt.Data[i] = byte(0x40 + (i & 0x3f))
		}

		udp_pkt.SetPayload(raw_pkt)

		payload_pkt = udp_pkt
	}

	if args["--tcp"].(bool) {
		tcp_pkt := tcp.Make()
		tcp_pkt.SrcPort = 49152
		tcp_pkt.DstPort = 80
		tcp_pkt.Flags = tcp.Syn | tcp.ECE | tcp.Cwr
		tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32))
		tcp_pkt.WindowSize = 5840

		raw_pkt := raw.Make()
		raw_pkt.Data = make([]byte, 40-tcp_pkt.GetLength())

		for i := 0; i < len(raw_pkt.Data); i++ {
			raw_pkt.Data[i] = byte(0x40 + (i & 0x3f))
		}

		tcp_pkt.SetPayload(raw_pkt)

		payload_pkt = tcp_pkt
	}

	for {
		pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, payload_pkt)
		if err != nil {
			log.Fatal(err)
		}

		ipv4_rsp := layers.FindLayer(pkt, packet.IPv4).(*ipv4.Packet)

		log.Println(ipv4_rsp.SrcAddr)

		if ipv4_rsp.SrcAddr.Equal(addr_ip) {
			return
		}

		ipv4_pkt.TTL++
		ipv4_pkt.Id++

		if ipv4_pkt.TTL > 64 {
			return
		}
	}
}
Example #6
0
func main() {
	log.SetFlags(0)

	usage := `Usage: ping <addr>

Ping the given IP address.`

	args, err := docopt.Parse(usage, nil, true, "", false)
	if err != nil {
		log.Fatalf("Invalid arguments: %s", err)
	}

	addr := args["<addr>"].(string)
	addr_ip := net.ParseIP(addr)
	timeout := 5 * time.Second

	route, err := routing.RouteTo(addr_ip)
	if err != nil {
		log.Fatalf("Error: %s", err)
	}

	if route == nil {
		log.Println("No route found")
	}

	c, err := pcap.Open(route.Iface.Name)
	if err != nil {
		log.Fatalf("Error opening interface: %s", err)
	}
	defer c.Close()

	err = c.Activate()
	if err != nil {
		log.Fatalf("Error activating source: %s", err)
	}

	eth_pkt := eth.Make()
	eth_pkt.SrcAddr = route.Iface.HardwareAddr

	if route.Default {
		eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
	} else {
		eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
	}

	ipv4_pkt := ipv4.Make()
	ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
	ipv4_pkt.DstAddr = addr_ip

	icmp_pkt := icmpv4.Make()
	icmp_pkt.Type = icmpv4.EchoRequest
	icmp_pkt.Seq = 0
	icmp_pkt.Id = uint16(rand.Intn(65535))

	_, err = network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, icmp_pkt)
	if err != nil {
		log.Fatal(err)
	}

	log.Println("ping")
}
Example #7
0
func main() {
	log.SetFlags(0)

	usage := `Usage: syn_scan <addr>

Simple TCP port scanner.`

	args, err := docopt.Parse(usage, nil, true, "", false)
	if err != nil {
		log.Fatalf("Invalid arguments: %s", err)
	}

	addr := args["<addr>"].(string)
	addr_ip := net.ParseIP(addr)
	timeout := 1 * time.Second

	route, err := routing.RouteTo(addr_ip)
	if err != nil {
		log.Fatalf("Error: %s", err)
	}

	if route == nil {
		log.Println("No route found")
	}

	c, err := pcap.Open(route.Iface.Name)
	if err != nil {
		log.Fatalf("Error opening interface: %s", err)
	}
	defer c.Close()

	err = c.Activate()
	if err != nil {
		log.Fatalf("Error activating source: %s", err)
	}

	eth_pkt := eth.Make()
	eth_pkt.SrcAddr = route.Iface.HardwareAddr

	if route.Default {
		eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway)
	} else {
		eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip)
	}

	ipv4_pkt := ipv4.Make()
	ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr()
	ipv4_pkt.DstAddr = addr_ip

	tcp_pkt := tcp.Make()
	tcp_pkt.SrcPort = 49152
	tcp_pkt.DstPort = 1
	tcp_pkt.Flags = tcp.Syn
	tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32))
	tcp_pkt.WindowSize = 5840

	for port := uint16(1); port < math.MaxUint16; port++ {
		tcp_pkt.DstPort = port

		fmt.Printf("Scanning port %.5d: ", port)

		pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, tcp_pkt)
		if err != nil {
			fmt.Printf("%s\n", err)
			continue
		}

		tcp_pkt := layers.FindLayer(pkt, packet.TCP).(*tcp.Packet)

		if tcp_pkt.Flags&tcp.Rst == 0 {
			fmt.Printf("OPEN\n")
		} else if tcp_pkt.Flags&tcp.Syn == 0 {
			fmt.Printf("CLOSED\n")
		}
	}
}