func ExampleCapture() { src, err := pcap.Open("eth0") if err != nil { log.Fatal(err) } defer src.Close() // you may configure the source further, e.g. by activating // promiscuous mode. err = src.Activate() if err != nil { log.Fatal(err) } for { buf, err := src.Capture() if err != nil { log.Fatal(err) } log.Println("PACKET!!!") // do something with the packet } }
func main() { log.SetFlags(0) usage := `Usage: arp <addr> Resolve the given IP address using ARP.` args, err := docopt.Parse(usage, nil, true, "", false) if err != nil { log.Fatalf("Invalid arguments: %s", err) } addr := args["<addr>"].(string) addr_ip := net.ParseIP(addr) timeout := 5 * time.Second route, err := routing.RouteTo(addr_ip) if err != nil { log.Fatalf("Error: %s", err) } if route == nil { log.Println("No route found") } c, err := pcap.Open(route.Iface.Name) if err != nil { log.Fatalf("Error opening interface: %s", err) } defer c.Close() err = c.Activate() if err != nil { log.Fatalf("Error activating source: %s", err) } eth_pkt := eth.Make() eth_pkt.SrcAddr = route.Iface.HardwareAddr eth_pkt.DstAddr, _ = net.ParseMAC("ff:ff:ff:ff:ff:ff") arp_pkt := arp.Make() arp_pkt.HWSrcAddr = route.Iface.HardwareAddr arp_pkt.HWDstAddr, _ = net.ParseMAC("00:00:00:00:00:00") arp_pkt.ProtoSrcAddr, _ = route.GetIfaceIPv4Addr() arp_pkt.ProtoDstAddr = addr_ip pkt, err := network.SendRecv(c, timeout, eth_pkt, arp_pkt) if err != nil { log.Fatal(err) } log.Println(pkt.Payload().(*arp.Packet).HWSrcAddr) }
func ExampleInject() { dst, err := pcap.Open("eth0") if err != nil { log.Fatal(err) } defer dst.Close() // you may configure the source further, e.g. by activating // promiscuous mode. err = dst.Activate() if err != nil { log.Fatal(err) } err = dst.Inject([]byte("random data")) if err != nil { log.Fatal(err) } }
func main() { log.SetFlags(0) usage := `Usage: dump [options] [<expression>] Dump the traffic on the network (like tcpdump). Options: -c <count> Exit after receiving count packets. -i <iface> Listen on interface. -r <file> Read packets from file. -w <file> Write the raw packets to file.` args, err := docopt.Parse(usage, nil, true, "", false) if err != nil { log.Fatalf("Invalid arguments: %s", err) } var count uint64 if args["-c"] != nil { count, err = strconv.ParseUint(args["-c"].(string), 10, 64) if err != nil { log.Fatalf("Error parsing count: %s", err) } } var src capture.Handle if args["-i"] != nil { src, err = pcap.Open(args["-i"].(string)) if err != nil { log.Fatalf("Error opening iface: %s", err) } } else if args["-r"] != nil { src, err = file.Open(args["-r"].(string)) if err != nil { log.Fatalf("Error opening file: %s", err) } } else { log.Fatalf("Must select a source (either -i or -r)") } defer src.Close() var dst capture.Handle if args["-w"] != nil { dst, err = file.Open(args["-w"].(string)) if err != nil { log.Fatalf("Error opening file: %s", err) } defer dst.Close() } err = src.Activate() if err != nil { log.Fatalf("Error activating source: %s", err) } if args["<expression>"] != nil { expr := args["<expression>"].(string) flt, err := filter.Compile(expr, src.LinkType(), false) if err != nil { log.Fatalf("Error parsing filter: %s", err) } defer flt.Cleanup() err = src.ApplyFilter(flt) if err != nil { log.Fatalf("Error appying filter: %s", err) } } var i uint64 for { buf, err := src.Capture() if err != nil { log.Fatalf("Error: %s", err) break } if buf == nil { break } i++ if dst == nil { rcv_pkt, err := layers.UnpackAll(buf, src.LinkType()) if err != nil { log.Printf("Error: %s\n", err) } log.Println(rcv_pkt) } else { dst.Inject(buf) } if count > 0 && i >= count { break } } }
func main() { log.SetFlags(0) usage := `Usage: traceroute (--icmp | --udp | --tcp ) <addr> Find the route to the given IP address using ICMP, UDP or TCP packets. Options: --icmp Use ICMP packets. --udp Use UDP packets. --tcp Use TCP packets.` args, err := docopt.Parse(usage, nil, true, "", false) if err != nil { log.Fatalf("Invalid arguments: %s", err) } addr := args["<addr>"].(string) addr_ip := net.ParseIP(addr) timeout := 5 * time.Second route, err := routing.RouteTo(addr_ip) if err != nil { log.Fatalf("Error: %s", err) } if route == nil { log.Println("No route found") } c, err := pcap.Open(route.Iface.Name) if err != nil { log.Fatalf("Error opening interface: %s", err) } defer c.Close() err = c.Activate() if err != nil { log.Fatalf("Error activating source: %s", err) } eth_pkt := eth.Make() eth_pkt.SrcAddr = route.Iface.HardwareAddr if route.Default { eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway) } else { eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip) } ipv4_pkt := ipv4.Make() ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr() ipv4_pkt.DstAddr = addr_ip ipv4_pkt.Id = uint16(rand.Intn(math.MaxUint16)) ipv4_pkt.TTL = 1 var payload_pkt packet.Packet if args["--icmp"].(bool) { icmp_pkt := icmpv4.Make() icmp_pkt.Type = icmpv4.EchoRequest icmp_pkt.Id = uint16(rand.Intn(math.MaxUint16)) icmp_pkt.Seq = 1 payload_pkt = icmp_pkt } if args["--udp"].(bool) { udp_pkt := udp.Make() udp_pkt.SrcPort = 49152 udp_pkt.DstPort = 33434 raw_pkt := raw.Make() raw_pkt.Data = make([]byte, 40-udp_pkt.GetLength()) for i := 0; i < len(raw_pkt.Data); i++ { raw_pkt.Data[i] = byte(0x40 + (i & 0x3f)) } udp_pkt.SetPayload(raw_pkt) payload_pkt = udp_pkt } if args["--tcp"].(bool) { tcp_pkt := tcp.Make() tcp_pkt.SrcPort = 49152 tcp_pkt.DstPort = 80 tcp_pkt.Flags = tcp.Syn | tcp.ECE | tcp.Cwr tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32)) tcp_pkt.WindowSize = 5840 raw_pkt := raw.Make() raw_pkt.Data = make([]byte, 40-tcp_pkt.GetLength()) for i := 0; i < len(raw_pkt.Data); i++ { raw_pkt.Data[i] = byte(0x40 + (i & 0x3f)) } tcp_pkt.SetPayload(raw_pkt) payload_pkt = tcp_pkt } for { pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, payload_pkt) if err != nil { log.Fatal(err) } ipv4_rsp := layers.FindLayer(pkt, packet.IPv4).(*ipv4.Packet) log.Println(ipv4_rsp.SrcAddr) if ipv4_rsp.SrcAddr.Equal(addr_ip) { return } ipv4_pkt.TTL++ ipv4_pkt.Id++ if ipv4_pkt.TTL > 64 { return } } }
func main() { log.SetFlags(0) usage := `Usage: ping <addr> Ping the given IP address.` args, err := docopt.Parse(usage, nil, true, "", false) if err != nil { log.Fatalf("Invalid arguments: %s", err) } addr := args["<addr>"].(string) addr_ip := net.ParseIP(addr) timeout := 5 * time.Second route, err := routing.RouteTo(addr_ip) if err != nil { log.Fatalf("Error: %s", err) } if route == nil { log.Println("No route found") } c, err := pcap.Open(route.Iface.Name) if err != nil { log.Fatalf("Error opening interface: %s", err) } defer c.Close() err = c.Activate() if err != nil { log.Fatalf("Error activating source: %s", err) } eth_pkt := eth.Make() eth_pkt.SrcAddr = route.Iface.HardwareAddr if route.Default { eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway) } else { eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip) } ipv4_pkt := ipv4.Make() ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr() ipv4_pkt.DstAddr = addr_ip icmp_pkt := icmpv4.Make() icmp_pkt.Type = icmpv4.EchoRequest icmp_pkt.Seq = 0 icmp_pkt.Id = uint16(rand.Intn(65535)) _, err = network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, icmp_pkt) if err != nil { log.Fatal(err) } log.Println("ping") }
func main() { log.SetFlags(0) usage := `Usage: syn_scan <addr> Simple TCP port scanner.` args, err := docopt.Parse(usage, nil, true, "", false) if err != nil { log.Fatalf("Invalid arguments: %s", err) } addr := args["<addr>"].(string) addr_ip := net.ParseIP(addr) timeout := 1 * time.Second route, err := routing.RouteTo(addr_ip) if err != nil { log.Fatalf("Error: %s", err) } if route == nil { log.Println("No route found") } c, err := pcap.Open(route.Iface.Name) if err != nil { log.Fatalf("Error opening interface: %s", err) } defer c.Close() err = c.Activate() if err != nil { log.Fatalf("Error activating source: %s", err) } eth_pkt := eth.Make() eth_pkt.SrcAddr = route.Iface.HardwareAddr if route.Default { eth_pkt.DstAddr = ResolveARP(c, timeout, route, route.Gateway) } else { eth_pkt.DstAddr = ResolveARP(c, timeout, route, addr_ip) } ipv4_pkt := ipv4.Make() ipv4_pkt.SrcAddr, _ = route.GetIfaceIPv4Addr() ipv4_pkt.DstAddr = addr_ip tcp_pkt := tcp.Make() tcp_pkt.SrcPort = 49152 tcp_pkt.DstPort = 1 tcp_pkt.Flags = tcp.Syn tcp_pkt.Seq = uint32(rand.Intn(math.MaxUint32)) tcp_pkt.WindowSize = 5840 for port := uint16(1); port < math.MaxUint16; port++ { tcp_pkt.DstPort = port fmt.Printf("Scanning port %.5d: ", port) pkt, err := network.SendRecv(c, timeout, eth_pkt, ipv4_pkt, tcp_pkt) if err != nil { fmt.Printf("%s\n", err) continue } tcp_pkt := layers.FindLayer(pkt, packet.TCP).(*tcp.Packet) if tcp_pkt.Flags&tcp.Rst == 0 { fmt.Printf("OPEN\n") } else if tcp_pkt.Flags&tcp.Syn == 0 { fmt.Printf("CLOSED\n") } } }