Tree - source-git/libnet - CentOS Git server

source-git / libnet

Blame __dist_sample/sample/tftp.c

Blob History Raw

Packit Service	b25606	`/*`
Packit Service	b25606	`*`
Packit Service	b25606	`* libnet 1.1`
Packit Service	b25606	`* Build a TFTP scanner using payload`
Packit Service	b25606	`*`
Packit Service	b25606	`* Copyright (c) 2003 Frédéric Raynal <pappy@security-labs.org>`
Packit Service	b25606	`* All rights reserved.`
Packit Service	b25606	`*`
Packit Service	b25606	`* Ex:`
Packit Service	b25606	`* ./tftp -s 192.168.0.1 -d 192.168.0.66 -p plop`
Packit Service	b25606	`*`
Packit Service	b25606	`*`
Packit Service	b25606	`* Redistribution and use in source and binary forms, with or without`
Packit Service	b25606	`* modification, are permitted provided that the following conditions`
Packit Service	b25606	`* are met:`
Packit Service	b25606	`* 1. Redistributions of source code must retain the above copyright`
Packit Service	b25606	`* notice, this list of conditions and the following disclaimer.`
Packit Service	b25606	`* 2. Redistributions in binary form must reproduce the above copyright`
Packit Service	b25606	`* notice, this list of conditions and the following disclaimer in the`
Packit Service	b25606	`* documentation and/or other materials provided with the distribution.`
Packit Service	b25606	`*`
Packit Service	b25606	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
Packit Service	b25606	`* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
Packit Service	b25606	`* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE`
Packit Service	b25606	`* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE`
Packit Service	b25606	`* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL`
Packit Service	b25606	`* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS`
Packit Service	b25606	`* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)`
Packit Service	b25606	`* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT`
Packit Service	b25606	`* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY`
Packit Service	b25606	`* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
Packit Service	b25606	`* SUCH DAMAGE.`
Packit Service	b25606	`*`
Packit Service	b25606	`*/`
Packit Service	b25606	`#if (HAVE_CONFIG_H)`
Packit Service	b25606	`#include "../include/config.h"`
Packit Service	b25606	`#endif`
Packit Service	b25606	`#include "./libnet_test.h"`
Packit Service	b25606
Packit Service	b25606
Packit Service	b25606	`int`
Packit Service	b25606	`main(int argc, char *argv[])`
Packit Service	b25606	`{`
Packit Service	b25606	`int c;`
Packit Service	b25606	`libnet_t *l;`
Packit Service	b25606	`u_long src_ip, dst_ip;`
Packit Service	b25606	`char errbuf[LIBNET_ERRBUF_SIZE];`
Packit Service	b25606	`libnet_ptag_t udp = 0, ip = 0;`
Packit Service	b25606	`char *filename = "/etc/passwd";`
Packit Service	b25606	`char mode[] = "netascii";`
Packit Service	b25606	`u_char *payload = NULL;`
Packit Service	b25606	`uint payload_s = 0;`
Packit Service	b25606
Packit Service	b25606
Packit Service	b25606	`printf("libnet 1.1 packet shaping: UDP + payload[raw] == TFTP\n");`
Packit Service	b25606
Packit Service	b25606	`/*`
Packit Service	b25606	`* Initialize the library. Root priviledges are required.`
Packit Service	b25606	`*/`
Packit Service	b25606	`l = libnet_init(`
Packit Service	b25606	`LIBNET_RAW4, /* injection type */`
Packit Service	b25606	`NULL, /* network interface */`
Packit Service	b25606	`errbuf); /* error buffer */`
Packit Service	b25606
Packit Service	b25606	`if (l == NULL)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "libnet_init() failed: %s", errbuf);`
Packit Service	b25606	`exit(EXIT_FAILURE);`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`src_ip = 0;`
Packit Service	b25606	`dst_ip = 0;`
Packit Service	b25606	`while ((c = getopt(argc, argv, "d:s:p:")) != EOF)`
Packit Service	b25606	`{`
Packit Service	b25606	`switch (c)`
Packit Service	b25606	`{`
Packit Service	b25606	`/*`
Packit Service	b25606	* We expect the input to be of the form `ip.ip.ip.ip.port`. We
Packit Service	b25606	`* point cp to the last dot of the IP address/port string and`
Packit Service	b25606	`* then seperate them with a NULL byte. The optarg now points to`
Packit Service	b25606	`* just the IP address, and cp points to the port.`
Packit Service	b25606	`*/`
Packit Service	b25606	`case 'd':`
Packit Service	b25606	`if ((dst_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "Bad destination IP address: %s\n", optarg);`
Packit Service	b25606	`goto bad;`
Packit Service	b25606	`}`
Packit Service	b25606	`break;`
Packit Service	b25606
Packit Service	b25606	`case 's':`
Packit Service	b25606	`if ((src_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "Bad source IP address: %s\n", optarg);`
Packit Service	b25606	`goto bad;`
Packit Service	b25606	`}`
Packit Service	b25606	`break;`
Packit Service	b25606
Packit Service	b25606	`case 'p':`
Packit Service	b25606	`filename = optarg;`
Packit Service	b25606	`break;`
Packit Service	b25606
Packit Service	b25606	`default:`
Packit Service	b25606	`fprintf(stderr, "unkown option [%s]: bye bye\n", optarg);`
Packit Service	b25606	`goto bad;`
Packit Service	b25606
Packit Service	b25606	`}`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`if (!src_ip \|\| !dst_ip)`
Packit Service	b25606	`{`
Packit Service	b25606	`usage(argv[0]);`
Packit Service	b25606	`exit(EXIT_FAILURE);`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`/*`
Packit Service	b25606	`* build payload`
Packit Service	b25606	`*`
Packit Service	b25606	`* 2 bytes string 1 byte string 1 byte`
Packit Service	b25606	`* ------------------------------------------------`
Packit Service	b25606	`* \| Opcode \| Filename \| 0 \| Mode \| 0 \|`
Packit Service	b25606	`* ------------------------------------------------`
Packit Service	b25606	`*`
Packit Service	b25606	`*/`
Packit Service	b25606	`payload_s = 2 + strlen(filename) + 1 + strlen(mode) + 1;`
Packit Service	b25606	`payload = malloc(sizeof(char)*payload_s);`
Packit Service	b25606	`if (!payload)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "malloc error for payload\n");`
Packit Service	b25606	`goto bad;`
Packit Service	b25606	`}`
Packit Service	b25606	`memset(payload, 0, payload_s);`
Packit Service	b25606	`payload[1] = 1; /* opcode - GET */`
Packit Service	b25606	`memcpy(payload + 2, filename, strlen(filename));`
Packit Service	b25606	`memcpy(payload + 2 + strlen(filename) + 1 , mode, strlen(mode));`
Packit Service	b25606
Packit Service	b25606	`/*`
Packit Service	b25606	`* Build pblocks`
Packit Service	b25606	`*/`
Packit Service	b25606	`udp = libnet_build_udp(`
Packit Service	b25606	`0x1234, /* source port */`
Packit Service	b25606	`69, /* destination port */`
Packit Service	b25606	`LIBNET_UDP_H + payload_s, /* packet length */`
Packit Service	b25606	`0, /* checksum */`
Packit Service	b25606	`payload, /* payload */`
Packit Service	b25606	`payload_s, /* payload size */`
Packit Service	b25606	`l, /* libnet handle */`
Packit Service	b25606	`0); /* libnet id */`
Packit Service	b25606	`if (udp == -1)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "Can't build UDP header: %s\n", libnet_geterror(l));`
Packit Service	b25606	`goto bad;`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`ip = libnet_build_ipv4(`
Packit Service	b25606	`LIBNET_IPV4_H + LIBNET_UDP_H + payload_s, /* length - dont forget the UDP's payload */`
Packit Service	b25606	`0, /* TOS */`
Packit Service	b25606	`0x4242, /* IP ID */`
Packit Service	b25606	`0, /* IP Frag */`
Packit Service	b25606	`0x42, /* TTL */`
Packit Service	b25606	`IPPROTO_UDP, /* protocol */`
Packit Service	b25606	`0, /* checksum */`
Packit Service	b25606	`src_ip, /* source IP */`
Packit Service	b25606	`dst_ip, /* destination IP */`
Packit Service	b25606	`NULL, /* payload (already in UDP) */`
Packit Service	b25606	`0, /* payload size */`
Packit Service	b25606	`l, /* libnet handle */`
Packit Service	b25606	`0); /* libnet id */`
Packit Service	b25606	`if (ip == -1)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "Can't build IP header: %s\n", libnet_geterror(l));`
Packit Service	b25606	`goto bad;`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`/*`
Packit Service	b25606	`* Write it to the wire.`
Packit Service	b25606	`*/`
Packit Service	b25606	`c = libnet_write(l);`
Packit Service	b25606	`if (c == -1)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "Write error: %s\n", libnet_geterror(l));`
Packit Service	b25606	`goto bad;`
Packit Service	b25606	`}`
Packit Service	b25606	`else`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr, "Wrote %d byte TFTP packet; check the wire.\n", c);`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`libnet_destroy(l);`
Packit Service	b25606	`free(payload);`
Packit Service	b25606	`return (EXIT_SUCCESS);`
Packit Service	b25606	`bad:`
Packit Service	b25606	`libnet_destroy(l);`
Packit Service	b25606	`free(payload);`
Packit Service	b25606	`return (EXIT_FAILURE);`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`void`
Packit Service	b25606	`usage(char *name)`
Packit Service	b25606	`{`
Packit Service	b25606	`fprintf(stderr,`
Packit Service	b25606	`"usage: %s -s source_ip -d destination_ip"`
Packit Service	b25606	`" [-p payload] [-t\|u\|i] \n",`
Packit Service	b25606	`name);`
Packit Service	b25606	`}`
Packit Service	b25606
Packit Service	b25606	`/* EOF */`

source-git / libnet

Source Code

Blame __dist_sample/sample/tftp.c