func main() {
var (
pc *pcap.Pcap
err error
)
devloop:
for _, device := range []string{"bond0", "eth2", "en0", "any"} {
devs, errx := pcap.FindAllDevs()
if errx != "" {
log.Fatalf("%v", errx)
}
for _, dev := range devs {
if dev.Name == device {
pc, err = pcap.OpenLive(device, 8192, false, 1000)
if err == nil {
break devloop
}
}
}
}
if err != nil {
log.Fatalf("%v", err)
}
if err = pc.SetFilter("udp and dst port 53"); err != nil {
log.Fatalf("%v", err)
}
lock := &sync.Mutex{}
ss := &spacesaving.Rate{}
ss.Init(4096, 60*time.Second)
go Poller(lock, ss, pc)
for pkt, r := pc.NextEx(); r >= 0; pkt, r = pc.NextEx() {
if r == 0 {
continue
}
pkt.Decode()
var msg dns.Msg
if err := safeParse(&msg, pkt.Payload); err != nil {
fmt.Printf("err %v\n", err)
continue
}
qname := strings.ToLower(msg.Question[0].Name)
if len(qname) > 0 {
qname = qname[:len(qname)-1]
}
lock.Lock()
ss.Touch(qname, pkt.Time)
lock.Unlock()
}
fmt.Printf("Done\n")
}
func main() {
var device *string = flag.String("i", "", "interface")
var snaplen *int = flag.Int("s", 65535, "snaplen")
var hexdump *bool = flag.Bool("X", false, "hexdump")
expr := ""
out = bufio.NewWriter(os.Stdout)
errout = bufio.NewWriter(os.Stderr)
flag.Usage = func() {
fmt.Fprintf(errout, "usage: %s [ -i interface ] [ -s snaplen ] [ -X ] [ expression ]\n", os.Args[0])
os.Exit(1)
}
flag.Parse()
if len(flag.Args()) > 0 {
expr = flag.Arg(0)
}
if *device == "" {
devs, err := pcap.FindAllDevs()
if err != "" {
fmt.Fprintf(errout, "tcpdump: couldn't find any devices: %s\n", err)
}
if 0 == len(devs) {
flag.Usage()
}
*device = devs[0].Name
}
h, err := pcap.OpenLive(*device, int32(*snaplen), true, 1000)
if h == nil {
fmt.Fprintf(errout, "tcpdump: %s\n", err)
errout.Flush()
return
}
if expr != "" {
ferr := h.SetFilter(expr)
if ferr != nil {
fmt.Fprintf(out, "tcpdump: %s\n", ferr)
out.Flush()
}
}
for pkt := h.Next(); pkt != nil; pkt = h.Next() {
pkt.Decode()
fmt.Fprintf(out, "%s\n", pkt.String())
if *hexdump {
Hexdump(pkt)
}
out.Flush()
}
}
func main() {
expr := ""
flag.Usage = func() {
fmt.Fprintf(os.Stderr, "usage: %s [ -i interface ] [ -s snaplen ] [ -X ] [ expression ]\n", os.Args[0])
os.Exit(1)
}
flag.Parse()
if len(flag.Args()) > 0 {
expr = flag.Arg(0)
}
if *device == "" {
devs, err := pcap.FindAllDevs()
if err != "" {
fmt.Fprintln(os.Stderr, "tcpdump: couldn't find any devices:", err)
}
if 0 == len(devs) {
flag.Usage()
}
*device = devs[0].Name
}
h, err := pcap.OpenLive(*device, int32(*snaplen), true, 500)
if h == nil {
fmt.Fprintf(os.Stderr, "tcpdump:", err)
return
}
if expr != "" {
fmt.Println("tcpdump: setting filter to", expr)
ferr := h.SetFilter(expr)
if ferr != nil {
fmt.Println("tcpdump:", ferr)
}
}
for pkt, r := h.NextEx(); r >= 0; pkt, r = h.NextEx() {
if r == 0 {
// timeout, continue
continue
}
pkt.Decode()
fmt.Println(pkt)
if *hexdump {
Hexdump(pkt)
}
}
fmt.Fprintln(os.Stderr, "tcpdump:", h.Geterror())
}
// Prints a list of available network devices to console
func printDevices() {
devs, err := pcap.FindAllDevs()
if len(devs) == 0 {
fmt.Printf("Error: no network devices found. %s\n", err)
} else {
fmt.Println("Available network devices")
for _, dev := range devs {
fmt.Printf(" %s \n", dev.Name)
}
}
}
func main() {
args, err := docopt.Parse(usage, nil, true, "cookiescan 1.0.0", false)
if err != nil {
log.Fatal("Error parsing usage. Error: ", err.Error())
}
host := args["<target>"].(string)
ports, err := explode(args["-p"].(string))
if err != nil {
log.Fatal(err.Error())
}
var ip string
if net.ParseIP(host) == nil {
ips, err := net.LookupIP(host)
if err != nil {
log.Fatal("Could not resolve hostname. Error: ", err.Error())
}
ip = ips[0].String()
} else {
ip = host
}
minc, err := strconv.Atoi(args["-c"].(string))
if err != nil {
log.Fatal("Invalid argument for -c.")
}
concurrency, err := strconv.Atoi(args["-g"].(string))
if err != nil {
log.Fatal("Invalid argument for -g.")
}
ti, err := strconv.Atoi(args["-t"].(string))
if err != nil {
log.Fatal("Invalid argument for -t.")
}
timeout := time.Duration(ti) * time.Millisecond
filter := fmt.Sprintf("src %s and ((tcp[13] == 0x11) or (tcp[13] == 0x10) or (tcp[13] == 0x18))", ip)
var device string
if args["-i"] != nil {
device = args["-i"].(string)
}
if device == "" {
devs, err := pcap.FindAllDevs()
if err != nil {
log.Fatal("Error finding interfaces. Error: ", err)
}
if len(devs) == 0 {
log.Fatal("No interfaces found. Are you not running as root?")
}
device = devs[0].Name
}
h, err := pcap.OpenLive(device, int32(320), true, 500)
if err != nil {
log.Fatal(err.Error())
}
if err = h.SetFilter(filter); err != nil {
log.Fatal(err.Error())
}
res := make(map[uint16][]string)
tasks := make(chan int, concurrency)
track := make(chan empty)
go func() {
for pkt, r := h.NextEx(); r >= 0; pkt, r = h.NextEx() {
select {
case <-track:
break
default:
if r == 0 {
continue
}
pkt.Decode()
t := pkt.Headers[1].(*pcap.Tcphdr)
f := t.FlagsString()
res[t.SrcPort] = append(res[t.SrcPort], f)
}
}
}()
for i := 0; i < concurrency; i++ {
go func() {
for p := range tasks {
c, err := net.DialTimeout("tcp", ip+":"+strconv.Itoa(p), timeout)
if err != nil {
continue
}
c.Close()
}
}()
}
log.Printf("Staring scan of %s.\n", ip)
for _, p := range ports {
tasks <- p
}
close(tasks)
time.Sleep(time.Duration(2 * time.Second))
track <- empty{}
close(track)
h.Close()
log.Println("Scan complete.")
services, _ := buildServices()
results := cookiescan.Result{Host: ip}
for k, v := range res {
conf := len(v)
if conf < minc {
continue
}
service := "unknown"
if s, ok := services[int(k)]; ok {
service = s
}
p := cookiescan.Port{Port: int(k), Service: service, State: "open", Confidence: conf, Reason: v}
results.Ports = append(results.Ports, p)
}
sort.Sort(results.Ports)
if args["-j"].(bool) {
j, _ := json.MarshalIndent(results, "", " ")
fmt.Println(string(j))
} else {
w := tabwriter.NewWriter(os.Stdout, 0, 8, 4, ' ', 0)
fmt.Fprintln(w, "Port\tState\tService\tConfidence\tReason")
for _, p := range results.Ports {
fmt.Fprintf(w, "%d\t%s\t%s\t%d\t%s\n", p.Port, p.State, p.Service, p.Confidence, p.Reason)
}
w.Flush()
}
}
func main() {
expr := ""
flag.Usage = func() {
fmt.Fprintf(os.Stderr, "usage: %s [ -i interface ] [ -s snaplen ] [ -X hexdump ] [ -w file ] [ -h show usage] [ expression ] \n", os.Args[0])
os.Exit(1)
}
flag.Parse()
if len(flag.Args()) > 0 {
expr = flag.Arg(0)
}
if *help {
flag.Usage()
}
if *device == "" {
devs, err := pcap.FindAllDevs()
if err != nil {
fmt.Fprintln(os.Stderr, "tcpdump: couldn't find any devices:", err)
}
if 0 == len(devs) {
flag.Usage()
}
*device = devs[0].Name
}
h, err := pcap.OpenLive(*device, int32(*snaplen), true, 500)
if h == nil {
fmt.Fprintf(os.Stderr, "tcpdump:", err)
return
}
defer h.Close()
if expr != "" {
fmt.Println("tcpdump: setting filter to", expr)
ferr := h.SetFilter(expr)
if ferr != nil {
fmt.Println("tcpdump:", ferr)
}
}
if *ofile != "" {
dumper, oerr := h.DumpOpen(ofile)
addHandler(h, dumper)
if oerr != nil {
fmt.Fprintln(os.Stderr, "tcpdump: couldn't write to file:", oerr)
}
_, lerr := h.PcapLoop(0, dumper)
if lerr != nil {
fmt.Fprintln(os.Stderr, "tcpdump: loop error:", lerr, h.Geterror())
}
defer h.PcapDumpClose(dumper)
return
}
for pkt, r := h.NextEx(); r >= 0; pkt, r = h.NextEx() {
if r == 0 {
// timeout, continue
continue
}
pkt.Decode()
fmt.Println(pkt)
if *hexdump {
Hexdump(pkt)
}
}
fmt.Fprintln(os.Stderr, "tcpdump:", h.Geterror())
}
func main() {
var device *string = flag.String("d", "", "device")
var file *string = flag.String("r", "", "file")
var expr *string = flag.String("e", "", "filter expression")
flag.Parse()
var h *pcap.Pcap
ifs, err := pcap.FindAllDevs()
if len(ifs) == 0 {
fmt.Printf("Warning: no devices found : %s\n", err)
} else {
for i := 0; i < len(ifs); i++ {
fmt.Printf("dev %d: %s (%s)\n", i+1, ifs[i].Name, ifs[i].Description)
}
}
if *device != "" {
h, err = pcap.OpenLive(*device, 65535, true, 0)
if h == nil {
fmt.Printf("OpenLive(%s) failed: %s\n", *device, err)
return
}
} else if *file != "" {
h, err = pcap.OpenOffline(*file)
if h == nil {
fmt.Printf("Openoffline(%s) failed: %s\n", *file, err)
return
}
} else {
fmt.Printf("usage: pcaptest [-d <device> | -r <file>]\n")
return
}
fmt.Printf("pcap version: %s\n", pcap.Version())
if *expr != "" {
fmt.Printf("Setting filter: %s\n", *expr)
err := h.SetFilter(*expr)
if err != nil {
fmt.Printf("Warning: setting filter failed: %s\n", err)
}
}
for pkt := h.Next(); pkt != nil; pkt = h.Next() {
fmt.Printf("time: %d.%06d (%s) caplen: %d len: %d\nData:",
int64(pkt.Time.Second()), int64(pkt.Time.Nanosecond()),
time.Unix(int64(pkt.Time.Second()), 0).String(), int64(pkt.Caplen), int64(pkt.Len))
for i := uint32(0); i < pkt.Caplen; i++ {
if i%32 == 0 {
fmt.Printf("\n")
}
if 32 <= pkt.Data[i] && pkt.Data[i] <= 126 {
fmt.Printf("%c", pkt.Data[i])
} else {
fmt.Printf(".")
}
}
fmt.Printf("\n\n")
}
}