public static IPv4Packet CreateIpV4Packet(IPAddress sourceIpAddress, IPAddress destinationIpAddress,
TcpPacket payloadPacket)
{
var result = new IPv4Packet(sourceIpAddress, destinationIpAddress) { PayloadPacket = payloadPacket };
payloadPacket.UpdateTCPChecksum();
result.UpdateIPChecksum();
result.UpdateCalculatedValues();
return result;
}
/*
public EthernetPacketType NAT_incoming_packet(ref byte[] data, PhysicalAddress dstMAC, PhysicalAddress srcMAC)
{
EthernetPacketType ethernet_packet_type = getEthernetPacketType(ref data);
if (!isIpOrArpPacket(ethernet_packet_type))
return ethernet_packet_type;
xbs_nat_entry nat_entry;
lock (NAT_list)
{
if (!NAT_list.TryGetValue(srcMAC, out nat_entry))
{
IPAddress sourceIP = getSourceIPFromRawPacketData(ref data, ethernet_packet_type);
if (sourceIP.Equals(ip_zero))
return ethernet_packet_type;
IPAddress destinationIP = getDestinationIPFromRawPacketData(ref data, ethernet_packet_type);
nat_entry = ip_pool.requestIP( sourceIP, srcMAC );
if (nat_entry == null)
{
xbs_messages.addInfoMessage("!! % out of NAT IPs. Could not nat incoming packet");
return ethernet_packet_type;
}
NAT_list.Add(srcMAC, nat_entry);
#if DEBUG
xbs_messages.addDebugMessage("% new device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip);
#endif
}
else
{
#if DEBUG
xbs_messages.addDebugMessage("% found device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip);
#endif
}
}
replaceSourceIpWithNATSourceIP(ref data, ethernet_packet_type, ref nat_entry);
if (ethernet_packet_type == EthernetPacketType.IpV4)
{
if (dstMAC.Equals(broadcast_mac) && nat_entry.natted_broadcast!=null)
replaceBroadcastIPAddress(ref data, ref nat_entry.natted_broadcast_bytes);
updateIPChecksums(ref data);
}
return ethernet_packet_type;
}
*/
public EthernetPacketType NAT_incoming_packet_PacketDotNet(ref byte[] data, PhysicalAddress dstMAC, PhysicalAddress srcMAC, ref Packet p, ref IPv4Packet p_IPV4, ref ARPPacket p_ARP)
{
xbs_nat_entry nat_entry;
EthernetPacketType p_type = ((EthernetPacket)p).Type;
if (p_type != EthernetPacketType.IpV4 && p_type != EthernetPacketType.Arp)
return p_type;
lock (NAT_list)
{
if (!NAT_list.TryGetValue(srcMAC, out nat_entry))
{
IPAddress sourceIP = (p_IPV4!=null) ? p_IPV4.SourceAddress : p_ARP.SenderProtocolAddress;
if (sourceIP.Equals(ip_zero))
return p_type;
IPAddress destinationIP = (p_IPV4 != null) ? p_IPV4.DestinationAddress : p_ARP.TargetProtocolAddress;
nat_entry = ip_pool.requestIP(sourceIP, srcMAC);
if (nat_entry == null)
{
if (!natIPpoolOverflow_warning_shown)
{
natIPpoolOverflow_warning_shown = true;
xbs_messages.addInfoMessage("!! % out of NAT IPs. Could not NAT incoming packet", xbs_message_sender.NAT, xbs_message_type.WARNING);
}
return p_type;
}
else
{
natIPpoolOverflow_warning_shown = false;
NAT_list.Add(srcMAC, nat_entry);
#if DEBUG
xbs_messages.addDebugMessage("% new device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip, xbs_message_sender.NAT);
#endif
}
}
else
{
#if DEBUG
xbs_messages.addDebugMessage("% found device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip, xbs_message_sender.NAT);
#endif
}
}
if (p_IPV4 != null)
{
p_IPV4.SourceAddress = nat_entry.natted_source_ip;
if (dstMAC.Equals(broadcast_mac) && nat_entry.natted_broadcast != null)
p_IPV4.DestinationAddress = nat_entry.natted_broadcast;
p_IPV4.UpdateIPChecksum();
if (p_IPV4.Protocol == IPProtocolType.UDP)
{
UdpPacket p_UDP = (UdpPacket)p_IPV4.PayloadPacket;
if (NAT_enablePS3mode)
{
bool ret = PS3_replaceInfoResponse_hostAddr(dstMAC, ref p_UDP, nat_entry.natted_source_ip);
if (!ret)
ret = PS3_replaceClientAnswer_hostAddr(dstMAC, ref p_UDP, nat_entry.natted_source_ip, nat_entry.original_source_ip);
}
p_UDP.UpdateUDPChecksum();
}
else if (p_IPV4.Protocol == IPProtocolType.TCP)
((TcpPacket)p_IPV4.PayloadPacket).UpdateTCPChecksum();
}
else
{
p_ARP.SenderProtocolAddress = nat_entry.natted_source_ip;
}
data = p.BytesHighPerformance.ActualBytes();
return p_type;
}
public void GenerateLLMNRResponse(Packet packet)
{
try
{
LLMNR.LLMNRPacket llmnr = new LLMNR.LLMNRPacket();
llmnr.ParsePacket(((UdpPacket)(packet.PayloadPacket.PayloadPacket)).PayloadData);
if (llmnr.Query.Name.ToLower().Equals("wpad") && llmnr.Query.Type.Value == LLMNR.DNSType.A)
{
WinPcapDevice dev = Program.CurrentProject.data.GetDevice();
IPAddress ip = Program.CurrentProject.data.GetIPv4FromDevice(dev);
byte[] ipv4Addr = ip.GetAddressBytes();
llmnr.AnswerList.Add(new LLMNR.DNSAnswer()
{
Class = evilfoca.LLMNR.DNSClass.IN,
Name = llmnr.Query.Name,
Type = evilfoca.LLMNR.DNSType.A,
RData = ipv4Addr,
RDLength = (short)ipv4Addr.Length,
TTL = 12
});
llmnr.IsResponse = true;
EthernetPacket ethDns = new EthernetPacket(dev.MacAddress, ((EthernetPacket)packet).SourceHwAddress, EthernetPacketType.IpV4);
IPv4Packet ipv4Dns = new IPv4Packet(ip, ((IPv4Packet)((EthernetPacket)packet).PayloadPacket).SourceAddress);
UdpPacket udpDns = new UdpPacket(((UdpPacket)(packet.PayloadPacket.PayloadPacket)).DestinationPort, ((UdpPacket)(packet.PayloadPacket.PayloadPacket)).SourcePort);
udpDns.PayloadData = llmnr.BuildPacket();
ipv4Dns.PayloadPacket = udpDns;
udpDns.UpdateCalculatedValues();
udpDns.UpdateUDPChecksum();
ipv4Dns.UpdateIPChecksum();
ipv4Dns.UpdateCalculatedValues();
ethDns.PayloadPacket = ipv4Dns;
Program.CurrentProject.data.SendPacket(ethDns);
}
}
catch (Exception)
{
}
}